diff --git a/.github/workflows/test-upgrade.yml b/.github/workflows/test-upgrade.yml index c4170fe5e8..0d6694c3bd 100644 --- a/.github/workflows/test-upgrade.yml +++ b/.github/workflows/test-upgrade.yml @@ -52,8 +52,8 @@ jobs: # in a previous step. This test run will the current release to create a K3s cluster. # chown the logs since they were originally created as root run: | - zarf package create src/test/upgrade-test --set PODINFO_VERSION=6.3.3 --confirm - zarf package create src/test/upgrade-test --set PODINFO_VERSION=6.3.4 --confirm + zarf package create src/test/upgrade --set PODINFO_VERSION=6.3.3 --confirm + zarf package create src/test/upgrade --set PODINFO_VERSION=6.3.4 --confirm sudo env "PATH=$PATH" CI=true zarf package deploy zarf-package-test-upgrade-package-amd64-6.3.3.tar.zst --confirm sudo chown $USER /tmp/zarf-*.log diff --git a/Makefile b/Makefile index e6cf299d5c..78bf0e48e1 100644 --- a/Makefile +++ b/Makefile @@ -132,18 +132,12 @@ build-examples: ## Build all of the example packages @test -s ./build/zarf-package-data-injection-$(ARCH).tar || $(ZARF_BIN) package create examples/data-injection -o build -a $(ARCH) --confirm - @test -s ./build/zarf-package-git-data-$(ARCH)-v1.0.0.tar.zst || $(ZARF_BIN) package create examples/git-data -o build -a $(ARCH) --confirm + @test -s ./build/zarf-package-git-data-$(ARCH)-0.0.1.tar.zst || $(ZARF_BIN) package create examples/git-data -o build -a $(ARCH) --confirm - @test -s ./build/zarf-package-helm-alt-release-name-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/helm-alt-release-name -o build -a $(ARCH) --confirm - - @test -s ./build/zarf-package-helm-local-chart-$(ARCH)-0.0.1.tar.zst || $(ZARF_BIN) package create examples/helm-local-chart -o build -a $(ARCH) --confirm + @test -s ./build/zarf-package-helm-charts-$(ARCH)-0.0.1.tar.zst || $(ZARF_BIN) package create examples/helm-charts -o build -a $(ARCH) --confirm @test -s ./build/zarf-package-podinfo-flux-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/podinfo-flux -o build -a $(ARCH) --confirm - @test -s ./build/zarf-package-helm-no-wait-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/helm-no-wait -o build -a $(ARCH) --confirm - - @test -s ./build/zarf-package-helm-oci-chart-$(ARCH)-0.0.1.tar.zst || $(ZARF_BIN) package create examples/helm-oci-chart -o build -a $(ARCH) --confirm - @test -s ./build/zarf-package-yolo-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/yolo -o build -a $(ARCH) --confirm ## NOTE: Requires an existing cluster or the env var APPLIANCE_MODE=true @@ -158,7 +152,7 @@ test-external: ## Run the Zarf CLI E2E tests for an external registry and cluste @test -s $(ZARF_BIN) || $(MAKE) build-cli @test -s ./build/zarf-init-$(ARCH)-$(CLI_VERSION).tar.zst || $(MAKE) init-package @test -s ./build/zarf-package-podinfo-flux-$(ARCH).tar.zst || $(ZARF_BIN) package create examples/podinfo-flux -o build -a $(ARCH) --confirm - cd src/test/external-test && go test -failfast -v -timeout 30m + cd src/test/external && go test -failfast -v -timeout 30m ## NOTE: Requires an existing cluster and .PHONY: test-upgrade @@ -166,8 +160,8 @@ test-upgrade: ## Run the Zarf CLI E2E tests for an external registry and cluster @test -s $(ZARF_BIN) || $(MAKE) build-cli [ -n "$(shell zarf version)" ] || (echo "Zarf must be installed prior to the upgrade test" && exit 1) [ -n "$(shell zarf package list 2>&1 | grep test-upgrade-package)" ] || (echo "Zarf must be initialized and have the 6.3.3 upgrade-test package installed prior to the upgrade test" && exit 1) - @test -s "zarf-package-test-upgrade-package-amd64-6.3.4.tar.zst" || zarf package create src/test/upgrade-test/ --set PODINFO_VERSION=6.3.4 --confirm - cd src/test/upgrade-test && go test -failfast -v -timeout 30m + @test -s "zarf-package-test-upgrade-package-amd64-6.3.4.tar.zst" || zarf package create src/test/upgrade/ --set PODINFO_VERSION=6.3.4 --confirm + cd src/test/upgrade && go test -failfast -v -timeout 30m .PHONY: test-unit test-unit: ensure-ui-build-dir ## Run unit tests within the src/pkg and the bigbang extension directory diff --git a/docs/3-create-a-zarf-package/2-zarf-components.md b/docs/3-create-a-zarf-package/2-zarf-components.md index edbb56ded0..979ed1af1f 100644 --- a/docs/3-create-a-zarf-package/2-zarf-components.md +++ b/docs/3-create-a-zarf-package/2-zarf-components.md @@ -71,13 +71,13 @@ Can be when using the `url` key: - + - + - + diff --git a/examples/README.md b/examples/README.md index 9cdea4b4ce..edd2688618 100644 --- a/examples/README.md +++ b/examples/README.md @@ -11,7 +11,7 @@ The Zarf examples demonstrate different ways to utilize Zarf in your environment To build and deploy a demo, change directories to the example you want to try and run: -``` bash +```bash cd # This should be whatever example you want to try (i.e. game) zarf package create # This will create the zarf package zarf package deploy # This will prompt you to deploy the created zarf package diff --git a/examples/big-bang-yolo-mode/README.md b/examples/big-bang-yolo-mode/README.md deleted file mode 100644 index 432498164f..0000000000 --- a/examples/big-bang-yolo-mode/README.md +++ /dev/null @@ -1,26 +0,0 @@ -# Big Bang (YOLO Mode) - -This package deploys [Big Bang](https://repo1.dso.mil/platform-one/big-bang/bigbang) using the Zarf `bigbang` extension with YOLO mode enabled. You can learn about YOLO mode [here](https://docs.zarf.dev/docs/faq#what-is-yolo-mode-and-why-would-i-use-it). An example of this configuration is below: - -```yaml -components: - - name: flux-private-registry - required: true - manifests: - - name: private-registry - namespace: flux-system - files: - - secrets/private-registry.yaml - - name: bigbang - required: true - extensions: - bigbang: - version: 2.0.0 - valuesFiles: - - config/credentials.yaml - - config/ingress.yaml - - config/kyverno.yaml - - config/loki.yaml -``` - -The `provision-flux-credentials` component is required to create the necessary secret to pull flux images from [registry1.dso.mil](https://registry1.dso.mil). In the provided `zarf.yaml` for this example, we demonstrate providing account credentials via Zarf Variables, although there are other ways to populate the data in `private-registry.yaml`. diff --git a/examples/big-bang-yolo-mode/config/ingress.yaml b/examples/big-bang-yolo-mode/config/ingress.yaml deleted file mode 100644 index b1a42ec6b2..0000000000 --- a/examples/big-bang-yolo-mode/config/ingress.yaml +++ /dev/null @@ -1,128 +0,0 @@ -# Configure Istio -domain: "bigbang.dev" - -istio: - gateways: - public: - tls: # certs for *.bigbang.dev - key: | - -----BEGIN PRIVATE KEY----- - MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDvKUzWiZucm6/ - 8D2Nx4KVe8t6uHtARpw112f4yGv7xKcOJkbxLbVtor8pj/HS5tRSZq2ziIQl9y98 - 8TVAOBezgzPPMDxOqDeyHl5gAtqzpK/eSPmueZIhR88BH2+SMYqa5kxmjn752Rf0 - jVeCrVdQ5MD9rqA00oQi/zO+gQQoz6QSuiEQ2pSKYB3gv9oIoJorIU1n4qLYAezn - TvFwjmKWPPhRdyslpcAi1rVO+mVX3Y2DKU/CfpWNFVVT+H788Srn4yP6iWUymfQU - vHOXII1erMnES2H9BDffumrRf3m3IpgueQ3vPhB8ftjFZozURj2t/WSeaKsyQSoZ - Wr99DWxpAgMBAAECggEAAW8ARsACSAzOgtlfmgo8Cpw9gUiYnn/l5P8O4+OT5uQp - 1RCytFGBYqwuej9zpffK1k+qNgZp8V0+G8wod6/xfH8Zggr4ZhsVTVirmEhtEaPD - Jf2i1oRNbbD48yknyApU2Y2WQaoJhArzAfeHDI34db83KqR8x+ZC0X7NAjgvr5zS - b0OfY2tht4oxEWh2m67FzlFgF+cWyszRYyfvHfOFBqLesuCnSfMoOzmbT3SlnxHo - 6GSa1e/kCJVzFJNb74BZTIH0w6Ar/a0QG829VXivqj8lRENU/1xUI2JhNz4RdH7F - 6MeiwQbq4pWjHfh4djuzQFIwOgCnSNRnNuNywOVuAQKBgQDjleEI1XFQawXmHtHu - 6GMhbgptRoSUyutDDdo2MHGvDbxDOIsczIBjxCuYAM47nmGMuWbDJUN+2VQAX32J - WZagRxWikxnEqv3B7No7tLSQ42rRo/tDBrZPCCuS9u/ZJM4o7MCa/VzTtbicGOCh - bTIoTeEtT2piIdkrjHFGGlYOLQKBgQDcLNFHrSJCkHfCoz75+zytfYan+2dIxuV/ - MlnrT8XHt33cst4ZwoIQbsE6mv7J4CJqOgUYDvoJpioLV3InUACDxXd+bVY7RwxP - j25pXzYL++RctVO3IEOCmFkwlq0fNFdrOn8Y/cnRTwd2e60n08rCKgJS8KhEAaO0 - QvVmAHw4rQKBgQDL7hCAnunzuoLFqpZI8tlpKjaTpp3EynO3WSFQb2ZfCvrIbVFS - U/kz7KN3iDlEeO5GcBeiA7EQaGN6FhbiTXHIWwoK7K8paGMMM1V2LL2kGvQruDm8 - 3LXd6Z9KCJXxSKanS0ZnW2KjnnE3Bp+6ZqOMNATzWfckydnUyPrza0PzXQKBgEYS - 1YCUb8Tzqcn+nrp85XDp9INeFh8pfj0fT1L/DpljouEs5Fcaer60ITd/wPuLJCje - 0mQ30AhmJBd7+07bvW4y2LcaIUm4cQiZQ7CxpsfloWaIJ16vHA1iY3B9ZBf8Vp4/ - /dd8XlEJb/ybnB6C35MwP5EaGtOaGfnzHZsbKG35AoGAWm9tpqhuldQ3MCvoAr5Q - b42JLSKqwpvVjQDiFZPI/0wZTo3WkWm9Rd7CAACheb8S70K1r/JIzsmIcnj0v4xs - sfd+R35UE+m8MExbDP4lKFParmvi2/UZfb3VFNMmMPTV6AEIBl6N4PmhHMZOsIRs - H4RxbE+FpmsMAUCpdrzvFkc= - -----END PRIVATE KEY----- - cert: | - -----BEGIN CERTIFICATE----- - MIIFHzCCBAegAwIBAgISA5mpYS+M8wSuhJbgCNVoGbYiMA0GCSqGSIb3DQEBCwUA - MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD - EwJSMzAeFw0yMzAyMjQxMzU1MzBaFw0yMzA1MjUxMzU1MjlaMBgxFjAUBgNVBAMM - DSouYmlnYmFuZy5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD - vKUzWiZucm6/8D2Nx4KVe8t6uHtARpw112f4yGv7xKcOJkbxLbVtor8pj/HS5tRS - Zq2ziIQl9y988TVAOBezgzPPMDxOqDeyHl5gAtqzpK/eSPmueZIhR88BH2+SMYqa - 5kxmjn752Rf0jVeCrVdQ5MD9rqA00oQi/zO+gQQoz6QSuiEQ2pSKYB3gv9oIoJor - IU1n4qLYAeznTvFwjmKWPPhRdyslpcAi1rVO+mVX3Y2DKU/CfpWNFVVT+H788Srn - 4yP6iWUymfQUvHOXII1erMnES2H9BDffumrRf3m3IpgueQ3vPhB8ftjFZozURj2t - /WSeaKsyQSoZWr99DWxpAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYD - VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O - BBYEFFWw8Antpeyt5+/J//sIHTWkf8MtMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ - QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz - Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv - MBgGA1UdEQQRMA+CDSouYmlnYmFuZy5kZXYwTAYDVR0gBEUwQzAIBgZngQwBAgEw - NwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j - cnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQB6MoxU2LcttiDqOOBS - HumEFnAyE4VNO9IrwTpXo1LrUgAAAYaD7AyTAAAEAwBGMEQCIG1jzmcfMv+DNdJh - 8gYpo44sgsASNEF8CjWCyHFhvITiAiASh+KhZXLaFXKsKF99fd6CTnKX30nOz2UR - NfSnXwW5JwB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABhoPs - DHAAAAQDAEcwRQIhALnaITI/ItM9FxxA0hc2VAVJ5xk36/FZtjMJyDAx2dmHAiAT - hnn8YDRB/fPRnv8PUOcubqK2mNwMRCk5wQBjQGYanTANBgkqhkiG9w0BAQsFAAOC - AQEAeviZDlTw9bzxF9vIZ1F+ijIQmnma6CD32eIEQmD/tIpOeayxuRiNFzIt/ixo - uC0/hKcC+JbVb7ZJOT9woPDce+g3gbA2i390yf3av3EP7sptV90rTM8gLPAdtHxo - RW14cSGmGFmaBRhr7ZbaSumztWcqgOF5orBq26wkhPT5bmqn7YX1W/H7/OMjP1Z+ - fQTfgFnfkBtzg1Ib4z3SHIPTqo2kAN3cF+b8AxrUKlk0STwesX2mR9h9jUKTapGg - Y36zDlKTOI3edM22AZDSmrIiR2LV1qGBDoxrsJmnK/Ci3t0KjwzJz45tyzenk8kO - imbt/HYVhe8WfukQ/kQdlhsHCw== - -----END CERTIFICATE----- - -----BEGIN CERTIFICATE----- - MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw - TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh - cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw - WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg - RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK - AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP - R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx - sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm - NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg - Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG - /kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC - AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB - Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA - FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw - AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw - Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB - gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W - PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl - ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz - CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm - lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4 - avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2 - yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O - yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids - hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+ - HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv - MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX - nLRbwHOoq7hHwg== - -----END CERTIFICATE----- - -----BEGIN CERTIFICATE----- - MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/ - MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT - DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow - TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh - cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB - AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC - ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL - wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D - LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK - 4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5 - bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y - sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ - Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4 - FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc - SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql - PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND - TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw - SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1 - c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx - +tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB - ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu - b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E - U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu - MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC - 5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW - 9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG - WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O - he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC - Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5 - -----END CERTIFICATE----- diff --git a/examples/big-bang-yolo-mode/config/kyverno.yaml b/examples/big-bang-yolo-mode/config/kyverno.yaml deleted file mode 100644 index 0270d2975f..0000000000 --- a/examples/big-bang-yolo-mode/config/kyverno.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Use Kyverno instead of Gatekeeper -gatekeeper: - enabled: false -clusterAuditor: - enabled: false -kyverno: - enabled: true -kyvernoPolicies: - enabled: true - values: - policies: - disallow-shared-subpath-volume-writes: - validationFailureAction: audit - restrict-host-ports: - validationFailureAction: audit - restrict-capabilities: - validationFailureAction: audit - restrict-image-registries: - validationFailureAction: audit - disallow-host-namespaces: - validationFailureAction: audit - disallow-privileged-containers: - validationFailureAction: audit - require-non-root-user: - validationFailureAction: audit - restrict-host-path-mount-pv: - validationFailureAction: audit diff --git a/examples/big-bang-yolo-mode/config/loki.yaml b/examples/big-bang-yolo-mode/config/loki.yaml deleted file mode 100644 index 8a85cfd658..0000000000 --- a/examples/big-bang-yolo-mode/config/loki.yaml +++ /dev/null @@ -1,15 +0,0 @@ -# Use Loki instead of EFK -elasticsearchKibana: - enabled: false - -eckOperator: - enabled: false - -fluentbit: - enabled: false - -loki: - enabled: true - -promtail: - enabled: true diff --git a/examples/big-bang/README.md b/examples/big-bang/README.md index e38e3240f1..a2aae00edf 100644 --- a/examples/big-bang/README.md +++ b/examples/big-bang/README.md @@ -22,3 +22,23 @@ To view the example in its entirety, select the `Edit this page` link below the ::: + +:::caution + +`valuesFiles` are processed in the order provided with Zarf adding an initial values file to populate registry and git server credentials as the first file. Including credential `values` (even empty ones) will override these values. This can be used to our advantage however for things like YOLO mode as described below. + +::: + +## Big Bang YOLO Mode Support + +The Big Bang extension also supports YOLO mode, provided that you add your own credentials for the image registry. This is accomplished below with the `provision-flux-credentials` component and the `credentials.yaml` values file which allows images to be pulled from [registry1.dso.mil](https://registry1.dso.mil). We demonstrate providing account credentials via Zarf Variables, but there are other ways to populate the data in `private-registry.yaml`. + +You can learn about YOLO mode in the [FAQ](../../docs/8-faq.md#what-is-yolo-mode-and-why-would-i-use-it) or the [YOLO mode example](../yolo/README.md). + +:::info + +To view the example in its entirety, select the `Edit this page` link below the article and select the parent folder, then select the `yolo` folder. + +::: + + diff --git a/examples/big-bang-yolo-mode/config/credentials.yaml b/examples/big-bang/yolo/credentials.yaml similarity index 92% rename from examples/big-bang-yolo-mode/config/credentials.yaml rename to