diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 30d8828c64..8aabf62233 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -12,3 +12,6 @@ RUN curl -L "https://github.com/tilt-dev/tilt/releases/download/v${TILT_VERSION} RUN curl -L "https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/${KUSTOMIZE_VERSION}/kustomize_${KUSTOMIZE_VERSION}_linux_amd64.tar.gz" | tar -xvz && \ install kustomize /usr/local/bin + +# Auto-source Zenko env vars in all future terminals +RUN echo '[ -f "$HOME/.zenko.env" ] && source "$HOME/.zenko.env"' >> /etc/bash.bashrc diff --git a/.devcontainer/README.md b/.devcontainer/README.md index d49bda6dc5..d8301a2d6b 100644 --- a/.devcontainer/README.md +++ b/.devcontainer/README.md @@ -14,16 +14,23 @@ See [tests/ctst/README.md](../tests/ctst/README.md) for more details on building ## Running e2e tests in the codespace -To run the CTST tests in the codespace, head to `.github/script/end2end/` and run `run-e2e-ctst.sh` -script. Some variables need to be exported before running the tests. +### Node tests (mocha) ```bash - env_variables=$(yq eval '.env | to_entries | .[] | .key + "=" + .value' .github/workflows/end2end.yaml | sed 's/\${{[^}]*}}//g') && export $env_variables - export E2E_IMAGE_TAG=latest - export GCP_BACKEND_DESTINATION_LOCATION= +# Set up the test environment (endpoints, credentials, mongo, TLS) +source .github/scripts/end2end/setup-e2e-env.sh - cd .github/scripts/end2end/ - bash run-e2e-test.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "backbeat" "default" +# Run mocha directly (setup-e2e-env.sh already cd's to node_tests/) +yarn mocha --exit -t 10000 --recursive smoke_tests +yarn mocha --exit -t 10000 --recursive cloudserver/bucketGetV2 +yarn mocha --exit -t 10000 --grep "should list objects" --recursive cloudserver/bucketGetV2 +``` + +### CTST tests (cucumber) + +```bash +cd tests/ctst +./run-ctst-locally.sh @yourTag ``` ## Accessing s3 service @@ -67,10 +74,19 @@ Now you can use aws cli to interact with the S3 service ## Troubleshooting +### Know Issues + +Credentials for storage_manager will stop working when the Codespace is older than 12h +This is because we do an assume role in accounts.py with a max duration of 12h + ### Inspecting Codespace creation logs -You can inspect the logs of the Codespace creation this way: -1. Press `Ctrl+Shift+P` (or `Cmd+Shift+P` on Mac) -2. Type "Codespaces: Export Logs" and select it -3. A zip file will be downloaded to your local machine -4. In the zip, look at the `creation.log` file \ No newline at end of file +You can inspect the logs of the Codespace creation in 2 ways way: +1. When Codespace creation is still running : +Use Cmd/Ctrl + Shift + P -> View Creation Log to see full logs + +2. When the setup is finished, dump the logs : +a. Press `Ctrl+Shift+P` (or `Cmd+Shift+P` on Mac) +b. Type "Codespaces: Export Logs" and select it +c. A zip file will be downloaded to your local machine +d. In the zip, look at the `creation.log` file \ No newline at end of file diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 074e8ab4bf..2993386b29 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -12,7 +12,7 @@ "features": { "ghcr.io/devcontainers/features/docker-in-docker": {}, "ghcr.io/devcontainers/features/github-cli:1": {}, - "ghcr.io/devcontainers/features/node:1": {}, + "ghcr.io/devcontainers/features/node:1": { "version": "22" }, "ghcr.io/devcontainers/features/python:1": {}, "ghcr.io/devcontainers/features/sshd:1": {}, "ghcr.io/devcontainers-extra/features/kind:1": {}, diff --git a/.devcontainer/setup.sh b/.devcontainer/setup.sh index fa761b7548..915d00c669 100755 --- a/.devcontainer/setup.sh +++ b/.devcontainer/setup.sh @@ -2,12 +2,16 @@ set -e -env_variables=$(yq eval '.env | to_entries | .[] | .key + "=" + .value' .github/workflows/end2end.yaml | sed 's/\${{[^}]*}}//g') && export $env_variables -export GIT_ACCESS_TOKEN=${GITHUB_TOKEN} -export E2E_IMAGE_TAG=latest - +# Persist workflow env vars so they survive across terminal sessions +ZENKO_ENV_FILE="$HOME/.zenko.env" +yq eval '.env | to_entries | .[] | "export " + .key + "=" + (.value | tostring | @sh)' .github/workflows/end2end.yaml \ + | sed 's/\${{[^}]*}}//g' > "$ZENKO_ENV_FILE" +echo 'export GIT_ACCESS_TOKEN="${GITHUB_TOKEN}"' >> "$ZENKO_ENV_FILE" # Disable GCP tests as we don't have credentials setup in devcontainer -export GCP_BACKEND_DESTINATION_LOCATION= +echo 'export GCP_BACKEND_DESTINATION_LOCATION=' >> "$ZENKO_ENV_FILE" + +# Source now for this session +source "$ZENKO_ENV_FILE" GITHUB_ENV=$(mktemp /tmp/github_env.XXXXXX) @@ -22,10 +26,10 @@ for i in $(seq 0 $array_length); do working_dir=$(yq ".runs.steps[$i].working-directory" .github/actions/deploy/action.yaml) run_command=$(yq ".runs.steps[$i].run" .github/actions/deploy/action.yaml) - # We don't want to run `run-e2e-test.sh` because it is used for linting here, user will run it manually if needed after deployment - # We can't run `configure-e2e.sh` here because it needs an image that is not yet built and sent to kind, will be run after + # We can't run `configure-e2e.sh` here because it needs services to be ready first, will be run after + # User will run tests manually after deployment ( - if [[ "$run_command" != "null" && "$run_command" != *"configure-e2e.sh"* && "$run_command" != *"run-e2e-test.sh"* ]]; then + if [[ "$run_command" != "null" && "$run_command" != *"configure-e2e.sh"* ]]; then # Inject env 'generated' from previous steps source "$GITHUB_ENV" @@ -47,23 +51,6 @@ for i in $(seq 0 $array_length); do ) done -( - cd tests/zenko_tests - - envsubst < 'e2e-config.yaml.template' > 'e2e-config.yaml' - if [[ "${ENABLE_RING_TESTS}" == "false" ]]; then - yq -i 'del(.locations[] | select(.locationType == "location-scality-ring-s3-v1"))' e2e-config.yaml - fi - - if [ -z "$GCP_BACKEND_DESTINATION_LOCATION" ]; then - yq -i 'del(.locations[] | select(.locationType == "location-gcp-v1"))' e2e-config.yaml - fi - - docker build -t $E2E_IMAGE_NAME:$E2E_IMAGE_TAG . - kind load docker-image ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} - docker rmi ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} -) - ( cd .github/scripts/end2end diff --git a/.github/actions/deploy/action.yaml b/.github/actions/deploy/action.yaml index 65b774afca..abc9b7509c 100644 --- a/.github/actions/deploy/action.yaml +++ b/.github/actions/deploy/action.yaml @@ -87,9 +87,5 @@ runs: if: ${{ inputs.deploy_metadata == 'true' }} - name: End-to-end configuration shell: bash - run: bash configure-e2e.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "default" - working-directory: ./.github/scripts/end2end - - name: Linting - shell: bash - run: bash run-e2e-test.