From 0ac69cb3f84d0f7c2870a8b35c73f7eac2281a73 Mon Sep 17 00:00:00 2001
From: nont <nontkrub@gmail.com>
Date: Mon, 24 Jul 2023 09:54:00 -0700
Subject: [PATCH] Fix NSG e2e error

https://redhat-external.slack.com/archives/C03F6AA3HDH/p1689891751922919
---
 .../admin/zz_generated_installphase_enumer.go |  1 -
 pkg/api/zz_generated_installphase_enumer.go   |  1 -
 pkg/env/zz_generated_feature_enumer.go        |  1 -
 pkg/operator/controllers/rbac/bindata.go      | 12 ++--
 pkg/portal/cluster/bindata.go                 | 12 ++--
 pkg/util/mocks/dynamic/dynamic.go             |  7 +-
 .../openshiftcluster_validatedynamic.go       | 68 +++++++++----------
 test/e2e/operator.go                          |  9 +++
 8 files changed, 61 insertions(+), 50 deletions(-)

diff --git a/pkg/api/admin/zz_generated_installphase_enumer.go b/pkg/api/admin/zz_generated_installphase_enumer.go
index db9c9868bf8..1efc5bed426 100644
--- a/pkg/api/admin/zz_generated_installphase_enumer.go
+++ b/pkg/api/admin/zz_generated_installphase_enumer.go
@@ -1,6 +1,5 @@
 // Code generated by "enumer -type InstallPhase -output zz_generated_installphase_enumer.go"; DO NOT EDIT.
 
-//
 package admin
 
 import (
diff --git a/pkg/api/zz_generated_installphase_enumer.go b/pkg/api/zz_generated_installphase_enumer.go
index fd8de98e728..efb962a4924 100644
--- a/pkg/api/zz_generated_installphase_enumer.go
+++ b/pkg/api/zz_generated_installphase_enumer.go
@@ -1,6 +1,5 @@
 // Code generated by "enumer -type InstallPhase -output zz_generated_installphase_enumer.go"; DO NOT EDIT.
 
-//
 package api
 
 import (
diff --git a/pkg/env/zz_generated_feature_enumer.go b/pkg/env/zz_generated_feature_enumer.go
index 020fe9c7402..13c788b33d6 100644
--- a/pkg/env/zz_generated_feature_enumer.go
+++ b/pkg/env/zz_generated_feature_enumer.go
@@ -1,6 +1,5 @@
 // Code generated by "enumer -type Feature -output zz_generated_feature_enumer.go"; DO NOT EDIT.
 
-//
 package env
 
 import (
diff --git a/pkg/operator/controllers/rbac/bindata.go b/pkg/operator/controllers/rbac/bindata.go
index 897c37ac400..b38d5466977 100644
--- a/pkg/operator/controllers/rbac/bindata.go
+++ b/pkg/operator/controllers/rbac/bindata.go
@@ -178,11 +178,13 @@ var _bindata = map[string]func() (*asset, error){
 // directory embedded in the file by go-bindata.
 // For example if you run go-bindata on data/... and data contains the
 // following hierarchy:
-//     data/
-//       foo.txt
-//       img/
-//         a.png
-//         b.png
+//
+//	data/
+//	  foo.txt
+//	  img/
+//	    a.png
+//	    b.png
+//
 // then AssetDir("data") would return []string{"foo.txt", "img"}
 // AssetDir("data/img") would return []string{"a.png", "b.png"}
 // AssetDir("foo.txt") and AssetDir("notexist") would return an error
diff --git a/pkg/portal/cluster/bindata.go b/pkg/portal/cluster/bindata.go
index 310a54f4974..ab0f3c84b33 100644
--- a/pkg/portal/cluster/bindata.go
+++ b/pkg/portal/cluster/bindata.go
@@ -222,11 +222,13 @@ var _bindata = map[string]func() (*asset, error){
 // directory embedded in the file by go-bindata.
 // For example if you run go-bindata on data/... and data contains the
 // following hierarchy:
-//     data/
-//       foo.txt
-//       img/
-//         a.png
-//         b.png
+//
+//	data/
+//	  foo.txt
+//	  img/
+//	    a.png
+//	    b.png
+//
 // then AssetDir("data") would return []string{"foo.txt", "img"}
 // AssetDir("data/img") would return []string{"a.png", "b.png"}
 // AssetDir("foo.txt") and AssetDir("notexist") would return an error
diff --git a/pkg/util/mocks/dynamic/dynamic.go b/pkg/util/mocks/dynamic/dynamic.go
index e7d9274abc0..f413a3f81a8 100644
--- a/pkg/util/mocks/dynamic/dynamic.go
+++ b/pkg/util/mocks/dynamic/dynamic.go
@@ -1,5 +1,5 @@
 // Code generated by MockGen. DO NOT EDIT.
-// Source: pkg/validate/dynamic/dynamic.go
+// Source: dynamic.go
 
