-
Notifications
You must be signed in to change notification settings - Fork 134
/
slim-collector.sh
executable file
·127 lines (104 loc) · 4.28 KB
/
slim-collector.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
#! /usr/bin/env bash
set -uo pipefail
# This test script requires API_ENDPOINT and ROX_PASSWORD to be set in the environment.
[ -n "$API_ENDPOINT" ]
[ -n "$ROX_PASSWORD" ]
echo "Using API_ENDPOINT $API_ENDPOINT"
FAILURES=0
eecho() {
echo "$@" >&2
}
die() {
eecho "$@"
exit 1
}
curl_central() {
url="$1"
shift
[[ -n "${url}" ]] || die "No URL specified"
curl --retry 5 --retry-connrefused -Sskf -u "admin:${ROX_PASSWORD}" "https://${API_ENDPOINT}/${url}" "$@"
}
check_image() {
image="$1"
condition="$2"
if [[ "$condition" == "has -slim" ]]; then
[[ "$image" == *"-slim"* ]]
return $?
fi
[[ "$image" != *"-slim"* ]]
return $?
}
# Retrieve API token
API_TOKEN_JSON="$(curl_central v1/apitokens/generate \
-d '{"name": "test", "role": "Admin"}')" \
|| die "Failed to retrieve Rox API token"
ROX_API_TOKEN="$(echo "$API_TOKEN_JSON" | jq -er .token)" \
|| die "Failed to retrieve token from JSON"
export ROX_API_TOKEN
test_collector_image_references_in_deployment_bundles() {
SLIM_COLLECTOR_FLAG="$1"
EXPECTED_IMAGE_CONDITION="$2"
CLUSTER_NAME="test-cluster-${RANDOM}-${RANDOM}-${RANDOM}"
echo "Testing correctness of collector image references for clusters generated with $SLIM_COLLECTOR_FLAG (cluster name is $CLUSTER_NAME)"
# Verify that generating a cluster works.
if OUTPUT="$(roxctl --insecure-skip-tls-verify --insecure -e "$API_ENDPOINT" \
sensor generate k8s --name "$CLUSTER_NAME" "$SLIM_COLLECTOR_FLAG" 2>&1)"; then
echo "[OK] Generating cluster works"
else
eecho "[FAIL] Failed to generate cluster"
eecho "Captured output was:"
eecho "$OUTPUT"
printf "\n\n" >&2
FAILURES=$((FAILURES + 1))
return
fi
cluster_id="$(curl_central v1/clusters | jq --arg name "${CLUSTER_NAME}" '.clusters | .[] | select(.name==$name).id' -r)"
if [[ -n "${cluster_id}" ]]; then
echo "[OK] Got cluster id ${cluster_id}"
else
eecho "[FAIL] Failed to retrieve cluster id"
FAILURES=$((FAILURES + 1))
return
fi
# Verify that generated bundle references the expected collector image.
COLLECTOR_IMAGE="$(egrep 'image: \S+/collector' "sensor-${CLUSTER_NAME}/collector.yaml" | sed -e 's/[^:]*: "\(.*\)"$/\1/;')"
if check_image "$COLLECTOR_IMAGE" "$EXPECTED_IMAGE_CONDITION"; then
echo "[OK] Newly generated bundle collector image satisfies condition: $EXPECTED_IMAGE_CONDITION"
else
eecho "[FAIL] Newly generated bundle collector image does not satisfy condition: $EXPECTED_IMAGE_CONDITION (collector image is $COLLECTOR_IMAGE)"
FAILURES=$((FAILURES + 1))
return
fi
rm -r "sensor-${CLUSTER_NAME}"
# Verify that refetching deployment bundle for newly created cluster works as expected (i.e. that the bundle references the expected collector image).
OUTPUT="$(roxctl --insecure-skip-tls-verify --insecure -e "$API_ENDPOINT" \
sensor get-bundle --output-dir="sensor-${CLUSTER_NAME}-refetched" "$CLUSTER_NAME" 2>&1)"
COLLECTOR_IMAGE="$(egrep 'image: \S+/collector' "sensor-${CLUSTER_NAME}-refetched/collector.yaml" | sed -e 's/[^:]*: "\(.*\)"$/\1/;')"
if check_image "$COLLECTOR_IMAGE" "$EXPECTED_IMAGE_CONDITION"; then
echo "[OK] Refetched deployment collector image still satisfies condition: $EXPECTED_IMAGE_CONDITION"
else
eecho "[FAIL] Refetched deployment bundle collector image does not satisfy condition: $EXPECTED_IMAGE_CONDITION (collector image is $COLLECTOR_IMAGE)"
eecho "Captured output was:"
eecho "$OUTPUT"
FAILURES=$((FAILURES + 1))
return
fi
rm -r "sensor-${CLUSTER_NAME}-refetched"
curl_central "v1/clusters/${cluster_id}" -X DELETE
if [[ $? -eq 0 ]]; then
echo "[OK] Successfully cleaned up cluster"
else
eecho "[FAIL] Failed to delete cluster"
FAILURES=$((FAILURES + 1))
return
fi
}
test_collector_image_references_in_deployment_bundles "--slim-collector" "has -slim"
test_collector_image_references_in_deployment_bundles "--slim-collector=auto" "has -slim" # Central is deployed in online mode in CI
test_collector_image_references_in_deployment_bundles "--slim-collector=false" "does not have -slim"
if [ $FAILURES -eq 0 ]; then
echo "Passed"
else
echo "$FAILURES tests failed"
exit 1
fi