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "lint" "default" + run: bash configure-e2e.sh "end2end" "default" working-directory: ./.github/scripts/end2end diff --git a/.github/scripts/end2end/configure-e2e-ctst.sh b/.github/scripts/end2end/configure-e2e-ctst.sh index 51acd0b077..b856a20286 100755 --- a/.github/scripts/end2end/configure-e2e-ctst.sh +++ b/.github/scripts/end2end/configure-e2e-ctst.sh @@ -3,6 +3,9 @@ set -exu DIR=$(dirname "$0") +# Set up ingress endpoints and /etc/hosts for out-of-cluster access +source "$DIR/configure-e2e-endpoints.sh" + # Get kafka image name and tag kafka_image() { source <( "$DIR"/../../../solution/kafka_build_vars.sh ) @@ -76,9 +79,6 @@ UUID=$(kubectl get secret -l app.kubernetes.io/name=backbeat-config,app.kubernet UUID=${UUID%.*} UUID=${UUID:1} -echo "127.0.0.1 iam.zenko.local s3-local-file.zenko.local keycloak.zenko.local \ - sts.zenko.local management.zenko.local s3.zenko.local website.mywebsite.com utilization.zenko.local" | sudo tee -a /etc/hosts - # Add bucket notification target envsubst < ./configs/notification_destinations.yaml | kubectl apply -f - # Wait for service stabilization diff --git a/.github/scripts/end2end/configure-e2e-endpoints.sh b/.github/scripts/end2end/configure-e2e-endpoints.sh new file mode 100755 index 0000000000..8f6a8cd6bc --- /dev/null +++ b/.github/scripts/end2end/configure-e2e-endpoints.sh @@ -0,0 +1,139 @@ +#!/bin/bash + +# Only set strict mode when executed directly, not when sourced +if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then + set -eu +fi + +ZENKO_NAME="${ZENKO_NAME:-end2end}" +NAMESPACE="${NAMESPACE:-default}" + +# --- Create missing Ingress resources --- + +apply_ingress() { + local name="$1" + local host="$2" + local service="$3" + + # Skip if an ingress already serves this host (e.g., from a prior Zenko instance in PRA) + if kubectl get ingress -A -o jsonpath='{.items[*].spec.rules[*].host}' | grep -qw "${host}"; then + echo "Ingress for ${host} already exists, skipping" + return + fi + + kubectl apply -f - </dev/null; then + kubectl apply -f - </dev/null; then + kubectl wait --for=jsonpath='{.status.loadBalancer.ingress}' \ + ingress/${ZENKO_NAME}-backbeat-api-ingress \ + ingress/${ZENKO_NAME}-vault-auth-api-ingress \ + --timeout=60s 2>/dev/null || true +fi + +if kubectl get ingress s3c-ingress -n metadata &>/dev/null; then + kubectl wait --for=jsonpath='{.status.loadBalancer.ingress}' \ + ingress/s3c-ingress -n metadata \ + --timeout=60s 2>/dev/null || true +fi + +# --- /etc/hosts setup --- + +ZENKO_HOSTS="\ + s3.zenko.local \ + iam.zenko.local \ + sts.zenko.local \ + management.zenko.local \ + keycloak.zenko.local \ + utilization.zenko.local \ + backbeat-api.zenko.local \ + vault-auth.zenko.local \ + aws-mock.zenko.local \ + azure-mock.zenko.local \ + devstoreaccount1.blob.azure-mock.zenko.local \ + devstoreaccount1.queue.azure-mock.zenko.local \ + s3c.local \ + s3-local-file.zenko.local \ + website.mywebsite.com" + +if ! grep -q "backbeat-api.zenko.local" /etc/hosts 2>/dev/null; then + echo "127.0.0.1 ${ZENKO_HOSTS}" | sudo tee -a /etc/hosts +fi + +# --- Export endpoint variables --- +# These use the ingress hostnames, reachable from outside the cluster. + +export CLOUDSERVER_HOST="s3.zenko.local" +export CLOUDSERVER_ENDPOINT="http://s3.zenko.local" +export BACKBEAT_API_ENDPOINT="http://backbeat-api.zenko.local" +export VAULT_ENDPOINT="http://iam.zenko.local" +export VAULT_STS_ENDPOINT="http://sts.zenko.local" +export VAULT_AUTH_HOST="vault-auth.zenko.local" + +echo "=== Endpoints configured for out-of-cluster access ===" +echo " S3: ${CLOUDSERVER_ENDPOINT}" +echo " Backbeat API: ${BACKBEAT_API_ENDPOINT}" +echo " Vault IAM: ${VAULT_ENDPOINT}" +echo " Vault STS: ${VAULT_STS_ENDPOINT}" +echo " Vault Auth: http://${VAULT_AUTH_HOST}" diff --git a/.github/scripts/end2end/configure-e2e.sh b/.github/scripts/end2end/configure-e2e.sh index 04229d568c..efdc84c5a0 100755 --- a/.github/scripts/end2end/configure-e2e.sh +++ b/.github/scripts/end2end/configure-e2e.sh @@ -6,49 +6,26 @@ DIR=$(dirname "${0}") . "$DIR"/common.sh ZENKO_NAME=${1:-end2end} -E2E_IMAGE=${2:-ghcr.io/scality/zenko/zenko-e2e:latest} -NAMESPACE=${3:-default} - -SERVICE_ACCOUNT="${ZENKO_NAME}-config" -POD_NAME="${ZENKO_NAME}-config" -MANAGEMENT_ENDPOINT="http://${ZENKO_NAME}-management-orbit-api:5001" -IAM_ENDPOINT="http://${ZENKO_NAME}-management-vault-iam-admin-api" -STS_ENDPOINT="http://${ZENKO_NAME}-connector-vault-sts-api" +NAMESPACE=${2:-default} + +. "$DIR/configure-e2e-endpoints.sh" + +MANAGEMENT_HOST=$(kubectl get ingress -n "${NAMESPACE}" -l "app.kubernetes.io/instance=${ZENKO_NAME}" \ + -o jsonpath='{.items[*].spec.rules[*].host}' | tr ' ' '\n' | grep '^management') +IAM_HOST=$(kubectl get ingress -n "${NAMESPACE}" -l "app.kubernetes.io/instance=${ZENKO_NAME}" \ + -o jsonpath='{.items[*].spec.rules[*].host}' | tr ' ' '\n' | grep '^iam') +STS_HOST=$(kubectl get ingress -n "${NAMESPACE}" -l "app.kubernetes.io/instance=${ZENKO_NAME}" \ + -o jsonpath='{.items[*].spec.rules[*].host}' | tr ' ' '\n' | grep '^sts') +MANAGEMENT_ENDPOINT="http://${MANAGEMENT_HOST}" +IAM_ENDPOINT="http://${IAM_HOST}" +STS_ENDPOINT="http://${STS_HOST}" + +if ! grep -q "${MANAGEMENT_HOST}" /etc/hosts 2>/dev/null; then + echo "127.0.0.1 ${MANAGEMENT_HOST} ${IAM_HOST} ${STS_HOST}" | sudo tee -a /etc/hosts +fi UUID=$(kubectl get zenko ${ZENKO_NAME} --namespace ${NAMESPACE} -o jsonpath='{.status.instanceID}') TOKEN=$(get_token) -cat < e2e-config.yaml + +RING_S3C_ENDPOINT_LOCAL="${RING_S3C_ENDPOINT}" +if kubectl get namespace metadata &>/dev/null; then + RING_S3C_ENDPOINT_LOCAL="http://s3c.local" +fi + +TOKEN=${TOKEN} \ +UUID=${UUID} \ +MANAGEMENT_ENDPOINT=${MANAGEMENT_ENDPOINT} \ +IAM_ENDPOINT=${IAM_ENDPOINT} \ +STS_ENDPOINT=${STS_ENDPOINT} \ +NAMESPACE=${NAMESPACE} \ +VERIFY_CERTIFICATES=false \ +ENABLE_RING_TESTS=${ENABLE_RING_TESTS} \ +RING_S3C_ACCESS_KEY=${RING_S3C_ACCESS_KEY} \ +RING_S3C_SECRET_KEY=${RING_S3C_SECRET_KEY} \ +RING_S3C_ENDPOINT=${RING_S3C_ENDPOINT_LOCAL} \ +RING_S3C_BACKEND_SOURCE_LOCATION=${RING_S3C_BACKEND_SOURCE_LOCATION} \ +RING_S3C_INGESTION_SRC_BUCKET_NAME=${RING_S3C_INGESTION_SRC_BUCKET_NAME} \ +RING_S3C_BACKEND_SOURCE_NON_VERSIONED_LOCATION=${RING_S3C_BACKEND_SOURCE_NON_VERSIONED_LOCATION} \ +RING_S3C_INGESTION_SRC_NON_VERSIONED_BUCKET_NAME=${RING_S3C_INGESTION_SRC_NON_VERSIONED_BUCKET_NAME} \ +RING_S3C_INGESTION_NON_VERSIONED_OBJECT_COUNT_PER_TYPE=${RING_S3C_INGESTION_NON_VERSIONED_OBJECT_COUNT_PER_TYPE} \ +AWS_ACCESS_KEY=${AWS_ACCESS_KEY} \ +AWS_SECRET_KEY=${AWS_SECRET_KEY} \ +AWS_ENDPOINT=${AWS_ENDPOINT} \ +AWS_FAIL_BUCKET_NAME=${AWS_FAIL_BUCKET_NAME} \ +AWS_REPLICATION_FAIL_CTST_BUCKET_NAME=${AWS_REPLICATION_FAIL_CTST_BUCKET_NAME} \ +AZURE_BACKEND_DESTINATION_LOCATION=${AZURE_BACKEND_DESTINATION_LOCATION} \ +AZURE_BACKEND_ENDPOINT=${AZURE_BACKEND_ENDPOINT} \ +AZURE_BACKEND_QUEUE_ENDPOINT=${AZURE_BACKEND_QUEUE_ENDPOINT} \ +AZURE_ACCOUNT_NAME=${AZURE_ACCOUNT_NAME} \ +AZURE_SECRET_KEY=${AZURE_SECRET_KEY} \ +AZURE_CRR_BUCKET_NAME=${AZURE_CRR_BUCKET_NAME} \ +AZURE_ARCHIVE_BUCKET_NAME=${AZURE_ARCHIVE_BUCKET_NAME} \ +AZURE_ARCHIVE_BUCKET_NAME_2=${AZURE_ARCHIVE_BUCKET_NAME_2} \ +AZURE_ARCHIVE_QUEUE_NAME=${AZURE_ARCHIVE_QUEUE_NAME} \ +CRR_SOURCE_LOCATION_NAME=${CRR_SOURCE_LOCATION_NAME} \ +CRR_DESTINATION_LOCATION_NAME=${CRR_DESTINATION_LOCATION_NAME} \ +CRR_SOURCE_ACCOUNT_NAME=${CRR_SOURCE_ACCOUNT_NAME} \ +CRR_DESTINATION_ACCOUNT_NAME=${CRR_DESTINATION_ACCOUNT_NAME} \ +CRR_ROLE_NAME=${CRR_ROLE_NAME} \ +DEPLOY_CRR_LOCATIONS=${DEPLOY_CRR_LOCATIONS} \ +python3 configuration.py ## wait for updates to trigger zenko upgrades sleep 10 diff --git a/.github/scripts/end2end/run-e2e-test.sh b/.github/scripts/end2end/run-e2e-test.sh deleted file mode 100755 index 1ca275a22c..0000000000 --- a/.github/scripts/end2end/run-e2e-test.sh +++ /dev/null @@ -1,206 +0,0 @@ -#!