examples/big-bang/yolo/credentials.yaml index abe2178e0e..40b651da01 100644 --- a/examples/big-bang-yolo-mode/config/credentials.yaml +++ b/examples/big-bang/yolo/credentials.yaml @@ -2,4 +2,4 @@ registryCredentials: registry: registry1.dso.mil username: "###ZARF_VAR_REGISTRY1_USERNAME###" password: "###ZARF_VAR_REGISTRY1_CLI_SECRET###" - email: "" \ No newline at end of file + email: "" diff --git a/examples/big-bang-yolo-mode/secrets/private-registry.yaml b/examples/big-bang/yolo/private-registry.yaml similarity index 100% rename from examples/big-bang-yolo-mode/secrets/private-registry.yaml rename to examples/big-bang/yolo/private-registry.yaml diff --git a/examples/big-bang-yolo-mode/zarf.yaml b/examples/big-bang/yolo/zarf.yaml similarity index 52% rename from examples/big-bang-yolo-mode/zarf.yaml rename to examples/big-bang/yolo/zarf.yaml index b3ce7a4e8e..54bebafe35 100644 --- a/examples/big-bang-yolo-mode/zarf.yaml +++ b/examples/big-bang/yolo/zarf.yaml @@ -2,7 +2,7 @@ kind: ZarfPackageConfig metadata: name: yolo-big-bang - description: "Deploy Big Bang Core in YOLO mode" + description: Deploy Big Bang Core in YOLO mode version: 2.0.0 url: https://p1.dso.mil/products/big-bang architecture: amd64 @@ -10,16 +10,13 @@ metadata: variables: - name: REGISTRY1_USERNAME - description: "The username for pulling images from registry1.dso.mil" - required: true + description: The username for pulling images from registry1.dso.mil prompt: true - name: REGISTRY1_CLI_SECRET - description: "The CLI secret for pulling images from registry1.dso.mil" - required: true + description: The CLI secret for pulling images from registry1.dso.mil prompt: true - name: REGISTRY1_AUTH - description: "A base64 encoded concatenation of 'REGISTRY1_USERNAME:REGISTRY1_CLI_SECRET'" - required: true + description: A base64 encoded concatenation of 'REGISTRY1_USERNAME:REGISTRY1_CLI_SECRET' prompt: true components: @@ -29,14 +26,14 @@ components: - name: private-registry namespace: flux-system files: - - secrets/private-registry.yaml + - private-registry.yaml - name: bigbang required: true extensions: bigbang: version: 2.0.0 valuesFiles: - - config/credentials.yaml - - config/ingress.yaml - - config/kyverno.yaml - - config/loki.yaml + - credentials.yaml + - ../config/ingress.yaml + - ../config/kyverno.yaml + - ../config/loki.yaml diff --git a/examples/big-bang/zarf.yaml b/examples/big-bang/zarf.yaml index f18ede1f9d..04e08b1dec 100644 --- a/examples/big-bang/zarf.yaml +++ b/examples/big-bang/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: big-bang-example - description: "Deploy Big Bang Core" + description: Deploy Big Bang Core # renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/ version: 2.0.0 url: https://p1.dso.mil/products/big-bang @@ -10,7 +10,7 @@ metadata: variables: - name: DOMAIN - default: "bigbang.dev" + default: bigbang.dev prompt: false components: diff --git a/examples/component-actions/zarf.yaml b/examples/component-actions/zarf.yaml index f84b407d41..d03a5e174f 100644 --- a/examples/component-actions/zarf.yaml +++ b/examples/component-actions/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: component-actions - description: "Component actions examples" + description: Component actions examples variables: - name: DOG_SOUND @@ -27,7 +27,7 @@ components: dir: "" # this environment variable will be set for this action only env: - - "thing=stuff" + - thing=stuff # the number of times to retry the action if it fails maxRetries: 0 # the maximum amount of times the action can run before it is killed, including retries @@ -142,7 +142,7 @@ components: maxRetries: 3 before: # this action will fail after 1 second - - cmd: sleep 30 + - cmd: sleep 10 onFailure: - cmd: echo "😭😭😭 this action failed because it took too long to run 😭😭😭" @@ -151,7 +151,7 @@ components: manifests: - name: test-configmap files: - - "test-configmap.yaml" + - test-configmap.yaml actions: # runs during "zarf package remove" onRemove: @@ -169,7 +169,7 @@ components: - cmd: touch $ZARF_VAR_TEST_FILENAME env: # this will set the env var ZARF_VAR_TEST_FILENAME - useful for passing information into scripts - - "ZARF_VAR_TEST_FILENAME=filename-from-env.txt" + - ZARF_VAR_TEST_FILENAME=filename-from-env.txt - name: on-create-with-network-wait-action description: This component will wait for 15 seconds for a network resource to be available @@ -189,7 +189,7 @@ components: manifests: - name: test-configmap files: - - "test-configmap.yaml" + - test-configmap.yaml actions: onDeploy: after: diff --git a/examples/component-choice/zarf.yaml b/examples/component-choice/zarf.yaml index 4c1696bb1f..9c263ca7ba 100644 --- a/examples/component-choice/zarf.yaml +++ b/examples/component-choice/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: component-choice - description: "Test component to demonstrate grouping components for a user to choose from" + description: Test component to demonstrate grouping components for a user to choose from components: - name: first-choice diff --git a/examples/composable-packages/README.md b/examples/composable-packages/README.md index 7ee219666b..fb1b398bf5 100644 --- a/examples/composable-packages/README.md +++ b/examples/composable-packages/README.md @@ -6,11 +6,11 @@ This example demonstrates using Zarf to compose existing zarf packages into anot ## Example Prerequisites -Creating this example requires a locally hosted container registry that has the `helm-local-chart` skeleton package published and available. You can do this by running the following commands: +Creating this example requires a locally hosted container registry that has the `helm-charts` skeleton package published and available. You can do this by running the following commands: ```bash docker run -d -p 5000:5000 --restart=always --name registry registry:2 -zarf package publish examples/helm-local-chart oci://127.0.0.1:5000 --insecure +zarf package publish examples/helm-charts oci://127.0.0.1:5000 --insecure ``` :::note diff --git a/examples/composable-packages/zarf.yaml b/examples/composable-packages/zarf.yaml index c116bafdec..14df579b51 100644 --- a/examples/composable-packages/zarf.yaml +++ b/examples/composable-packages/zarf.yaml @@ -1,12 +1,12 @@ kind: ZarfPackageConfig metadata: name: composable-packages - description: "Demo Zarf package composability" + description: Demo Zarf package composability components: - name: games required: true - description: "Example of a composed package with a unique description for this component" + description: Example of a composed package with a unique description for this component import: path: ../dos-games # Example optional custom name to point to in the imported package @@ -15,5 +15,5 @@ components: - name: chart-via-oci required: false import: - url: oci://localhost:5000/helm-local-chart:0.0.1-skeleton + url: oci://localhost:5000/helm-charts:0.0.1-skeleton name: demo-helm-local-chart diff --git a/examples/config-file/simple-configmap.yaml b/examples/config-file/simple-configmap.yaml index 5dcc0a2cce..08cfecd9f4 100644 --- a/examples/config-file/simple-configmap.yaml +++ b/examples/config-file/simple-configmap.yaml @@ -10,3 +10,5 @@ data: scorpion=###ZARF_VAR_SCORPION### camel_spider=###ZARF_VAR_CAMEL_SPIDER### cow=moo + tls-key: |- + ###ZARF_VAR_TLS_KEY### diff --git a/examples/config-file/zarf-config.ini b/examples/config-file/zarf-config.ini new file mode 100644 index 0000000000..b6db49f32d --- /dev/null +++ b/examples/config-file/zarf-config.ini @@ -0,0 +1,45 @@ +# Example config file, use "zarf prepare generate-config zarf-config.ini" to generate a new one +log_level=info + +[package.create] +skip_sbom=false + +[package.create.set] +leopard=spots +zebra=stripes + +[package.deploy] +components=lion + +[package.deploy.set] +camel_spider=matte +scorpion=iridescent +# dummy tls key showcasing multiline variables and autoindent +tls_key="""-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDvKUzWiZucm6/ +8D2Nx4KVe8t6uHtARpw112f4yGv7xKcOJkbxLbVtor8pj/HS5tRSZq2ziIQl9y98 +8TVAOBezgzPPMDxOqDeyHl5gAtqzpK/eSPmueZIhR88BH2+SMYqa5kxmjn752Rf0 +jVeCrVdQ5MD9rqA00oQi/zO+gQQoz6QSuiEQ2pSKYB3gv9oIoJorIU1n4qLYAezn +TvFwjmKWPPhRdyslpcAi1rVO+mVX3Y2DKU/CfpWNFVVT+H788Srn4yP6iWUymfQU +vHOXII1erMnES2H9BDffumrRf3m3IpgueQ3vPhB8ftjFZozURj2t/WSeaKsyQSoZ +Wr99DWxpAgMBAAECggEAAW8ARsACSAzOgtlfmgo8Cpw9gUiYnn/l5P8O4+OT5uQp +1RCytFGBYqwuej9zpffK1k+qNgZp8V0+G8wod6/xfH8Zggr4ZhsVTVirmEhtEaPD +Jf2i1oRNbbD48yknyApU2Y2WQaoJhArzAfeHDI34db83KqR8x+ZC0X7NAjgvr5zS +b0OfY2tht4oxEWh2m67FzlFgF+cWyszRYyfvHfOFBqLesuCnSfMoOzmbT3SlnxHo +6GSa1e/kCJVzFJNb74BZTIH0w6Ar/a0QG829VXivqj8lRENU/1xUI2JhNz4RdH7F +6MeiwQbq4pWjHfh4djuzQFIwOgCnSNRnNuNywOVuAQKBgQDjleEI1XFQawXmHtHu +6GMhbgptRoSUyutDDdo2MHGvDbxDOIsczIBjxCuYAM47nmGMuWbDJUN+2VQAX32J +WZagRxWikxnEqv3B7No7tLSQ42rRo/tDBrZPCCuS9u/ZJM4o7MCa/VzTtbicGOCh +bTIoTeEtT2piIdkrjHFGGlYOLQKBgQDcLNFHrSJCkHfCoz75+zytfYan+2dIxuV/ +MlnrT8XHt33cst4ZwoIQbsE6mv7J4CJqOgUYDvoJpioLV3InUACDxXd+bVY7RwxP +j25pXzYL++RctVO3IEOCmFkwlq0fNFdrOn8Y/cnRTwd2e60n08rCKgJS8KhEAaO0 +QvVmAHw4rQKBgQDL7hCAnunzuoLFqpZI8tlpKjaTpp3EynO3WSFQb2ZfCvrIbVFS +U/kz7KN3iDlEeO5GcBeiA7EQaGN6FhbiTXHIWwoK7K8paGMMM1V2LL2kGvQruDm8 +3LXd6Z9KCJXxSKanS0ZnW2KjnnE3Bp+6ZqOMNATzWfckydnUyPrza0PzXQKBgEYS +1YCUb8Tzqcn+nrp85XDp9INeFh8pfj0fT1L/DpljouEs5Fcaer60ITd/wPuLJCje +0mQ30AhmJBd7+07bvW4y2LcaIUm4cQiZQ7CxpsfloWaIJ16vHA1iY3B9ZBf8Vp4/ +/dd8XlEJb/ybnB6C35MwP5EaGtOaGfnzHZsbKG35AoGAWm9tpqhuldQ3MCvoAr5Q +b42JLSKqwpvVjQDiFZPI/0wZTo3WkWm9Rd7CAACheb8S70K1r/JIzsmIcnj0v4xs +sfd+R35UE+m8MExbDP4lKFParmvi2/UZfb3VFNMmMPTV6AEIBl6N4PmhHMZOsIRs +H4RxbE+FpmsMAUCpdrzvFkc= +-----END PRIVATE KEY-----""" diff --git a/examples/config-file/zarf-config.toml b/examples/config-file/zarf-config.toml index a5024e24e6..46787d32d2 100644 --- a/examples/config-file/zarf-config.toml +++ b/examples/config-file/zarf-config.toml @@ -15,3 +15,32 @@ components = 'lion' [package.deploy.set] scorpion = 'iridescent' camel_spider = 'matte' +# dummy tls key showcasing multiline variables and autoindent +tls_key = """-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDvKUzWiZucm6/ +8D2Nx4KVe8t6uHtARpw112f4yGv7xKcOJkbxLbVtor8pj/HS5tRSZq2ziIQl9y98 +8TVAOBezgzPPMDxOqDeyHl5gAtqzpK/eSPmueZIhR88BH2+SMYqa5kxmjn752Rf0 +jVeCrVdQ5MD9rqA00oQi/zO+gQQoz6QSuiEQ2pSKYB3gv9oIoJorIU1n4qLYAezn +TvFwjmKWPPhRdyslpcAi1rVO+mVX3Y2DKU/CfpWNFVVT+H788Srn4yP6iWUymfQU +vHOXII1erMnES2H9BDffumrRf3m3IpgueQ3vPhB8ftjFZozURj2t/WSeaKsyQSoZ +Wr99DWxpAgMBAAECggEAAW8ARsACSAzOgtlfmgo8Cpw9gUiYnn/l5P8O4+OT5uQp +1RCytFGBYqwuej9zpffK1k+qNgZp8V0+G8wod6/xfH8Zggr4ZhsVTVirmEhtEaPD +Jf2i1oRNbbD48yknyApU2Y2WQaoJhArzAfeHDI34db83KqR8x+ZC0X7NAjgvr5zS +b0OfY2tht4oxEWh2m67FzlFgF+cWyszRYyfvHfOFBqLesuCnSfMoOzmbT3SlnxHo +6GSa1e/kCJVzFJNb74BZTIH0w6Ar/a0QG829VXivqj8lRENU/1xUI2JhNz4RdH7F +6MeiwQbq4pWjHfh4djuzQFIwOgCnSNRnNuNywOVuAQKBgQDjleEI1XFQawXmHtHu +6GMhbgptRoSUyutDDdo2MHGvDbxDOIsczIBjxCuYAM47nmGMuWbDJUN+2VQAX32J +WZagRxWikxnEqv3B7No7tLSQ42rRo/tDBrZPCCuS9u/ZJM4o7MCa/VzTtbicGOCh +bTIoTeEtT2piIdkrjHFGGlYOLQKBgQDcLNFHrSJCkHfCoz75+zytfYan+2dIxuV/ +MlnrT8XHt33cst4ZwoIQbsE6mv7J4CJqOgUYDvoJpioLV3InUACDxXd+bVY7RwxP +j25pXzYL++RctVO3IEOCmFkwlq0fNFdrOn8Y/cnRTwd2e60n08rCKgJS8KhEAaO0 +QvVmAHw4rQKBgQDL7hCAnunzuoLFqpZI8tlpKjaTpp3EynO3WSFQb2ZfCvrIbVFS +U/kz7KN3iDlEeO5GcBeiA7EQaGN6FhbiTXHIWwoK7K8paGMMM1V2LL2kGvQruDm8 +3LXd6Z9KCJXxSKanS0ZnW2KjnnE3Bp+6ZqOMNATzWfckydnUyPrza0PzXQKBgEYS +1YCUb8Tzqcn+nrp85XDp9INeFh8pfj0fT1L/DpljouEs5Fcaer60ITd/wPuLJCje +0mQ30AhmJBd7+07bvW4y2LcaIUm4cQiZQ7CxpsfloWaIJ16vHA1iY3B9ZBf8Vp4/ +/dd8XlEJb/ybnB6C35MwP5EaGtOaGfnzHZsbKG35AoGAWm9tpqhuldQ3MCvoAr5Q +b42JLSKqwpvVjQDiFZPI/0wZTo3WkWm9Rd7CAACheb8S70K1r/JIzsmIcnj0v4xs +sfd+R35UE+m8MExbDP4lKFParmvi2/UZfb3VFNMmMPTV6AEIBl6N4PmhHMZOsIRs +H4RxbE+FpmsMAUCpdrzvFkc= +-----END PRIVATE KEY-----""" diff --git a/examples/config-file/zarf-config.yaml b/examples/config-file/zarf-config.yaml new file mode 100644 index 0000000000..622b167e0f --- /dev/null +++ b/examples/config-file/zarf-config.yaml @@ -0,0 +1,44 @@ +# Example config file, use "zarf prepare generate-config zarf-config.yaml" to generate a new one +log_level : 'info' + +package: + create: + skip_sbom : false + set: + zebra : 'stripes' + leopard : 'spots' + deploy: + components: 'lion' + set: + scorpion : 'iridescent' + camel_spider : 'matte' + # dummy tls key showcasing multiline variables and autoindent + tls_key : |- + -----BEGIN PRIVATE KEY----- + MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDvKUzWiZucm6/ + 8D2Nx4KVe8t6uHtARpw112f4yGv7xKcOJkbxLbVtor8pj/HS5tRSZq2ziIQl9y98 + 8TVAOBezgzPPMDxOqDeyHl5gAtqzpK/eSPmueZIhR88BH2+SMYqa5kxmjn752Rf0 + jVeCrVdQ5MD9rqA00oQi/zO+gQQoz6QSuiEQ2pSKYB3gv9oIoJorIU1n4qLYAezn + TvFwjmKWPPhRdyslpcAi1rVO+mVX3Y2DKU/CfpWNFVVT+H788Srn4yP6iWUymfQU + vHOXII1erMnES2H9BDffumrRf3m3IpgueQ3vPhB8ftjFZozURj2t/WSeaKsyQSoZ + Wr99DWxpAgMBAAECggEAAW8ARsACSAzOgtlfmgo8Cpw9gUiYnn/l5P8O4+OT5uQp + 1RCytFGBYqwuej9zpffK1k+qNgZp8V0+G8wod6/xfH8Zggr4ZhsVTVirmEhtEaPD + Jf2i1oRNbbD48yknyApU2Y2WQaoJhArzAfeHDI34db83KqR8x+ZC0X7NAjgvr5zS + b0OfY2tht4oxEWh2m67FzlFgF+cWyszRYyfvHfOFBqLesuCnSfMoOzmbT3SlnxHo + 6GSa1e/kCJVzFJNb74BZTIH0w6Ar/a0QG829VXivqj8lRENU/1xUI2JhNz4RdH7F + 6MeiwQbq4pWjHfh4djuzQFIwOgCnSNRnNuNywOVuAQKBgQDjleEI1XFQawXmHtHu + 6GMhbgptRoSUyutDDdo2MHGvDbxDOIsczIBjxCuYAM47nmGMuWbDJUN+2VQAX32J + WZagRxWikxnEqv3B7No7tLSQ42rRo/tDBrZPCCuS9u/ZJM4o7MCa/VzTtbicGOCh + bTIoTeEtT2piIdkrjHFGGlYOLQKBgQDcLNFHrSJCkHfCoz75+zytfYan+2dIxuV/ + MlnrT8XHt33cst4ZwoIQbsE6mv7J4CJqOgUYDvoJpioLV3InUACDxXd+bVY7RwxP + j25pXzYL++RctVO3IEOCmFkwlq0fNFdrOn8Y/cnRTwd2e60n08rCKgJS8KhEAaO0 + QvVmAHw4rQKBgQDL7hCAnunzuoLFqpZI8tlpKjaTpp3EynO3WSFQb2ZfCvrIbVFS + U/kz7KN3iDlEeO5GcBeiA7EQaGN6FhbiTXHIWwoK7K8paGMMM1V2LL2kGvQruDm8 + 3LXd6Z9KCJXxSKanS0ZnW2KjnnE3Bp+6ZqOMNATzWfckydnUyPrza0PzXQKBgEYS + 1YCUb8Tzqcn+nrp85XDp9INeFh8pfj0fT1L/DpljouEs5Fcaer60ITd/wPuLJCje + 0mQ30AhmJBd7+07bvW4y2LcaIUm4cQiZQ7CxpsfloWaIJ16vHA1iY3B9ZBf8Vp4/ + /dd8XlEJb/ybnB6C35MwP5EaGtOaGfnzHZsbKG35AoGAWm9tpqhuldQ3MCvoAr5Q + b42JLSKqwpvVjQDiFZPI/0wZTo3WkWm9Rd7CAACheb8S70K1r/JIzsmIcnj0v4xs + sfd+R35UE+m8MExbDP4lKFParmvi2/UZfb3VFNMmMPTV6AEIBl6N4PmhHMZOsIRs + H4RxbE+FpmsMAUCpdrzvFkc= + -----END PRIVATE KEY----- diff --git a/examples/config-file/zarf.yaml b/examples/config-file/zarf.yaml index cd4aa3f105..d18cf80d73 100644 --- a/examples/config-file/zarf.yaml +++ b/examples/config-file/zarf.yaml @@ -1,15 +1,17 @@ kind: ZarfPackageConfig metadata: name: config-file - description: 'Test component to demonstrate using a config file to control the cli. Files are generated using "zarf prepare generate-config"' + description: Test component to demonstrate using a config file to control the cli. Files are generated using "zarf prepare generate-config" variables: - name: SCORPION - name: CAMEL_SPIDER + - name: TLS_KEY + autoIndent: true components: - name: lion - description: "By default, only this component will be deployed when using the config file" + description: By default, only this component will be deployed when using the config file required: true manifests: - name: config-example-configmap @@ -17,6 +19,7 @@ components: - simple-configmap.yaml - name: zebra + # Notice this string is wrapped in quotes, as Zarf variables use #### as a delimiter, which is also used in YAML for comments description: "This is a zebra and they have ###ZARF_PKG_TMPL_ZEBRA###" - name: leopard diff --git a/examples/data-injection/zarf.yaml b/examples/data-injection/zarf.yaml index fa0b51b353..645d3966f9 100644 --- a/examples/data-injection/zarf.yaml +++ b/examples/data-injection/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: data-injection - description: "Demo Zarf local data injection into a pod" + description: Demo Zarf local data injection into a pod # (optional) Some large datasets may already be compressed making zarf compression less efficient uncompressed: true diff --git a/examples/dos-games/zarf.yaml b/examples/dos-games/zarf.yaml index 92e396183b..1d081fc7b0 100644 --- a/examples/dos-games/zarf.yaml +++ b/examples/dos-games/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: dos-games - description: "Simple example to load classic DOS games into K8s in the airgap" + description: Simple example to load classic DOS games into K8s in the airgap components: - name: baseline @@ -14,3 +14,12 @@ components: - manifests/service.yaml images: - defenseunicorns/zarf-game:multi-tile-dark + actions: + onDeploy: + after: + - wait: + cluster: + kind: deployment + name: game + namespace: dos-games + condition: available diff --git a/examples/git-data/README.md b/examples/git-data/README.md index f82e321617..1418ff75a6 100644 --- a/examples/git-data/README.md +++ b/examples/git-data/README.md @@ -44,9 +44,8 @@ This example assumes you have already initialized a Zarf cluster. If that is not To create this Zarf package run the below