fix acceptance tests

Signed-off-by: Jan Martens <jan@martens.eu.org>
2024-09-04 23:20:47 +02:00 · 2024-09-04 23:20:47 +02:00 · 4f63aa2373
commit 4f63aa2373
parent d6a660e868
6 changed files with 12 additions and 133 deletions
--- a/test/acceptance/csi.bats
+++ b/test/acceptance/csi.bats
@ -35,7 +35,7 @@ load _helpers
  kubectl --namespace=acceptance wait --for=condition=Ready --timeout=5m pod -l app.kubernetes.io/name=openbao-csi-provider
  # Set up k8s auth and a kv secret.
-  cat ./test/acceptance/csi-test/openbao-policy.hcl | kubectl --namespace=acceptance exec -i openbao-0 -- openbao policy write kv-policy -
+  cat ../../test/acceptance/csi-test/openbao-policy.hcl | kubectl --namespace=acceptance exec -i openbao-0 -- bao policy write kv-policy -
  kubectl --namespace=acceptance exec openbao-0 -- bao auth enable kubernetes
  kubectl --namespace=acceptance exec openbao-0 -- sh -c 'bao write auth/kubernetes/config \
    kubernetes_host="https://$KUBERNETES_PORT_443_TCP_ADDR:443"'
@ -46,8 +46,8 @@ load _helpers
    ttl=20m
  kubectl --namespace=acceptance exec openbao-0 -- bao kv put secret/kv1 bar1=hello1
-  kubectl --namespace=acceptance apply -f ./test/acceptance/csi-test/openbao-kv-secretproviderclass.yaml
+  kubectl --namespace=acceptance apply -f ../../test/acceptance/csi-test/openbao-kv-secretproviderclass.yaml
-  kubectl --namespace=acceptance apply -f ./test/acceptance/csi-test/nginx.yaml
+  kubectl --namespace=acceptance apply -f ../../test/acceptance/csi-test/nginx.yaml
  kubectl --namespace=acceptance wait --for=condition=Ready --timeout=5m pod nginx
  result=$(kubectl --namespace=acceptance exec nginx -- cat /mnt/secrets-store/bar)
--- a/test/acceptance/injector-leader-elector.bats
+++ b/test/acceptance/injector-leader-elector.bats
@ -13,9 +13,9 @@ load _helpers
    --wait \
    --timeout=5m \
    --set="injector.replicas=3" .
-  kubectl wait --for condition=Ready pod -l app.kubernetes.io/name=vault-agent-injector --timeout=5m
+  kubectl wait --for condition=Ready pod -l app.kubernetes.io/name=openbao-agent-injector --timeout=5m
-  pods=($(kubectl get pods -l app.kubernetes.io/name=vault-agent-injector -o json | jq -r '.items[] | .metadata.name'))
+  pods=($(kubectl get pods -l app.kubernetes.io/name=openbao-agent-injector -o json | jq -r '.items[] | .metadata.name'))
  [ "${#pods[@]}" == 3 ]
  leader=''
--- a/test/acceptance/injector.bats
+++ b/test/acceptance/injector.bats
@ -9,13 +9,13 @@ load _helpers
  kubectl create namespace acceptance
  kubectl config set-context --current --namespace=acceptance
-  kubectl create -f ./test/acceptance/injector-test/pg-deployment.yaml
+  kubectl create -f ../../test/acceptance/injector-test/pg-deployment.yaml
  sleep 5
  wait_for_ready $(kubectl get pod -l app=postgres -o jsonpath="{.items[0].metadata.name}")
  kubectl create secret generic test \
-    --from-file ./test/acceptance/injector-test/pgdump-policy.hcl \
+    --from-file ../../test/acceptance/injector-test/pgdump-policy.hcl \
-    --from-file ./test/acceptance/injector-test/bootstrap.sh
+    --from-file ../../test/acceptance/injector-test/bootstrap.sh
  kubectl label secret test app=openbao-agent-demo
@ -39,7 +39,7 @@ load _helpers
  [ "${init_status}" == "true" ]
-  kubectl create -f ./test/acceptance/injector-test/job.yaml
+  kubectl create -f ../../test/acceptance/injector-test/job.yaml
  wait_for_complete_job "pgdump"
 }
--- a/test/acceptance/server-annotations.bats
+++ b/test/acceptance/server-annotations.bats
@ -8,7 +8,7 @@ load _helpers
  kubectl create namespace acceptance
  kubectl config set-context --current --namespace=acceptance
-  helm install "$(name_prefix)" -f ./test/acceptance/server-test/annotations-overrides.yaml .