/usr/bin/env bash - -set -exu - -DIR=$(dirname $0) - -. "$DIR/common.sh" - -ZENKO_NAME=${1:-end2end} -E2E_IMAGE=${2:-ghcr.io/scality/zenko/zenko-e2e:latest} -STAGE=${3:-end2end} -NAMESPACE=${4:-default} - -BACKBEAT_BUCKET_CHECK_TIMEOUT_S=${BACKBEAT_BUCKET_CHECK_TIMEOUT_S:-10} - -POD_NAME="${ZENKO_NAME}-${STAGE//_/-}-test" -TOKEN=$(get_token) - -CLOUDSERVER_SECRET="$(kubectl get secret -l app.kubernetes.io/name=connector-cloudserver-config,app.kubernetes.io/instance=end2end \ - -o jsonpath="{.items[0].data.config\.json}" | base64 -di)" - -# set environment vars -MONGO_DATABASE=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.database') -MONGO_READ_PREFERENCE=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.readPreference') -MONGO_REPLICA_SET_HOSTS=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.replicaSetHosts') -MONGO_SHARD_COLLECTION=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.shardCollections') -MONGO_WRITE_CONCERN=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.writeConcern') -MONGO_AUTH_USERNAME=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.authCredentials.username') -MONGO_AUTH_PASSWORD=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.authCredentials.password') -CLOUDSERVER_HOST="${ZENKO_NAME}-connector-s3api.default.svc.cluster.local" -CLOUDSERVER_ENDPOINT="http://${CLOUDSERVER_HOST}:80" -BACKBEAT_API_ENDPOINT="http://${ZENKO_NAME}-management-backbeat-api.default.svc.cluster.local:80" -VAULT_ENDPOINT="http://${ZENKO_NAME}-management-vault-iam-admin-api:80" -VAULT_STS_ENDPOINT="http://${ZENKO_NAME}-connector-vault-sts-api:80" -ADMIN_ACCESS_KEY_ID=$(kubectl get secret end2end-management-vault-admin-creds.v1 -o jsonpath='{.data.accessKey}' | base64 -d) -ADMIN_SECRET_ACCESS_KEY=$(kubectl get secret end2end-management-vault-admin-creds.v1 -o jsonpath='{.data.secretKey}' | base64 -d) -ZENKO_ACCESS_KEY=$(kubectl get secret end2end-account-zenko -o jsonpath='{.data.AccessKeyId}' | base64 -d) -ZENKO_SECRET_KEY=$(kubectl get secret end2end-account-zenko -o jsonpath='{.data.SecretAccessKey}' | base64 -d) -ZENKO_SESSION_TOKEN=$(kubectl get secret end2end-account-zenko -o jsonpath='{.data.SessionToken}' | base64 -d) -SOURCE_ACCESS_KEY=$(kubectl get secret "end2end-account-${CRR_SOURCE_ACCOUNT_NAME}" -o jsonpath='{.data.AccessKeyId}' | base64 -d) -SOURCE_SECRET_KEY=$(kubectl get secret "end2end-account-${CRR_SOURCE_ACCOUNT_NAME}" -o jsonpath='{.data.SecretAccessKey}' | base64 -d) -SOURCE_SESSION_TOKEN=$(kubectl get secret "end2end-account-${CRR_SOURCE_ACCOUNT_NAME}" -o jsonpath='{.data.SessionToken}' | base64 -d) -SOURCE_ACCOUNT_ID=$(kubectl get secret "end2end-account-${CRR_SOURCE_ACCOUNT_NAME}" -o jsonpath='{.data.AccountId}' | base64 -d) -CRR_SOURCE_INFO="{\"AccessKeyId\":\"${SOURCE_ACCESS_KEY}\",\"SecretAccessKey\":\"${SOURCE_SECRET_KEY}\",\"SessionToken\":\"${SOURCE_SESSION_TOKEN}\",\"AccountId\":\"${SOURCE_ACCOUNT_ID}\"}" -DESTINATION_ACCESS_KEY=$(kubectl get secret "end2end-account-${CRR_DESTINATION_ACCOUNT_NAME}" -o jsonpath='{.data.AccessKeyId}' | base64 -d) -DESTINATION_SECRET_KEY=$(kubectl get secret "end2end-account-${CRR_DESTINATION_ACCOUNT_NAME}" -o jsonpath='{.data.SecretAccessKey}' | base64 -d) -DESTINATION_SESSION_TOKEN=$(kubectl get secret "end2end-account-${CRR_DESTINATION_ACCOUNT_NAME}" -o jsonpath='{.data.SessionToken}' | base64 -d) -DESTINATION_ACCOUNT_ID=$(kubectl get secret "end2end-account-${CRR_DESTINATION_ACCOUNT_NAME}" -o jsonpath='{.data.AccountId}' | base64 -d) -CRR_DESTINATION_INFO="{\"AccessKeyId\":\"${DESTINATION_ACCESS_KEY}\",\"SecretAccessKey\":\"${DESTINATION_SECRET_KEY}\",\"SessionToken\":\"${DESTINATION_SESSION_TOKEN}\",\"AccountId\":\"${DESTINATION_ACCOUNT_ID}\"}" -KEYCLOAK_TEST_USER="${OIDC_USERNAME}-norights" -KEYCLOAK_TEST_PASSWORD=${OIDC_PASSWORD} -KEYCLOAK_TEST_HOST=${OIDC_ENDPOINT} -KEYCLOAK_TEST_PORT="80" -KEYCLOAK_TEST_REALM_NAME=${OIDC_REALM} -KEYCLOAK_TEST_CLIENT_ID=${OIDC_CLIENT_ID} -KEYCLOAK_TEST_GRANT_TYPE="password" -MOCHA_FILE=${MOCHA_FILE:-} - -run_e2e_test() { - kubectl run ${1} ${POD_NAME} \ - --pod-running-timeout=5m \ - --image ${E2E_IMAGE} \ - --restart=Never \ - --rm \ - --attach=True \ - --namespace=${NAMESPACE} \ - --image-pull-policy=Always \ - --env=CLOUDSERVER_HOST=${CLOUDSERVER_HOST} \ - --env=CLOUDSERVER_ENDPOINT=${CLOUDSERVER_ENDPOINT} \ - --env=ZENKO_ACCESS_KEY=${ZENKO_ACCESS_KEY} \ - --env=ZENKO_SECRET_KEY=${ZENKO_SECRET_KEY} \ - --env=ZENKO_SESSION_TOKEN=${ZENKO_SESSION_TOKEN} \ - --env=ADMIN_ACCESS_KEY_ID=${ADMIN_ACCESS_KEY_ID} \ - --env=ADMIN_SECRET_ACCESS_KEY=${ADMIN_SECRET_ACCESS_KEY} \ - --env=VAULT_ENDPOINT=${VAULT_ENDPOINT} \ - --env=VAULT_STS_ENDPOINT=${VAULT_STS_ENDPOINT} \ - --env=TOKEN=${TOKEN} \ - --env=STAGE=${STAGE} \ - --env=AWS_BACKEND_SOURCE_LOCATION=${AWS_BACKEND_SOURCE_LOCATION} \ - --env=AWS_BACKEND_DESTINATION_LOCATION=${AWS_BACKEND_DESTINATION_LOCATION} \ - --env=AWS_S3_FAIL_BACKEND_DESTINATION_LOCATION=${AWS_BACKEND_DESTINATION_FAIL_LOCATION} \ - --env=GCP_BACKEND_DESTINATION_LOCATION=${GCP_BACKEND_DESTINATION_LOCATION:-} \ - --env=AZURE_BACKEND_DESTINATION_LOCATION=${AZURE_BACKEND_DESTINATION_LOCATION} \ - --env=COLD_BACKEND_DESTINATION_LOCATION=${COLD_BACKEND_DESTINATION_LOCATION} \ - --env=AZURE_ARCHIVE_BACKEND_DESTINATION_LOCATION=${AZURE_ARCHIVE_BACKEND_DESTINATION_LOCATION} \ - --env=MIRIA_BACKEND_DESTINATION_LOCATION=${MIRIA_BACKEND_DESTINATION_LOCATION} \ - --env=LOCATION_QUOTA_BACKEND=${LOCATION_QUOTA_BACKEND} \ - --env=AWS_BUCKET_NAME=${AWS_BUCKET_NAME} \ - --env=AWS_CRR_BUCKET_NAME=${AWS_CRR_BUCKET_NAME} \ - --env=AWS_S3_FAIL_BACKBEAT_BUCKET_NAME=${AWS_FAIL_BUCKET_NAME} \ - --env=AZURE_CRR_BUCKET_NAME=${AZURE_CRR_BUCKET_NAME} \ - --env=AZURE_ARCHIVE_BUCKET_NAME=${AZURE_ARCHIVE_BUCKET_NAME} \ - --env=GCP_CRR_BUCKET_NAME=${GCP_CRR_BUCKET_NAME} \ - --env=GCP_CRR_MPU_BUCKET_NAME=${GCP_CRR_MPU_BUCKET_NAME} \ - --env=GCP_ACCESS_KEY=${GCP_ACCESS_KEY} \ - --env=GCP_SECRET_KEY=${GCP_SECRET_KEY} \ - --env=GCP_BACKEND_SERVICE_KEY="${GCP_BACKEND_SERVICE_KEY}" \ - --env=GCP_BACKEND_SERVICE_EMAIL=${GCP_BACKEND_SERVICE_EMAIL} \ - --env=AZURE_ACCOUNT_NAME=${AZURE_ACCOUNT_NAME} \ - --env=AZURE_BACKEND_ENDPOINT=${AZURE_BACKEND_ENDPOINT} \ - --env=AZURE_SECRET_KEY=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw== \ - --env=AWS_ENDPOINT=${AWS_ENDPOINT} \ - --env=AWS_ACCESS_KEY=accessKey1 \ - --env=AWS_SECRET_KEY=verySecretKey1 \ - --env=VERIFY_CERTIFICATES=false \ - --env=ENABLE_RING_TESTS=${ENABLE_RING_TESTS} \ - --env=RING_S3C_ACCESS_KEY=${RING_S3C_ACCESS_KEY} \ - --env=RING_S3C_SECRET_KEY=${RING_S3C_SECRET_KEY} \ - --env=RING_S3C_ENDPOINT=${RING_S3C_ENDPOINT} \ - --env=RING_S3C_BACKEND_SOURCE_LOCATION=${RING_S3C_BACKEND_SOURCE_LOCATION} \ - --env=RING_S3C_INGESTION_SRC_BUCKET_NAME=${RING_S3C_INGESTION_SRC_BUCKET_NAME} \ - --env=RING_S3C_BACKEND_SOURCE_NON_VERSIONED_LOCATION=${RING_S3C_BACKEND_SOURCE_NON_VERSIONED_LOCATION} \ - --env=RING_S3C_INGESTION_SRC_NON_VERSIONED_BUCKET_NAME=${RING_S3C_INGESTION_SRC_NON_VERSIONED_BUCKET_NAME} \ - --env=RING_S3C_INGESTION_NON_VERSIONED_OBJECT_COUNT_PER_TYPE=${RING_S3C_INGESTION_NON_VERSIONED_OBJECT_COUNT_PER_TYPE} \ - --env=KEYCLOAK_TEST_USER=${KEYCLOAK_TEST_USER} \ - --env=KEYCLOAK_TEST_PASSWORD=${KEYCLOAK_TEST_PASSWORD} \ - --env=KEYCLOAK_TEST_HOST=${KEYCLOAK_TEST_HOST} \ - --env=KEYCLOAK_TEST_PORT=${KEYCLOAK_TEST_PORT} \ - --env=KEYCLOAK_TEST_REALM_NAME=${KEYCLOAK_TEST_REALM_NAME} \ - --env=KEYCLOAK_TEST_CLIENT_ID=${KEYCLOAK_TEST_CLIENT_ID} \ - --env=KEYCLOAK_TEST_GRANT_TYPE=${KEYCLOAK_TEST_GRANT_TYPE} \ - --env=BACKBEAT_BUCKET_CHECK_TIMEOUT_S=${BACKBEAT_BUCKET_CHECK_TIMEOUT_S} \ - --env=MONGO_DATABASE=${MONGO_DATABASE} \ - --env=MONGO_READ_PREFERENCE=${MONGO_READ_PREFERENCE} \ - --env=MONGO_REPLICA_SET_HOSTS=${MONGO_REPLICA_SET_HOSTS} \ - --env=MONGO_SHARD_COLLECTION=${MONGO_SHARD_COLLECTION} \ - --env=MONGO_WRITE_CONCERN=${MONGO_WRITE_CONCERN} \ - --env=MONGO_AUTH_USERNAME=${MONGO_AUTH_USERNAME} \ - --env=MONGO_AUTH_PASSWORD=${MONGO_AUTH_PASSWORD} \ - --env=CRR_SOURCE_LOCATION_NAME=${CRR_SOURCE_LOCATION_NAME} \ - --env=CRR_SOURCE_INFO=${CRR_SOURCE_INFO} \ - --env=CRR_DESTINATION_LOCATION_NAME=${CRR_DESTINATION_LOCATION_NAME} \ - --env=CRR_DESTINATION_INFO=${CRR_DESTINATION_INFO} \ - --env=CRR_ROLE_NAME=${CRR_ROLE_NAME} \ - --env=MOCHA_FILE=${MOCHA_FILE} \ - --override-type strategic \ - --overrides=' -{ - "apiVersion": "v1", - "kind": "Pod", - "spec": { - "containers": [ - { - "name": "'$POD_NAME'", - "env": [ - { - "name": "NODE_EXTRA_CA_CERTS", - "value": "/etc/ssl/certs/ca-cert.pem" - } - ], - "volumeMounts": [ - { - "name": "reports", - "mountPath": "/reports" - }, - { - "name": "ca-cert", - "mountPath": "/etc/ssl/certs", - "readOnly": true - } - ] - } - ], - "volumes": [ - { - "name": "reports", - "hostPath": { - "path": "/data/reports", - "type": "DirectoryOrCreate" - } - }, - { - "name": "ca-cert", - "secret": { - "secretName": "zenko-root-ca", - "items": [ - { - "key": "ca.crt", - "path": "ca-cert.pem" - } - ] - } - } - ] - } -}' -- sh -c "${2}" - -} - -## TODO use existing entrypoint -if [ "$STAGE" = "end2end" ]; then - run_e2e_test '' 'cd node_tests && yarn run test_operator' -elif [ "$STAGE" = "debug" ]; then - run_e2e_test '-ti' 'bash' -elif [ "$STAGE" = "smoke" ]; then - run_e2e_test '' 'cd node_tests && yarn run test_smoke' -elif [ "$STAGE" = "backbeat" ]; then - ## TODO: use node js to create and remove buckets - run_e2e_test '' 'cd node_tests && ./gcp_shim.sh && yarn run test_all_extensions && cd .. && python3 cleans3c.py' -elif [ "$STAGE" = "iam-policies" ]; then - run_e2e_test '' 'cd node_tests && yarn run test_iam_policies' -elif [ "$STAGE" = "object-api" ]; then - run_e2e_test '' 'cd node_tests && yarn run test_object_api' -elif [ "$STAGE" = "lint" ]; then - run_e2e_test '' 'cd node_tests && yarn run lint' -fi diff --git a/.github/scripts/end2end/setup-e2e-env.sh b/.github/scripts/end2end/setup-e2e-env.sh new file mode 100755 index 0000000000..e54dde7739 --- /dev/null +++ b/.github/scripts/end2end/setup-e2e-env.sh @@ -0,0 +1,178 @@ +#!/usr/bin/env bash +# setup-e2e-env.sh + +# Resolve script dir (works whether sourced or executed) +_SETUP_DIR="$(cd "$(dirname "${BASH_SOURCE[0]:-$0}")" && pwd)" + +. "$_SETUP_DIR/common.sh" + +ZENKO_NAME="${ZENKO_NAME:-end2end}" +NAMESPACE="${NAMESPACE:-default}" + +# --- 1. Ingress endpoints + /etc/hosts --- +source "$_SETUP_DIR/configure-e2e-endpoints.sh" + +# --- 2. Keycloak / OIDC token --- +export BACKBEAT_BUCKET_CHECK_TIMEOUT_S=${BACKBEAT_BUCKET_CHECK_TIMEOUT_S:-10} +export TOKEN=$(get_token) + +# --- 3. Cloudserver config (for MongoDB) --- +CLOUDSERVER_SECRET="$(kubectl get secret \ + -l app.kubernetes.io/name=connector-cloudserver-config,app.kubernetes.io/instance=${ZENKO_NAME} \ + -o jsonpath="{.items[0].data.config\.json}" | base64 -di)" + +export MONGO_DATABASE=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.database') +export MONGO_READ_PREFERENCE=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.readPreference') +MONGO_REPLICA_SET_HOSTS_ORIG=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.replicaSetHosts') +export MONGO_SHARD_COLLECTION=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.shardCollections') +export MONGO_WRITE_CONCERN=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.writeConcern') +export MONGO_AUTH_USERNAME=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.authCredentials.username') +export MONGO_AUTH_PASSWORD=$(echo "${CLOUDSERVER_SECRET}" | jq -r '.mongodb.authCredentials.password') + +# --- 4. MongoDB port-forward (reuse existing if alive) --- +MONGO_FQDN=$(echo "${MONGO_REPLICA_SET_HOSTS_ORIG}" | cut -d: -f1) +MONGO_PORT=$(echo "${MONGO_REPLICA_SET_HOSTS_ORIG}" | cut -d: -f2) +MONGO_SVC=$(echo "${MONGO_FQDN}" | cut -d. -f1) +MONGO_NS=$(echo "${MONGO_FQDN}" | cut -d. -f2) + +# Only start port-forward if not already listening +if ! ss -tlnp 2>/dev/null | grep -q ":${MONGO_PORT}" && \ + ! lsof -i ":${MONGO_PORT}" &>/dev/null; then + kubectl port-forward -n "${MONGO_NS}" "svc/${MONGO_SVC}" "${MONGO_PORT}:${MONGO_PORT}" & + _MONGO_PF_PID=$! + if [ -z "${_SETUP_E2E_CLEANUP_SET:-}" ]; then + trap "kill ${_MONGO_PF_PID} 2>/dev/null || true" EXIT + export _SETUP_E2E_CLEANUP_SET=1 + fi + # Wait until the port is actually listening (poll every 200ms, fail after 10s) + timeout 10 bash -c "until ss -tlnp 2>/dev/null | grep -q ':${MONGO_PORT}'; do sleep 0.2; done" +fi +export MONGO_REPLICA_SET_HOSTS="localhost:${MONGO_PORT}" + +# --- 5. Credentials from K8s secrets --- +export ADMIN_ACCESS_KEY_ID=$(kubectl get secret ${ZENKO_NAME}-management-vault-admin-creds.v1 -o jsonpath='{.data.accessKey}' | base64 -d) +export