command: -``` bash -cd /examples/git-data # directory with zarf.yaml -zarf package create # make the package +```bash +zarf package create examples/git-data ``` Successful execution will create a package named `zarf-package-git-data--.tar.zst`. @@ -57,7 +56,7 @@ To deploy the Zarf package, copy it to a machine that either has a Zarf cluster With the Zarf package in the current working directory, execute the below command to deploy the package, uploading the Git repositories to Gitea and the container images to the Docker registry. -``` bash +```bash zarf package deploy zarf-package-git-data--.tar.zst ``` @@ -77,7 +76,7 @@ The following assumes you are using the internal Gitea server. If you are using ::: -``` bash +```bash # Run 'zarf connect' and send it to the background zarf connect git& @@ -97,7 +96,7 @@ fg Clean up simply by just deleting the whole cluster -``` bash +```bash kind delete cluster ``` diff --git a/examples/git-data/zarf.yaml b/examples/git-data/zarf.yaml index 096a5e4c76..e5567ca566 100644 --- a/examples/git-data/zarf.yaml +++ b/examples/git-data/zarf.yaml @@ -1,8 +1,8 @@ kind: ZarfPackageConfig metadata: name: git-data - version: v1.0.0 - description: "Demo Zarf loading resources into a gitops service" + version: 0.0.1 + description: Demo Zarf loading resources into a gitops service components: - name: flux-demo @@ -31,7 +31,7 @@ components: required: true repos: # Do a branch-provided Git Repo mirror - - "https://github.com/DoD-Platform-One/big-bang.git@refs/heads/release-1.54.x" + - https://github.com/DoD-Platform-One/big-bang.git@refs/heads/release-1.54.x - name: specific-hash required: true diff --git a/examples/helm-alt-release-name/README.md b/examples/helm-alt-release-name/README.md deleted file mode 100644 index 49723b9db0..0000000000 --- a/examples/helm-alt-release-name/README.md +++ /dev/null @@ -1,15 +0,0 @@ -import ExampleYAML from "@site/src/components/ExampleYAML"; - -# Helm Alt Release Name - -This example shows how you can specify an alternate release name using the `releaseName` within a components `charts`. - -## `zarf.yaml` {#zarf.yaml} - -:::info - -To view the example in its entirety, select the `Edit this page` link below the article and select the parent folder. - -::: - - diff --git a/examples/helm-alt-release-name/zarf.yaml b/examples/helm-alt-release-name/zarf.yaml deleted file mode 100644 index 5264c7e717..0000000000 --- a/examples/helm-alt-release-name/zarf.yaml +++ /dev/null @@ -1,15 +0,0 @@ -kind: ZarfPackageConfig -metadata: - name: helm-alt-release-name - description: "Deploys a helm chart with custom release name" -components: - - name: demo-helm-releasename - required: true - charts: - - name: podinfo - releaseName: cool-name - url: https://stefanprodan.github.io/podinfo - version: 6.1.6 - namespace: helm-alt-release-name - images: - - ghcr.io/stefanprodan/podinfo:6.1.6 diff --git a/examples/helm-local-chart/README.md b/examples/helm-charts/README.md similarity index 55% rename from examples/helm-local-chart/README.md rename to examples/helm-charts/README.md index 80f3381d01..f46ff2994b 100644 --- a/examples/helm-local-chart/README.md +++ b/examples/helm-charts/README.md @@ -1,8 +1,8 @@ import ExampleYAML from "@site/src/components/ExampleYAML"; -# Helm Local Chart +# Helm Charts -This example shows how you can specify a local chart for a helm source within a component's `charts`. +This example shows the many ways you can deploy Helm Charts with Zarf. ## `zarf.yaml` {#zarf.yaml} @@ -12,4 +12,4 @@ To view the example in its entirety, select the `Edit this page` link below the ::: - + diff --git a/examples/helm-local-chart/chart/.helmignore b/examples/helm-charts/chart/.helmignore similarity index 95% rename from examples/helm-local-chart/chart/.helmignore rename to examples/helm-charts/chart/.helmignore index 0e8a0eb36f..f0c1319444 100644 --- a/examples/helm-local-chart/chart/.helmignore +++ b/examples/helm-charts/chart/.helmignore @@ -14,10 +14,8 @@ *.swp *.bak *.tmp -*.orig *~ # Various IDEs .project .idea/ *.tmproj -.vscode/ diff --git a/examples/helm-charts/chart/Chart.yaml b/examples/helm-charts/chart/Chart.yaml new file mode 100644 index 0000000000..5264557c97 --- /dev/null +++ b/examples/helm-charts/chart/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +version: 6.3.5 +appVersion: 6.3.5 +name: podinfo +engine: gotpl +description: Podinfo Helm chart for Kubernetes +home: https://github.com/stefanprodan/podinfo +maintainers: +- email: stefanprodan@users.noreply.github.com + name: stefanprodan +sources: +- https://github.com/stefanprodan/podinfo +kubeVersion: ">=1.23.0-0" diff --git a/examples/helm-charts/chart/LICENSE b/examples/helm-charts/chart/LICENSE new file mode 100644 index 0000000000..1b92ec15f9 --- /dev/null +++ b/examples/helm-charts/chart/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018 Stefan Prodan. All rights reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/examples/helm-charts/chart/NOTICE b/examples/helm-charts/chart/NOTICE new file mode 100644 index 0000000000..9a16b96f45 --- /dev/null +++ b/examples/helm-charts/chart/NOTICE @@ -0,0 +1 @@ +All files from this chart are from https://github.com/stefanprodan/podinfo/tree/6.3.5/charts/podinfo. diff --git a/examples/helm-charts/chart/templates/NOTES.txt b/examples/helm-charts/chart/templates/NOTES.txt new file mode 100644 index 0000000000..d8329725ef --- /dev/null +++ b/examples/helm-charts/chart/templates/NOTES.txt @@ -0,0 +1,20 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "podinfo.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "podinfo.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "podinfo.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl -n {{ .Release.Namespace }} port-forward deploy/{{ template "podinfo.fullname" . }} 8080:{{ .Values.service.externalPort }} +{{- end }} diff --git a/examples/helm-local-chart/chart/templates/_helpers.tpl b/examples/helm-charts/chart/templates/_helpers.tpl similarity index 64% rename from examples/helm-local-chart/chart/templates/_helpers.tpl rename to examples/helm-charts/chart/templates/_helpers.tpl index 12537a619f..1f5a052871 100644 --- a/examples/helm-local-chart/chart/templates/_helpers.tpl +++ b/examples/helm-charts/chart/templates/_helpers.tpl @@ -1,7 +1,7 @@ {{/* Expand the name of the chart. */}} -{{- define "local-demo.name" -}} +{{- define "podinfo.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -10,7 +10,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "local-demo.fullname" -}} +{{- define "podinfo.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "local-demo.chart" -}} +{{- define "podinfo.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "local-demo.labels" -}} -helm.sh/chart: {{ include "local-demo.chart" . }} -{{ include "local-demo.selectorLabels" . }} +{{- define "podinfo.labels" -}} +helm.sh/chart: {{ include "podinfo.chart" . }} +{{ include "podinfo.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -45,18 +45,25 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "local-demo.selectorLabels" -}} -app.kubernetes.io/name: {{ include "local-demo.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} +{{- define "podinfo.selectorLabels" -}} +app.kubernetes.io/name: {{ include "podinfo.fullname" . }} {{- end }} {{/* Create the name of the service account to use */}} -{{- define "local-demo.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "local-demo.fullname" .) .Values.serviceAccount.name }} +{{- define "podinfo.serviceAccountName" -}} +{{- if .Values.serviceAccount.enabled }} +{{- default (include "podinfo.fullname" .) .Values.serviceAccount.name }} {{- else }} {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Create the name of the tls secret for secure port +*/}} +{{- define "podinfo.tlsSecretName" -}} +{{- $fullname := include "podinfo.fullname" . -}} +{{- default (printf "%s-tls" $fullname) .Values.tls.secretName }} +{{- end }} diff --git a/examples/helm-charts/chart/templates/deployment.yaml b/examples/helm-charts/chart/templates/deployment.yaml new file mode 100644 index 0000000000..87ed373534 --- /dev/null +++ b/examples/helm-charts/chart/templates/deployment.yaml @@ -0,0 +1,205 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "podinfo.fullname" . }} + labels: + {{- include "podinfo.labels" . | nindent 4 }} +spec: + {{- if not .Values.hpa.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + selector: + matchLabels: + {{- include "podinfo.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "podinfo.selectorLabels" . | nindent 8 }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.service.httpPort }}" + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + spec: + terminationGracePeriodSeconds: 30 + {{- if .Values.serviceAccount.enabled }} + serviceAccountName: {{ template "podinfo.serviceAccountName" . }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.securityContext }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + {{- else if (or .Values.service.hostPort .Values.tls.hostPort) }} + securityContext: + allowPrivilegeEscalation: true + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + {{- end }} + command: + - ./podinfo + - --port={{ .Values.service.httpPort | default 9898 }} + {{- if .Values.host }} + - --host={{ .Values.host }} + {{- end }} + {{- if .Values.tls.enabled }} + - --secure-port={{ .Values.tls.port }} + {{- end }} + {{- if .Values.tls.certPath }} + - --cert-path={{ .Values.tls.certPath }} + {{- end }} + {{- if .Values.service.metricsPort }} + - --port-metrics={{ .Values.service.metricsPort }} + {{- end }} + {{- if .Values.service.grpcPort }} + - --grpc-port={{ .Values.service.grpcPort }} + {{- end }} + {{- if .Values.service.grpcService }} + - --grpc-service-name={{ .Values.service.grpcService }} + {{- end }} + {{- range .Values.backends }} + - --backend-url={{ . }} + {{- end }} + {{- if .Values.cache }} + - --cache-server={{ .Values.cache }} + {{- else if .Values.redis.enabled }} + - --cache-server=tcp://{{ template "podinfo.fullname" . }}-redis:6379 + {{- end }} + - --level={{ .Values.logLevel }} + - --random-delay={{ .Values.faults.delay }} + - --random-error={{ .Values.faults.error }} + {{- if .Values.faults.unhealthy }} + - --unhealthy + {{- end }} + {{- if .Values.faults.unready }} + - --unready + {{- end }} + {{- if .Values.h2c.enabled }} + - --h2c + {{- end }} + env: + {{- if .Values.ui.message }} + - name: PODINFO_UI_MESSAGE + value: {{ quote .Values.ui.message }} + {{- end }} + {{- if .Values.ui.logo }} + - name: PODINFO_UI_LOGO + value: {{ .Values.ui.logo }} + {{- end }} + {{- if .Values.ui.color }} + - name: PODINFO_UI_COLOR + value: {{ quote .Values.ui.color }} + {{- end }} + {{- if .Values.backend }} + - name: PODINFO_BACKEND_URL + value: {{ .Values.backend }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.service.httpPort | default 9898 }} + protocol: TCP + {{- if .Values.service.hostPort }} + hostPort: {{ .Values.service.hostPort }} + {{- end }} + {{- if .Values.tls.enabled }} + - name: https + containerPort: {{ .Values.tls.port | default 9899 }} + protocol: TCP + {{- if .Values.tls.hostPort }} + hostPort: {{ .Values.tls.hostPort }} + {{- end }} + {{- end }} + {{- if .Values.service.metricsPort }} + - name: http-metrics + containerPort: {{ .Values.service.metricsPort }} + protocol: TCP + {{- end }} + {{- if .Values.service.grpcPort }} + - name: grpc + containerPort: {{ .Values.service.grpcPort }} + protocol: TCP + {{- end }} + {{- if .Values.probes.startup.enable }} + startupProbe: + exec: + command: + - podcli + - check + - http + - localhost:{{ .Values.service.httpPort | default 9898 }}/healthz + {{- with .Values.probes.startup }} + initialDelaySeconds: {{ .initialDelaySeconds | default 1 }} + timeoutSeconds: {{ .timeoutSeconds | default 5 }} + failureThreshold: {{ .failureThreshold | default 3 }} + successThreshold: {{ .successThreshold | default 1 }} + periodSeconds: {{ .periodSeconds | default 10 }} + {{- end }} + {{- end }} + livenessProbe: + exec: + command: + - podcli + - check + - http + - localhost:{{ .Values.service.httpPort | default 9898 }}/healthz + {{- with .Values.probes.liveness }} + initialDelaySeconds: {{ .initialDelaySeconds | default 1 }} + timeoutSeconds: {{ .timeoutSeconds | default 5 }} + failureThreshold: {{ .failureThreshold | default 3 }} + successThreshold: {{ .successThreshold | default 1 }} + periodSeconds: {{ .periodSeconds | default 10 }} + {{- end }} + readinessProbe: + exec: + command: + - podcli + - check + - http + - localhost:{{ .Values.service.httpPort | default 9898 }}/readyz + {{- with .Values.probes.readiness }} + initialDelaySeconds: {{ .initialDelaySeconds | default 1 }} + timeoutSeconds: {{ .timeoutSeconds | default 5 }} + failureThreshold: {{ .failureThreshold | default 3 }} + successThreshold: {{ .successThreshold | default 1 }} + periodSeconds: {{ .periodSeconds | default 10 }} + {{- end }} + volumeMounts: + - name: data + mountPath: /data + {{- if .Values.tls.enabled }} + - name: tls + mountPath: {{ .Values.tls.certPath | default "/data/cert" }} + readOnly: true + {{- end }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + - name: data + emptyDir: {} + {{- if .Values.tls.enabled }} + - name: tls + secret: + secretName: {{ template "podinfo.tlsSecretName" . }} + {{- end }} diff --git a/examples/helm-charts/chart/templates/hpa.yaml b/examples/helm-charts/chart/templates/hpa.yaml new file mode 100644 index 0000000000..f2fb8df1b8 --- /dev/null +++ b/examples/helm-charts/chart/templates/hpa.yaml @@ -0,0 +1,41 @@ +{{- if .Values.hpa.enabled -}} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "podinfo.fullname" . }} + labels: + {{- include "podinfo.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "podinfo.fullname" . }} + minReplicas: {{ .Values.replicaCount }} + maxReplicas: {{ .Values.hpa.maxReplicas }} + metrics: + {{- if .Values.hpa.cpu }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.hpa.cpu }} + {{- end }} + {{- if .Values.hpa.memory }} + - type: Resource + resource: + name: memory + target: + type: AverageValue + averageValue: {{ .Values.hpa.memory }} + {{- end }} + {{- if .Values.hpa.requests }} + - type: Pods + pods: + metric: + name: http_requests + target: + type: AverageValue + averageValue: {{ .Values.hpa.requests }} + {{- end }} +{{- end }} diff --git a/examples/helm-charts/chart/templates/ingress.yaml b/examples/helm-charts/chart/templates/ingress.yaml new file mode 100644 index 0000000000..93f9ae437a --- /dev/null +++ b/examples/helm-charts/chart/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "podinfo.fullname" . -}} +{{- $svcPort := .Values.service.externalPort -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "podinfo.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + ingressClassName: {{ .Values.ingress.className }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ .pathType }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/examples/helm-charts/chart/templates/service.yaml b/examples/helm-charts/chart/templates/service.yaml new file mode 100644 index 0000000000..6014e78853 --- /dev/null +++ b/examples/helm-charts/chart/templates/service.yaml @@ -0,0 +1,36 @@ +{{- if .Values.service.enabled -}} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "podinfo.fullname" . }} + labels: + {{- include "podinfo.labels" . | nindent 4 }} +{{- with .Values.service.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.externalPort }} + targetPort: http + protocol: TCP + name: http + {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + {{- if .Values.tls.enabled }} + - port: {{ .Values.tls.port | default 9899 }} + targetPort: https + protocol: TCP + name: https + {{- end }} + {{- if .Values.service.grpcPort }} + - port: {{ .Values.service.grpcPort }} + targetPort: grpc + protocol: TCP + name: grpc + {{- end }} + selector: + {{- include "podinfo.selectorLabels" . | nindent 4 }} +{{- end }} diff --git a/examples/helm-charts/chart/templates/serviceaccount.yaml b/examples/helm-charts/chart/templates/serviceaccount.yaml new file mode 100644 index 0000000000..d39b798967 --- /dev/null +++ b/examples/helm-charts/chart/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.enabled -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "podinfo.serviceAccountName" . }} + labels: + {{- include "podinfo.labels" . | nindent 4 }} +{{- with .Values.serviceAccount.