diff --git a/test/e2e/14_release_image.bats b/test/e2e/14_release_image.bats index d71bfddd3..12023d34d 100644 --- a/test/e2e/14_release_image.bats +++ b/test/e2e/14_release_image.bats @@ -22,7 +22,6 @@ function setup() { REGISTRY_PORT="${registry_result[0]}" # Teardown the created port-forward to the registry. defer kill "${registry_result[1]}" - echo "REGISTRY_PORT=$REGISTRY_PORT" >&3 # create empty images for the test push_empty_image "localhost:$REGISTRY_PORT" 'bitnami/ghost:3.0.2-debian-9-r3' '2020-01-20T13:53:05.47178071Z' push_empty_image "localhost:$REGISTRY_PORT" 'bitnami/ghost:3.1.1-debian-9-r0' '2020-02-20T13:53:05.47178071Z' @@ -53,9 +52,9 @@ function setup() { head_hash=$(git rev-list -n 1 HEAD) poll_until_equals "sync tag" "$head_hash" 'git pull -f --tags > /dev/null 2>&1; git rev-list -n 1 flux' - # Wait for the registry scanner to fo its magic on stefanprodan/podinfo and bitnami/ghost - poll_until_true "stefanprodan/podinfo to be scanned" "kubectl logs -n $FLUX_NAMESPACE deploy/flux | grep -q \"component=warmer updated=stefanprodan/podinfo\"" 5 50 - poll_until_true "bitnami/ghost to be scanned" "kubectl logs -n $FLUX_NAMESPACE deploy/flux | grep -q \"component=warmer updated=bitnami/ghost\"" 5 50 + # Wait for the registry scanner to do its magic on stefanprodan/podinfo and bitnami/ghost + poll_until_true "stefanprodan/podinfo to be scanned" "kubectl logs -n $FLUX_NAMESPACE deploy/flux | grep -q \"component=warmer updated=stefanprodan/podinfo\"" 50 + poll_until_true "bitnami/ghost to be scanned" "kubectl logs -n $FLUX_NAMESPACE deploy/flux | grep -q \"component=warmer updated=bitnami/ghost\"" 50 # Manually release podinfo to version 3.0.5 fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" deautomate --workload=demo:deployment/podinfo @@ -81,12 +80,12 @@ function setup() { poll_until_true "helmrelease/ghost glob:3.1.1-debian-9-* to be released" 'git pull > /dev/null 2>&1; grep -q 3.1.1-debian-9-r0 releases/ghost.yaml' # Test `fluxctl release --update-all-images` by deautomating the podinfo deployment, pushing a newer podinfo image to the - # registry (matching its automation pattern) and making sure Flux the container to that image. + # registry (matching its automation pattern) and making sure Flux updates the podinfo container to that image. local time_before_new_image time_before_new_image="$(date -u +%Y-%m-%dT%T.0Z)" fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" deautomate --workload=demo:deployment/podinfo push_empty_image "localhost:$REGISTRY_PORT" 'stefanprodan/podinfo:3.1.5' '2020-12-20T13:53:05.47178071Z' - poll_until_true "stefanprodan/podinfo to be re-scanned" "kubectl logs --since-time=${time_before_new_image} -n $FLUX_NAMESPACE deploy/flux | grep -q \"component=warmer updated=stefanprodan/podinfo\"" 5 50 + poll_until_true "stefanprodan/podinfo to be re-scanned" "kubectl logs --since-time=${time_before_new_image} -n $FLUX_NAMESPACE deploy/flux | grep -q \"component=warmer updated=stefanprodan/podinfo\"" 50 fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" release --force --workload=demo:deployment/podinfo --update-all-images poll_until_true "deployment/podinfo version 3.1.5 to be released" 'git pull > /dev/null 2>&1; grep -q stefanprodan/podinfo:3.1.5 workloads/podinfo-dep.yaml' } diff --git a/test/e2e/16_fluxctl_sync.bats b/test/e2e/16_fluxctl_sync.bats new file mode 100644 index 000000000..692a0e216 --- /dev/null +++ b/test/e2e/16_fluxctl_sync.bats @@ -0,0 +1,53 @@ +#!/usr/bin/env bats + +clone_dir="" + +function setup() { + load lib/env + load lib/install + load lib/poll + load lib/defer + + kubectl create namespace "$FLUX_NAMESPACE" + # Install flux and the git server, allowing external access + install_git_srv git_srv_result + # shellcheck disable=SC2154 + export GIT_SSH_COMMAND="${git_srv_result[0]}" + # Teardown the created port-forward to gitsrv and restore Git settings. + defer kill "${git_srv_result[1]}" + + install_flux_with_fluxctl '15_fluxctl_sync' + + # Clone the repo + clone_dir="$(mktemp -d)" + defer rm -rf "'$clone_dir'" + git clone -b master ssh://git@localhost/git-server/repos/cluster.git "$clone_dir" + # shellcheck disable=SC2164 + cd "$clone_dir" +} + +@test "fluxctl sync" { + + # Sync + poll_until_true 'fluxctl sync succeeds' "fluxctl --k8s-fwd-ns ${FLUX_NAMESPACE} sync" + + # Wait until flux deploys the workloads + poll_until_true 'workload podinfo' 'kubectl -n demo describe deployment/podinfo' + + # Check the sync tag + local head_hash + head_hash=$(git rev-list -n 1 HEAD) + poll_until_equals "sync tag" "$head_hash" 'git pull -f --tags > /dev/null 2>&1; git rev-list -n 1 flux' + +} + +function teardown() { + run_deferred + # Although the namespace delete below takes care of removing most Flux + # elements, the global resources will not be removed without this. + uninstall_flux_with_fluxctl + # Removing the namespace also takes care of removing gitsrv. + kubectl delete namespace "$FLUX_NAMESPACE" + # Only remove the demo workloads after Flux, so that they cannot be recreated. + kubectl delete namespace "$DEMO_NAMESPACE" +} diff --git a/test/e2e/17_fluxctl_policies.bats b/test/e2e/17_fluxctl_policies.bats new file mode 100644 index 000000000..204ac7e44 --- /dev/null +++ b/test/e2e/17_fluxctl_policies.bats @@ -0,0 +1,107 @@ +#!