update new path

Author: gangwgr

test/extended/config_operator/OWNERS

@@ -0,0 +1,8 @@
+reviewers:
+  - gangwgr
+  - kaleemsiddiqu
+  - andreacv98
+approvers:
+  - gangwgr
+  - kaleemsiddiqu
+  - andreacv98

…working/config_operator_networkpolicy.go …perator/config_operator_networkpolicy.gotest/extended/networking/config_operator_networkpolicy.go renamed to test/extended/config_operator/config_operator_networkpolicy.go test/extended/networking/config_operator_networkpolicy.go renamed to test/extended/config_operator/config_operator_networkpolicy.go

@@ -1,4 +1,4 @@
-package networking
+package config_operator
 
 import (
 	"context"
@@ -15,6 +15,7 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	networkingv1 "k8s.io/api/networking/v1"
 	"k8s.io/apimachinery/pkg/api/equality"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/intstr"
@@ -34,7 +35,7 @@ const (
 	defaultDenyAllPolicyName = "default-deny-all"
 )
 
-var _ = g.Describe("[sig-network][Feature:NetworkPolicy][Skipped:HyperShift][Skipped:MicroShift] Config Operator NetworkPolicy", func() {
+var _ = g.Describe("[sig-api-machinery][Feature:NetworkPolicy][Skipped:HyperShift][Skipped:MicroShift] Config Operator NetworkPolicy", func() {
 	oc := exutil.NewCLI("config-operator-networkpolicy-e2e")
 	f := oc.KubeFramework()
 	f.NamespacePodSecurityLevel = admissionapi.LevelPrivileged
@@ -108,7 +109,16 @@ var _ = g.Describe("[sig-network][Feature:NetworkPolicy][Skipped:HyperShift][Ski
 
 		g.By("Verifying denied ports even from same namespace")
 		for _, port := range []int32{80, 443, 6443, 9090} {
-			expectConnectivity(ctx, cs, configOperatorNamespace, operatorLabels, allowedServerIPs, port, false)
+			serverIPs, cleanup := createServerPod(
+				ctx,
+				cs,
+				configOperatorNamespace,
+				fmt.Sprintf("np-operator-denied-%d-%s", port, rand.String(5)),
+				operatorLabels,
+				port,
+			)
+			g.DeferCleanup(cleanup)
+			expectConnectivity(ctx, cs, configOperatorNamespace, operatorLabels, serverIPs, port, false)
 		}
 
 		g.By("Checking if NetworkPolicy allows DNS egress")
@@ -768,14 +778,23 @@ func restoreNetworkPolicy(ctx context.Context, client kubernetes.Interface, expe
 	g.GinkgoHelper()
 	namespace := expected.Namespace
 	name := expected.Name
+	originalUID := expected.UID
+	sawDeletion := false
 	g.GinkgoWriter.Printf("deleting NetworkPolicy %s/%s\n", namespace, name)
 	err := client.NetworkingV1().NetworkPolicies(namespace).Delete(ctx, name, metav1.DeleteOptions{})
 	o.Expect(err).NotTo(o.HaveOccurred())
 	err = wait.PollUntilContextTimeout(ctx, 5*time.Second, 10*time.Minute, true, func(ctx context.Context) (bool, error) {
 		current, err := client.NetworkingV1().NetworkPolicies(namespace).Get(ctx, name, metav1.GetOptions{})
+		if apierrors.IsNotFound(err) {
+			sawDeletion = true
+			return false, nil
+		}
 		if err != nil {
 			return false, nil
 		}
+		if current.UID == originalUID && !sawDeletion {
+			return false, nil
+		}
 		return equality.Semantic.DeepEqual(expected.Spec, current.Spec), nil
 	})
 	o.Expect(err).NotTo(o.HaveOccurred(), "timed out waiting for NetworkPolicy %s/%s spec to be restored", namespace, name)

test/extended/include.go

@@ -17,6 +17,7 @@ import (
 	_ "github.com/openshift/origin/test/extended/cluster"
 	_ "github.com/openshift/origin/test/extended/clusterversion"
 	_ "github.com/openshift/origin/test/extended/cmd"
+	_ "github.com/openshift/origin/test/extended/config_operator"
 	_ "github.com/openshift/origin/test/extended/controller_manager"
 	_ "github.com/openshift/origin/test/extended/coreos"
 	_ "github.com/openshift/origin/test/extended/cpu_partitioning"