diff --git a/component/component/app.jsonnet b/component/component/app.jsonnet index 2fc6e2634..3bd13ffa6 100644 --- a/component/component/app.jsonnet +++ b/component/component/app.jsonnet @@ -3,7 +3,23 @@ local inv = kap.inventory(); local params = inv.parameters.appcat; local argocd = import 'lib/argocd.libjsonnet'; -local app = argocd.App('appcat', ''); +local app = argocd.App('appcat', '') + ( + if params.services.vshn.e2eTests then { + spec+: { + ignoreDifferences+: [ + { + group: '', + jsonPointers: [ + '/data', + ], + kind: 'Secret', + name: 'github-ci-secret', + namespace: 'appcat-e2e', + }, + ], + }, + } else {} +); { appcat: app, diff --git a/component/component/rbac_e2e.jsonnet b/component/component/rbac_e2e.jsonnet index d36e8fbd6..e331a9d45 100644 --- a/component/component/rbac_e2e.jsonnet +++ b/component/component/rbac_e2e.jsonnet @@ -7,12 +7,12 @@ local params = inv.parameters.appcat; local e2eNs = kube.Namespace('appcat-e2e') + { metadata+: { labels+: { - 'appuio.io/organization': 'vshn-e2e-tests', + 'appuio.io/organization': 'vshn', }, }, }; -local e2eSA = kube.ServiceAccount('appcat-e2e') + { +local e2eSA = kube.ServiceAccount('github-ci') + { metadata+: { namespace: 'appcat-e2e', }, @@ -26,11 +26,26 @@ local e2eRoleBinding = kube.RoleBinding('appcat-e2e') + { subjects_: [ e2eSA ], }; -local e2eSAToken = kube.Secret('appcat-e2e-github') + { +local e2eClusterRole = kube.ClusterRole('appcat:e2e') + { + rules: [ + { + apiGroups: [ 'networking.k8s.io' ], + resources: [ 'ingresses' ], + verbs: [ 'get', 'list' ], + }, + ], +}; + +local e2eClusterRoleBinding = kube.ClusterRoleBinding('appcat:e2e') { + roleRef_: e2eClusterRole, + subjects_: [ e2eSA ], +}; + +local e2eSAToken = kube.Secret('github-ci-secret') + { metadata+: { namespace: 'appcat-e2e', annotations+: { - 'kubernetes.io/service-account.name': 'appcat-e2e', + 'kubernetes.io/service-account.name': 'github-ci', 'argocd.argoproj.io/compare-options': 'IgnoreExtraneous', }, }, @@ -38,5 +53,5 @@ local e2eSAToken = kube.Secret('appcat-e2e-github') + { }; if params.services.vshn.e2eTests then { - '20_rbac_vshn_e2e_tests': [ e2eNs, e2eSA, e2eRoleBinding, e2eSAToken ], + '20_rbac_vshn_e2e_tests': [ e2eNs, e2eSA, e2eRoleBinding, e2eClusterRoleBinding, e2eClusterRole, e2eSAToken ], } else {} diff --git a/tests/e2e/keycloak/scripts/ingress.sh b/tests/e2e/keycloak/scripts/ingress.sh index c56632302..d63fc1542 100755 --- a/tests/e2e/keycloak/scripts/ingress.sh +++ b/tests/e2e/keycloak/scripts/ingress.sh @@ -2,9 +2,9 @@ set -e -ns=$(kubectl -n "$NAMESPACE" get vshnkeycloak keycloak-e2e -ojson | jq -r '.status.instanceNamespace') +ns=$(kubectl -n "$NAMESPACE" get vshnkeycloak keycloak-e2e -oyaml | yq -r '.status.instanceNamespace') -fqdn=$(kubectl -n "$ns" get ingress -ojson | jq -r '.items.[0].spec.tls.[0].hosts[0]') +fqdn=$(kubectl -n "$ns" get ingress -oyaml | yq -r '.items.[0].spec.tls.[0].hosts[0]') echo "$fqdn = keycloak-e2e.example.com" [[ "$fqdn" == "keycloak-e2e.example.com" ]] diff --git a/tests/e2e/kuttl-test.yaml b/tests/e2e/kuttl-test.yaml index c51481bd3..48843a181 100644 --- a/tests/e2e/kuttl-test.yaml +++ b/tests/e2e/kuttl-test.yaml @@ -2,4 +2,4 @@ apiVersion: kuttl.dev/v1beta1 kind: TestSuite testDirs: - ./test/e2e/ -namespace: schedar-e2e +namespace: appcat-e2e diff --git a/tests/tests.mk b/tests/tests.mk index dee2f4449..7e1c40ec2 100644 --- a/tests/tests.mk +++ b/tests/tests.mk @@ -14,14 +14,14 @@ $(kuttl_bin): | $(go_bin) .PHONY: .e2e-test e2e-test: $(kuttl_bin) ## Run e2e tests - @kubectl create namespace schedar-e2e || true + @kubectl create namespace appcat-e2e || true GOBIN=$(go_bin) $(kuttl_bin) test ./tests/e2e --config ./tests/e2e/kuttl-test.yaml --suppress-log=Events @rm -f kubeconfig # kuttl leaves kubeconfig garbage: https://github.com/kudobuilder/kuttl/issues/297 .PHONY: .run-single-e2e run-single-e2e: - @kubectl create namespace schedar-e2e || true + @kubectl create namespace appcat-e2e || true GOBIN=$(go_bin) $(kuttl_bin) test ./tests/e2e --config ./tests/e2e/kuttl-test.yaml --suppress-log=Events --test $(test) @rm -f kubeconfig