Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[KRV-24554] Auth proxy e2e #595

Merged
merged 8 commits into from
Jun 11, 2024
Merged

[KRV-24554] Auth proxy e2e #595

merged 8 commits into from
Jun 11, 2024

Conversation

EvgenyUglov
Copy link
Contributor

@EvgenyUglov EvgenyUglov commented Jun 10, 2024
edited
Loading

Description

  1. Add Install/Delete authorization CRDs steps to the test scenarios where applicable
  2. Use dellctl to create authorization CRs in authorization proxy e2e tests
  3. Add Storage/CSMRole/CSMTenant test CRs for e2e

GitHub Issues

List the GitHub issues impacted by this PR:

GitHub Issue #
dell/csm#1281

Checklist:

  • I have performed a self-review of my own code to ensure there are no formatting, vetting, linting, or security issues
  • I have verified that new and existing unit tests pass locally with my changes
  • I have not allowed coverage numbers to degenerate
  • I have maintained at least 90% code coverage
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works
  • I have maintained backward compatibility

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration

  • Ran authorization-proxy-server e2e tests to deploy auth module, install CRDs, create and configure the appropriate CRs to make sure these steps are successfully executed
  STEP: Getting test environment variables @ 06/10/24 22:05:30.26
  STEP: [authorizationproxyserver] @ 06/10/24 22:05:30.26
  STEP: Reading values file @ 06/10/24 22:05:30.26
  STEP: Getting a k8s client @ 06/10/24 22:05:30.279
[BeforeSuite] PASSED [0.057 seconds]
------------------------------
[run-e2e-test] E2E Testing Running all test Given Test Scenarios
/home/evgeny/workspace/csm/csm-operator/tests/e2e/e2e_test.go:123
  STEP: Starting: Install Authorization Proxy Server  @ 06/10/24 22:05:30.317
  STEP:      Executing  Given an environment with k8s or openshift, and CSM operator installed @ 06/10/24 22:05:30.317
  STEP:      Executing  Install Authorization CRDs [2] @ 06/10/24 22:05:30.357
  STEP:      Executing  Create [authorization-proxy-server] prerequisites from CR [1] @ 06/10/24 22:05:32.189
=== Creating Authorization Proxy Server Prerequisites ===
  STEP:      Executing  Apply custom resource [1] @ 06/10/24 22:05:44.757
  Jun 10 22:05:44.761: INFO: Running '/usr/local/bin/kubectl --namespace=authorization apply --validate=true -f -'
  Jun 10 22:05:45.355: INFO: stderr: ""
  Jun 10 22:05:45.355: INFO: stdout: "containerstoragemodule.storage.dell.com/authorization created\nconfigmap/csm-config-params created\n"
  STEP:      Executing  Validate [authorization-proxy-server] module from CR [1] is installed @ 06/10/24 22:05:45.356
  STEP:      Executing  Configure authorization-proxy-server for [powerscale] for CR [1] @ 06/10/24 22:09:16.408
=== Configuring Authorization Proxy Server ===
=== Generating Admin Token ===
=== Writing Admin Token to Tmp File ===
 
=== Creating Storage ===
 
=== Storage === 
 /usr/local/bin/kubectl apply -f testfiles/authorization-templates/csm-authorization_v1_storage.yaml

=== Creating Tenant ===
 
=== Tenant === 
 /usr/local/bin/kubectl apply -f testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml

=== Creating Role ===

=== Role === 
 /usr/local/bin/kubectl apply -f testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml

=== Generating token ===
 
=== Token ===
 /usr/local/bin/dellctl generate token --admin-token /tmp/adminToken.yaml --access-token-expiration 10m0s --refresh-token-expiration 48h --tenant csmtenant-sample --insecure --addr csm-authorization.com:31797

=== Applying token ===
 
=== Token Applied ===
 
  STEP:      Executing  Configure authorization-proxy-server for [powerflex] for CR [1] @ 06/10/24 22:12:17.076
=== Configuring Authorization Proxy Server ===
=== Generating Admin Token ===
=== Writing Admin Token to Tmp File ===
 
