Skip to content
This repository has been archived by the owner on Nov 1, 2022. It is now read-only.

e2e: generate SSH secret per test case #2560

Merged
merged 2 commits into from
Oct 29, 2019
Merged

Conversation

hiddeco
Copy link
Member

@hiddeco hiddeco commented Oct 28, 2019

The issue with the setup before this commit surfaced while adding a
new test suite for GPG functionalities.

Due to fluxctl install creating a boilerplate secret with the same
name as the secret generated by run.bash, it was removed during the
teardown of the test suite which tests the command, as this simply
kubectl delete -f -s the output of fluxctl install.

This caused my own tests to never get past the point of booting a
new git server instance, as the secret it was trying to mount was
no longer present.

This commit adds two helper methods to lib/install.bash,
generate_ssh_secret and delete_generated_ssh_secret which should
be run during the setup and teardown of tests which require an SSH
key (and known_hosts) file to be present. Both functions accept
a parameter to control what the secret should be named, which falls
back to flux-git-deploy. This same behaviour has been introduced
to install_git_srv.

The issue with the setup before this commit surfaced while adding a
new test suite for GPG functionalities.

Due to `fluxctl install` creating a boilerplate secret with the same
name as the secret generated by `run.bash`, it was removed during the
teardown of the test suite which tests the command, as this simply
`kubectl delete -f -`s the output of `fluxctl install`.

This caused my own tests to never get past the point of booting a
new git server instance, as the secret it was trying to mount was
no longer present.

This commit adds two helper methods to `lib/install.bash`,
`generate_ssh_secret` and `delete_generated_ssh_secret` which should
be run during the setup and teardown of tests which require an SSH
key (and `known_hosts`) file to be present. Both functions accept
a parameter to control what the secret should be named, which falls
back to `flux-git-deploy`. This same behaviour has been introduced
to `install_git_srv`.
@hiddeco hiddeco requested a review from 2opremio October 28, 2019 19:42
kubectl apply -n "${FLUX_NAMESPACE}" -f "${E2E_DIR}/fixtures/gitsrv.yaml"
local secret_name=${1:-flux-git-deploy}

sed "s/\$GIT_SECRET_NAME/$secret_name/" <"${E2E_DIR}/fixtures/gitsrv.yaml" | kubectl apply -n "${FLUX_NAMESPACE}" -f -
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe it's cleaner to use envsubst?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, do we need it to make the name configurable?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For envsubst the variable needs to be set as an environment variable.

I made the name configurable so that we are able to bootstrap the secret for any kind of setup that we may need in a test case, and to be able to create e.g. different secrets for the Helm operator and the Flux daemon.

@hiddeco hiddeco requested a review from stefanprodan October 29, 2019 10:09
@hiddeco
Copy link
Member Author

hiddeco commented Oct 29, 2019

@2opremio as you are sick and should rest, I am giving Stefan the honour of reviewing this as it is blocking for the next PR I have lined up to take care of the environment variables.

In case you see anything that should be fixed or aligned, please comment and I will fix it post-merge.

Copy link
Member

@stefanprodan stefanprodan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@hiddeco hiddeco merged commit 2ae6d85 into master Oct 29, 2019
@hiddeco hiddeco deleted the e2e/generate-ssh-secret branch October 29, 2019 10:57
@2opremio
Copy link
Contributor

Thanks Stefan!!

@2opremio 2opremio added this to the 1.16.0 milestone Nov 21, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants