[KRV-24554] Add auth CRDs step to the scenarios

dell · Jun 10, 2024 · d8bcb3a · d8bcb3a
1 parent 807c5af
commit d8bcb3a
Show file tree

Hide file tree

Showing 6 changed files with 153 additions and 19 deletions.
diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go
@@ -1039,7 +1039,7 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string,
 	}
 
 	fmt.Printf("=== Generating Admin Token ===\n")
-	adminTkn := exec.Command("karavictl",
+	adminTkn := exec.Command("dellctl",
 		"admin", "token",
 		"--name", "Admin",
 		"--jwt-signing-secret", "secret",

diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml
@@ -42,11 +42,18 @@ spec:
           # enable: Enable/Disable csm-authorization proxy server
           enabled: true
           proxyService: dellemc/csm-authorization-proxy:v2.0.0-alpha
+          proxyServiceReplicas: 1
           tenantService: dellemc/csm-authorization-tenant:v2.0.0-alpha
+          tenantServiceReplicas: 1
           roleService: dellemc/csm-authorization-role:v2.0.0-alpha
+          roleServiceReplicas: 1
           storageService: dellemc/csm-authorization-storage:v2.0.0-alpha
+          storageServiceReplicas: 1
           opa: openpolicyagent/opa
           opaKubeMgmt: openpolicyagent/kube-mgmt:0.11
+          authorizationController: dellemc/csm-authorization-controller:v2.0.0-alpha
+          authorizationControllerReplicas: 1
+          leaderElection: true
 
           # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates
           # for self-signed certs, leave empty string
@@ -92,6 +99,18 @@ spec:
           vaultRole: csm-authorization
           skipCertificateValidation: true
           kvEnginePath: secret
+          # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          certificate: ""
+          # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          privateKey: ""
+          # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          certificateAuthority: ""
 
 ---
 apiVersion: v1

diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml
@@ -42,11 +42,18 @@ spec:
           # enable: Enable/Disable csm-authorization proxy server
           enabled: true
           proxyService: dellemc/csm-authorization-proxy:v2.0.0-alpha
+          proxyServiceReplicas: 1
           tenantService: dellemc/csm-authorization-tenant:v2.0.0-alpha
+          tenantServiceReplicas: 1
           roleService: dellemc/csm-authorization-role:v2.0.0-alpha
+          roleServiceReplicas: 1
           storageService: dellemc/csm-authorization-storage:v2.0.0-alpha
+          storageServiceReplicas: 1
           opa: openpolicyagent/opa
           opaKubeMgmt: openpolicyagent/kube-mgmt:0.11
+          authorizationController: dellemc/csm-authorization-controller:v2.0.0-alpha
+          authorizationControllerReplicas: 1
+          leaderElection: true
 
           # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates
           # for self-signed certs, leave empty string
@@ -75,14 +82,36 @@ spec:
               annotations: {}
 
         - name: redis
-          redis: redis:6.0.8-alpine
+          redis: redis:7.2.4-alpine
           commander: rediscommander/redis-commander:latest
           # by default, csm-authorization will deploy a local (https://kubernetes.io/docs/concepts/storage/storage-classes/#local) volume for redis
           # to use a different storage class for redis, specify the name of the storage class
           # NOTE: the storage class must NOT be a storage class provisioned by a CSI driver using this installation of CSM Authorization
           # Default value: None
+          redisName: redis-csm
+          redisCommander: redicommander
+          sentinel: sentinel
+          redisReplicas: 5
           storageclass: ""
 
+        - name: vault
+          vaultAddress: https://10.247.100.22:8400
+          vaultRole: csm-authorization
+          skipCertificateValidation: true
+          kvEnginePath: secret
+          # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          certificate: ""
+          # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          privateKey: ""
+          # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          certificateAuthority: ""
+
 ---
 apiVersion: v1
 kind: ConfigMap

diff --git a/...s/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml b/...s/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml
@@ -42,11 +42,18 @@ spec:
           # enable: Enable/Disable csm-authorization proxy server
           enabled: true
           proxyService: dellemc/csm-authorization-proxy:v2.0.0-alpha
+          proxyServiceReplicas: 1
           tenantService: dellemc/csm-authorization-tenant:v2.0.0-alpha
+          tenantServiceReplicas: 1
           roleService: dellemc/csm-authorization-role:v2.0.0-alpha
+          roleServiceReplicas: 1
           storageService: dellemc/csm-authorization-storage:v2.0.0-alpha
+          storageServiceReplicas: 1
           opa: openpolicyagent/opa
           opaKubeMgmt: openpolicyagent/kube-mgmt:0.11
+          authorizationController: dellemc/csm-authorization-controller:v2.0.0-alpha
+          authorizationControllerReplicas: 1
+          leaderElection: true
 
           # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates
           # for self-signed certs, leave empty string
@@ -92,6 +99,18 @@ spec:
           vaultRole: csm-authorization
           skipCertificateValidation: true
           kvEnginePath: secret
+          # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          certificate: ""
+          # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          privateKey: ""
+          # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          certificateAuthority: ""
 
 ---
 apiVersion: v1

diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_ocp.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_ocp.yaml
@@ -42,11 +42,18 @@ spec:
           # enable: Enable/Disable csm-authorization proxy server
           enabled: true
           proxyService: dellemc/csm-authorization-proxy:v2.0.0-alpha
+          proxyServiceReplicas: 1
           tenantService: dellemc/csm-authorization-tenant:v2.0.0-alpha
+          tenantServiceReplicas: 1
           roleService: dellemc/csm-authorization-role:v2.0.0-alpha
+          roleServiceReplicas: 1
           storageService: dellemc/csm-authorization-storage:v2.0.0-alpha
+          storageServiceReplicas: 1
           opa: openpolicyagent/opa
           opaKubeMgmt: openpolicyagent/kube-mgmt:0.11
+          authorizationController: dellemc/csm-authorization-controller:v2.0.0-alpha
+          authorizationControllerReplicas: 1
+          leaderElection: true
 
           # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates
           # for self-signed certs, leave empty string
@@ -75,14 +82,36 @@ spec:
               annotations: {}
 
         - name: redis
-          redis: redis:6.0.8-alpine
+          redis: redis:7.2.4-alpine
           commander: rediscommander/redis-commander:latest
           # by default, csm-authorization will deploy a local (https://kubernetes.io/docs/concepts/storage/storage-classes/#local) volume for redis
           # to use a different storage class for redis, specify the name of the storage class
           # NOTE: the storage class must NOT be a storage class provisioned by a CSI driver using this installation of CSM Authorization
           # Default value: None
+          redisName: redis-csm
+          redisCommander: redicommander
+          sentinel: sentinel
+          redisReplicas: 5
           storageclass: "local-storage"
 
+        - name: vault
+          vaultAddress: https://10.0.0.1:8400
+          vaultRole: csm-authorization
+          skipCertificateValidation: true
+          kvEnginePath: secret
+          # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          certificate: ""
+          # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          privateKey: ""
+          # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates
+          #  for self-signed certs, leave empty string
+          # Allowed values: string
+          certificateAuthority: ""
+
 ---
 apiVersion: v1
 kind: ConfigMap