=== Creating Storage ===
 
=== Storage === 
 /usr/local/bin/kubectl apply -f testfiles/authorization-templates/csm-authorization_v1_storage.yaml

=== Creating Tenant ===
 
=== Tenant === 
 /usr/local/bin/kubectl apply -f testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml

=== Creating Role ===

=== Role === 
 /usr/local/bin/kubectl apply -f testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml

=== Generating token ===
 
=== Token ===
 /usr/local/bin/dellctl generate token --admin-token /tmp/adminToken.yaml --access-token-expiration 10m0s --refresh-token-expiration 48h --tenant csmtenant-sample --insecure --addr csm-authorization.com:31797

=== Applying token ===
 
=== Token Applied ===
 
  STEP:      Executing  Delete custom resource [1] @ 06/10/24 22:12:27.479
  STEP:      Executing  Delete Authorization CRDs [2] @ 06/10/24 22:12:27.543
  STEP: Ending: Install Authorization Proxy Server
   @ 06/10/24 22:12:33.474
• [428.160 seconds]
------------------------------

Ran 1 of 1 Specs in 428.217 seconds
SUCCESS! -- 1 Passed | 0 Failed | 0 Pending | 0 Skipped
PASS

Ginkgo ran 1 suite in 10m3.606309195s
Test Suite Passed

@EvgenyUglov EvgenyUglov marked this pull request as ready for review June 10, 2024 22:18
atye
atye reviewed Jun 10, 2024
View reviewed changes
tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml Outdated
name: powerscale
spec:
type: powerscale
endpoint: https://10.230.24.241:8080
Copy link
Contributor

@atye atye Jun 10, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The spec values in the CRs should be updated during the test so users, and us, can pass in different values. This internal IP should be removed.

We can have users put values in https://github.com/dell/csm-operator/blob/main/tests/e2e/array-info.sh and put them into the CRs.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, missed that, thanks! Fixed.
Yeah, we can add populate them from that script, but I'd leave this change for another PR

alikdell
alikdell previously approved these changes Jun 11, 2024
View reviewed changes
shanmydell
shanmydell previously requested changes Jun 11, 2024
View reviewed changes
Copy link
Contributor

@shanmydell shanmydell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we update go.mod to use the latest k8s so that dependabot alert gets resolved

@alikdell alikdell dismissed shanmydell’s stale review June 11, 2024 18:34

This PR is going to gitop branch, main should have k8s update

@EvgenyUglov EvgenyUglov merged commit 7233517 into authorization-gitops Jun 11, 2024
8 checks passed
@EvgenyUglov EvgenyUglov deleted the auth-proxy-e2e branch June 11, 2024 19:19
EvgenyUglov added a commit that referenced this pull request Jun 25, 2024
@alikdell @shaynafinocchiaro
@harshitap26 @EvgenyUglov @atye @xuluna @falfaroc @bharathsreekanth @tdawe @KerryKovacevic
Support for CSM Authorization V2 support in operator (#614)
8e851f4 
* Support OpenShifts ingress controller in Authorization (#554)

* refactor CR and add support for certs, annotations, and ocp for ingress

* update types

* update ingress and cert yamls for all versions

* update controller-gen version and crds

* fix yaml formatting errors

* create ingress dynamically

* create self signed certificates dynamically

* encode custom tls cert

* update CRs for e2e tests

* add unit tests and update versioning to v2.0.0-alpha

* update csm controller test

* fix formatting, linting, and unit tests

* fix linting

* fix wording in CR

* fix CRs

* PR edits

* fix formatting

* Support Multiple Replicas for Redis deployment in Authorization (#553)

