Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] Add kubeconfig certificate rotation tests #550

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[WIP] Add kubeconfig certificate rotation tests #550

wants to merge 1 commit into from

Conversation

furkatgofurov7
Copy link
Contributor

What this PR does / why we need it:
Adds new test cases for kubeconfig certificate automatic rotation implementation in #521

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #520

Special notes for your reviewer:

Checklist:

  • squashed commits into logical changes
  • includes documentation
  • adds unit tests
  • adds or updates e2e tests

@furkatgofurov7
Add kubeconfig cert rotation tests
0e3ae9c 
Signed-off-by: Furkat Gofurov <furkat.gofurov@suse.com>
@furkatgofurov7 furkatgofurov7 requested a review from a team as a code owner January 9, 2025 11:13
@furkatgofurov7 furkatgofurov7 added the area/testing Indicates an issue related to test label Jan 9, 2025
alexander-demicev
alexander-demicev requested changes Jan 9, 2025
View reviewed changes
Copy link
Member

@alexander-demicev alexander-demicev left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

adding "requesting changes" so the PR doesn't get merged and close the issue. @furkatgofurov7 would you be able to verify that rotating kubeconfig causes an update for machines? Maybe trigger it somehow manually from code, I don't have ideas how to verify it in other ways at the moment

@furkatgofurov7 furkatgofurov7 changed the title Add kubeconfig certificate rotation tests [WIP] Add kubeconfig certificate rotation tests Jan 10, 2025
Danil-Grigorev
Danil-Grigorev reviewed Jan 10, 2025
View reviewed changes
controlplane/internal/controllers/rke2controlplane_controller_test.go
Comment on lines +284 to +287
_, err = r.reconcileKubeconfig(ctx, clusterName, endpoint, rcp)
Expect(err).ToNot(HaveOccurred())

Expect(testEnv.Get(ctx, client.ObjectKey{Namespace: ns.Name, Name: secret.Name}, secret)).To(Succeed())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we also check that the kubeconfig secret is actually rotated? It seems to me that the current validation equals to “no rotation” test case: https://github.com/rancher/cluster-api-provider-rke2/pull/550/files#diff-cd4559684c03b3b2a238ed4f8c142bb867312c79174f5a6474b157ac7849a737R312-R316

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Danil-Grigorev Danil-Grigorev Danil-Grigorev left review comments

@alexander-demicev alexander-demicev alexander-demicev requested changes

@anmazzotti anmazzotti anmazzotti approved these changes

@yiannistri yiannistri yiannistri approved these changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
area/testing Indicates an issue related to test
Projects
CAPI & Hosted Kubernetes providers (EKS/AKS/GKE)
Status: PR to be reviewed
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Kubeconfig client certs not automatically renewed
5 participants
@furkatgofurov7 @yiannistri @alexander-demicev @Danil-Grigorev @anmazzotti