ADMIN_SECRET_ACCESS_KEY=$(kubectl get secret ${ZENKO_NAME}-management-vault-admin-creds.v1 -o jsonpath='{.data.secretKey}' | base64 -d) +export ZENKO_ACCESS_KEY=$(kubectl get secret ${ZENKO_NAME}-account-zenko -o jsonpath='{.data.AccessKeyId}' | base64 -d) +export ZENKO_SECRET_KEY=$(kubectl get secret ${ZENKO_NAME}-account-zenko -o jsonpath='{.data.SecretAccessKey}' | base64 -d) +export ZENKO_SESSION_TOKEN=$(kubectl get secret ${ZENKO_NAME}-account-zenko -o jsonpath='{.data.SessionToken}' | base64 -d) + +# CRR account credentials +_src_secret="${ZENKO_NAME}-account-${CRR_SOURCE_ACCOUNT_NAME:-crr-source-account}" +_dst_secret="${ZENKO_NAME}-account-${CRR_DESTINATION_ACCOUNT_NAME:-crr-destination-account}" + +SOURCE_ACCESS_KEY=$(kubectl get secret "${_src_secret}" -o jsonpath='{.data.AccessKeyId}' | base64 -d) +SOURCE_SECRET_KEY=$(kubectl get secret "${_src_secret}" -o jsonpath='{.data.SecretAccessKey}' | base64 -d) +SOURCE_SESSION_TOKEN=$(kubectl get secret "${_src_secret}" -o jsonpath='{.data.SessionToken}' | base64 -d) +SOURCE_ACCOUNT_ID=$(kubectl get secret "${_src_secret}" -o jsonpath='{.data.AccountId}' | base64 -d) +export CRR_SOURCE_INFO="{\"AccessKeyId\":\"${SOURCE_ACCESS_KEY}\",\"SecretAccessKey\":\"${SOURCE_SECRET_KEY}\",\"SessionToken\":\"${SOURCE_SESSION_TOKEN}\",\"AccountId\":\"${SOURCE_ACCOUNT_ID}\"}" + +DESTINATION_ACCESS_KEY=$(kubectl get secret "${_dst_secret}" -o jsonpath='{.data.AccessKeyId}' | base64 -d) +DESTINATION_SECRET_KEY=$(kubectl get secret "${_dst_secret}" -o jsonpath='{.data.SecretAccessKey}' | base64 -d) +DESTINATION_SESSION_TOKEN=$(kubectl get secret "${_dst_secret}" -o jsonpath='{.data.SessionToken}' | base64 -d) +DESTINATION_ACCOUNT_ID=$(kubectl get secret "${_dst_secret}" -o jsonpath='{.data.AccountId}' | base64 -d) +export CRR_DESTINATION_INFO="{\"AccessKeyId\":\"${DESTINATION_ACCESS_KEY}\",\"SecretAccessKey\":\"${DESTINATION_SECRET_KEY}\",\"SessionToken\":\"${DESTINATION_SESSION_TOKEN}\",\"AccountId\":\"${DESTINATION_ACCOUNT_ID}\"}" + +# --- 6. Keycloak test user --- +export KEYCLOAK_TEST_USER="${OIDC_USERNAME}-norights" +export KEYCLOAK_TEST_PASSWORD=${OIDC_PASSWORD} +export KEYCLOAK_TEST_HOST=${OIDC_ENDPOINT} +export KEYCLOAK_TEST_PORT="80" +export KEYCLOAK_TEST_REALM_NAME=${OIDC_REALM} +export KEYCLOAK_TEST_CLIENT_ID=${OIDC_CLIENT_ID} +export KEYCLOAK_TEST_GRANT_TYPE="password" + +# --- 7. Test backend env vars --- +export AWS_BACKEND_SOURCE_LOCATION AWS_BACKEND_DESTINATION_LOCATION +export AWS_BACKEND_DESTINATION_FAIL_LOCATION +export GCP_BACKEND_DESTINATION_LOCATION +export AZURE_BACKEND_DESTINATION_LOCATION +export COLD_BACKEND_DESTINATION_LOCATION +export AZURE_ARCHIVE_BACKEND_DESTINATION_LOCATION +export MIRIA_BACKEND_DESTINATION_LOCATION +export LOCATION_QUOTA_BACKEND +export AWS_BUCKET_NAME AWS_CRR_BUCKET_NAME AWS_FAIL_BUCKET_NAME +export AZURE_CRR_BUCKET_NAME AZURE_ARCHIVE_BUCKET_NAME +export GCP_CRR_BUCKET_NAME GCP_CRR_MPU_BUCKET_NAME +export GCP_ACCESS_KEY GCP_SECRET_KEY GCP_BACKEND_SERVICE_KEY GCP_BACKEND_SERVICE_EMAIL +export AZURE_ACCOUNT_NAME AZURE_BACKEND_ENDPOINT +export AZURE_SECRET_KEY=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw== +export AWS_ENDPOINT +export AWS_ACCESS_KEY=accessKey1 +export AWS_SECRET_KEY=verySecretKey1 +export VERIFY_CERTIFICATES=false +export ENABLE_RING_TESTS +export RING_S3C_ACCESS_KEY RING_S3C_SECRET_KEY RING_S3C_ENDPOINT +export RING_S3C_BACKEND_SOURCE_LOCATION RING_S3C_INGESTION_SRC_BUCKET_NAME +export RING_S3C_BACKEND_SOURCE_NON_VERSIONED_LOCATION +export RING_S3C_INGESTION_SRC_NON_VERSIONED_BUCKET_NAME +export RING_S3C_INGESTION_NON_VERSIONED_OBJECT_COUNT_PER_TYPE +export CRR_SOURCE_LOCATION_NAME CRR_DESTINATION_LOCATION_NAME CRR_ROLE_NAME +export MOCHA_FILE=${MOCHA_FILE:-} + +# --- 8. TLS CA cert for ingress endpoints --- +ZENKO_CA_CERT_FILE="$(mktemp /tmp/zenko-ca-cert-XXXXXX.pem)" +kubectl get secret zenko-root-ca -o jsonpath='{.data.ca\.crt}' | base64 -d > "${ZENKO_CA_CERT_FILE}" +export NODE_EXTRA_CA_CERTS="${ZENKO_CA_CERT_FILE}" + +# --- 9. Override Ring S3C endpoint for out-of-cluster access --- +if kubectl get namespace metadata &>/dev/null; then + export RING_S3C_ENDPOINT="http://s3c.local" +fi + +# --- 10. Install node dependencies --- +NODE_TESTS_DIR="$(cd "$_SETUP_DIR/../../../tests/zenko_tests/node_tests" && pwd)" +cd "$NODE_TESTS_DIR" +yarn install --frozen-lockfile + +# --- 11. Persist exports for subsequent CI steps --- +if [ -n "${GITHUB_ENV:-}" ]; then # Don't do it for Codespace + echo "TOKEN=$TOKEN" >> "$GITHUB_ENV" + echo "BACKBEAT_BUCKET_CHECK_TIMEOUT_S=$BACKBEAT_BUCKET_CHECK_TIMEOUT_S" >> "$GITHUB_ENV" + echo "MONGO_DATABASE=$MONGO_DATABASE" >> "$GITHUB_ENV" + echo "MONGO_READ_PREFERENCE=$MONGO_READ_PREFERENCE" >> "$GITHUB_ENV" + echo "MONGO_REPLICA_SET_HOSTS=$MONGO_REPLICA_SET_HOSTS" >> "$GITHUB_ENV" + echo "MONGO_SHARD_COLLECTION=$MONGO_SHARD_COLLECTION" >> "$GITHUB_ENV" + echo "MONGO_WRITE_CONCERN=$MONGO_WRITE_CONCERN" >> "$GITHUB_ENV" + echo "MONGO_AUTH_USERNAME=$MONGO_AUTH_USERNAME" >> "$GITHUB_ENV" + echo "MONGO_AUTH_PASSWORD=$MONGO_AUTH_PASSWORD" >> "$GITHUB_ENV" + echo "ADMIN_ACCESS_KEY_ID=$ADMIN_ACCESS_KEY_ID" >> "$GITHUB_ENV" + echo "ADMIN_SECRET_ACCESS_KEY=$ADMIN_SECRET_ACCESS_KEY" >> "$GITHUB_ENV" + echo "ZENKO_ACCESS_KEY=$ZENKO_ACCESS_KEY" >> "$GITHUB_ENV" + echo "ZENKO_SECRET_KEY=$ZENKO_SECRET_KEY" >> "$GITHUB_ENV" + echo "ZENKO_SESSION_TOKEN=$ZENKO_SESSION_TOKEN" >> "$GITHUB_ENV" + echo "KEYCLOAK_TEST_USER=$KEYCLOAK_TEST_USER" >> "$GITHUB_ENV" + echo "KEYCLOAK_TEST_PASSWORD=$KEYCLOAK_TEST_PASSWORD" >> "$GITHUB_ENV" + echo "KEYCLOAK_TEST_HOST=$KEYCLOAK_TEST_HOST" >> "$GITHUB_ENV" + echo "KEYCLOAK_TEST_PORT=$KEYCLOAK_TEST_PORT" >> "$GITHUB_ENV" + echo "KEYCLOAK_TEST_REALM_NAME=$KEYCLOAK_TEST_REALM_NAME" >> "$GITHUB_ENV" + echo "KEYCLOAK_TEST_CLIENT_ID=$KEYCLOAK_TEST_CLIENT_ID" >> "$GITHUB_ENV" + echo "KEYCLOAK_TEST_GRANT_TYPE=$KEYCLOAK_TEST_GRANT_TYPE" >> "$GITHUB_ENV" + echo "CLOUDSERVER_HOST=$CLOUDSERVER_HOST" >> "$GITHUB_ENV" + echo "CLOUDSERVER_ENDPOINT=$CLOUDSERVER_ENDPOINT" >> "$GITHUB_ENV" + echo "BACKBEAT_API_ENDPOINT=$BACKBEAT_API_ENDPOINT" >> "$GITHUB_ENV" + echo "VAULT_ENDPOINT=$VAULT_ENDPOINT" >> "$GITHUB_ENV" + echo "VAULT_STS_ENDPOINT=$VAULT_STS_ENDPOINT" >> "$GITHUB_ENV" + echo "VAULT_AUTH_HOST=$VAULT_AUTH_HOST" >> "$GITHUB_ENV" + echo "NODE_EXTRA_CA_CERTS=$NODE_EXTRA_CA_CERTS" >> "$GITHUB_ENV" + echo "MOCHA_FILE=$MOCHA_FILE" >> "$GITHUB_ENV" + echo "VERIFY_CERTIFICATES=$VERIFY_CERTIFICATES" >> "$GITHUB_ENV" + echo "ENABLE_RING_TESTS=$ENABLE_RING_TESTS" >> "$GITHUB_ENV" + echo "AWS_ACCESS_KEY=$AWS_ACCESS_KEY" >> "$GITHUB_ENV" + echo "AWS_SECRET_KEY=$AWS_SECRET_KEY" >> "$GITHUB_ENV" + echo "AWS_ENDPOINT=$AWS_ENDPOINT" >> "$GITHUB_ENV" + echo "AWS_FAIL_BUCKET_NAME=$AWS_FAIL_BUCKET_NAME" >> "$GITHUB_ENV" + echo "AZURE_ACCOUNT_NAME=$AZURE_ACCOUNT_NAME" >> "$GITHUB_ENV" + echo "AZURE_BACKEND_ENDPOINT=$AZURE_BACKEND_ENDPOINT" >> "$GITHUB_ENV" + echo "AZURE_SECRET_KEY=$AZURE_SECRET_KEY" >> "$GITHUB_ENV" + echo "AZURE_CRR_BUCKET_NAME=$AZURE_CRR_BUCKET_NAME" >> "$GITHUB_ENV" + echo "AZURE_ARCHIVE_BUCKET_NAME=$AZURE_ARCHIVE_BUCKET_NAME" >> "$GITHUB_ENV" + echo "RING_S3C_ACCESS_KEY=$RING_S3C_ACCESS_KEY" >> "$GITHUB_ENV" + echo "RING_S3C_SECRET_KEY=$RING_S3C_SECRET_KEY" >> "$GITHUB_ENV" + echo "RING_S3C_ENDPOINT=$RING_S3C_ENDPOINT" >> "$GITHUB_ENV" + echo "CRR_SOURCE_LOCATION_NAME=$CRR_SOURCE_LOCATION_NAME" >> "$GITHUB_ENV" + echo "CRR_DESTINATION_LOCATION_NAME=$CRR_DESTINATION_LOCATION_NAME" >> "$GITHUB_ENV" + echo "CRR_ROLE_NAME=$CRR_ROLE_NAME" >> "$GITHUB_ENV" + # JSON vars need the heredoc delimiter syntax (values contain '=') + printf 'CRR_SOURCE_INFO<> "$GITHUB_ENV" + printf 'CRR_DESTINATION_INFO<> "$GITHUB_ENV" +fi \ No newline at end of file diff --git a/.github/workflows/end2end.yaml b/.github/workflows/end2end.yaml index 74397a97b0..6515b0c797 100644 --- a/.github/workflows/end2end.yaml +++ b/.github/workflows/end2end.yaml @@ -29,7 +29,6 @@ env: BACKBEAT_BUCKET_CHECK_TIMEOUT_S: "" BACKBEAT_LCC_CRON_RULE: "" # e2e-env - E2E_IMAGE_NAME: ghcr.io/scality/zenko/zenko-e2e E2E_CTST_IMAGE_NAME: ghcr.io/scality/zenko/zenko-e2e-ctst E2E_IMAGE_TAG: ${{ github.sha }} VAULT_TEST_IMAGE_NAME: "" @@ -350,33 +349,22 @@ jobs: cache-from: type=gha,scope=kafka-connect-${{ env.KAFKA_CONNECT_TAG }} cache-to: type=gha,mode=max,scope=kafka-connect-${{ env.KAFKA_CONNECT_TAG }} - build-test-image: + lint-e2e-zenko-tests: runs-on: ubuntu-24.04 steps: - name: Checkout uses: actions/checkout@v6 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v4 - - name: Login to Registry - uses: docker/login-action@v4 - with: - username: "${{ github.repository_owner }}" - password: "${{ github.token }}" - registry: ghcr.io - - name: Generate end2end config yaml - run: |- - cd tests/zenko_tests - envsubst < 'e2e-config.yaml.template' > 'e2e-config.yaml' - cat e2e-config.yaml - echo 'Generated e2e-config.yaml file' - - name: Build and push CI image - uses: docker/build-push-action@v7 + - uses: actions/setup-node@v6 with: - push: true - context: ./tests/zenko_tests - tags: "${{ env.E2E_IMAGE_NAME }}:${{ env.E2E_IMAGE_TAG }}" - cache-from: type=gha,scope=end2end-test - cache-to: type=gha,mode=max,scope=end2end-test + node-version: '22' + cache: yarn + cache-dependency-path: tests/zenko_tests/node_tests/yarn.lock + - name: Install dependencies + working-directory: tests/zenko_tests/node_tests + run: yarn install --frozen-lockfile + - name: Lint e2e tests + working-directory: tests/zenko_tests/node_tests + run: yarn lint lint-and-build-ctst: runs-on: ubuntu-24.04 @@ -483,8 +471,6 @@ jobs: working-directory: ./.github/scripts/end2end - name: Deploy second Zenko for PRA run: bash deploy-zenko.sh end2end-pra default './configs/zenko.yaml' - env: - ZENKO_MONGODB_DATABASE: pradb working-directory: ./.github/scripts/end2end - name: Add Keycloak pra user and assign StorageManager role shell: bash @@ -494,7 +480,7 @@ jobs: OIDC_EMAIL: 'e2e-pra@zenko.local' working-directory: ./.github/scripts/end2end - name: Configure E2E PRA test environment - run: bash configure-e2e.sh end2end-pra ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} default + run: bash configure-e2e.sh end2end-pra default working-directory: ./.github/scripts/end2end env: OIDC_USERNAME: 'zenko-end2end-pra' @@ -518,7 +504,7 @@ jobs: if: always() end2end-2-shards-http: - needs: [build-kafka, build-test-image] + needs: [build-kafka] runs-on: - ubuntu-24.04-8core env: @@ -549,28 +535,30 @@ jobs: uses: ./.github/actions/deploy env: GIT_ACCESS_TOKEN: ${{ steps.app-token.outputs.token }} + - name: Set up e2e environment + run: source .github/scripts/end2end/setup-e2e-env.sh - name: Run init CI test - run: bash run-e2e-test.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "end2end" "default" - working-directory: ./.github/scripts/end2end + working-directory: tests/zenko_tests/node_tests + run: yarn run test_operator continue-on-error: true - name: Run iam policies tests - run: bash run-e2e-test.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "iam-policies" "default" - working-directory: ./.github/scripts/end2end + working-directory: tests/zenko_tests/node_tests + run: yarn run test_iam_policies continue-on-error: true - name: Run cloudserver tests - run: bash run-e2e-test.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "object-api" "default" - working-directory: ./.github/scripts/end2end + working-directory: tests/zenko_tests/node_tests + run: yarn run test_object_api continue-on-error: true - name: Run smoke tests - run: bash run-e2e-test.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "smoke" "default" - working-directory: ./.github/scripts/end2end + working-directory: tests/zenko_tests/node_tests + run: yarn run test_smoke continue-on-error: true - name: Enable HTTPS run: bash enable-https.sh working-directory: ./.github/scripts/end2end - - name: Run smoke tests - run: bash run-e2e-test.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "smoke" "default" - working-directory: ./.github/scripts/end2end + - name: Run smoke tests (HTTPS) + working-directory: tests/zenko_tests/node_tests + run: yarn run test_smoke continue-on-error: true - name: Debug wait uses: ./.github/actions/debug-wait @@ -585,7 +573,7 @@ jobs: if: always() end2end-sharded: - needs: [build-kafka, build-test-image] + needs: [build-kafka] runs-on: - ubuntu-24.04-8core env: @@ -619,9 +607,13 @@ jobs: GIT_ACCESS_TOKEN: ${{ steps.app-token.outputs.token }} with: deploy_metadata: ${{ env.ENABLE_RING_TESTS }} + - name: Set up e2e environment + run: source .github/scripts/end2end/setup-e2e-env.sh - name: Run backbeat end to end tests - run: bash run-e2e-test.sh "end2end" ${E2E_IMAGE_NAME}:${E2E_IMAGE_TAG} "backbeat" "default" - working-directory: ./.github/scripts/end2end + working-directory: tests/zenko_tests/node_tests + run: | + ./gcp_shim.sh + yarn run test_all_extensions continue-on-error: true - name: Debug wait uses: ./.github/actions/debug-wait @@ -699,7 +691,7 @@ jobs: - build-doc - build-iso - build-kafka - - build-test-image + - lint-e2e-zenko-tests - end2end-2-shards-http - end2end-sharded - end2end-pra diff --git a/tests/zenko_tests/Dockerfile b/tests/zenko_tests/Dockerfile deleted file mode 100644 index a2820634e9..0000000000 --- a/tests/zenko_tests/Dockerfile +++ /dev/null @@ -1,37 +0,0 @@ -FROM node:22.19.0-bookworm-slim - -ENV MOCHA_TAGS=not:flaky -ENV LANG=C.UTF-8 - -# Install dependencies -RUN apt-get update && apt-get install -y --no-install-recommends \ - ca-certificates \ - curl \ - git \ - python3 \ - python3-pip \ - python3-venv \ - build-essential \ - libffi-dev \ - musl-dev \ - libssl-dev \ - && rm -rf /var/lib/apt/lists/* \ - && apt-get clean \ - && mkdir -p /usr/local/bin/tests/node_tests - -ENV PATH=/opt/venv/bin:$PATH - -COPY ./node_tests/package.json ./node_tests/yarn.lock /usr/local/bin/tests/node_tests/ -COPY ./requirements.txt /tmp - -RUN python3 -m venv /opt/venv && \ - pip install --no-cache-dir -U pip setuptools wheel && \ - pip install --no-cache-dir -r /tmp/requirements.txt tox && \ - cd /usr/local/bin/tests/node_tests && \ - yarn cache clean && \ - yarn install --frozen-lockfile - -# Copy Tests -COPY . /usr/local/bin/tests/ - -WORKDIR /usr/local/bin/tests diff --git a/tests/zenko_tests/README.md b/tests/zenko_tests/README.md index 9223ea7868..2c493f2ac6 100644 --- a/tests/zenko_tests/README.md +++ b/tests/zenko_tests/README.md @@ -8,21 +8,15 @@ # How to run node tests locally in a Codespace ```bash -cd tests/zenko_tests/node_tests +# Set up the test environment (endpoints, credentials, mongo port-forward, TLS) +source .github/scripts/end2end/setup-e2e-env.sh -# Run a specific test with grep -./run-node-tests-locally.sh "should list objects in V2 format" "cloudserver/bucketGetV2" - -# Run all tests in a folder -./run-node-tests-locally.sh "" "cloudserver" - -# Build and use a custom image -docker build -t my-e2e:local ../ -./run-node-tests-locally.sh "should list objects" "cloudserver" my-e2e:local +# Run mocha directly (setup-e2e-env.sh already cd's to node_tests/) +yarn mocha --exit -t 10000 --recursive smoke_tests +yarn mocha --exit -t 10000 --grep "should list objects" --recursive cloudserver/bucketGetV2 +yarn mocha --exit -t 10000 --recursive cloudserver ``` -To switch images, delete the pod first: `kubectl delete pod node-tests-local` - # How to write iam policy e2e tests All iam policy controlled tests go under `node_tests/iam_policies`, diff --git a/tests/zenko_tests/e2e_config/accounts.py b/tests/zenko_tests/e2e_config/accounts.py index 08fd597b69..1266356cbb 100644 --- a/tests/zenko_tests/e2e_config/accounts.py +++ b/tests/zenko_tests/e2e_config/accounts.py @@ -25,7 +25,7 @@ def get_credentials(token, account_id): RoleArn="arn:aws:iam::%s:role/scality-internal/storage-manager-role" % (account_id), RoleSessionName='end2end', WebIdentityToken=token, - DurationSeconds=60 * 60 * 12, # 12 hrs + DurationSeconds=60 * 60 * 12, # 12 hrs (max allowed by STS for assume role) ) return res diff --git a/tests/zenko_tests/node_tests/package.json b/tests/zenko_tests/node_tests/package.json index 7e9cbb70f0..c6ba82bc4b 100644 --- a/tests/zenko_tests/node_tests/package.json +++ b/tests/zenko_tests/node_tests/package.json @@ -28,33 +28,32 @@ "mocha": "^10.0.0", "mocha-junit-reporter": "^2.2.1", "mocha-multi-reporters": "^1.1.7", - "mocha-tags": "^1.0.1", "request": "^2.87.0", "uuid": "^3.0.1", "vaultclient": "scality/vaultclient#b9452a526daf5627ecae9528c941375a208e79f3", "werelogs": "github:scality/werelogs" }, "scripts": { - "test_aws_crr": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_aws_crr backbeat/tests/crr/awsBackend.js", - "test_azure_crr": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_azure_crr backbeat/tests/crr/azureBackend.js", - "test_gcp_crr": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_gcp_crr backbeat/tests/crr/gcpBackend.js", - "test_one_to_many": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_one_to_many backbeat/tests/crr/oneToMany.js", - "test_crr": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_crr backbeat/tests/crr/crr.js", - "test_api": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_api --recursive backbeat/tests/api", - "test_retry": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_retry --recursive backbeat/tests/retry", - "test_crr_pause_resume": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_crr_pause_resume --recursive backbeat/tests/crr-pause-resume", - "test_expiration": "mocha --tags ${MOCHA_TAGS} --exit -t 900000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_expiration backbeat/tests/lifecycle/expiration.js", - "test_transition": "mocha --tags ${MOCHA_TAGS} --exit -t 900000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_transition backbeat/tests/lifecycle/transition.js", - "test_lifecycle": "mocha --tags ${MOCHA_TAGS} --exit -t 1800000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_lifecycle --recursive backbeat/tests/lifecycle", - "test_ingestion_oob_s3c": "mocha --tags ${MOCHA_TAGS} --exit -t 180000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_ingestion_oob_s3c --recursive backbeat/tests/ingestion", - "test_location_quota": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_location_quota --recursive cloudserver/locationQuota/tests", - "test_bucket_get_v2": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_bucket_get_v2 --recursive cloudserver/bucketGetV2/tests", - "test_bucket_policy": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_bucket_policy --recursive cloudserver/bucketPolicy/tests", - "test_operator": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_operator ./init_test.js", - "test_smoke": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_smoke --recursive smoke_tests", - "test_iam_policies": "mocha --tags ${MOCHA_TAGS} --exit -t 15000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_iam_policies --recursive iam_policies", + "test_aws_crr": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_aws_crr backbeat/tests/crr/awsBackend.js", + "test_azure_crr": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_azure_crr backbeat/tests/crr/azureBackend.js", + "test_gcp_crr": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_gcp_crr backbeat/tests/crr/gcpBackend.js", + "test_one_to_many": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_one_to_many backbeat/tests/crr/oneToMany.js", + "test_crr": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_crr backbeat/tests/crr/crr.js", + "test_api": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_api --recursive backbeat/tests/api", + "test_retry": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_retry --recursive backbeat/tests/retry", + "test_crr_pause_resume": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_crr_pause_resume --recursive backbeat/tests/crr-pause-resume", + "test_expiration": "mocha --exit -t 900000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_expiration backbeat/tests/lifecycle/expiration.js", + "test_transition": "mocha --exit -t 900000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_transition backbeat/tests/lifecycle/transition.js", + "test_lifecycle": "mocha --exit -t 1800000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_lifecycle --recursive backbeat/tests/lifecycle", + "test_ingestion_oob_s3c": "mocha --exit -t 180000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_ingestion_oob_s3c --recursive