* Changes for Auth

* add new changes as per helm

* Updating CRDs

* Resolving yaml errors

* Resolving script issues and removing hardcoded values

* Empty Config Map

* Values changes

* Resolving formatting issues

* Resolving formatting checks

* Resolving rebase issues

* Getting the sentinel values dynamically

* Addressed review comments

* Changes from v1.1.10 to v2.0.0-alpha

* Resolving Unit test errors

* Removing Hardcoded values

* Addressing review comments

* Adding Vault as separate component

* Moving the ConfigMap

* Moving ConfigMap t0 v2.0.0-alpha

* Remving extra newline

* [KRV-17784] Auth CRD support (#556)

* [KRV-17784] Add auth crds and new version

* [KRV-17784] Fix version in tests

* [KRV-17784] Unit test

* [KRV-17784] Fix comment

* [KRV-17784] Fix PR comments

* [KRV-17784] Fix PR comments

* Adding Vault Role for Authorization (#560)

* Add Vault Role

* Updating test files

* Adressing review comments

* Update the deployment with Controller for Authorization (#563)

* Adding deployment for controller

* Using Controller image dynamically

* Addressing review comments

* Addressing review comments - Making replicas configurable

* Addressing review comments & making namespace configurable

* Remove Karavi Storage Secret for v2 (#567)

* remove storage secret

* remove print

* update tls name

* add rediscommander password and username (#570)

* Add storage cluster roles (#568)

* Fix cert-manager deployment, go mod updates (#571)

* Add authorization snapshot policies (#573)

* [KRV-17785] Auth CRD e2e (#572)

* [KRV-17785] Auth CRD e2e

* [KRV-17785] Update go mod

* Added sentinel retry logic (#576)

* file changes for proxy server certificate (#577)

* Update lease permissions for authorization-controller (#580)

* Support user-provided client certs for Vault (#578)

* start vault user certs

* updates

* add cert authority

* fix deployment

* remove storage-service from all deployments

* add certs to sample

* support v1

* remove vault cert manifests

* remove todo

* fix formatting

* fix crd deploy check

* add test for v1

* add tests

* add fail test

* bad vautl ca

* add more error tests

* add test for ingress certs

* add openshift test

* add type meta to v1

* refactor storage service deployment

* refactor self-signed cert

* fix sentinel timeout (#586)

* Remove OpenShift parameter from config and discover it on runtime (#589)

* Programatically detect ocp cluster env for ingress configuration

* Add storage poll interval

* add yaml files changes from make manifests

* change error return to warning log

* PR edits

---------

Co-authored-by: Kerry_Kovacevic <Kerry.Kovacevic@Dell.com>

* [KRV-24554] Auth proxy e2e (#595)

* [KRV-17785] Auth CRD e2e

* [KRV-17785] Update go mod

* [KRV-24554] Fix proxy e2e test

* [KRV-24554] Add auth CRDs step to the scenarios

* [KRV-24554] Remove array data from test files

* Sentinel fix, remove hardcoded sentinel svc port, fix operator deploy… (#597)

* Sentinel fix, remove hardcoded sentinel svc port, fix operator deployment

* Add configurable controller reconcile interval (#598)

* Add configurable controller reconcile interval

* Update test yamls

* fix linting check

* fix linting

* [KRV-25132] Auth CR changes

* update files for new CR format for auth

* [KRV-25132] Default images

* pr review changes

* [KRV-25132] Fix e2e scenarios

---------

Co-authored-by: shaynafinocchiaro <shayna_finocchiaro@dell.com>
Co-authored-by: Harshita Pandey <88329939+harshitap26@users.noreply.github.com>
Co-authored-by: EvgenyUglov <63835199+EvgenyUglov@users.noreply.github.com>
Co-authored-by: Aaron Tye <tyeaaron@gmail.com>
Co-authored-by: Luna Xu <10015938+xuluna@users.noreply.github.com>
Co-authored-by: Fernando Alfaro Campos <falfarocampos@outlook.com>
Co-authored-by: Bharath Sreekanth <93715158+bharathsreekanth@users.noreply.github.com>
Co-authored-by: Trevor Dawe <trevor.dawe@dell.com>
Co-authored-by: Kerry_Kovacevic <Kerry.Kovacevic@Dell.com>
Co-authored-by: Evgeny Uglov <evgeny.uglov@dell.com>
ChristianAtDell added a commit that referenced this pull request Oct 15, 2024
@ChristianAtDell @shaynafinocchiaro
@harshitap26 @EvgenyUglov @atye @xuluna @falfaroc @bharathsreekanth @tdawe @KerryKovacevic
Support for CSM Authorization V2 support in operator (#614)
c449f3c 
* Support OpenShifts ingress controller in Authorization (#554)