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end -}} +{{- end -}} diff --git a/examples/helm-charts/chart/values.yaml b/examples/helm-charts/chart/values.yaml new file mode 100644 index 0000000000..e51009e91b --- /dev/null +++ b/examples/helm-charts/chart/values.yaml @@ -0,0 +1,164 @@ +# Default values for podinfo. + +replicaCount: 1 +logLevel: info +host: #0.0.0.0 +backend: #http://backend-podinfo:9898/echo +backends: [] + +image: + repository: ghcr.io/stefanprodan/podinfo + tag: 6.3.5 + pullPolicy: IfNotPresent + +ui: + color: "#34577c" + message: "" + logo: "" + +# failure conditions +faults: + delay: false + error: false + unhealthy: false + unready: false + testFail: false + testTimeout: false + +# Kubernetes Service settings +service: + enabled: true + annotations: {} + type: ClusterIP + metricsPort: 9797 + httpPort: 9898 + externalPort: 9898 + grpcPort: 9999 + grpcService: podinfo + nodePort: 31198 + # the port used to bind the http port to the host + # NOTE: requires privileged container with NET_BIND_SERVICE capability -- this is useful for testing + # in local clusters such as kind without port forwarding + hostPort: + +# enable h2c protocol (non-TLS version of HTTP/2) +h2c: + enabled: false + +# enable tls on the podinfo service +tls: + enabled: false + # the name of the secret used to mount the certificate key pair + secretName: + # the path where the certificate key pair will be mounted + certPath: /data/cert + # the port used to host the tls endpoint on the service + port: 9899 + # the port used to bind the tls port to the host + # NOTE: requires privileged container with NET_BIND_SERVICE capability -- this is useful for testing + # in local clusters such as kind without port forwarding + hostPort: + +# create a certificate manager certificate (cert-manager required) +certificate: + create: false + # the issuer used to issue the certificate + issuerRef: + kind: ClusterIssuer + name: self-signed + # the hostname / subject alternative names for the certificate + dnsNames: + - podinfo + +# metrics-server add-on required +hpa: + enabled: false + maxReplicas: 10 + # average total CPU usage per pod (1-100) + cpu: + # average memory usage per pod (100Mi-1Gi) + memory: + # average http requests per second per pod (k8s-prometheus-adapter) + requests: + +# Redis address in the format tcp://: +cache: "" +# Redis deployment +redis: + enabled: false + repository: redis + tag: 7.0.7 + +serviceAccount: + # Specifies whether a service account should be created + enabled: false + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + # List of image pull secrets if pulling from private registries + imagePullSecrets: [] + +# set container security context +securityContext: {} + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: podinfo.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +linkerd: + profile: + enabled: false + +# create Prometheus Operator monitor +serviceMonitor: + enabled: false + interval: 15s + additionalLabels: {} + +resources: + limits: + requests: + cpu: 1m + memory: 16Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +podAnnotations: {} + +# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +probes: + readiness: + initialDelaySeconds: 1 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + periodSeconds: 10 + liveness: + initialDelaySeconds: 1 + timeoutSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + periodSeconds: 10 + startup: + enable: false + initialDelaySeconds: 10 + timeoutSeconds: 5 + failureThreshold: 20 + successThreshold: 1 + periodSeconds: 10 diff --git a/examples/helm-charts/zarf.yaml b/examples/helm-charts/zarf.yaml new file mode 100644 index 0000000000..e33e5b889d --- /dev/null +++ b/examples/helm-charts/zarf.yaml @@ -0,0 +1,91 @@ +kind: ZarfPackageConfig +metadata: + name: helm-charts + description: Example showcasing mutiple ways to deploy helm charts + version: 0.0.1 + +components: + - name: demo-helm-local-chart + required: false + charts: + - name: podinfo + version: 6.3.5 + namespace: podinfo-from-local-chart + localPath: chart + images: + - ghcr.io/stefanprodan/podinfo:6.3.5 + actions: + onDeploy: + after: + - wait: + cluster: + kind: deployment + name: podinfo + namespace: podinfo-from-local-chart + condition: available + + - name: demo-helm-git-chart + required: false + charts: + - name: podinfo + version: 6.3.5 + namespace: podinfo-from-git + url: https://github.com/stefanprodan/podinfo.git + gitPath: charts/podinfo + images: + - ghcr.io/stefanprodan/podinfo:6.3.5 + actions: + onDeploy: + after: + - wait: + cluster: + kind: deployment + namespace: podinfo-from-git + name: podinfo + condition: available + + - name: demo-helm-oci-chart + required: false + charts: + - name: podinfo + version: 6.3.5 + namespace: podinfo-from-oci + url: oci://ghcr.io/stefanprodan/charts/podinfo + images: + - ghcr.io/stefanprodan/podinfo:6.3.5 + actions: + onDeploy: + after: + - wait: + cluster: + kind: pod + name: app.kubernetes.io/name=podinfo + namespace: podinfo-from-oci + condition: ready + - wait: + cluster: + kind: deployment + # note this version is the same as the chart version + name: app.kubernetes.io/version=6.3.5 + namespace: podinfo-from-oci + condition: available + + - name: demo-helm-alt-release-name + required: false + charts: + - name: podinfo + version: 6.3.5 + namespace: helm-alt-release-name + url: https://stefanprodan.github.io/podinfo + releaseName: cool-name + images: + - ghcr.io/stefanprodan/podinfo:6.3.5 + actions: + onDeploy: + after: + - wait: + cluster: + kind: pod + name: app.kubernetes.io/name=cool-name-podinfo + namespace: helm-alt-release-name + condition: ready diff --git a/examples/helm-git-chart/README.md b/examples/helm-git-chart/README.md deleted file mode 100644 index 60005d8a16..0000000000 --- a/examples/helm-git-chart/README.md +++ /dev/null @@ -1,15 +0,0 @@ -import ExampleYAML from "@site/src/components/ExampleYAML"; - -# Helm Git Chart - -This example shows how you can specify a Git repository chart for a helm source within a component's `charts`. - -## `zarf.yaml` {#zarf.yaml} - -:::info - -To view the example in its entirety, select the `Edit this page` link below the article and select the parent folder. - -::: - - diff --git a/examples/helm-git-chart/zarf.yaml b/examples/helm-git-chart/zarf.yaml deleted file mode 100644 index 27091f4dea..0000000000 --- a/examples/helm-git-chart/zarf.yaml +++ /dev/null @@ -1,15 +0,0 @@ -kind: ZarfPackageConfig -metadata: - name: helm-git-chart - description: "Deploys a helm chart from git" -components: - - name: demo-helm-git-chart - required: true - charts: - - name: podinfo - url: https://github.com/stefanprodan/podinfo.git - gitPath: charts/podinfo - namespace: podinfo-from-git - version: 6.3.5 - images: - - "ghcr.io/stefanprodan/podinfo:6.3.5" diff --git a/examples/helm-local-chart/chart/Chart.yaml b/examples/helm-local-chart/chart/Chart.yaml deleted file mode 100644 index b1c911fbdb..0000000000 --- a/examples/helm-local-chart/chart/Chart.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v2 -name: local-demo -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "1.16.0" diff --git a/examples/helm-local-chart/chart/templates/NOTES.txt b/examples/helm-local-chart/chart/templates/NOTES.txt deleted file mode 100644 index b5ab578617..0000000000 --- a/examples/helm-local-chart/chart/templates/NOTES.txt +++ /dev/null @@ -1,22 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "local-demo.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "local-demo.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "local-demo.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "local-demo.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT -{{- end }} diff --git a/examples/helm-local-chart/chart/templates/deployment.yaml b/examples/helm-local-chart/chart/templates/deployment.yaml deleted file mode 100644 index d767a7bc3e..0000000000 --- a/examples/helm-local-chart/chart/templates/deployment.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "local-demo.fullname" . }} - labels: - {{- include "local-demo.labels" . | nindent 4 }} -spec: - {{- if not .Values.autoscaling.enabled }} - replicas: {{ .Values.replicaCount }} - {{- end }} - selector: - matchLabels: - {{- include "local-demo.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "local-demo.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "local-demo.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: http - containerPort: 80 - protocol: TCP - livenessProbe: - httpGet: - path: / - port: http - readinessProbe: - httpGet: - path: / - port: http - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/examples/helm-local-chart/chart/templates/hpa.yaml b/examples/helm-local-chart/chart/templates/hpa.yaml deleted file mode 100644 index 6070a93339..0000000000 --- a/examples/helm-local-chart/chart/templates/hpa.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- if .Values.autoscaling.enabled }} -apiVersion: autoscaling/v2beta1 -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "local-demo.fullname" . }} - labels: - {{- include "local-demo.labels" . | nindent 4 }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ include "local-demo.fullname" . }} - minReplicas: {{ .Values.autoscaling.minReplicas }} - maxReplicas: {{ .Values.autoscaling.maxReplicas }} - metrics: - {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} - - type: Resource - resource: - name: cpu - targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} - {{- end }} - {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} - - type: Resource - resource: - name: memory - targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} - {{- end }} -{{- end }} diff --git a/examples/helm-local-chart/chart/templates/ingress.yaml b/examples/helm-local-chart/chart/templates/ingress.yaml deleted file mode 100644 index 11d7307e71..0000000000 --- a/examples/helm-local-chart/chart/templates/ingress.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "local-demo.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "local-demo.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} - pathType: {{ .pathType }} - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/examples/helm-local-chart/chart/templates/service.yaml b/examples/helm-local-chart/chart/templates/service.yaml deleted file mode 100644 index 67614462de..0000000000 --- a/examples/helm-local-chart/chart/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "local-demo.fullname" . }} - labels: - {{- include "local-demo.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - {{- include "local-demo.selectorLabels" . | nindent 4 }} diff --git a/examples/helm-local-chart/chart/templates/serviceaccount.yaml b/examples/helm-local-chart/chart/templates/serviceaccount.yaml deleted file mode 100644 index fa65a31b53..0000000000 --- a/examples/helm-local-chart/chart/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "local-demo.serviceAccountName" . }} - labels: - {{- include "local-demo.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/examples/helm-local-chart/chart/templates/tests/test-connection.yaml b/examples/helm-local-chart/chart/templates/tests/test-connection.yaml deleted file mode 100644 index 751a9aebde..0000000000 --- a/examples/helm-local-chart/chart/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "local-demo.fullname" . }}-test-connection" - labels: - {{- include "local-demo.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "local-demo.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/examples/helm-local-chart/chart/values.yaml b/examples/helm-local-chart/chart/values.yaml deleted file mode 100644 index 5756d50230..0000000000 --- a/examples/helm-local-chart/chart/values.yaml +++ /dev/null @@ -1,82 +0,0 @@ -# Default values for local-demo. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -image: - repository: nginx - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "" - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/examples/helm-local-chart/zarf.yaml b/examples/helm-local-chart/zarf.yaml deleted file mode 100644 index 0a4ae1a7f4..0000000000 --- a/examples/helm-local-chart/zarf.yaml +++ /dev/null @@ -1,15 +0,0 @@ -kind: ZarfPackageConfig -metadata: - name: helm-local-chart - description: "Deploys a helm chart from local files" - version: 0.0.1 -components: - - name: demo-helm-local-chart - required: true - charts: - - name: local-demo - localPath: chart - namespace: local-chart - version: 0.1.0 - images: - - nginx:1.16.0 diff --git a/examples/helm-no-wait/README.md b/examples/helm-no-wait/README.md deleted file mode 100644 index b7f3f14d79..0000000000 --- a/examples/helm-no-wait/README.md +++ /dev/null @@ -1,15 +0,0 @@ -import ExampleYAML from "@site/src/components/ExampleYAML"; - -# Helm No Wait - -This example shows how you can specify for zarf to not wait for resources to report ready within a component's `manifests`. This is also applicable to `charts`. - -## `zarf.yaml` {#zarf.yaml} - -:::info - -To view the example in its entirety, select the `Edit this page` link below the article and select the parent folder. - -::: - - diff --git a/examples/helm-oci-chart/README.md b/examples/helm-oci-chart/README.md deleted file mode 100644 index f419c97c85..0000000000 --- a/examples/helm-oci-chart/README.md +++ /dev/null @@ -1,15 +0,0 @@ -import ExampleYAML from "@site/src/components/ExampleYAML"; - -# Helm OCI Chart - -This example shows how you can specify an OCI registry chart for a helm source within a component's `charts`. - -## `zarf.yaml` {#zarf.yaml} - -:::info - -To view the example in its entirety, select the `Edit this page` link below the article and select the parent folder. - -::: - - diff --git a/examples/helm-oci-chart/zarf.yaml b/examples/helm-oci-chart/zarf.yaml deleted file mode 100644 index 487a88c4c1..0000000000 --- a/examples/helm-oci-chart/zarf.yaml +++ /dev/null @@ -1,16 +0,0 @@ -kind: ZarfPackageConfig -metadata: - name: helm-oci-chart - description: Deploy podinfo using a Helm OCI chart - version: 0.0.1 - -components: - - name: helm-oci-chart - required: true - charts: - - name: podinfo - version: 6.3.3 - namespace: helm-oci-demo - url: oci://ghcr.io/stefanprodan/charts/podinfo - images: - - "ghcr.io/stefanprodan/podinfo:6.3.3" diff --git a/examples/longhorn/zarf.yaml b/examples/longhorn/zarf.yaml index 1506d50fee..5f6cdbbaaa 100644 --- a/examples/longhorn/zarf.yaml +++ b/examples/longhorn/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: longhorn - description: "Example package for Longhorn cloud native distributed block storage for Kubernetes" + description: Example package for Longhorn cloud native distributed block storage for Kubernetes components: - name: longhorn-environment-check required: true @@ -24,7 +24,7 @@ components: ./environment_check.sh - name: longhorn required: true - description: "Deploy Longhorn into a Kubernetes cluster. https://longhorn.io" + description: Deploy Longhorn into a Kubernetes cluster. https://longhorn.io actions: # Set the delete confirmation flag for Longhorn onRemove: @@ -41,7 +41,7 @@ components: version: 1.4.0 namespace: longhorn-system valuesFiles: - - "values.yaml" + - values.yaml images: - longhornio/csi-attacher:v3.4.0 - longhornio/csi-provisioner:v2.1.2 diff --git a/examples/podinfo-flux/zarf.yaml b/examples/podinfo-flux/zarf.yaml index e81f1b1f2f..fbe171b344 100644 --- a/examples/podinfo-flux/zarf.yaml +++ b/examples/podinfo-flux/zarf.yaml @@ -1,11 +1,11 @@ kind: ZarfPackageConfig metadata: name: podinfo-flux - description: "Deploy flux and then podinfo via flux" + description: Deploy flux and then podinfo via flux components: - name: flux - description: "Installs the flux CRDs / controllers to use flux-based deployments in the cluster" + description: Installs the flux CRDs / controllers to use flux-based deployments in the cluster required: true manifests: - name: flux-crds @@ -17,7 +17,7 @@ components: - ghcr.io/fluxcd/source-controller:v0.28.0 - name: podinfo-via-flux - description: "Example deployment via flux using the famous podinfo example" + description: Example deployment via flux using the famous podinfo example required: true manifests: - name: podinfo-via-flux @@ -33,7 +33,7 @@ components: onDeploy: after: # This will use a wait action to wait for the podinfo pods to be ready - - description: "Podinfo pods to be ready via wait action" + - description: Podinfo pods to be ready via wait action wait: cluster: kind: pod diff --git a/examples/remote-manifests/zarf.yaml b/examples/remote-manifests/zarf.yaml index fc33252553..813731e5a9 100644 --- a/examples/remote-manifests/zarf.yaml +++ b/examples/remote-manifests/zarf.yaml @@ -11,12 +11,10 @@ components: namespace: nginx files: # to verify integrity of a remote manifest, you can use the sha256sum of the file - # append the sha256sum to the end of the url, separated by an @ + # appended to the end of the url, separated by an @ # example: - https://k8s.io/examples/application/deployment.yaml@c57f73449b26eae02ca2a549c388807d49ef6d3f2dc040a9bbb1290128d97157 - # this sha256 can be discovered using the following: - # curl -s https://k8s.io/examples/application/deployment.yaml | sha256sum - # or + # this sha256 can be discovered using: # zarf prepare sha256sum https://k8s.io/examples/application/deployment.yaml - name: podinfo namespace: podinfo @@ -44,8 +42,7 @@ components: name: podinfo namespace: podinfo condition: available - # image discovery is supported in remote manifests and kustomizations - # using the following command: + # image discovery is supported in remote manifests and kustomizations using: # zarf prepare find-images images: - nginx:1.14.2 diff --git a/examples/variables/zarf.yaml b/examples/variables/zarf.yaml index 837b1fb217..62d6442d48 100644 --- a/examples/variables/zarf.yaml +++ b/examples/variables/zarf.yaml @@ -1,14 +1,14 @@ kind: ZarfPackageConfig metadata: name: variables - description: "Example nginx package to demonstrate Zarf variables" + description: Example nginx package to demonstrate Zarf variables # Constants are defined on package create and do not change on deploy # This demonstrates setting the nginx version to bake into the package using a package variable (PKG_TMPL) # NOTE: package templates (PKG_TMPL) only apply to zarf.yaml files so defining this here turns into ###ZARF_CONST_NGINX_VERSION### on deploy # ALSO NOTE: the PKG_TMPL is surrounded by quotes ("") inside of the zarf.yaml, while this is not required for deploy-time variables, PKG_TMPLs will be removed as comments without them constants: - - name: "NGINX_VERSION" + - name: NGINX_VERSION value: "###ZARF_PKG_TMPL_NGINX_VERSION###" # Demonstrates injecting custom variables into a K8s resource @@ -24,23 +24,23 @@ variables: autoIndent: true # SITE_NAME sets the name of the site and will ask the user interactively if it is not set on the CLI or in the config file - name: SITE_NAME - description: "The name of the site you are deploying (i.e. Lula Website)" + description: The name of the site you are deploying (i.e. Lula Website) prompt: true # ORGANIZATION sets the organization to Defense Unicorns as a default but prompts the user if they would like to override it - name: ORGANIZATION - description: "The organization providing the site" - default: "Defense Unicorns" + description: The organization providing the site + default: Defense Unicorns prompt: true # AWS_REGION sets the region to set in the modified-terraform file and sets `sensitive` so that it will not be saved in the log - name: AWS_REGION - default: "us-east-1" + default: us-east-1 sensitive: true components: # The following component templates the provided .tf file with the defined AWS_REGION # NOTE: this component does not actually execute this file in this example (see examples/terraform) - name: variables-with-terraform - description: "Change a value in a regular file with a Zarf variable. Set AWS_REGION variable to modify the file." + description: Change a value in a regular file with a Zarf variable. Set AWS_REGION variable to modify the file. required: true files: - source: simple-terraform.tf @@ -71,3 +71,12 @@ components: - nginx-configmap.yaml - nginx-deployment.yaml - nginx-service.yaml + actions: + onDeploy: + after: + - wait: + cluster: + kind: pod + namespace: nginx + name: app=nginx + condition: Ready diff --git a/examples/wordpress/zarf.yaml b/examples/wordpress/zarf.yaml index c665b35121..9900bbd0e0 100644 --- a/examples/wordpress/zarf.yaml +++ b/examples/wordpress/zarf.yaml @@ -3,7 +3,7 @@ metadata: name: wordpress # specifies the name of our package and should be unique and unchanging through updates version: 16.0.4 # (optional) a version we can track as we release updates or publish to a registry description: | # (optional) a human-readable description of the package that you are creating - "A Zarf Package that deploys the WordPress blogging and content management platform" + A Zarf Package that deploys the WordPress blogging and content management platform variables: # The unique name of the variable corresponding to the ###ZARF_VAR_### template @@ -39,7 +39,7 @@ variables: components: - name: wordpress # specifies the name of our component and should be unique and unchanging through updates description: | # (optional) a human-readable description of the component you are defining - "Deploys the Bitnami-packaged WordPress chart into the cluster" + Deploys the Bitnami-packaged WordPress chart into the cluster required: true # (optional) sets the component as 'required' so that it is always deployed charts: - name: wordpress diff --git a/examples/yolo/README.md b/examples/yolo/README.md index e4841fbc87..bc2ede8947 100644 --- a/examples/yolo/README.md +++ b/examples/yolo/README.md @@ -6,13 +6,19 @@ This example demonstrates YOLO mode, an optional mode for using Zarf in a fully ## Prerequisites -- A running K8s cluster. _Note that the cluster does not need to have the Zarf init package installed or any other Zarf-related bootstrapping._ +- A running K8s cluster. + +:::note + +The cluster does not need to have the Zarf init package installed or any other Zarf-related bootstrapping. + +::: ## Instructions Create the package: -``` bash +```bash zarf package create ``` diff --git a/examples/yolo/zarf.yaml b/examples/yolo/zarf.yaml index d8744ecb2f..2f7770c498 100644 --- a/examples/yolo/zarf.yaml +++ b/examples/yolo/zarf.yaml @@ -2,7 +2,7 @@ kind: ZarfPackageConfig metadata: name: yolo yolo: true - description: "Game example in YOLO (online-only) mode that can be deployed without a Zarf cluster" + description: Game example in YOLO (online-only) mode that can be deployed without a Zarf cluster components: - name: yolo-games @@ -13,3 +13,12 @@ components: files: - ../dos-games/manifests/deployment.yaml - ../dos-games/manifests/service.yaml + actions: + onDeploy: + after: + - wait: + cluster: + kind: deployment + name: game + namespace: zarf-yolo-example + condition: available diff --git a/packages/distros/eks/zarf.yaml b/packages/distros/eks/zarf.yaml index 9194382ee3..f6099568d2 100644 --- a/packages/distros/eks/zarf.yaml +++ b/packages/distros/eks/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: - name: "distro-eks" - description: "Deploy a EKS K8s cluster" + name: distro-eks + description: Deploy a EKS K8s cluster architecture: multi version: 0.0.2 @@ -10,8 +10,8 @@ variables: prompt: true - name: INSTANCE_TYPE - description: "The instance type for the worker nodes" - default: "t3.small" + description: The instance type for the worker nodes + default: t3.small - name: CLUSTER_REGION default: us-east-1 @@ -45,7 +45,7 @@ components: shasum: d40997485a13cfdfa08083bcba96a7e08b545ffb199633bde9a281830d9edfbe - name: deploy-eks-cluster - description: "Create an EKS cluster!" + description: Create an EKS cluster! actions: onDeploy: before: @@ -58,7 +58,7 @@ components: - cmd: ./zarf tools kubectl create secret generic zarf-eks-yaml -n zarf --from-file=eks.yaml - name: teardown-eks-cluster - description: "Delete the EKS cluster that this package was used to create." + description: Delete the EKS cluster that this package was used to create. actions: onDeploy: before: diff --git a/packages/distros/k3s/common/zarf.yaml b/packages/distros/k3s/common/zarf.yaml index d58370ffc9..f06572802d 100644 --- a/packages/distros/k3s/common/zarf.yaml +++ b/packages/distros/k3s/common/zarf.yaml @@ -1,11 +1,11 @@ kind: ZarfInitConfig metadata: - name: "distro-k3s" + name: distro-k3s variables: - name: K3S_ARGS - description: "Arguments to pass to K3s" - default: "--disable traefik" + description: Arguments to pass to K3s + default: --disable traefik components: - name: k3s diff --git a/packages/distros/k3s/zarf.yaml b/packages/distros/k3s/zarf.yaml index 12f6f7d840..64f5d49ded 100644 --- a/packages/distros/k3s/zarf.yaml +++ b/packages/distros/k3s/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfInitConfig metadata: - name: "distro-k3s" - description: "Used to establish a new Zarf cluster" + name: distro-k3s + description: Used to establish a new Zarf cluster components: # AMD-64 version of the K3s stack diff --git a/packages/gitea/zarf.yaml b/packages/gitea/zarf.yaml index 696ce81c50..9ba3b00374 100644 --- a/packages/gitea/zarf.yaml +++ b/packages/gitea/zarf.yaml @@ -1,6 +1,6 @@ kind: ZarfPackageConfig metadata: - name: "init-package-git-server" + name: init-package-git-server variables: - name: GIT_SERVER_EXISTING_PVC @@ -8,24 +8,24 @@ variables: default: "" - name: GIT_SERVER_PVC_SIZE - description: "The size of the persistent volume claim for git server" - default: "10Gi" + description: The size of the persistent volume claim for git server + default: 10Gi - name: GIT_SERVER_CPU_REQ - description: "The CPU request for git server" - default: "200m" + description: The CPU request for git server + default: 200m - name: GIT_SERVER_MEM_REQ - description: "The memory request for git server" - default: "512Mi" + description: The memory request for git server + default: 512Mi - name: GIT_SERVER_CPU_LIMIT - description: "The CPU limit for git server" + description: The CPU limit for git server default: "3" - name: GIT_SERVER_MEM_LIMIT - description: "The memory limit for git server" - default: "2Gi" + description: The memory limit for git server + default: 2Gi components: - name: git-server @@ -50,9 +50,15 @@ components: actions: onDeploy: after: - - cmd: "./zarf internal create-read-only-gitea-user" + - cmd: ./zarf internal create-read-only-gitea-user maxRetries: 3 maxTotalSeconds: 60 - - cmd: "./zarf internal create-artifact-registry-token" + - cmd: ./zarf internal create-artifact-registry-token maxRetries: 3 maxTotalSeconds: 60 + - wait: + cluster: + kind: pod + namespace: zarf + name: app=gitea + condition: Ready diff --git a/packages/logging-pgl/zarf.yaml b/packages/logging-pgl/zarf.yaml index d362774e9e..1ab6ff9595 100644 --- a/packages/logging-pgl/zarf.yaml +++ b/packages/logging-pgl/zarf.yaml @@ -1,6 +1,6 @@ kind: ZarfPackageConfig metadata: - name: "init-package-logging" + name: init-package-logging components: - name: logging @@ -26,3 +26,24 @@ components: namespace: zarf valuesFiles: - pgl-values.yaml + actions: + onDeploy: + after: + - wait: + cluster: + kind: pod + namespace: zarf + name: app=loki + condition: Ready + - wait: + cluster: + kind: pod + namespace: zarf + name: app.kubernetes.io/name=grafana + condition: Ready + - wait: + cluster: + kind: pod + namespace: zarf + name: app.kubernetes.io/name=promtail + condition: Ready diff --git a/packages/zarf-agent/zarf.yaml b/packages/zarf-agent/zarf.yaml index 0576e6dbe8..70f21a705d 100644 --- a/packages/zarf-agent/zarf.yaml +++ b/packages/zarf-agent/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: - name: "init-package-zarf-agent" - description: "Install the zarf agent mutating webhook on a new cluster" + name: init-package-zarf-agent + description: Install the zarf agent mutating webhook on a new cluster constants: - name: AGENT_IMAGE @@ -31,4 +31,12 @@ components: onCreate: before: - cmd: "make init-package-local-agent AGENT_IMAGE_TAG=\"###ZARF_PKG_TMPL_AGENT_IMAGE_TAG###\" ARCH=\"###ZARF_PKG_ARCH###\"" - dir: "../.." + dir: ../.. + onDeploy: + after: + - wait: + cluster: + kind: pod + namespace: zarf + name: app=agent-hook + condition: Ready diff --git a/packages/zarf-registry/zarf.yaml b/packages/zarf-registry/zarf.yaml index 21d1647231..8b7c3c6d09 100644 --- a/packages/zarf-registry/zarf.yaml +++ b/packages/zarf-registry/zarf.yaml @@ -1,6 +1,6 @@ kind: ZarfPackageConfig metadata: - name: "init-package-zarf-registry" + name: init-package-zarf-registry variables: - name: REGISTRY_EXISTING_PVC @@ -8,39 +8,39 @@ variables: default: "" - name: REGISTRY_PVC_SIZE - description: "The size of the persistent volume claim for the registry" - default: "20Gi" + description: The size of the persistent volume claim for the registry + default: 20Gi - name: REGISTRY_PVC_ACCESS_MODE - description: "The access mode of the persistent volume claim for the registry" - default: "ReadWriteOnce" + description: The access mode of the persistent volume claim for the registry + default: ReadWriteOnce - name: REGISTRY_CPU_REQ - description: "The CPU request for the registry" - default: "100m" + description: The CPU request for the registry + default: 100m - name: REGISTRY_MEM_REQ - description: "The memory request for the registry" - default: "256Mi" + description: The memory request for the registry + default: 256Mi - name: REGISTRY_CPU_LIMIT - description: "The CPU limit for the registry" + description: The CPU limit for the registry default: "3" - name: REGISTRY_MEM_LIMIT - description: "The memory limit for the registry" + description: The memory limit for the registry default: "2Gi" - name: REGISTRY_HPA_MIN - description: "The minimum number of registry replicas" + description: The minimum number of registry replicas default: "1" - name: REGISTRY_HPA_MAX - description: "The maximum number of registry replicas" + description: The maximum number of registry replicas default: "5" - name: REGISTRY_HPA_ENABLE - description: "Enable the Horizontal Pod Autoscaler for the registry" + description: Enable the Horizontal Pod Autoscaler for the registry default: "true" constants: @@ -103,3 +103,12 @@ components: images: # This image (or images) must match that used for injection (see zarf-config.toml) - "###ZARF_PKG_TMPL_REGISTRY_IMAGE_DOMAIN######ZARF_PKG_TMPL_REGISTRY_IMAGE###:###ZARF_PKG_TMPL_REGISTRY_IMAGE_TAG###" + actions: + onDeploy: + after: + - wait: + cluster: + kind: pod + namespace: zarf + name: app=docker-registry + condition: Ready diff --git a/src/extensions/bigbang/test/package/zarf.yaml b/src/extensions/bigbang/test/package/zarf.yaml index a5257877a4..dba049d8d5 100644 --- a/src/extensions/bigbang/test/package/zarf.yaml +++ b/src/extensions/bigbang/test/package/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: big-bang-test - description: "Deploy Big Bang Core" + description: Deploy Big Bang Core version: "###ZARF_PKG_TMPL_BB_VERSION###" url: https://p1.dso.mil/products/big-bang # Big Bang / Iron Bank are only amd64 @@ -9,7 +9,7 @@ metadata: variables: - name: DOMAIN - default: "bigbang.dev" + default: bigbang.dev prompt: false components: diff --git a/src/pkg/utils/network_test.go b/src/pkg/utils/network_test.go index f514156f05..c44976b7ba 100644 --- a/src/pkg/utils/network_test.go +++ b/src/pkg/utils/network_test.go @@ -10,11 +10,13 @@ import ( "testing" "github.com/defenseunicorns/zarf/src/pkg/message" + "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" ) type TestNetworkSuite struct { suite.Suite + *require.Assertions urls testURLs } @@ -25,6 +27,7 @@ type testURLs struct { } func (suite *TestNetworkSuite) SetupSuite() { + suite.Assertions = require.New(suite.T()) suite.urls.good = []string{ "https://zarf.dev", "https://docs.zarf.dev", diff --git a/src/test/common.go b/src/test/common.go index 3e125f974b..80a22856c6 100644 --- a/src/test/common.go +++ b/src/test/common.go @@ -48,33 +48,24 @@ func GetCLIName() string { return binaryName } -// Setup performs actions prior to each test. -func (e2e *ZarfE2ETest) Setup(t *testing.T) { - t.Log("Test setup") - // Output list of allocated cluster resources - if runtime.GOOS != "windows" { - _ = exec.CmdWithPrint("sh", "-c", "kubectl describe nodes |grep -A 99 Non\\-terminated") - } else { - t.Log("Skipping kubectl describe nodes on Windows") - } -} - // SetupWithCluster performs actions for each test that requires a K8s cluster. func (e2e *ZarfE2ETest) SetupWithCluster(t *testing.T) { if !e2e.RunClusterTests { t.Skip("") } - e2e.Setup(t) + _ = exec.CmdWithPrint("sh", "-c", fmt.Sprintf("%s tools kubectl describe nodes | grep -A 99 Non-terminated", e2e.ZarfBinPath)) } -// Teardown performs actions prior to tearing down each test. -func (e2e *ZarfE2ETest) Teardown(t *testing.T) { - t.Log("Test teardown") +// Zarf executes a Zarf command. +func (e2e *ZarfE2ETest) Zarf(args ...string) (string, string, error) { + return exec.CmdWithContext(context.TODO(), exec.PrintCfg(), e2e.ZarfBinPath, args...) } -// ExecZarfCommand executes a Zarf command. -func (e2e *ZarfE2ETest) ExecZarfCommand(commandString ...string) (string, string, error) { - return exec.CmdWithContext(context.TODO(), exec.PrintCfg(), e2e.ZarfBinPath, commandString...) +// Kubectl executes `zarf tools kubectl ...