Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding integration testing to the repo #2

Merged
merged 20 commits into from
Dec 16, 2022
Merged

Adding integration testing to the repo #2

merged 20 commits into from
Dec 16, 2022

Conversation

tvoran
Copy link
Member

@tvoran tvoran commented Dec 1, 2022
edited
Loading

Runs the operator integration tests with the last four version of Kubernetes, and the last three versions of Vault.

The setup is similar to our other k8s projects (make setup-integration-test, etc.), and the test itself is using a bit of terratest to configure vault and test the operator.

Makefile target setup-integration calls helm to install vault and applies the hostPort patch (setup-integration-test-common), builds the docker image (ci-docker-build) and copies it to kind (ci-deploy-kind).

Makefile target(s) integration-test/integration-test-ent runs the tests under integrationtest/, which applies the terraform under integrationtest/vaultsecret-kv/terraform/ to configure the vault kv2 secrets engine, sets a secret in Vault, creates a VaultSecret CR, checks the resulting k8s Secret, updates the Vault secret, and checks that the update is reflected in the k8s Secret.

Still TODO:

  • Finish setting up vault-enterprise testing
  • Prune unnecessary test combinations
  • Use client-go and the generated CRD types instead of yaml for creating the VaultSecret CR in the test
  • Poll for k8s Secret changes instead of sleeping

@tvoran
Adding integration testing to the repo
89a6fcb 
The setup is similar to our other k8s projects (make
setup-integration-test, etc.), and the test itself is using terratest
to configure vault and test the operator.
@tvoran
fix cluster_name
f08913f
@tvoran
support vault-enterprise in the test
3b1ee76
@tvoran
fix license path
32c0396
@tvoran
makefile formatting
bb0a31e
@tvoran
moving license_tmp definition
6db51e4
@tvoran
exclude some unnecessary combos
564eb3a
@tvoran
excluding unnecessary test combos
2651dce
@tvoran
clarify test combo comment
f1a1555
@tvoran
Merge remote-tracking branch 'origin/main' into VAULT-11584/integration
780d1f8
@tvoran
code and waiting
4865a9f 
Use code instead of yaml to create the VaultSecret in the test. Wait
for the k8s secret to be updated instead of sleeping.
@tvoran
copywrite headers and config
5f35c86
@tvoran
cleanup and comments
2f05753
@tvoran
versions for terraform providers
b631c19
@tvoran tvoran marked this pull request as ready for review December 7, 2022 00:05
@tvoran tvoran requested a review from benashz December 7, 2022 00:07
benashz
benashz reviewed Dec 14, 2022
View reviewed changes
Copy link
Collaborator

@benashz benashz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking great. A few minor nits/suggestions to address then 👍

.github/workflows/tests.yaml Outdated Show resolved Hide resolved
.github/workflows/tests.yaml
# kind-k8s-version: [1.22.15, 1.23.13, 1.24.7]
# vault-version: [1.10.9, 1.11.6]
exclude:
- kind-k8s-version: 1.24.7
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, this setup seems a bit onerous to maintain, but I guess it does the job.

integrationtest/kind/config.yaml Show resolved Hide resolved
integrationtest/vault/hostPortPatch.yaml
@@ -0,0 +1,16 @@
# Copyright (c) HashiCorp, Inc.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if just doing a kubectl port-forward ... might be simpler than setting up the hostport stuff? Not sure which is the best approach.

integrationtest/vaultsecret-kv/terraform/main.tf Show resolved Hide resolved
integrationtest/integration_test.go Outdated Show resolved Hide resolved
integrationtest/vaultsecret_integration_test.go Outdated Show resolved Hide resolved
integrationtest/vaultsecret_integration_test.go Outdated Show resolved Hide resolved
integrationtest/vaultsecret_integration_test.go Outdated Show resolved Hide resolved
integrationtest/vaultsecret_integration_test.go Outdated Show resolved Hide resolved
tvoran and others added 6 commits December 16, 2022 08:05
@tvoran @benashz
Apply suggestions from code review
f7f7d20 
Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
@tvoran
more suggestions from code review
d123813
@tvoran
fixing TESTARGS usage and default to -test.v
d79bb31
@tvoran
more review feedback
abfde02 
fail test if KIND_CLUSTER_NAME not set

use unique ids for vault and k8s namespaces
@tvoran
fixing tests and log expected vs actual
df99945
@tvoran
fixing tests
f925b85
benashz
benashz approved these changes Dec 16, 2022
View reviewed changes
Copy link
Collaborator

@benashz benashz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!

@tvoran tvoran merged commit f277fc5 into main Dec 16, 2022
@tvoran tvoran deleted the VAULT-11584/integration branch December 16, 2022 21:18
benashz added a commit that referenced this pull request Feb 1, 2023
@benashz
Post review updates #2
99008f8
benashz added a commit that referenced this pull request May 13, 2024
@benashz
Post review updates #2
b73710d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benashz benashz benashz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tvoran @benashz