/usr/bin/env bats + +clone_dir="" + +function setup() { + load lib/env + load lib/install + load lib/poll + load lib/defer + + kubectl create namespace "$FLUX_NAMESPACE" + # Install flux and the git server, allowing external access + install_git_srv git_srv_result + # shellcheck disable=SC2154 + export GIT_SSH_COMMAND="${git_srv_result[0]}" + # Teardown the created port-forward to gitsrv and restore Git settings. + defer kill "${git_srv_result[1]}" + + install_flux_with_fluxctl + + # Clone the repo + clone_dir="$(mktemp -d)" + defer rm -rf "'$clone_dir'" + git clone -b master ssh://git@localhost/git-server/repos/cluster.git "$clone_dir" + # shellcheck disable=SC2164 + cd "$clone_dir" +} + +# TODO: make annotation checks more precise with a yaml-aware tool as opposed to simply grepping for precense +# anywhere in the files +@test "fluxctl policy/(de)automate/(un)lock" { + + # Check that podinfo is starting up in the state assumed by the test + grep -q 'fluxcd.io/automated: "true"' workloads/podinfo-dep.yaml # automated + ! grep -q 'fluxcd.io/locked' workloads/podinfo-dep.yaml # unlocked + grep -q 'fluxcd.io/tag.init: regex:^3.10.*' workloads/podinfo-dep.yaml + grep -q 'fluxcd.io/tag.podinfod: semver:~3.1' workloads/podinfo-dep.yaml + + ########### + ## Automate + ########### + + # de-automate (polling since Flux may not be ready yet) + poll_until_true 'fluxctl deautomate' "fluxctl --k8s-fwd-ns ${FLUX_NAMESPACE} deautomate --workload=demo:deployment/podinfo" + git pull + ! grep -q 'fluxcd.io/automated' workloads/podinfo-dep.yaml + + # re-automate + fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" automate --workload=demo:deployment/podinfo + git pull + grep -q "fluxcd.io/automated: 'true'" workloads/podinfo-dep.yaml + + # de-automate again, with the policy command + fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" policy --deautomate --workload=demo:deployment/podinfo + git pull + ! grep -q 'fluxcd.io/automated' workloads/podinfo-dep.yaml + + # re-automate, with the policy command + fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" policy --automate --workload=demo:deployment/podinfo + git pull + grep -q "fluxcd.io/automated: 'true'" workloads/podinfo-dep.yaml + + ####### + ## Lock + ####### + + # lock + fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" lock --workload=demo:deployment/podinfo + git pull + grep -q "fluxcd.io/locked: 'true'" workloads/podinfo-dep.yaml + + # unlock + fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" unlock --workload=demo:deployment/podinfo + git pull + ! grep -q 'fluxcd.io/locked' workloads/podinfo-dep.yaml + + # re-lock, with the policy command + fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" policy --lock --workload=demo:deployment/podinfo + git pull + grep -q "fluxcd.io/locked: 'true'" workloads/podinfo-dep.yaml + + # unlock again, with the policy command + fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" policy --unlock --workload=demo:deployment/podinfo + git pull + ! grep -q 'fluxcd.io/locked' workloads/podinfo-dep.yaml + + ############## + ## Policy tags + ############## + + # Update podinfo tag + fluxctl --k8s-fwd-ns "${FLUX_NAMESPACE}" policy --workload=demo:deployment/podinfo --tag='podinfod=3.5.*' + git pull + grep -q "fluxcd.io/tag.podinfod: glob:3.5.*" workloads/podinfo-dep.yaml + +} + +function teardown() { + run_deferred + # Although the namespace delete below takes care of removing most Flux + # elements, the global resources will not be removed without this. + uninstall_flux_with_fluxctl + # Removing the namespace also takes care of removing gitsrv. + kubectl delete namespace "$FLUX_NAMESPACE" + # Only remove the demo workloads after Flux, so that they cannot be recreated. + kubectl delete namespace "$DEMO_NAMESPACE" +} diff --git a/test/e2e/fixtures/kustom/15_fluxctl_sync/fluxctl_sync.yaml b/test/e2e/fixtures/kustom/15_fluxctl_sync/fluxctl_sync.yaml new file mode 100644 index 000000000..d97cfd853 --- /dev/null +++ b/test/e2e/fixtures/kustom/15_fluxctl_sync/fluxctl_sync.yaml @@ -0,0 +1,7 @@ +# make sure automatic syncs don't kick in +- op: add + path: /spec/template/spec/containers/0/args/- + value: --sync-interval=525600m +- op: add + path: /spec/template/spec/containers/0/args/- + value: --git-poll-interval=525600m diff --git a/test/e2e/fixtures/kustom/15_fluxctl_sync/kustomization.yaml b/test/e2e/fixtures/kustom/15_fluxctl_sync/kustomization.yaml new file mode 100644 index 000000000..251dd6b74 --- /dev/null +++ b/test/e2e/fixtures/kustom/15_fluxctl_sync/kustomization.yaml @@ -0,0 +1,9 @@ +bases: +- "../base/flux" +patchesJson6902: +- target: + group: apps + version: v1 + kind: Deployment + name: flux + path: fluxctl_sync.yaml