fix!: default config

Signed-off-by: Ievgenii Shepeliuk <eshepelyuk@gmail.com>
open-policy-agent · Dec 30, 2022 · 3ff4763 · 3ff4763
1 parent 93d029c
commit 3ff4763
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 17 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -31,11 +31,17 @@ jobs:
       - run: |
           go install honnef.co/go/tools/cmd/staticcheck@latest
       - uses: extractions/setup-just@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - run: just lint
       - run: just test
       - uses: rinx/setup-k3d@v0.0.4
         with:
           skipClusterCreation: true
       - run: just k3d
       - run: pip install httpie
-      - run: just test-e2e-all
+      # - run: just test-e2e-all
+      - run: |
+          just build
+          env E2E_TEST=default just test-e2e
+          env E2E_TEST=custom_config just test-e2e
diff --git a/charts/opa-kube-mgmt/values.yaml b/charts/opa-kube-mgmt/values.yaml
@@ -1,18 +1,8 @@
 # Default values for opa.
 # -----------------------
 #
-# The 'opa' key embeds an OPA configuration file. See https://www.openpolicyagent.org/docs/configuration.html for more details.
-# Use 'opa: false' to disable the OPA configuration and rely on configmaps for policy loading.
-# See https://www.openpolicyagent.org/docs/latest/kubernetes-admission-control/#3-deploy-opa-on-top-of-kubernetes and the `mgmt.configmapPolicies` section below for more details.
-opa:
-  services:
-    controller:
-      url: 'https://www.openpolicyagent.org'
-  bundles:
-    quickstart:
-      service: controller
-      resource: /bundles/helm-kubernetes-quickstart
-  default_decision: /helm_kubernetes_quickstart/main
+# OPA configuration file. See https://www.openpolicyagent.org/docs/configuration.html for more details.
+opa: {}
 
 # Setup the webhook using cert-manager
 certManager:

diff --git a/justfile b/justfile
@@ -84,5 +84,6 @@ test-e2e-all: build
     echo "================"
     echo "= Running ${E} "
     echo "================"
+    kubectl delete deployment.apps/kube-mgmt-opa-kube-mgmt
     just E2E_TEST=${E} test-e2e
   done
diff --git a/test/e2e/custom_config/test.sh b/test/e2e/custom_config/test.sh
@@ -0,0 +1,8 @@
+#!/usr/bin/env sh
+set -ex
+
+TOKEN=$(kubectl exec deploy/kube-mgmt-opa-kube-mgmt -c mgmt -- cat /bootstrap/mgmt-token)
+OPA="http --ignore-stdin --default-scheme=https --verify=no -A bearer -a ${TOKEN} :8443/v1"
+
+${OPA}/data | jq -e '.result.test_helm_kubernetes_quickstart|keys|length==3'
+
diff --git a/test/e2e/custom_config/values.yaml b/test/e2e/custom_config/values.yaml
@@ -0,0 +1,9 @@
+opa:
+  services:
+    controller:
+      url: 'https://www.openpolicyagent.org'
+  bundles:
+    quickstart:
+      service: controller
+      resource: /bundles/helm-kubernetes-quickstart
+  default_decision: /helm_kubernetes_quickstart/main
diff --git a/test/e2e/default/test.sh b/test/e2e/default/test.sh
@@ -1,11 +1,10 @@
-#!/bin/sh
-set -e
-set -x
+#!/usr/bin/env sh
+set -ex
 
 TOKEN=$(kubectl exec deploy/kube-mgmt-opa-kube-mgmt -c mgmt -- cat /bootstrap/mgmt-token)
 OPA="http --ignore-stdin --default-scheme=https --verify=no -A bearer -a ${TOKEN} :8443/v1"
 
-${OPA}/data | jq -e '.result.test_helm_kubernetes_quickstart|keys|length==3'
+${OPA}/data | jq -e '.result|keys|length==0'
 
 kubectl apply -f "$(dirname $0)/../fixture.yaml"