` +func (e2e *ZarfE2ETest) Kubectl(args ...string) (string, string, error) { + tk := []string{"tools", "kubectl"} + args = append(tk, args...) + return e2e.Zarf(args...) } // CleanFiles removes files and directories that have been created during the test. @@ -117,7 +108,7 @@ func (e2e *ZarfE2ETest) SetupDockerRegistry(t *testing.T, port int) *configfile. require.NoError(t, err) if !cfg.ContainsAuth() { // make a docker config file w/ some blank creds - _, _, err := e2e.ExecZarfCommand("tools", "registry", "login", "--username", "zarf", "-p", "zarf", "localhost:6000") + _, _, err := e2e.Zarf("tools", "registry", "login", "--username", "zarf", "-p", "zarf", "localhost:6000") require.NoError(t, err) } diff --git a/src/test/e2e/00_use_cli_test.go b/src/test/e2e/00_use_cli_test.go index bc2b3a331c..8fb6dcf9e8 100644 --- a/src/test/e2e/00_use_cli_test.go +++ b/src/test/e2e/00_use_cli_test.go @@ -16,126 +16,168 @@ import ( func TestUseCLI(t *testing.T) { t.Log("E2E: Use CLI") - e2e.Setup(t) - defer e2e.Teardown(t) - - // Test `zarf prepare sha256sum` for a local asset - expectedShasum := "61b50898f982d015ed87093ba822de0fe011cec6dd67db39f99d8c56391a6109\n" - shasumTestFilePath := "shasum-test-file" - - // run `zarf package create` with a specified image cache location - cachePath := filepath.Join(os.TempDir(), ".cache-location") - imageCachePath := filepath.Join(cachePath, "images") - - // run `zarf package create` with a specified tmp location - otherTmpPath := filepath.Join(os.TempDir(), "othertmp") - - e2e.CleanFiles(shasumTestFilePath, cachePath, otherTmpPath) - - err := os.WriteFile(shasumTestFilePath, []byte("random test data 🦄\n"), 0600) - require.NoError(t, err) - - stdOut, stdErr, err := e2e.ExecZarfCommand("prepare", "sha256sum", shasumTestFilePath) - require.NoError(t, err, stdOut, stdErr) - require.Equal(t, expectedShasum, stdOut, "The expected SHASUM should equal the actual SHASUM") - - // Test `zarf prepare sha256sum` for a remote asset - expectedShasum = "c3cdea0573ba5a058ec090b5d2683bf398e8b1614c37ec81136ed03b78167617\n" - - stdOut, stdErr, err = e2e.ExecZarfCommand("prepare", "sha256sum", "https://zarf-public.s3-us-gov-west-1.amazonaws.com/pipelines/zarf-prepare-shasum-remote-test-file.txt") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdOut, expectedShasum, "The expected SHASUM should equal the actual SHASUM") - - // Test `zarf version` - stdOut, _, err = e2e.ExecZarfCommand("version") - require.NoError(t, err) - require.NotEqual(t, len(stdOut), 0, "Zarf version should not be an empty string") - require.NotEqual(t, stdOut, "UnknownVersion", "Zarf version should not be the default value") - - // Test `zarf prepare find-images` for a remote asset - stdOut, stdErr, err = e2e.ExecZarfCommand("prepare", "find-images", "examples/helm-alt-release-name") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdOut, "ghcr.io/stefanprodan/podinfo:6.1.6", "The chart image should be found by Zarf") - - // Test `zarf prepare find-images` for a local asset - stdOut, stdErr, err = e2e.ExecZarfCommand("prepare", "find-images", "examples/helm-local-chart") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdOut, "nginx:1.16.0", "The chart image should be found by Zarf") - - // Test `zarf prepare find-images` on a chart that has a `kubeVersion` declaration greater than the default (v1.20.0) - _, stdErr, err = e2e.ExecZarfCommand("prepare", "find-images", "src/test/test-packages/00-kube-version-override") - require.Contains(t, stdErr, "Problem rendering the helm template for https://charts.jetstack.io/", "The kubeVersion declaration should prevent this from templating") - - // Test `zarf prepare find-images` with `--kube-version` specified and greater than the declared minimum (v1.21.0) - stdOut, stdErr, err = e2e.ExecZarfCommand("prepare", "find-images", "--kube-version=v1.22.0", "src/test/test-packages/00-kube-version-override") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdOut, "quay.io/jetstack/cert-manager-controller:v1.11.1", "The chart image should be found by Zarf") - - // Test `zarf prepare find-images` with a chart that uses helm annotations - stdOut, stdErr, err = e2e.ExecZarfCommand("prepare", "find-images", "src/test/test-packages/00-helm-annotations") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdOut, "registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.26.4", "The kubectl image should be found by Zarf") - - // Test for expected failure when given a bad component input - _, _, err = e2e.ExecZarfCommand("init", "--confirm", "--components=k3s,foo,logging") - require.Error(t, err) - - // Test that changing the log level actually applies the requested level - _, stdErr, _ = e2e.ExecZarfCommand("version", "--log-level=debug") - expectedOutString := "Log level set to debug" - require.Contains(t, stdErr, expectedOutString, "The log level should be changed to 'debug'") - - // Test that `zarf package deploy` gives an error if deploying a remote package without the --insecure or --shasum flags - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", "https://zarf-examples.s3.amazonaws.com/zarf-package-appliance-demo-doom-20210125.tar.zst", "--confirm") - require.Error(t, err, stdOut, stdErr) - - pkgName := fmt.Sprintf("zarf-package-dos-games-%s.tar.zst", e2e.Arch) - - _ = os.Mkdir(otherTmpPath, 0750) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "create", "examples/dos-games", "--confirm", "--zarf-cache", cachePath, "--tmpdir", otherTmpPath, "--log-level=debug") - require.Contains(t, stdErr, otherTmpPath, "The other tmp path should show as being created") - require.NoError(t, err, stdOut, stdErr) - - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", pkgName, "--tmpdir", otherTmpPath, "--log-level=debug") - require.Contains(t, stdErr, otherTmpPath, "The other tmp path should show as being created") - require.NoError(t, err, stdOut, stdErr) - - e2e.CleanFiles(pkgName) - - files, err := os.ReadDir(imageCachePath) - require.NoError(t, err, "Encountered an unexpected error when reading image cache path") - require.Greater(t, len(files), 1) - - // Test removal of cache - stdOut, stdErr, err = e2e.ExecZarfCommand("tools", "clear-cache", "--zarf-cache", cachePath) - require.NoError(t, err, stdOut, stdErr) - - // Check that ReadDir returns no such file or directory for the cachePath - _, err = os.ReadDir(cachePath) - if runtime.GOOS == "windows" { - msg := fmt.Sprintf("open %s: The system cannot find the file specified.", cachePath) - require.EqualError(t, err, msg, "Did not receive expected error when reading a directory that should not exist") - } else { - msg := fmt.Sprintf("open %s: no such file or directory", cachePath) - require.EqualError(t, err, msg, "Did not receive expected error when reading a directory that should not exist") - } - - // Test generation of PKI - tlsCA := "tls.ca" - tlsCert := "tls.crt" - tlsKey := "tls.key" - stdOut, stdErr, err = e2e.ExecZarfCommand("tools", "gen-pki", "github.com", "--sub-alt-name", "google.com") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "Successfully created a chain of trust for github.com") - - _, err = os.ReadFile(tlsCA) - require.NoError(t, err) - - _, err = os.ReadFile(tlsCert) - require.NoError(t, err) - - _, err = os.ReadFile(tlsKey) - require.NoError(t, err) - - e2e.CleanFiles(shasumTestFilePath, cachePath, otherTmpPath, pkgName, tlsCA, tlsCert, tlsKey) + + t.Run("zarf prepare sha256sum ", func(t *testing.T) { + t.Parallel() + + // Test `zarf prepare sha256sum` for a local asset + expectedShasum := "61b50898f982d015ed87093ba822de0fe011cec6dd67db39f99d8c56391a6109\n" + shasumTestFilePath := "shasum-test-file" + + e2e.CleanFiles(shasumTestFilePath) + t.Cleanup(func() { + e2e.CleanFiles(shasumTestFilePath) + }) + + err := os.WriteFile(shasumTestFilePath, []byte("random test data 🦄\n"), 0600) + require.NoError(t, err) + + stdOut, stdErr, err := e2e.Zarf("prepare", "sha256sum", shasumTestFilePath) + require.NoError(t, err, stdOut, stdErr) + require.Equal(t, expectedShasum, stdOut, "The expected SHASUM should equal the actual SHASUM") + }) + + t.Run("zarf prepare sha256sum ", func(t *testing.T) { + t.Parallel() + // Test `zarf prepare sha256sum` for a remote asset + expectedShasum := "c3cdea0573ba5a058ec090b5d2683bf398e8b1614c37ec81136ed03b78167617\n" + + stdOut, stdErr, err := e2e.Zarf("prepare", "sha256sum", "https://zarf-public.s3-us-gov-west-1.amazonaws.com/pipelines/zarf-prepare-shasum-remote-test-file.txt") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdOut, expectedShasum, "The expected SHASUM should equal the actual SHASUM") + }) + + t.Run("zarf version", func(t *testing.T) { + t.Parallel() + // Test `zarf version` + stdOut, _, err := e2e.Zarf("version") + require.NoError(t, err) + require.NotEqual(t, len(stdOut), 0, "Zarf version should not be an empty string") + require.NotEqual(t, stdOut, "UnknownVersion", "Zarf version should not be the default value") + }) + + t.Run("zarf prepare find-images", func(t *testing.T) { + t.Parallel() + // Test `zarf prepare find-images` for a remote asset + stdOut, stdErr, err := e2e.Zarf("prepare", "find-images", "examples/helm-charts", "--kube-version=v1.23.0") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdOut, "ghcr.io/stefanprodan/podinfo:6.3.5", "The chart image should be found by Zarf") + // Test `zarf prepare find-images` with a chart that uses helm annotations + stdOut, stdErr, err = e2e.Zarf("prepare", "find-images", "src/test/packages/00-helm-annotations") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdOut, "registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.26.4", "The kubectl image should be found by Zarf") + }) + + t.Run("zarf prepare find-images --kube-version", func(t *testing.T) { + t.Parallel() + // Test `zarf prepare find-images` on a chart that has a `kubeVersion` declaration greater than the default (v1.20.0) + _, stdErr, _ := e2e.Zarf("prepare", "find-images", "src/test/packages/00-kube-version-override") + require.Contains(t, stdErr, "Problem rendering the helm template for https://charts.jetstack.io/", "The kubeVersion declaration should prevent this from templating") + + // Test `zarf prepare find-images` with `--kube-version` specified and greater than the declared minimum (v1.21.0) + stdOut, stdErr, err := e2e.Zarf("prepare", "find-images", "--kube-version=v1.22.0", "src/test/packages/00-kube-version-override") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdOut, "quay.io/jetstack/cert-manager-controller:v1.11.1", "The chart image should be found by Zarf") + }) + + t.Run("zarf deploy should fail when given a bad component input", func(t *testing.T) { + t.Parallel() + // Test for expected failure when given a bad component input + path := fmt.Sprintf("build/zarf-package-component-actions-%s.tar.zst", e2e.Arch) + _, _, err := e2e.Zarf("package", "deploy", path, "--components=on-create,foo,logging", "--confirm") + require.Error(t, err) + }) + + t.Run("changing log level", func(t *testing.T) { + t.Parallel() + // Test that changing the log level actually applies the requested level + _, stdErr, _ := e2e.Zarf("version", "--log-level=debug") + expectedOutString := "Log level set to debug" + require.Contains(t, stdErr, expectedOutString, "The log level should be changed to 'debug'") + }) + + t.Run("bad zarf package deploy w/o --insecure or --shasum", func(t *testing.T) { + t.Parallel() + // Test that `zarf package deploy` gives an error if deploying a remote package without the --insecure or --shasum flags + stdOut, stdErr, err := e2e.Zarf("package", "deploy", "https://zarf-examples.s3.amazonaws.com/zarf-package-appliance-demo-doom-20210125.tar.zst", "--confirm") + require.Error(t, err, stdOut, stdErr) + }) + + t.Run("zarf package create with tmpdir and cache", func(t *testing.T) { + t.Parallel() + tmpdir := t.TempDir() + cachePath := filepath.Join(tmpdir, ".cache-location") + stdOut, stdErr, err := e2e.Zarf("package", "create", "examples/dos-games", "--zarf-cache", cachePath, "--tmpdir", tmpdir, "--log-level=debug", "--confirm") + require.Contains(t, stdErr, tmpdir, "The other tmp path should show as being created") + require.NoError(t, err, stdOut, stdErr) + + files, err := os.ReadDir(filepath.Join(cachePath, "images")) + require.NoError(t, err, "Encountered an unexpected error when reading image cache path") + require.Greater(t, len(files), 1) + }) + + t.Run("zarf package inspect with tmpdir", func(t *testing.T) { + t.Parallel() + path := fmt.Sprintf("build/zarf-package-component-actions-%s.tar.zst", e2e.Arch) + tmpdir := t.TempDir() + stdOut, stdErr, err := e2e.Zarf("package", "inspect", path, "--tmpdir", tmpdir, "--log-level=debug") + require.Contains(t, stdErr, tmpdir, "The other tmp path should show as being created") + require.NoError(t, err, stdOut, stdErr) + }) + + t.Run("zarf package deploy with tmpdir", func(t *testing.T) { + t.Parallel() + tmpdir := t.TempDir() + // run `zarf package deploy` with a specified tmp location + var ( + firstFile = "first-choice-file.txt" + secondFile = "second-choice-file.txt" + ) + t.Cleanup(func() { + e2e.CleanFiles(firstFile, secondFile) + }) + path := fmt.Sprintf("build/zarf-package-component-choice-%s.tar.zst", e2e.Arch) + stdOut, stdErr, err := e2e.Zarf("package", "deploy", path, "--tmpdir", tmpdir, "--log-level=debug", "--confirm") + require.Contains(t, stdErr, tmpdir, "The other tmp path should show as being created") + require.NoError(t, err, stdOut, stdErr) + }) + + t.Run("remove cache", func(t *testing.T) { + t.Parallel() + tmpdir := t.TempDir() + // Test removal of cache + cachePath := filepath.Join(tmpdir, ".cache-location") + stdOut, stdErr, err := e2e.Zarf("tools", "clear-cache", "--zarf-cache", cachePath) + require.NoError(t, err, stdOut, stdErr) + // Check that ReadDir returns no such file or directory for the cachePath + _, err = os.ReadDir(cachePath) + if runtime.GOOS == "windows" { + msg := fmt.Sprintf("open %s: The system cannot find the file specified.", cachePath) + require.EqualError(t, err, msg, "Did not receive expected error when reading a directory that should not exist") + } else { + msg := fmt.Sprintf("open %s: no such file or directory", cachePath) + require.EqualError(t, err, msg, "Did not receive expected error when reading a directory that should not exist") + } + }) + + t.Run("gen pki", func(t *testing.T) { + t.Parallel() + // Test generation of PKI + tlsCA := "tls.ca" + tlsCert := "tls.crt" + tlsKey := "tls.key" + t.Cleanup(func() { + e2e.CleanFiles(tlsCA, tlsCert, tlsKey) + }) + stdOut, stdErr, err := e2e.Zarf("tools", "gen-pki", "github.com", "--sub-alt-name", "google.com") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "Successfully created a chain of trust for github.com") + + require.FileExists(t, tlsCA) + + require.FileExists(t, tlsCert) + + require.FileExists(t, tlsKey) + + }) } diff --git a/src/test/e2e/01_component_choice_test.go b/src/test/e2e/01_component_choice_test.go index e81f3f0c83..d22a16a5a0 100644 --- a/src/test/e2e/01_component_choice_test.go +++ b/src/test/e2e/01_component_choice_test.go @@ -13,25 +13,24 @@ import ( func TestComponentChoice(t *testing.T) { t.Log("E2E: Component choice") - e2e.Setup(t) - defer e2e.Teardown(t) var ( firstFile = "first-choice-file.txt" secondFile = "second-choice-file.txt" ) - - e2e.CleanFiles(firstFile, secondFile) + t.Cleanup(func() { + e2e.CleanFiles(firstFile, secondFile) + }) path := fmt.Sprintf("build/zarf-package-component-choice-%s.tar.zst", e2e.Arch) // Try to deploy both and expect failure due to only one component allowed at a time // We currently don't have a pattern to actually test the interactive prompt, so just testing automation for now - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=first-choice,second-choice") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", path, "--components=first-choice,second-choice", "--confirm") require.Error(t, err, stdOut, stdErr) // Deploy a single choice and expect success - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=first-choice") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--components=first-choice", "--confirm") require.NoError(t, err, stdOut, stdErr) // Verify the file was created @@ -40,11 +39,9 @@ func TestComponentChoice(t *testing.T) { require.NoFileExists(t, secondFile) // Deploy using default choice - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--confirm") require.NoError(t, err, stdOut, stdErr) // Verify the file was created require.FileExists(t, secondFile) - - e2e.CleanFiles(firstFile, secondFile) } diff --git a/src/test/e2e/02_component_actions_test.go b/src/test/e2e/02_component_actions_test.go index f4e56156a4..54b4d89eef 100644 --- a/src/test/e2e/02_component_actions_test.go +++ b/src/test/e2e/02_component_actions_test.go @@ -14,8 +14,6 @@ import ( func TestComponentActions(t *testing.T) { t.Log("E2E: Testing component actions") - e2e.Setup(t) - defer e2e.Teardown(t) // Note these files will be created in the package directory, not CWD. createArtifacts := []string{ @@ -36,7 +34,7 @@ func TestComponentActions(t *testing.T) { /* Create */ // Try creating the package to test the onCreate actions. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", "examples/component-actions", "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "create", "examples/component-actions", "--confirm") require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "Completed \"touch test-create-before.txt\"") require.Contains(t, stdErr, "multiline!") @@ -54,67 +52,88 @@ func TestComponentActions(t *testing.T) { require.NoFileExists(t, artifact) } - /* Deploy */ path := fmt.Sprintf("build/zarf-package-component-actions-%s.tar.zst", e2e.Arch) - // Deploy the simple script that should pass. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=on-deploy-and-remove") - require.NoError(t, err, stdOut, stdErr) - - // Check that the deploy artifacts were created. - for _, artifact := range deployArtifacts { - require.FileExists(t, artifact) - } - - // Remove the simple script that should pass. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", path, "--confirm", "--components=on-deploy-and-remove") - require.NoError(t, err, stdOut, stdErr) - - // Check that the deploy artifacts were created. - for _, artifact := range deployArtifacts { - require.NoFileExists(t, artifact) - } - - // Deploy the simple action that should fail the timeout. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=on-deploy-with-timeout") - require.Error(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "😭😭😭 this action failed because it took too long to run 😭😭😭") - - // Test using a Zarf Variable within the action - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=on-deploy-with-variable", "-l=trace") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "the dog says ruff") - - // Test using dynamic and multiple-variables - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=on-deploy-with-dynamic-variable,on-deploy-with-multiple-variables", "-l=trace") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "the cat says meow") - require.Contains(t, stdErr, "the dog says ruff") - require.Contains(t, stdErr, "the snake says hiss") - require.Contains(t, stdErr, "with a TF_VAR, the snake also says hiss") - - // Test using environment variables - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=on-deploy-with-env-var") - require.NoError(t, err, stdOut, stdErr) - require.FileExists(t, deployWithEnvVarArtifact) - - // Test using a templated file but without dynamic variables - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=on-deploy-with-template-use-of-variable") - require.NoError(t, err, stdOut, stdErr) - outTemplated, err := os.ReadFile("templated.txt") - require.NoError(t, err) - require.Contains(t, string(outTemplated), "The dog says ruff") - require.Contains(t, string(outTemplated), "The cat says ###ZARF_VAR_CAT_SOUND###") - require.Contains(t, string(outTemplated), "The snake says ###ZARF_VAR_SNAKE_SOUND###") - - // Remove the templated file so we can test with dynamic variables - e2e.CleanFiles("templated.txt") - - // Test using a templated file with dynamic variables - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=on-deploy-with-template-use-of-variable,on-deploy-with-dynamic-variable,on-deploy-with-multiple-variables") - require.NoError(t, err, stdOut, stdErr) - outTemplated, err = os.ReadFile("templated.txt") - require.NoError(t, err) - require.Contains(t, string(outTemplated), "The dog says ruff") - require.Contains(t, string(outTemplated), "The cat says meow") - require.Contains(t, string(outTemplated), "The snake says hiss") + t.Run("action on-deploy-and-remove", func(t *testing.T) { + t.Parallel() + + // Deploy the simple script that should pass. + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--components=on-deploy-and-remove", "--confirm") + require.NoError(t, err, stdOut, stdErr) + + // Check that the deploy artifacts were created. + for _, artifact := range deployArtifacts { + require.FileExists(t, artifact) + } + + // Remove the simple script that should pass. + stdOut, stdErr, err = e2e.Zarf("package", "remove", path, "--components=on-deploy-and-remove", "--confirm") + require.NoError(t, err, stdOut, stdErr) + + // Check that the deploy artifacts were removed. + for _, artifact := range deployArtifacts { + require.NoFileExists(t, artifact) + } + }) + + t.Run("action on-deploy-with-timeout", func(t *testing.T) { + t.Parallel() + // Deploy the simple action that should fail the timeout. + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--components=on-deploy-with-timeout", "--confirm") + require.Error(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "😭😭😭 this action failed because it took too long to run 😭😭😭") + }) + + t.Run("action on-deploy-with-variable", func(t *testing.T) { + t.Parallel() + + // Test using a Zarf Variable within the action + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--components=on-deploy-with-variable", "--confirm") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "the dog says ruff") + + }) + + t.Run("action on-deploy-with-dynamic-variable", func(t *testing.T) { + t.Parallel() + // Test using dynamic and multiple-variables + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--components=on-deploy-with-dynamic-variable,on-deploy-with-multiple-variables", "--confirm") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "the cat says meow") + require.Contains(t, stdErr, "the dog says ruff") + require.Contains(t, stdErr, "the snake says hiss") + require.Contains(t, stdErr, "with a TF_VAR, the snake also says hiss") + + }) + + t.Run("action on-deploy-with-env-var", func(t *testing.T) { + t.Parallel() + // Test using environment variables + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--components=on-deploy-with-env-var", "--confirm") + require.NoError(t, err, stdOut, stdErr) + require.FileExists(t, deployWithEnvVarArtifact) + }) + + t.Run("action on-deploy-with-template", func(t *testing.T) { + t.Parallel() + // Test using a templated file but without dynamic variables + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--components=on-deploy-with-template-use-of-variable", "--confirm") + require.NoError(t, err, stdOut, stdErr) + outTemplated, err := os.ReadFile("templated.txt") + require.NoError(t, err) + require.Contains(t, string(outTemplated), "The dog says ruff") + require.Contains(t, string(outTemplated), "The cat says ###ZARF_VAR_CAT_SOUND###") + require.Contains(t, string(outTemplated), "The snake says ###ZARF_VAR_SNAKE_SOUND###") + + // Remove the templated file so we can test with dynamic variables + e2e.CleanFiles("templated.txt") + + // Test using a templated file with dynamic variables + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--components=on-deploy-with-template-use-of-variable,on-deploy-with-dynamic-variable,on-deploy-with-multiple-variables", "--confirm") + require.NoError(t, err, stdOut, stdErr) + outTemplated, err = os.ReadFile("templated.txt") + require.NoError(t, err) + require.Contains(t, string(outTemplated), "The dog says ruff") + require.Contains(t, string(outTemplated), "The cat says meow") + require.Contains(t, string(outTemplated), "The snake says hiss") + }) } diff --git a/src/test/e2e/03_deprecations_test.go b/src/test/e2e/03_deprecations_test.go new file mode 100644 index 0000000000..808a5b25af --- /dev/null +++ b/src/test/e2e/03_deprecations_test.go @@ -0,0 +1,102 @@ +// SPDX-License-Identifier: Apache-2.0 +// SPDX-FileCopyrightText: 2021-Present The Zarf Authors + +// Package test provides e2e tests for Zarf. +package test + +import ( + "fmt" + "testing" + + "github.com/stretchr/testify/require" +) + +// TestDeprecatedComponentScripts verifies that deprecated component scripts are still able to be executed (after being internally +// migrated into zarf actions). +func TestDeprecatedComponentScripts(t *testing.T) { + t.Log("E2E: Testing deprecated component scripts") + + // Note these files will be created in the package directory, not CWD + testPackageDirPath := "src/test/packages/03-deprecated-component-scripts" + prepareArtifact := fmt.Sprintf("%s/test-deprecated-prepare-hook.txt", testPackageDirPath) + deployArtifacts := []string{ + "test-deprecated-deploy-before-hook.txt", + "test-deprecated-deploy-after-hook.txt", + } + allArtifacts := append(deployArtifacts, prepareArtifact) + e2e.CleanFiles(allArtifacts...) + defer e2e.CleanFiles(allArtifacts...) + + // 1. Try creating the package to test the create scripts + testPackagePath := fmt.Sprintf("%s/zarf-package-deprecated-component-scripts-%s.tar.zst", testPackageDirPath, e2e.Arch) + outputFlag := fmt.Sprintf("-o=%s", testPackageDirPath) + stdOut, stdErr, err := e2e.Zarf("package", "create", testPackageDirPath, outputFlag, "--confirm") + defer e2e.CleanFiles(testPackagePath) + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "Component '1-test-deprecated-prepare-scripts' is using scripts") + require.Contains(t, stdErr, "Component '2-test-deprecated-deploy-scripts' is using scripts") + require.Contains(t, stdErr, "Component '3-test-deprecated-timeout-scripts' is using scripts") + + // Test for package create prepare artifact + require.FileExists(t, prepareArtifact) + + // Test to ensure the deploy scripts are not executed + for _, artifact := range deployArtifacts { + require.NoFileExists(t, artifact) + } + + // 2. Deploy the simple script that should pass + stdOut, stdErr, err = e2e.Zarf("package", "deploy", testPackagePath, "--confirm", "--components=2-test-deprecated-deploy-scripts") + require.NoError(t, err, stdOut, stdErr) + + // Check that the deploy artifacts were created + for _, artifact := range deployArtifacts { + require.FileExists(t, artifact) + } + + // 3. Deploy the simple script that should fail the timeout + stdOut, stdErr, err = e2e.Zarf("package", "deploy", testPackagePath, "--confirm", "--components=3-test-deprecated-timeout-scripts") + require.Error(t, err, stdOut, stdErr) +} + +// TestDeprecatedSetAndPackageVariables verifies that deprecated setVariables and PKG_VARs still able to be set. +func TestDeprecatedSetAndPackageVariables(t *testing.T) { + t.Log("E2E: Testing deprecated set variables") + + // Note prepare script files will be created in the package directory, not CWD + testPackageDirPath := "src/test/packages/03-deprecated-set-variable" + prepareArtifact := fmt.Sprintf("%s/test-deprecated-prepare-hook.txt", testPackageDirPath) + deployArtifacts := []string{ + "test-deprecated-deploy-before-hook.txt", + "test-deprecated-deploy-after-hook.txt", + } + allArtifacts := append(deployArtifacts, prepareArtifact) + e2e.CleanFiles(allArtifacts...) + defer e2e.CleanFiles(allArtifacts...) + + // 2. Try creating the package to test the create scripts + testPackagePath := fmt.Sprintf("%s/zarf-package-deprecated-set-variable-%s.tar.zst", testPackageDirPath, e2e.Arch) + outputFlag := fmt.Sprintf("-o=%s", testPackageDirPath) + + // Check that the command still errors out + stdOut, stdErr, err := e2e.Zarf("package", "create", testPackageDirPath, outputFlag, "--confirm") + require.Error(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "template 'ECHO' must be '--set'") + + // Check that the command displays a warning on create + stdOut, stdErr, err = e2e.Zarf("package", "create", testPackageDirPath, outputFlag, "--confirm", "--set", "ECHO=Zarf-The-Axolotl") + defer e2e.CleanFiles(testPackagePath) + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "Component '1-test-deprecated-set-variable' is using setVariable") + require.Contains(t, stdErr, "deprecated syntax ###ZARF_PKG_VAR_ECHO###") + + // 1. Deploy the setVariable action that should pass and output the variable + stdOut, stdErr, err = e2e.Zarf("package", "deploy", testPackagePath, "--confirm", "--components=1-test-deprecated-set-variable") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "Hello from Hello Kitteh") + + // 2. Deploy the setVariable action that should pass and output the variable + stdOut, stdErr, err = e2e.Zarf("package", "deploy", testPackagePath, "--confirm", "--components=2-test-deprecated-pkg-var") + require.NoError(t, err, stdOut, stdErr) + require.Contains(t, stdErr, "Zarf-The-Axolotl") +} diff --git a/src/test/e2e/03_temp_directory_deploy_test.go b/src/test/e2e/03_temp_directory_deploy_test.go deleted file mode 100644 index 7e9fd4fc5d..0000000000 --- a/src/test/e2e/03_temp_directory_deploy_test.go +++ /dev/null @@ -1,40 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package test provides e2e tests for Zarf. -package test - -import ( - "fmt" - "os" - "path/filepath" - "testing" - - "github.com/stretchr/testify/require" -) - -func TestTempDirectoryDeploy(t *testing.T) { - t.Log("E2E: Temporary directory deploy") - - // run `zarf package deploy` with a specified tmp location - var ( - otherTmpPath = filepath.Join(os.TempDir(), "othertmp") - firstFile = "first-choice-file.txt" - secondFile = "second-choice-file.txt" - ) - - e2e.Setup(t) - defer e2e.Teardown(t) - - e2e.CleanFiles(otherTmpPath, firstFile, secondFile) - - path := fmt.Sprintf("build/zarf-package-component-choice-%s.tar.zst", e2e.Arch) - - _ = os.Mkdir(otherTmpPath, 0750) - - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--tmpdir", otherTmpPath, "--log-level=debug") - require.Contains(t, stdErr, otherTmpPath, "The other tmp path should show as being created") - require.NoError(t, err, stdOut, stdErr) - - e2e.CleanFiles(otherTmpPath, firstFile, secondFile) -} diff --git a/src/test/e2e/04_create_templating_test.go b/src/test/e2e/04_create_templating_test.go index 28a59cedae..45065bd32f 100644 --- a/src/test/e2e/04_create_templating_test.go +++ b/src/test/e2e/04_create_templating_test.go @@ -16,28 +16,24 @@ import ( func TestCreateTemplating(t *testing.T) { t.Log("E2E: Create Templating") - e2e.Setup(t) - defer e2e.Teardown(t) - // run `zarf package create` with a specified image cache location - cachePath := filepath.Join(os.TempDir(), ".cache-location") - decompressPath := filepath.Join(os.TempDir(), ".package-decompressed") - sbomPath := filepath.Join(os.TempDir(), ".sbom-location") - - e2e.CleanFiles(cachePath, decompressPath, sbomPath) + tmpdir := t.TempDir() + cachePath := filepath.Join(tmpdir, ".cache-location") + decompressPath := filepath.Join(tmpdir, ".package-decompressed") + sbomPath := filepath.Join(tmpdir, ".sbom-location") pkgName := fmt.Sprintf("zarf-package-variables-%s.tar.zst", e2e.Arch) // Test that not specifying a package variable results in an error - _, stdErr, _ := e2e.ExecZarfCommand("package", "create", "examples/variables", "--confirm", "--zarf-cache", cachePath) + _, stdErr, _ := e2e.Zarf("package", "create", "examples/variables", "--zarf-cache", cachePath, "--confirm") expectedOutString := "variable 'NGINX_VERSION' must be '--set' when using the '--confirm' flag" require.Contains(t, stdErr, "", expectedOutString) // Test a simple package variable example with `--set` (will fail to pull an image if this is not set correctly) - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", "examples/variables", "--set", "NGINX_VERSION=1.23.3", "--confirm", "--zarf-cache", cachePath) + stdOut, stdErr, err := e2e.Zarf("package", "create", "examples/variables", "--set", "NGINX_VERSION=1.23.3", "--zarf-cache", cachePath, "--confirm") require.NoError(t, err, stdOut, stdErr) - stdOut, stdErr, err = e2e.ExecZarfCommand("t", "archiver", "decompress", pkgName, decompressPath, "--unarchive-all", "-l=trace") + stdOut, stdErr, err = e2e.Zarf("t", "archiver", "decompress", pkgName, decompressPath, "--unarchive-all") require.NoError(t, err, stdOut, stdErr) // Check that the constant in the zarf.yaml is replaced correctly @@ -46,24 +42,22 @@ func TestCreateTemplating(t *testing.T) { require.Contains(t, string(builtConfig), "name: NGINX_VERSION\n value: 1.23.3") // Test that files and file folders template and handle SBOMs correctly - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "create", "src/test/test-packages/04-file-folders-templating-sbom/", "--confirm", "--sbom-out", sbomPath) + stdOut, stdErr, err = e2e.Zarf("package", "create", "src/test/packages/04-file-folders-templating-sbom/", "--sbom-out", sbomPath, "--confirm") require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "Creating SBOMs for 0 images and 2 components with files.") fileFoldersPkgName := fmt.Sprintf("zarf-package-file-folders-templating-sbom-%s.tar.zst", e2e.Arch) // Deploy the package and look for the variables in the output - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", fileFoldersPkgName, "--confirm", "--set", "DOGGO=doggy", "--set", "KITTEH=meowza", "--set", "PANDA=pandemonium") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", fileFoldersPkgName, "--set", "DOGGO=doggy", "--set", "KITTEH=meowza", "--set", "PANDA=pandemonium", "--confirm") require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "A