fix(tests)

CRDs are now managed by Makefile
HarborClass are disable for ChartMuseum
Trivy test with TLS
Trivy test add Redis
Fix TLS certificate generation
Create databases at Postgres pod init

Signed-off-by: Simon Guyennet <simon.guyennet@corp.ovh.com>

Makefile

@@ -107,7 +107,7 @@ diff:
 	git diff --stat --diff-filter=d --exit-code HEAD
 
 .PHONY: go-test
-go-test: go-generate
+go-test: install certmanager
 ifeq (, $(USE_EXISTING_CLUSTER))
 	$(warning USE_EXISTING_CLUSTER variable is not defined)
 endif
@@ -356,12 +356,12 @@ $(CHART_HARBOR_OPERATOR)/README.md: helm-docs $(CHART_HARBOR_OPERATOR)/README.md
 
 # Install CRDs into a cluster
 .PHONY: install
-install: go-generate kustomize
+install: go-generate
 	kubectl apply -f config/crd/bases
 
 # Uninstall CRDs from a cluster
 .PHONY: uninstall
-uninstall: go-generate kustomize
+uninstall: go-generate
 	kubectl delete -f config/crd/bases
 
 go-generate: controller-gen stringer
@@ -456,7 +456,7 @@ jetstack:
 .PHONY: dev-certificate
 dev-certificate:
 	$(RM) -r "$(TMPDIR)k8s-webhook-server/serving-certs"
-	$(TMPDIR)k8s-webhook-server/serving-certs/tls.crt
+	$(MAKE) $(TMPDIR)k8s-webhook-server/serving-certs/tls.crt
 
 $(TMPDIR)k8s-webhook-server/serving-certs/tls.crt:
 	mkdir -p "$(TMPDIR)k8s-webhook-server/serving-certs"

controllers/goharbor/chartmuseum/chartmuseum_test.go

@@ -46,9 +46,11 @@ var _ = Describe("ChartMuseum", func() {
 		chartMuseum.ObjectMeta = metav1.ObjectMeta{
 			Name:      test.NewName("chartmuseum"),
 			Namespace: ns.GetName(),
+			/* TODO: Enable this when HarborClass is fixed
 			Annotations: map[string]string{
 				goharborv1alpha2.HarborClassAnnotation: harborClass,
 			},
+			*/
 		}
 	})
 
@@ -72,7 +74,7 @@ var _ = Describe("ChartMuseum", func() {
 							},
 						},
 					},
-					URL: "https://the.chartserver.url",
+					URL: "http://the.chartserver.url",
 				},
 			}
 		})
@@ -132,7 +134,7 @@ func IntegTest(ctx context.Context, chartMuseum *goharborv1alpha2.ChartMuseum) {
 	}
 
 	// Make sure chart museum is up and running
-	time.Sleep(60 * time.Second)
+	//time.Sleep(60 * time.Second)
 
 	proxyReq := client.Get().
 		Resource("services").

controllers/goharbor/chartmuseum/suite_test.go

@@ -20,12 +20,10 @@ import (
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
-	"github.com/ovh/configstore"
 
 	"github.com/goharbor/harbor-operator/controllers"
 	"github.com/goharbor/harbor-operator/controllers/goharbor/chartmuseum"
 	"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
-	"github.com/goharbor/harbor-operator/pkg/config"
 	"sigs.k8s.io/controller-runtime/pkg/envtest/printer"
 )
 
@@ -56,8 +54,10 @@ var _ = BeforeSuite(func(done Done) {
 	name := controllers.ChartMuseum.String()
 	harborClass = test.NewName(name)
 
-	configStore, provider := test.NewConfig(ctx, chartmuseum.ConfigTemplatePathKey, path.Base(chartmuseum.DefaultConfigTemplatePath))
+	configStore, _ := test.NewConfig(ctx, chartmuseum.ConfigTemplatePathKey, path.Base(chartmuseum.DefaultConfigTemplatePath))
+	/* TODO: Enable this when HarborClass is fixed
 	provider.Add(configstore.NewItem(config.HarborClassKey, harborClass, 100))
+	*/
 	configStore.Env(name)
 
 	commonReconciler, err := chartmuseum.New(ctx, name, configStore)

