-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add E2E test to assert self-signed CA support. #2458
Conversation
78635ed
to
c39914f
Compare
c39914f
to
63de2e3
Compare
@@ -65,7 +65,7 @@ githubConfigSecret: | |||
# certificateFrom: | |||
# configMapKeyRef: | |||
# name: config-map-name | |||
# key: ca.pem | |||
# key: ca.crt |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
update-ca-certificate
only checks files with .crt
extension.
https://manpages.ubuntu.com/manpages/xenial/man8/update-ca-certificates.8.html
--name mitmproxy \ | ||
--publish 8080:8080 \ | ||
-v ${{ github.workspace }}/mitmproxy:/home/mitmproxy/.mitmproxy \ | ||
mitmproxy/mitmproxy:latest \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
mitmproxy/mitmproxy:latest
can decrypt HTTP requests, I am using that as the self-signed CA test server.
--set "githubServerTLS.certificateFrom.configMapKeyRef.name=ca-cert" \ | ||
--set "githubServerTLS.certificateFrom.configMapKeyRef.key=mitmproxy-ca-cert.crt" \ | ||
--set "githubServerTLS.runnerMountPath=/usr/local/share/ca-certificates/" \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Feed in the cert
kubectl create namespace arc-runners | ||
kubectl -n arc-runners create configmap ca-cert --from-file="${{ github.workspace }}/mitmproxy/mitmproxy-ca-cert.crt" | ||
kubectl -n arc-runners get configmap ca-cert -o yaml | ||
ARC_NAME=${{github.job}}-$(date +'%M%S')$((($RANDOM + 100) % 100 + 1)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ARC_NAME=${{github.job}}-$(date +'%M%S')$((($RANDOM + 100) % 100 + 1)) | |
ARC_NAME=${{github.job}}-$(date +'%M%S')$(($RANDOM % 100 + 1)) |
Do we need + 100? This should also work fine as far as I know
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+100, so you always get 3 digit number. 😄 not required.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know but I tested to see if it is okay to have for example:
echo $((5 % 100 + 1))
that would result in:
6
If you prefer this, ignore my suggestion
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will keep this for now. if we want to change, we will change all other jobs to follow the same pattern in a different PR. 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
No description provided.