* refactor CR and add support for certs, annotations, and ocp for ingress

* update types

* update ingress and cert yamls for all versions

* update controller-gen version and crds

* fix yaml formatting errors

* create ingress dynamically

* create self signed certificates dynamically

* encode custom tls cert

* update CRs for e2e tests

* add unit tests and update versioning to v2.0.0-alpha

* update csm controller test

* fix formatting, linting, and unit tests

* fix linting

* fix wording in CR

* fix CRs

* PR edits

* fix formatting

* Support Multiple Replicas for Redis deployment in Authorization (#553)

* Changes for Auth

* add new changes as per helm

* Updating CRDs

* Resolving yaml errors

* Resolving script issues and removing hardcoded values

* Empty Config Map

* Values changes

* Resolving formatting issues

* Resolving formatting checks

* Resolving rebase issues

* Getting the sentinel values dynamically

* Addressed review comments

* Changes from v1.1.10 to v2.0.0-alpha

* Resolving Unit test errors

* Removing Hardcoded values

* Addressing review comments

* Adding Vault as separate component

* Moving the ConfigMap

* Moving ConfigMap t0 v2.0.0-alpha

* Remving extra newline

* [KRV-17784] Auth CRD support (#556)

* [KRV-17784] Add auth crds and new version

* [KRV-17784] Fix version in tests

* [KRV-17784] Unit test

* [KRV-17784] Fix comment

* [KRV-17784] Fix PR comments

* [KRV-17784] Fix PR comments

* Adding Vault Role for Authorization (#560)

* Add Vault Role

* Updating test files

* Adressing review comments

* Update the deployment with Controller for Authorization (#563)

* Adding deployment for controller

* Using Controller image dynamically

* Addressing review comments

* Addressing review comments - Making replicas configurable

* Addressing review comments & making namespace configurable

* Remove Karavi Storage Secret for v2 (#567)

* remove storage secret

* remove print

* update tls name

* add rediscommander password and username (#570)

* Add storage cluster roles (#568)

* Fix cert-manager deployment, go mod updates (#571)

* Add authorization snapshot policies (#573)

* [KRV-17785] Auth CRD e2e (#572)

* [KRV-17785] Auth CRD e2e

* [KRV-17785] Update go mod

* Added sentinel retry logic (#576)

* file changes for proxy server certificate (#577)

* Update lease permissions for authorization-controller (#580)

* Support user-provided client certs for Vault (#578)

* start vault user certs

* updates

* add cert authority

* fix deployment

* remove storage-service from all deployments

* add certs to sample

* support v1

* remove vault cert manifests

* remove todo

* fix formatting

* fix crd deploy check

* add test for v1

* add tests

* add fail test

* bad vautl ca

* add more error tests

* add test for ingress certs

* add openshift test

* add type meta to v1

* refactor storage service deployment

* refactor self-signed cert

* fix sentinel timeout (#586)

* Remove OpenShift parameter from config and discover it on runtime (#589)

* Programatically detect ocp cluster env for ingress configuration

* Add storage poll interval

* add yaml files changes from make manifests

* change error return to warning log

* PR edits

---------

Co-authored-by: Kerry_Kovacevic <Kerry.Kovacevic@Dell.com>

* [KRV-24554] Auth proxy e2e (#595)

* [KRV-17785] Auth CRD e2e

* [KRV-17785] Update go mod

* [KRV-24554] Fix proxy e2e test

* [KRV-24554] Add auth CRDs step to the scenarios

* [KRV-24554] Remove array data from test files

* Sentinel fix, remove hardcoded sentinel svc port, fix operator deploy… (#597)

* Sentinel fix, remove hardcoded sentinel svc port, fix operator deployment

* Add configurable controller reconcile interval (#598)

* Add configurable controller reconcile interval

* Update test yamls

* fix linting check

* fix linting

* [KRV-25132] Auth CR changes

* update files for new CR format for auth

* [KRV-25132] Default images

* pr review changes

* [KRV-25132] Fix e2e scenarios

---------

Co-authored-by: shaynafinocchiaro <shayna_finocchiaro@dell.com>
Co-authored-by: Harshita Pandey <88329939+harshitap26@users.noreply.github.com>
Co-authored-by: EvgenyUglov <63835199+EvgenyUglov@users.noreply.github.com>
Co-authored-by: Aaron Tye <tyeaaron@gmail.com>
Co-authored-by: Luna Xu <10015938+xuluna@users.noreply.github.com>
Co-authored-by: Fernando Alfaro Campos <falfarocampos@outlook.com>
Co-authored-by: Bharath Sreekanth <93715158+bharathsreekanth@users.noreply.github.com>
Co-authored-by: Trevor Dawe <trevor.dawe@dell.com>
Co-authored-by: Kerry_Kovacevic <Kerry.Kovacevic@Dell.com>
Co-authored-by: Evgeny Uglov <evgeny.uglov@dell.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shaynafinocchiaro shaynafinocchiaro shaynafinocchiaro left review comments

@atye atye atye left review comments

@KerryKovacevic KerryKovacevic KerryKovacevic approved these changes

@alikdell alikdell alikdell approved these changes

@shanmydell shanmydell shanmydell left review comments

@abhi16394 abhi16394 Awaiting requested review from abhi16394 abhi16394 is a code owner

@mbasha-dell mbasha-dell Awaiting requested review from mbasha-dell mbasha-dell is a code owner

@bharathsreekanth bharathsreekanth Awaiting requested review from bharathsreekanth bharathsreekanth is a code owner

@chimanjain chimanjain Awaiting requested review from chimanjain chimanjain is a code owner

@coulof coulof Awaiting requested review from coulof coulof is a code owner

@Deepak-Ghivari Deepak-Ghivari Awaiting requested review from Deepak-Ghivari Deepak-Ghivari is a code owner

@gallacher gallacher Awaiting requested review from gallacher gallacher is a code owner

@HarishH-DELL HarishH-DELL Awaiting requested review from HarishH-DELL HarishH-DELL is a code owner

@JacobGros JacobGros Awaiting requested review from JacobGros JacobGros is a code owner

@jooseppi-luna jooseppi-luna Awaiting requested review from jooseppi-luna jooseppi-luna is a code owner

@karthikk92 karthikk92 Awaiting requested review from karthikk92 karthikk92 is a code owner

@kumarkgosa kumarkgosa Awaiting requested review from kumarkgosa kumarkgosa is a code owner

@bandak2 bandak2 Awaiting requested review from bandak2 bandak2 is a code owner

@mjsdell mjsdell Awaiting requested review from mjsdell mjsdell is a code owner

@nitesh3108 nitesh3108 Awaiting requested review from nitesh3108 nitesh3108 is a code owner

@Prabhu-Dell Prabhu-Dell Awaiting requested review from Prabhu-Dell Prabhu-Dell is a code owner

@rajendraindukuri rajendraindukuri Awaiting requested review from rajendraindukuri rajendraindukuri is a code owner

@rajkumar-palani rajkumar-palani Awaiting requested review from rajkumar-palani rajkumar-palani is a code owner

@shefali-malhotra shefali-malhotra Awaiting requested review from shefali-malhotra shefali-malhotra is a code owner

@panigs7 panigs7 Awaiting requested review from panigs7 panigs7 is a code owner

@tdawe tdawe Awaiting requested review from tdawe tdawe is a code owner

@sharmilarama sharmilarama Awaiting requested review from sharmilarama sharmilarama is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@EvgenyUglov @atye @alikdell @shaynafinocchiaro @shanmydell @KerryKovacevic