e2e: use Ginkgo context

All code must use the context from Ginkgo when doing API calls or polling for a
change, otherwise the code would not return immediately when the test gets
aborted.

test/e2e/framework/auth/helpers.go

@@ -45,13 +45,13 @@ type bindingsGetter interface {
 
 // WaitForAuthorizationUpdate checks if the given user can perform the named verb and action.
 // If policyCachePollTimeout is reached without the expected condition matching, an error is returned
-func WaitForAuthorizationUpdate(c v1authorization.SubjectAccessReviewsGetter, user, namespace, verb string, resource schema.GroupResource, allowed bool) error {
-	return WaitForNamedAuthorizationUpdate(c, user, namespace, verb, "", resource, allowed)
+func WaitForAuthorizationUpdate(ctx context.Context, c v1authorization.SubjectAccessReviewsGetter, user, namespace, verb string, resource schema.GroupResource, allowed bool) error {
+	return WaitForNamedAuthorizationUpdate(ctx, c, user, namespace, verb, "", resource, allowed)
 }
 
 // WaitForNamedAuthorizationUpdate checks if the given user can perform the named verb and action on the named resource.
 // If policyCachePollTimeout is reached without the expected condition matching, an error is returned
-func WaitForNamedAuthorizationUpdate(c v1authorization.SubjectAccessReviewsGetter, user, namespace, verb, resourceName string, resource schema.GroupResource, allowed bool) error {
+func WaitForNamedAuthorizationUpdate(ctx context.Context, c v1authorization.SubjectAccessReviewsGetter, user, namespace, verb, resourceName string, resource schema.GroupResource, allowed bool) error {
 	review := &authorizationv1.SubjectAccessReview{
 		Spec: authorizationv1.SubjectAccessReviewSpec{
 			ResourceAttributes: &authorizationv1.ResourceAttributes{
@@ -65,8 +65,8 @@ func WaitForNamedAuthorizationUpdate(c v1authorization.SubjectAccessReviewsGette
 		},
 	}
 
-	err := wait.Poll(policyCachePollInterval, policyCachePollTimeout, func() (bool, error) {
-		response, err := c.SubjectAccessReviews().Create(context.TODO(), review, metav1.CreateOptions{})
+	err := wait.PollWithContext(ctx, policyCachePollInterval, policyCachePollTimeout, func(ctx context.Context) (bool, error) {
+		response, err := c.SubjectAccessReviews().Create(ctx, review, metav1.CreateOptions{})
 		if err != nil {
 			return false, err
 		}
@@ -80,13 +80,13 @@ func WaitForNamedAuthorizationUpdate(c v1authorization.SubjectAccessReviewsGette
 
 // BindClusterRole binds the cluster role at the cluster scope. If RBAC is not enabled, nil
 // is returned with no action.
-func BindClusterRole(c bindingsGetter, clusterRole, ns string, subjects ...rbacv1.Subject) error {
-	if !IsRBACEnabled(c) {
+func BindClusterRole(ctx context.Context, c bindingsGetter, clusterRole, ns string, subjects ...rbacv1.Subject) error {
+	if !IsRBACEnabled(ctx, c) {
 		return nil
 	}
 
 	// Since the namespace names are unique, we can leave this lying around so we don't have to race any caches
-	_, err := c.ClusterRoleBindings().Create(context.TODO(), &rbacv1.ClusterRoleBinding{
+	_, err := c.ClusterRoleBindings().Create(ctx, &rbacv1.ClusterRoleBinding{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: ns + "--" + clusterRole,
 		},
@@ -107,23 +107,23 @@ func BindClusterRole(c bindingsGetter, clusterRole, ns string, subjects ...rbacv
 
 // BindClusterRoleInNamespace binds the cluster role at the namespace scope. If RBAC is not enabled, nil
 // is returned with no action.
-func BindClusterRoleInNamespace(c bindingsGetter, clusterRole, ns string, subjects ...rbacv1.Subject) error {
-	return bindInNamespace(c, "ClusterRole", clusterRole, ns, subjects...)
+func BindClusterRoleInNamespace(ctx context.Context, c bindingsGetter, clusterRole, ns string, subjects ...rbacv1.Subject) error {
+	return bindInNamespace(ctx, c, "ClusterRole", clusterRole, ns, subjects...)
 }
 
 // BindRoleInNamespace binds the role at the namespace scope. If RBAC is not enabled, nil
 // is returned with no action.
-func BindRoleInNamespace(c bindingsGetter, role, ns string, subjects ...rbacv1.Subject) error {
-	return bindInNamespace(c, "Role", role, ns, subjects...)
+func BindRoleInNamespace(ctx context.Context, c bindingsGetter, role, ns string, subjects ...rbacv1.Subject) error {
+	return bindInNamespace(ctx, c, "Role", role, ns, subjects...)
 }
 
-func bindInNamespace(c bindingsGetter, roleType, role, ns string, subjects ...rbacv1.Subject) error {
-	if !IsRBACEnabled(c) {
+func bindInNamespace(ctx context.Context, c bindingsGetter, roleType, role, ns string, subjects ...rbacv1.Subject) error {
+	if !IsRBACEnabled(ctx, c) {
 		return nil
 	}
 
 	// Since the namespace names are unique, we can leave this lying around so we don't have to race any caches
-	_, err := c.RoleBindings(ns).Create(context.TODO(), &rbacv1.RoleBinding{
+	_, err := c.RoleBindings(ns).Create(ctx, &rbacv1.RoleBinding{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: ns + "--" + role,
 		},
@@ -148,9 +148,9 @@ var (
 )
 
 // IsRBACEnabled returns true if RBAC is enabled. Otherwise false.
-func IsRBACEnabled(crGetter v1rbac.ClusterRolesGetter) bool {
+func IsRBACEnabled(ctx context.Context, crGetter v1rbac.ClusterRolesGetter) bool {
 	isRBACEnabledOnce.Do(func() {
-		crs, err := crGetter.ClusterRoles().List(context.TODO(), metav1.ListOptions{})
+		crs, err := crGetter.ClusterRoles().List(ctx, metav1.ListOptions{})
 		if err != nil {
 			framework.Logf("Error listing ClusterRoles; assuming RBAC is disabled: %v", err)
 			isRBACEnabled = false