backbeat/tests/ingestion", + "test_location_quota": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_location_quota --recursive cloudserver/locationQuota/tests", + "test_bucket_get_v2": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_bucket_get_v2 --recursive cloudserver/bucketGetV2/tests", + "test_bucket_policy": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_bucket_policy --recursive cloudserver/bucketPolicy/tests", + "test_operator": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_operator ./init_test.js", + "test_smoke": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_smoke --recursive smoke_tests", + "test_iam_policies": "mocha --exit -t 15000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_iam_policies --recursive iam_policies", "test_all_extensions": "run-p --aggregate-output test_crr test_aws_crr test_expiration test_transition test_ingestion_oob_s3c", - "test_object_api": "mocha --tags ${MOCHA_TAGS} --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_object_api --recursive cloudserver/keyFormatVersion/tests", + "test_object_api": "mocha --exit -t 10000 --reporter mocha-multi-reporters --reporter-options configFile=config.json,cmrOutput=mocha-junit-reporter+testsuitesTitle+test_object_api --recursive cloudserver/keyFormatVersion/tests", "lint": "eslint $(find . -name '*.js' -not -path '*/node_modules/*')" }, "author": "", diff --git a/tests/zenko_tests/node_tests/run-node-tests-locally.sh b/tests/zenko_tests/node_tests/run-node-tests-locally.sh deleted file mode 100755 index 1b1a547940..0000000000 --- a/tests/zenko_tests/node_tests/run-node-tests-locally.sh +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/bash - -# Script to run mocha node tests from a GitHub Codespace -# Uses a persistent pod with kubectl cp to sync local changes -# -# Usage: ./run-node-tests-locally.sh [image] -# -# Examples: -# ./run-node-tests-locally.sh "should list objects" "cloudserver/bucketGetV2" -# ./run-node-tests-locally.sh "should list objects" "cloudserver" my-e2e:local -# ./run-node-tests-locally.sh "" "smoke_tests" # Run all smoke tests -# ./run-node-tests-locally.sh "" "cloudserver" # Run all cloudserver tests -# -# If you need to use a different image, delete pod first: -# kubectl delete pod node-tests-local - -set -e - -ZENKO_NAME=${ZENKO_NAME:-end2end} -IMAGE_NAME="${3:-ghcr.io/scality/zenko/zenko-e2e:latest}" -POD_NAME="node-tests-local" - -if [ "$#" -lt 2 ]; then - echo "Usage: $0 [image]" - echo "See script header for examples." - exit 1 -fi - -TEST_GREP="$1" -TEST_PATH="$2" - -ZENKO_ACCESS_KEY=$(kubectl get secret end2end-management-account-creds.v1 -o jsonpath='{.data.accessKey}' | base64 -d) -ZENKO_SECRET_KEY=$(kubectl get secret end2end-management-account-creds.v1 -o jsonpath='{.data.secretKey}' | base64 -d) - -CLOUDSERVER_ENDPOINT="http://${ZENKO_NAME}-connector-s3api.default.svc.cluster.local:80" -VAULT_ENDPOINT="http://${ZENKO_NAME}-management-vault-iam-admin-api:80" -VAULT_STS_ENDPOINT="http://${ZENKO_NAME}-connector-vault-sts-api:80" -BACKBEAT_API_ENDPOINT="http://${ZENKO_NAME}-management-backbeat-api.default.svc.cluster.local:80" - -# Path inside the zenko-e2e container -CONTAINER_PATH="/usr/local/bin/tests/node_tests" - -if ! kubectl get pod "$POD_NAME" &>/dev/null; then - echo "Loading image into kind cluster, can take 1~3 minutes" - kind load docker-image "$IMAGE_NAME" --name kind || true - - kubectl run "$POD_NAME" \ - --image="$IMAGE_NAME" \ - --restart=Never \ - --image-pull-policy=IfNotPresent \ - --command -- sleep infinity - kubectl wait --for=condition=Ready pod/"$POD_NAME" --timeout=5m -fi - -# Copy local test files so that ongoing changes are included -kubectl exec "$POD_NAME" -- rm -rf "$CONTAINER_PATH"/cloudserver "$CONTAINER_PATH"/backbeat "$CONTAINER_PATH"/smoke_tests "$CONTAINER_PATH"/iam_policies "$CONTAINER_PATH"/utils -kubectl cp ./cloudserver "$POD_NAME":"$CONTAINER_PATH"/cloudserver -kubectl cp ./backbeat "$POD_NAME":"$CONTAINER_PATH"/backbeat -kubectl cp ./smoke_tests "$POD_NAME":"$CONTAINER_PATH"/smoke_tests -kubectl cp ./iam_policies "$POD_NAME":"$CONTAINER_PATH"/iam_policies -kubectl cp ./utils "$POD_NAME":"$CONTAINER_PATH"/utils -kubectl cp ./s3SDK.js "$POD_NAME":"$CONTAINER_PATH"/s3SDK.js -kubectl cp ./stsSDK.js "$POD_NAME":"$CONTAINER_PATH"/stsSDK.js -kubectl cp ./VaultClient.js "$POD_NAME":"$CONTAINER_PATH"/VaultClient.js -kubectl cp ./init_test.js "$POD_NAME":"$CONTAINER_PATH"/init_test.js - -kubectl exec "$POD_NAME" -- env \ - ZENKO_ACCESS_KEY="$ZENKO_ACCESS_KEY" \ - ZENKO_SECRET_KEY="$ZENKO_SECRET_KEY" \ - CLOUDSERVER_ENDPOINT="$CLOUDSERVER_ENDPOINT" \ - VAULT_ENDPOINT="$VAULT_ENDPOINT" \ - VAULT_STS_ENDPOINT="$VAULT_STS_ENDPOINT" \ - BACKBEAT_API_ENDPOINT="$BACKBEAT_API_ENDPOINT" \ - sh -c "cd $CONTAINER_PATH && \ - npx mocha \ - --exit \ - --timeout 10000 \ - --recursive \ - --grep '$TEST_GREP' \ - '$TEST_PATH'" - diff --git a/tests/zenko_tests/node_tests/yarn.lock b/tests/zenko_tests/node_tests/yarn.lock index 281bd0222b..b107339906 100644 --- a/tests/zenko_tests/node_tests/yarn.lock +++ b/tests/zenko_tests/node_tests/yarn.lock @@ -4470,11 +4470,6 @@ lodash@^4.0.0, lodash@^4.14.0, lodash@^4.17.14, lodash@^4.17.15: resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== -lodash@~2.4.1: - version "2.4.2" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-2.4.2.tgz#fadd834b9683073da179b3eae6d9c0d15053f73e" - integrity sha512-Kak1hi6/hYHGVPmdyiZijoQyz5x2iGVzs6w9GYB/HiXEtylY7tIoYEROMjvM1d9nXJqPOrG2MNPMn01bJ+S0Rw== - log-symbols@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-4.1.0.tgz#3fbdbb95b4683ac9fc785111e792e558d4abd503" @@ -4628,11 +4623,6 @@ minimist@^1.2.0, minimist@^1.2.6: resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.8.tgz#c1a464e7693302e082a075cee0c057741ac4772c" integrity sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA== -minimist@~1.1.0: - version "1.1.3" - resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.1.3.tgz#3bedfd91a92d39016fcfaa1c681e8faa1a1efda8" - integrity sha512-2RbeLaM/Hbo9vJ1+iRrxzfDnX9108qb2m923U+s+Ot2eMey0IYGdSjzHmvtg2XsxoCuMnzOMw7qc573RvnLgwg== - minipass-collect@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/minipass-collect/-/minipass-collect-1.0.2.tgz#22b813bf745dc6edba2576b940022ad6edc8c617" @@ -4721,14 +4711,6 @@ mocha-multi-reporters@^1.1.7: debug "^4.1.1" lodash "^4.17.15" -mocha-tags@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/mocha-tags/-/mocha-tags-1.0.1.tgz#446f9d8d1bc4d39a86f578c6c9a4d86d0cc0fe3f" - integrity sha512-2M1L4yZkqlplrwG1AqZfdCsTb4g93hCQJoHn2BhRMqzfu04XCyr2nl857oH5mpMLwl7MRPk5Y0pJJ2artYlCsw== - dependencies: - lodash "~2.4.1" - minimist "~1.1.0" - mocha@^10.0.0: version "10.8.2" resolved "https://registry.yarnpkg.com/mocha/-/mocha-10.8.2.tgz#8d8342d016ed411b12a429eb731b825f961afb96"