+  helm install "$(name_prefix)" -f ../../test/acceptance/server-test/annotations-overrides.yaml .
  wait_for_running $(name_prefix)-0
  # service annotations
--- a/test/acceptance/server-ha.bats
+++ b/test/acceptance/server-ha.bats
@ -1,121 +0,0 @@
 #!/usr/bin/env bats
 load _helpers
@test "server/ha: testing deployment" {
  cd `chart_dir`
  helm install "$(name_prefix)" \
    --set='server.ha.enabled=true' .
  wait_for_running $(name_prefix)-0
  # Sealed, not initialized
  wait_for_sealed_vault $(name_prefix)-0
  local init_status=$(kubectl exec "$(name_prefix)-0" -- bao status -format=json |
    jq -r '.initialized')
  [ "${init_status}" == "false" ]
  # Replicas
  local replicas=$(kubectl get statefulset "$(name_prefix)" --output json |
    jq -r '.spec.replicas')
  [ "${replicas}" == "3" ]
  # Volume Mounts
  local volumeCount=$(kubectl get statefulset "$(name_prefix)" --output json |
    jq -r '.spec.template.spec.containers[0].volumeMounts | length')
  [ "${volumeCount}" == "2" ]
  # Volumes
  local volumeCount=$(kubectl get statefulset "$(name_prefix)" --output json |
    jq -r '.spec.template.spec.volumes | length')
  [ "${volumeCount}" == "2" ]
  local volume=$(kubectl get statefulset "$(name_prefix)" --output json |
    jq -r '.spec.template.spec.volumes[0].configMap.name')
  [ "${volume}" == "$(name_prefix)-config" ]
  # Service
  local service=$(kubectl get service "$(name_prefix)" --output json |
    jq -r '.spec.clusterIP')
  [ "${service}" != "None" ]
  local service=$(kubectl get service "$(name_prefix)" --output json |
    jq -r '.spec.type')
  [ "${service}" == "ClusterIP" ]
  local ports=$(kubectl get service "$(name_prefix)" --output json |
    jq -r '.spec.ports | length')
  [ "${ports}" == "2" ]
  local ports=$(kubectl get service "$(name_prefix)" --output json |
    jq -r '.spec.ports[0].port')
  [ "${ports}" == "8200" ]
  local ports=$(kubectl get service "$(name_prefix)" --output json |
    jq -r '.spec.ports[1].port')
  [ "${ports}" == "8201" ]
  # OpenBao Init
  local token=$(kubectl exec -ti "$(name_prefix)-0" -- \
    bao operator init -format=json -n 1 -t 1 | \
    jq -r '.unseal_keys_b64[0]')
  [ "${token}" != "" ]
  # OpenBao Unseal
  local pods=($(kubectl get pods --selector='app.kubernetes.io/name=openbao' -o json | jq -r '.items[].metadata.name'))
  for pod in "${pods[@]}"
  do
      kubectl exec -ti ${pod} -- bao operator unseal ${token}
  done
  wait_for_ready "$(name_prefix)-0"
  # Sealed, not initialized
  local sealed_status=$(kubectl exec "$(name_prefix)-0" -- bao status -format=json |
    jq -r '.sealed' )
  [ "${sealed_status}" == "false" ]
  local init_status=$(kubectl exec "$(name_prefix)-0" -- bao status -format=json |
    jq -r '.initialized')
  [ "${init_status}" == "true" ]
 }
 # setup a consul env
 setup() {
  kubectl delete namespace acceptance --ignore-not-found=true
  kubectl create namespace acceptance
  kubectl config set-context --current --namespace=acceptance
  helm repo add hashicorp https://helm.releases.hashicorp.com
  helm repo update
  CONSUL_HELM_VERSION=v0.48.0
  K8S_MAJOR=$(kubectl version --output=json | jq -r .serverVersion.major)
  K8S_MINOR=$(kubectl version --output=json | jq -r .serverVersion.minor)
  if [ \( $K8S_MAJOR -eq 1 \) -a \( $K8S_MINOR -le 20 \) ]; then
    CONSUL_HELM_VERSION=v0.32.1
  fi
  helm install consul hashicorp/consul \
    --version $CONSUL_HELM_VERSION \
    --set 'ui.enabled=false'
  wait_for_running_consul
 }
 #cleanup
 teardown() {
  if [[ ${CLEANUP:-true} == "true" ]]
  then
      # If the test failed, print some debug output
      if [[ "$BATS_ERROR_STATUS" -ne 0 ]]; then
          kubectl logs -l app=consul
          kubectl logs -l app.kubernetes.io/name=openbao
      fi
      helm delete openbao
      helm delete consul
      kubectl delete --all pvc
      kubectl delete namespace acceptance --ignore-not-found=true
  fi
 }
--- a/test/acceptance/server-telemetry.bats
+++ b/test/acceptance/server-telemetry.bats
@ -19,7 +19,7 @@ load _helpers
  helm install \
    --wait \
-    --values ./test/acceptance/server-test/telemetry.yaml \
+    --values ../../test/acceptance/server-test/telemetry.yaml \
    "$(name_prefix)" .
  wait_for_running $(name_prefix)-0