 // Package mock_dynamic is a generated GoMock package.
 package mock_dynamic
@@ -8,10 +8,11 @@ import (
 	context "context"
 	reflect "reflect"
 
-	api "github.com/Azure/ARO-RP/pkg/api"
-	dynamic "github.com/Azure/ARO-RP/pkg/validate/dynamic"
 	azcore "github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	gomock "github.com/golang/mock/gomock"
+
+	api "github.com/Azure/ARO-RP/pkg/api"
+	dynamic "github.com/Azure/ARO-RP/pkg/validate/dynamic"
 )
 
 // MockServicePrincipalValidator is a mock of ServicePrincipalValidator interface.
diff --git a/pkg/validate/openshiftcluster_validatedynamic.go b/pkg/validate/openshiftcluster_validatedynamic.go
index 6c895603d07..f998f3be598 100644
--- a/pkg/validate/openshiftcluster_validatedynamic.go
+++ b/pkg/validate/openshiftcluster_validatedynamic.go
@@ -172,40 +172,6 @@ func (dv *openShiftClusterDynamicValidator) Dynamic(ctx context.Context) error {
 		)
 	}
 
-	// FP validation
-	fpDynamic := dynamic.NewValidator(
-		dv.log,
-		dv.env,
-		dv.env.Environment(),
-		dv.subscriptionDoc.ID,
-		dv.fpAuthorizer,
-		dv.env.FPClientID(),
-		dynamic.AuthorizerFirstParty,
-		fpClientCred,
-		pdpClient,
-	)
-
-	err = fpDynamic.ValidateVnet(
-		ctx,
-		dv.oc.Location,
-		subnets,
-		dv.oc.Properties.NetworkProfile.PodCIDR,
-		dv.oc.Properties.NetworkProfile.ServiceCIDR,
-	)
-	if err != nil {
-		return err
-	}
-
-	err = fpDynamic.ValidateDiskEncryptionSets(ctx, dv.oc)
-	if err != nil {
-		return err
-	}
-
-	err = fpDynamic.ValidatePreConfiguredNSGs(ctx, dv.oc, subnets)
-	if err != nil {
-		return err
-	}
-
 	tenantID := dv.subscriptionDoc.Subscription.Properties.TenantID
 	options := dv.env.Environment().ClientSecretCredentialOptions()
 	spTokenCredential, err := azidentity.NewClientSecretCredential(
@@ -275,5 +241,39 @@ func (dv *openShiftClusterDynamicValidator) Dynamic(ctx context.Context) error {
 		return err
 	}
 
+	// FP validation
+	fpDynamic := dynamic.NewValidator(
+		dv.log,
+		dv.env,
+		dv.env.Environment(),
+		dv.subscriptionDoc.ID,
+		dv.fpAuthorizer,
+		dv.env.FPClientID(),
+		dynamic.AuthorizerFirstParty,
+		fpClientCred,
+		pdpClient,
+	)
+
+	err = fpDynamic.ValidateVnet(
+		ctx,
+		dv.oc.Location,
+		subnets,
+		dv.oc.Properties.NetworkProfile.PodCIDR,
+		dv.oc.Properties.NetworkProfile.ServiceCIDR,
+	)
+	if err != nil {
+		return err
+	}
+
+	err = fpDynamic.ValidateDiskEncryptionSets(ctx, dv.oc)
+	if err != nil {
+		return err
+	}
+
+	err = fpDynamic.ValidatePreConfiguredNSGs(ctx, dv.oc, subnets)
+	if err != nil {
+		return err
+	}
+
 	return nil
 }
diff --git a/test/e2e/operator.go b/test/e2e/operator.go
index 7f74a6e167d..f78153bf44e 100644
--- a/test/e2e/operator.go
+++ b/test/e2e/operator.go
@@ -342,6 +342,15 @@ var _ = Describe("ARO Operator - Azure Subnet Reconciler", func() {
 	}
 
 	BeforeEach(func(ctx context.Context) {
+		// TODO remove this when GA
+		By("checking if preconfiguredNSG is enabled")
+		co, err := clients.AROClusters.AroV1alpha1().Clusters().Get(ctx, "cluster", metav1.GetOptions{})
+		Expect(err).NotTo(HaveOccurred())
+		if co.Spec.OperatorFlags["aro.azuresubnets.nsg.managed"] == "false" {
+			Skip("preconfiguredNSG is enabled, skipping test")
+		}
+		By("preconfiguredNSG is disabled")
+
 		gatherNetworkInfo(ctx)
 		createE2ENSG(ctx)
 	})