controllers/goharbor/controller_test.go

@@ -103,11 +103,11 @@ var _ = DescribeTable(
 	Entry("Registry", newRegistryController(), time.Minute, 5*time.Second),
 	Entry("RegistryCtl", newRegistryCtlController(), 2*time.Minute, 5*time.Second),
 	Entry("ChartMuseum", newChartMuseumController(), time.Minute, 5*time.Second),
-	Entry("Trivy", newTrivyController(), time.Minute, 5*time.Second),
+	Entry("Trivy", newTrivyController(), 3*time.Minute, 5*time.Second),
 	Entry("NotaryServer", newNotaryServerController(), time.Minute, 5*time.Second),
 	Entry("NotarySigner", newNotarySignerController(), time.Minute, 5*time.Second),
 	Entry("Core", newCoreController(), time.Minute, 5*time.Second),
 	Entry("JobService", newJobServiceController(), time.Minute, 5*time.Second),
 	// Following tests require redis
-	PEntry("Harbor", newHarborController(), 5*time.Minute, 10*time.Second),
+	Entry("Harbor", newHarborController(), 5*time.Minute, 10*time.Second),
 )

controllers/goharbor/core_test.go

@@ -19,10 +19,10 @@ package goharbor_test
 import (
 	"context"
 
-	. "github.com/onsi/gomega"
-
 	goharborv1alpha2 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1alpha2"
 	harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1"
+	"github.com/goharbor/harbor-operator/controllers/goharbor/internal/test"
+	. "github.com/onsi/gomega"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -36,15 +36,15 @@ func newCoreController() controllerTest {
 	}
 }
 
-func setupCoreResourceDependencies(ctx context.Context, ns string) (string, string, string, string, string, string, string, string) {
+func setupCoreResourceDependencies(ctx context.Context, ns string) (string, string, string, string, string, string, string) {
 	encryption := newName("encryption")
 	csrf := newName("csrf")
 	registryCtl := newName("registryctl")
 	admin := newName("admin-password")
 	core := newName("core-secret")
 	jobservice := newName("jobservice-secret")
 	tokenCert := newName("token-certificate")
-	redis := newName("redis")
+	//redis := newName("redis")
 
 	Expect(k8sClient.Create(ctx, &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
@@ -117,11 +117,11 @@ func setupCoreResourceDependencies(ctx context.Context, ns string) (string, stri
 			Name:      tokenCert,
 			Namespace: ns,
 		},
-		Data: generateCertificate(),
+		Data: test.GenerateCertificate(),
 		Type: harbormetav1.SecretTypeSingle,
 	})).To(Succeed())
 
-	Expect(k8sClient.Create(ctx, &corev1.Secret{
+	/*Expect(k8sClient.Create(ctx, &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      redis,
 			Namespace: ns,
@@ -130,15 +130,16 @@ func setupCoreResourceDependencies(ctx context.Context, ns string) (string, stri
 			harbormetav1.RedisPasswordKey: "the-redis-password",
 		},
 		Type: harbormetav1.SecretTypeRedis,
-	})).To(Succeed())
+	})).To(Succeed())*/
 
-	return encryption, csrf, registryCtl, admin, core, jobservice, tokenCert, redis
+	return encryption, csrf, registryCtl, admin, core, jobservice, tokenCert
 }
 
 func setupValidCore(ctx context.Context, ns string) (Resource, client.ObjectKey) {
-	encryptionKeyName, csrfKey, registryCtlPassword, adminPassword, coreSecret, jobserviceSecret, tokenCertificate, redisPassword := setupCoreResourceDependencies(ctx, ns)
+	encryptionKeyName, csrfKey, registryCtlPassword, adminPassword, coreSecret, jobserviceSecret, tokenCertificate := setupCoreResourceDependencies(ctx, ns)
 
 	database := setupPostgresql(ctx, ns)
+	redis := setupRedis(ctx, ns)
 
 	name := newName("core")
 	core := &goharborv1alpha2.Core{
@@ -175,9 +176,6 @@ func setupValidCore(ctx context.Context, ns string) (Resource, client.ObjectKey)
 						RedisHostSpec: harbormetav1.RedisHostSpec{
 							Host: "registry-redis",
 						},
-						RedisCredentials: harbormetav1.RedisCredentials{
-							PasswordRef: redisPassword,
-						},
 						Database: 2,
 					},
 				},
@@ -190,15 +188,7 @@ func setupValidCore(ctx context.Context, ns string) (Resource, client.ObjectKey)
 				},
 			},
 			Redis: goharborv1alpha2.CoreRedisSpec{
-				RedisConnection: harbormetav1.RedisConnection{
-					RedisHostSpec: harbormetav1.RedisHostSpec{
-						Host: "the.redis.url",
-					},
-					RedisCredentials: harbormetav1.RedisCredentials{
-						PasswordRef: redisPassword,
-					},
-					Database: harbormetav1.CoreRedis.Index(),
-				},
+				RedisConnection: redis,
 			},
 		},
 	}

controllers/goharbor/harbor_test.go

@@ -30,10 +30,13 @@ import (
 	cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
 	corev1 "k8s.io/api/core/v1"
 	apierrs "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
+const storageRequest = "10Mi"
+
 var _ = Context("Harbor reconciler", func() {
 	var ctx context.Context
 
