Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add E2E test to assert self-signed CA support. #2458

Merged
merged 1 commit into from
Mar 31, 2023
Merged

Add E2E test to assert self-signed CA support. #2458

merged 1 commit into from
Mar 31, 2023

Conversation

TingluoHuang
Copy link
Member

No description provided.

TingluoHuang
TingluoHuang commented Mar 31, 2023
View reviewed changes
charts/gha-runner-scale-set/values.yaml
@@ -65,7 +65,7 @@ githubConfigSecret:
# certificateFrom:
# configMapKeyRef:
# name: config-map-name
# key: ca.pem
# key: ca.crt
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

update-ca-certificate only checks files with .crt extension.
https://manpages.ubuntu.com/manpages/xenial/man8/update-ca-certificates.8.html

TingluoHuang
TingluoHuang commented Mar 31, 2023
View reviewed changes
.github/workflows/e2e-test-linux-vm.yaml
--name mitmproxy \
--publish 8080:8080 \
-v ${{ github.workspace }}/mitmproxy:/home/mitmproxy/.mitmproxy \
mitmproxy/mitmproxy:latest \
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mitmproxy/mitmproxy:latest can decrypt HTTP requests, I am using that as the self-signed CA test server.

TingluoHuang
TingluoHuang commented Mar 31, 2023
View reviewed changes
.github/workflows/e2e-test-linux-vm.yaml
Comment on lines +651 to +653
--set "githubServerTLS.certificateFrom.configMapKeyRef.name=ca-cert" \
--set "githubServerTLS.certificateFrom.configMapKeyRef.key=mitmproxy-ca-cert.crt" \
--set "githubServerTLS.runnerMountPath=/usr/local/share/ca-certificates/" \
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feed in the cert

@TingluoHuang TingluoHuang marked this pull request as ready for review March 31, 2023 04:13
nikola-jokic
nikola-jokic reviewed Mar 31, 2023
View reviewed changes
.github/workflows/e2e-test-linux-vm.yaml
kubectl create namespace arc-runners
kubectl -n arc-runners create configmap ca-cert --from-file="${{ github.workspace }}/mitmproxy/mitmproxy-ca-cert.crt"
kubectl -n arc-runners get configmap ca-cert -o yaml
ARC_NAME=${{github.job}}-$(date +'%M%S')$((($RANDOM + 100) % 100 + 1))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
ARC_NAME=${{github.job}}-$(date +'%M%S')$((($RANDOM + 100) % 100 + 1))
ARC_NAME=${{github.job}}-$(date +'%M%S')$(($RANDOM % 100 + 1))

Do we need + 100? This should also work fine as far as I know

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+100, so you always get 3 digit number. 😄 not required.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know but I tested to see if it is okay to have for example:

echo $((5 % 100 + 1))

that would result in:

6

If you prefer this, ignore my suggestion ☺️ I was just like, maybe it is cleaner for the reader to see what is going on ☺️ The result is exactly the same

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will keep this for now. if we want to change, we will change all other jobs to follow the same pattern in a different PR. 😄

nikola-jokic
nikola-jokic approved these changes Mar 31, 2023
View reviewed changes
Copy link
Member

@nikola-jokic nikola-jokic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@TingluoHuang TingluoHuang merged commit e45e4c5 into master Mar 31, 2023
@TingluoHuang TingluoHuang deleted the users/tihuang/cae2e branch March 31, 2023 14:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nikola-jokic nikola-jokic nikola-jokic approved these changes

@mumoshu mumoshu Awaiting requested review from mumoshu mumoshu is a code owner

@toast-gear toast-gear Awaiting requested review from toast-gear toast-gear is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@TingluoHuang @nikola-jokic