@@ -68,7 +71,7 @@ func newHarborController() controllerTest {
 	}
 }
 
-func setupHarborResourceDependencies(ctx context.Context, ns string) (string, string, string) {
+func setupHarborResourceDependencies(ctx context.Context, ns string) (string, string, string, string) {
 	adminSecretName := newName("admin-secret")
 
 	err := k8sClient.Create(ctx, &corev1.Secret{
@@ -98,23 +101,50 @@ func setupHarborResourceDependencies(ctx context.Context, ns string) (string, st
 	})
 	Expect(err).ToNot(HaveOccurred())
 
-	pvcName := newName("pvc")
+	registryPvcName := newName("registry-pvc")
+
+	err = k8sClient.Create(ctx, &corev1.PersistentVolumeClaim{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      registryPvcName,
+			Namespace: ns,
+		},
+		Spec: corev1.PersistentVolumeClaimSpec{
+			AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce},
+			Resources: corev1.ResourceRequirements{
+				Requests: corev1.ResourceList{
+					corev1.ResourceStorage: resource.MustParse(storageRequest),
+				},
+			},
+		},
+	})
+	Expect(err).ToNot(HaveOccurred())
+
+	chartPvcName := newName("chart-pvc")
 
 	err = k8sClient.Create(ctx, &corev1.PersistentVolumeClaim{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      pvcName,
+			Name:      chartPvcName,
 			Namespace: ns,
 		},
+		Spec: corev1.PersistentVolumeClaimSpec{
+			AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteOnce},
+			Resources: corev1.ResourceRequirements{
+				Requests: corev1.ResourceList{
+					corev1.ResourceStorage: resource.MustParse(storageRequest),
+				},
+			},
+		},
 	})
 	Expect(err).ToNot(HaveOccurred())
 
-	return pvcName, adminSecretName, tokenIssuerName
+	return registryPvcName, chartPvcName, adminSecretName, tokenIssuerName
 }
 
 func setupValidHarbor(ctx context.Context, ns string) (Resource, client.ObjectKey) {
-	pvcName, adminSecretName, tokenIssuerName := setupHarborResourceDependencies(ctx, ns)
+	registryPvcName, chartPvcName, adminSecretName, tokenIssuerName := setupHarborResourceDependencies(ctx, ns)
 
-	database := setupPostgresql(ctx, ns)
+	database := setupPostgresql(ctx, ns, "core")
+	redis := setupRedis(ctx, ns)
 
 	name := newName("harbor")
 	publicURL := url.URL{
@@ -136,10 +166,15 @@ func setupValidHarbor(ctx context.Context, ns string) (Resource, client.ObjectKe
 					RegistryPersistentVolume: goharborv1alpha2.HarborStorageRegistryPersistentVolumeSpec{
 						HarborStoragePersistentVolumeSpec: goharborv1alpha2.HarborStoragePersistentVolumeSpec{
 							PersistentVolumeClaimVolumeSource: corev1.PersistentVolumeClaimVolumeSource{
-								ClaimName: pvcName,
+								ClaimName: registryPvcName,
 							},
 						},
 					},
+					ChartPersistentVolume: &goharborv1alpha2.HarborStoragePersistentVolumeSpec{
+						PersistentVolumeClaimVolumeSource: corev1.PersistentVolumeClaimVolumeSource{
+							ClaimName: chartPvcName,
+						},
+					},
 				},
 			},
 			HarborComponentsSpec: goharborv1alpha2.HarborComponentsSpec{
@@ -153,6 +188,10 @@ func setupValidHarbor(ctx context.Context, ns string) (Resource, client.ObjectKe
 					Hosts:               database.Hosts,
 					SSLMode:             harbormetav1.PostgresSSLMode(database.Parameters[harbormetav1.PostgresSSLModeKey]),
 				},
+				Redis: goharborv1alpha2.ExternalRedisSpec{
+					RedisHostSpec:    redis.RedisHostSpec,
+					RedisCredentials: redis.RedisCredentials,
+				},
 			},
 		},
 	}