doggy barks!") require.Contains(t, stdErr, " - meowza") require.Contains(t, stdErr, "# Total pandemonium") // Ensure that the `requirements.txt` files are discovered correctly - _, err = os.ReadFile(filepath.Join(sbomPath, "file-folders-templating-sbom", "compare.html")) - require.NoError(t, err) - _, err = os.ReadFile(filepath.Join(sbomPath, "file-folders-templating-sbom", "sbom-viewer-zarf-component-folders.html")) - require.NoError(t, err) + require.FileExists(t, filepath.Join(sbomPath, "file-folders-templating-sbom", "compare.html")) + require.FileExists(t, filepath.Join(sbomPath, "file-folders-templating-sbom", "sbom-viewer-zarf-component-folders.html")) foldersJSON, err := os.ReadFile(filepath.Join(sbomPath, "file-folders-templating-sbom", "zarf-component-folders.json")) require.NoError(t, err) require.Contains(t, string(foldersJSON), "numpy") @@ -73,5 +67,5 @@ func TestCreateTemplating(t *testing.T) { require.NoError(t, err) require.Contains(t, string(filesJSON), "pandas") - e2e.CleanFiles(cachePath, decompressPath, pkgName, fileFoldersPkgName, sbomPath) + e2e.CleanFiles(pkgName, fileFoldersPkgName) } diff --git a/src/test/e2e/05_multi_part_test.go b/src/test/e2e/05_multi_part_test.go index ccdd37be52..f9c48ecb4a 100644 --- a/src/test/e2e/05_multi_part_test.go +++ b/src/test/e2e/05_multi_part_test.go @@ -16,18 +16,15 @@ func TestMultiPartPackage(t *testing.T) { t.Log("E2E: Multi-part package") var ( - createPath = "src/test/test-packages/05-multi-part" + createPath = "src/test/packages/05-multi-part" deployPath = fmt.Sprintf("zarf-package-multi-part-%s.tar.zst.part000", e2e.Arch) outputFile = "multi-part-demo.dat" ) - e2e.Setup(t) - defer e2e.Teardown(t) - e2e.CleanFiles(deployPath, outputFile) // Create the package with a max size of 1MB - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", createPath, "--confirm", "--max-package-size=1") + stdOut, stdErr, err := e2e.Zarf("package", "create", createPath, "--max-package-size=1", "--confirm") require.NoError(t, err, stdOut, stdErr) list, err := filepath.Glob("zarf-package-multi-part-*") @@ -35,7 +32,7 @@ func TestMultiPartPackage(t *testing.T) { // Length is 7 because there are 6 parts and 1 manifest require.Len(t, list, 7) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", deployPath, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", deployPath, "--confirm") require.NoError(t, err, stdOut, stdErr) // Verify the package was deployed diff --git a/src/test/e2e/06_create_sbom_test.go b/src/test/e2e/06_create_sbom_test.go index a327b9aa2a..ccfbdd5d23 100644 --- a/src/test/e2e/06_create_sbom_test.go +++ b/src/test/e2e/06_create_sbom_test.go @@ -15,28 +15,24 @@ import ( ) func TestCreateSBOM(t *testing.T) { - cachePath := filepath.Join(os.TempDir(), ".cache-location") - sbomPath := filepath.Join(os.TempDir(), ".sbom-location") - - e2e.CleanFiles(cachePath, sbomPath) + tmpdir := t.TempDir() + cachePath := filepath.Join(tmpdir, ".cache-location") + sbomPath := filepath.Join(tmpdir, ".sbom-location") pkgName := fmt.Sprintf("zarf-package-dos-games-%s.tar.zst", e2e.Arch) - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", "examples/dos-games", "--confirm", "--zarf-cache", cachePath, "--sbom-out", sbomPath) + stdOut, stdErr, err := e2e.Zarf("package", "create", "examples/dos-games", "--zarf-cache", cachePath, "--sbom-out", sbomPath, "--confirm") require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "Creating SBOMs for 1 images and 0 components with files.") // Test that the game package generates the SBOMs we expect (images only) - _, err = os.ReadFile(filepath.Join(sbomPath, "dos-games", "sbom-viewer-defenseunicorns_zarf-game_multi-tile-dark.html")) - require.NoError(t, err) - _, err = os.ReadFile(filepath.Join(sbomPath, "dos-games", "compare.html")) - require.NoError(t, err) - _, err = os.ReadFile(filepath.Join(sbomPath, "dos-games", "defenseunicorns_zarf-game_multi-tile-dark.json")) - require.NoError(t, err) + require.FileExists(t, filepath.Join(sbomPath, "dos-games", "sbom-viewer-defenseunicorns_zarf-game_multi-tile-dark.html")) + require.FileExists(t, filepath.Join(sbomPath, "dos-games", "compare.html")) + require.FileExists(t, filepath.Join(sbomPath, "dos-games", "defenseunicorns_zarf-game_multi-tile-dark.json")) // Clean the SBOM path so it is force to be recreated e2e.CleanFiles(sbomPath) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", pkgName, "--sbom-out", sbomPath) + stdOut, stdErr, err = e2e.Zarf("package", "inspect", pkgName, "--sbom-out", sbomPath) require.NoError(t, err, stdOut, stdErr) // Test that the game package generates the SBOMs we expect (images only) _, err = os.ReadFile(filepath.Join(sbomPath, "dos-games", "sbom-viewer-defenseunicorns_zarf-game_multi-tile-dark.html")) @@ -47,12 +43,12 @@ func TestCreateSBOM(t *testing.T) { require.NoError(t, err) // Pull the current zarf binary version to find the corresponding init package - version, stdErr, err := e2e.ExecZarfCommand("version") + version, stdErr, err := e2e.Zarf("version") require.NoError(t, err, version, stdErr) initName := fmt.Sprintf("build/zarf-init-%s-%s.tar.zst", e2e.Arch, strings.TrimSpace(version)) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", initName, "--sbom-out", sbomPath) + stdOut, stdErr, err = e2e.Zarf("package", "inspect", initName, "--sbom-out", sbomPath) require.NoError(t, err, stdOut, stdErr) // Test that we preserve the filepath _, err = os.ReadFile(filepath.Join(sbomPath, "dos-games", "sbom-viewer-defenseunicorns_zarf-game_multi-tile-dark.html")) @@ -69,5 +65,5 @@ func TestCreateSBOM(t *testing.T) { _, err = os.ReadFile(filepath.Join(sbomPath, "init", "compare.html")) require.NoError(t, err) - e2e.CleanFiles(cachePath, sbomPath, pkgName) + e2e.CleanFiles(pkgName) } diff --git a/src/test/e2e/07_create_git_test.go b/src/test/e2e/07_create_git_test.go index 397f3ec431..1543a48b61 100644 --- a/src/test/e2e/07_create_git_test.go +++ b/src/test/e2e/07_create_git_test.go @@ -6,7 +6,6 @@ package test import ( "fmt" - "os" "path/filepath" "testing" @@ -17,12 +16,12 @@ import ( func TestCreateGit(t *testing.T) { t.Log("E2E: Test Git Repo Behavior") - extractDir := filepath.Join(os.TempDir(), ".extracted-git-pkg") - e2e.CleanFiles(extractDir) + tmpdir := t.TempDir() + extractDir := filepath.Join(tmpdir, ".extracted-git-pkg") // Extract the test package. - path := fmt.Sprintf("build/zarf-package-git-data-%s-v1.0.0.tar.zst", e2e.Arch) - stdOut, stdErr, err := e2e.ExecZarfCommand("tools", "archiver", "decompress", path, extractDir, "--unarchive-all") + path := fmt.Sprintf("build/zarf-package-git-data-%s-0.0.1.tar.zst", e2e.Arch) + stdOut, stdErr, err := e2e.Zarf("tools", "archiver", "decompress", path, extractDir, "--unarchive-all") require.NoError(t, err, stdOut, stdErr) defer e2e.CleanFiles(extractDir) diff --git a/src/test/e2e/08_create_differential_test.go b/src/test/e2e/08_create_differential_test.go index 508490762a..2dd4a8253a 100644 --- a/src/test/e2e/08_create_differential_test.go +++ b/src/test/e2e/08_create_differential_test.go @@ -9,6 +9,7 @@ import ( "path/filepath" "testing" + "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/pkg/utils" "github.com/defenseunicorns/zarf/src/types" "github.com/mholt/archiver/v3" @@ -18,35 +19,35 @@ import ( // TestCreateDifferential creates several differential packages and ensures the already built images and repos and not included in the new package func TestCreateDifferential(t *testing.T) { t.Log("E2E: Test Differential Package Behavior") - tmpPath, _ := utils.MakeTempDir("") + tmpdir := t.TempDir() - packagePath := "src/test/test-packages/08-differential-package" + packagePath := "src/test/packages/08-differential-package" packageName := "zarf-package-differential-package-amd64-v0.25.0.tar.zst" differentialPackageName := "zarf-package-differential-package-amd64-v0.25.0-differential-v0.26.0.tar.zst" differentialFlag := fmt.Sprintf("--differential=%s", packageName) // Build the package a first time - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", packagePath, "--set=PACKAGE_VERSION=v0.25.0", "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "create", packagePath, "--set=PACKAGE_VERSION=v0.25.0", "--confirm") require.NoError(t, err, stdOut, stdErr) defer e2e.CleanFiles(packageName) // Build the differential package without changing the version - _, stdErr, err = e2e.ExecZarfCommand("package", "create", packagePath, "--set=PACKAGE_VERSION=v0.25.0", differentialFlag, "--confirm") + _, stdErr, err = e2e.Zarf("package", "create", packagePath, "--set=PACKAGE_VERSION=v0.25.0", differentialFlag, "--confirm") require.Error(t, err, "zarf package create should have errored when a differential package was being created without updating the package version number") require.Contains(t, stdErr, "unable to create a differential package with the same version") // Build the differential package - _, stdErr, err = e2e.ExecZarfCommand("package", "create", packagePath, "--set=PACKAGE_VERSION=v0.26.0", differentialFlag, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "create", packagePath, "--set=PACKAGE_VERSION=v0.26.0", differentialFlag, "--confirm") require.NoError(t, err, stdOut, stdErr) defer e2e.CleanFiles(differentialPackageName) // Extract the yaml of the differential package - err = archiver.Extract(differentialPackageName, "zarf.yaml", tmpPath) + err = archiver.Extract(differentialPackageName, config.ZarfYAML, tmpdir) require.NoError(t, err, "unable to extract zarf.yaml from the differential git package") // Load the extracted zarf.yaml specification var differentialZarfConfig types.ZarfPackage - err = utils.ReadYaml(filepath.Join(tmpPath, "zarf.yaml"), &differentialZarfConfig) + err = utils.ReadYaml(filepath.Join(tmpdir, config.ZarfYAML), &differentialZarfConfig) require.NoError(t, err, "unable to read zarf.yaml from the differential git package") // Get a list of all images and repos that are inside of the differential package @@ -61,7 +62,6 @@ func TestCreateDifferential(t *testing.T) { expectedGitRepos := []string{ "https://github.com/stefanprodan/podinfo.git", "https://github.com/kelseyhightower/nocode.git", - "https://github.com/DoD-Platform-One/big-bang.git@refs/heads/release-1.54.x", "https://github.com/defenseunicorns/zarf.git@refs/tags/v0.26.0", } require.Len(t, actualGitRepos, 4, "zarf.yaml from the differential package does not contain the correct number of repos") @@ -78,6 +78,4 @@ func TestCreateDifferential(t *testing.T) { for _, expectedImage := range expectedImages { require.Contains(t, actualImages, expectedImage, fmt.Sprintf("unable to find expected image %s", expectedImage)) } - - e2e.CleanFiles(tmpPath) } diff --git a/src/test/e2e/20_zarf_init_test.go b/src/test/e2e/20_zarf_init_test.go index 49bb2cf11b..60fa2b6ba9 100644 --- a/src/test/e2e/20_zarf_init_test.go +++ b/src/test/e2e/20_zarf_init_test.go @@ -7,6 +7,7 @@ package test import ( "encoding/base64" "fmt" + "strings" "testing" "encoding/json" @@ -18,7 +19,6 @@ import ( func TestZarfInit(t *testing.T) { t.Log("E2E: Zarf init") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) initComponents := "logging,git-server" // Add k3s component in appliance mode @@ -26,34 +26,44 @@ func TestZarfInit(t *testing.T) { initComponents = "k3s,logging,git-server" } + // Get the version of the CLI + stdOut, stdErr, err := e2e.Zarf("version") + require.NoError(t, err, stdOut, stdErr) + initPackageVersion := strings.Trim(stdOut, "\n") + var ( mismatchedArch = e2e.GetMismatchedArch() - initPackageVersion = "UnknownVersion" mismatchedInitPackage = fmt.Sprintf("zarf-init-%s-%s.tar.zst", mismatchedArch, initPackageVersion) expectedErrorMessage = fmt.Sprintf("this package architecture is %s", mismatchedArch) ) + t.Cleanup(func() { + e2e.CleanFiles(mismatchedInitPackage) + }) // Build init package with different arch than the cluster arch. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", ".", "--architecture", mismatchedArch, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "create", "src/test/packages/20-mismatched-arch-init", "--architecture", mismatchedArch, "--confirm") require.NoError(t, err, stdOut, stdErr) - defer e2e.CleanFiles(mismatchedInitPackage) - - // Check that `zarf init` fails in appliance mode when we try to initialize a k3s cluster - // on a machine with a different architecture than the package architecture. + // Check that `zarf init` returns an error because of the mismatched architectures. // We need to use the --architecture flag here to force zarf to find the package. - _, stdErr, err = e2e.ExecZarfCommand("init", "--architecture", mismatchedArch, "--components=k3s", "--confirm") + componentsFlag := "" + if e2e.ApplianceMode { + // make sure init fails in appliance mode when we try to initialize a k3s cluster + // with behavior from the k3s component's actions + componentsFlag = "--components=k3s" + } + _, stdErr, err = e2e.Zarf("init", "--architecture", mismatchedArch, componentsFlag, "--confirm") require.Error(t, err, stdErr) require.Contains(t, stdErr, expectedErrorMessage) // run `zarf init` - _, initStdErr, err := e2e.ExecZarfCommand("init", "--components="+initComponents, "--confirm", "--nodeport", "31337", "-l", "trace") + _, initStdErr, err := e2e.Zarf("init", "--components="+initComponents, "--nodeport", "31337", "-l", "trace", "--confirm") require.NoError(t, err) require.Contains(t, initStdErr, "an inventory of all software contained in this package") logText := e2e.GetLogFileContents(t, initStdErr) // Verify that any state secrets were not included in the log - base64State, _, err := e2e.ExecZarfCommand("tools", "kubectl", "get", "secret", "zarf-state", "-n", "zarf", "-o", "jsonpath={.data.state}") + base64State, _, err := e2e.Kubectl("get", "secret", "zarf-state", "-n", "zarf", "-o", "jsonpath={.data.state}") require.NoError(t, err) stateJSON, err := base64.StdEncoding.DecodeString(base64State) require.NoError(t, err) @@ -71,33 +81,17 @@ func TestZarfInit(t *testing.T) { require.NotContains(t, logText, state.RegistryInfo.Secret) require.NotContains(t, logText, state.LoggingSecret) - // Check that gitea is actually running and healthy - stdOut, _, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "pods", "-l", "app in (gitea)", "-n", "zarf", "-o", "jsonpath={.items[*].status.phase}") - require.NoError(t, err) - require.Contains(t, stdOut, "Running") - - // Check that the logging stack is actually running and healthy - stdOut, _, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "pods", "-l", "app in (loki)", "-n", "zarf", "-o", "jsonpath={.items[*].status.phase}") - require.NoError(t, err) - require.Contains(t, stdOut, "Running") - stdOut, _, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "pods", "-l", "app.kubernetes.io/name in (grafana)", "-n", "zarf", "-o", "jsonpath={.items[*].status.phase}") - require.NoError(t, err) - require.Contains(t, stdOut, "Running") - stdOut, _, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "pods", "-l", "app.kubernetes.io/name in (promtail)", "-n", "zarf", "-o", "jsonpath={.items[*].status.phase}") - require.NoError(t, err) - require.Contains(t, stdOut, "Running") - // Check that the registry is running on the correct NodePort - stdOut, _, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "service", "-n", "zarf", "zarf-docker-registry", "-o=jsonpath='{.spec.ports[*].nodePort}'") + stdOut, _, err = e2e.Kubectl("get", "service", "-n", "zarf", "zarf-docker-registry", "-o=jsonpath='{.spec.ports[*].nodePort}'") require.NoError(t, err) require.Contains(t, stdOut, "31337") // Check that the registry is running with the correct scale down policy - stdOut, _, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "hpa", "-n", "zarf", "zarf-docker-registry", "-o=jsonpath='{.spec.behavior.scaleDown.selectPolicy}'") + stdOut, _, err = e2e.Kubectl("get", "hpa", "-n", "zarf", "zarf-docker-registry", "-o=jsonpath='{.spec.behavior.scaleDown.selectPolicy}'") require.NoError(t, err) require.Contains(t, stdOut, "Min") // Special sizing-hacking for reducing resources where Kind + CI eats a lot of free cycles (ignore errors) - _, _, _ = e2e.ExecZarfCommand("tools", "kubectl", "scale", "deploy", "-n", "kube-system", "coredns", "--replicas=1") - _, _, _ = e2e.ExecZarfCommand("tools", "kubectl", "scale", "deploy", "-n", "zarf", "agent-hook", "--replicas=1") + _, _, _ = e2e.Kubectl("scale", "deploy", "-n", "kube-system", "coredns", "--replicas=1") + _, _, _ = e2e.Kubectl("scale", "deploy", "-n", "zarf", "agent-hook", "--replicas=1") } diff --git a/src/test/e2e/21_connect_test.go b/src/test/e2e/21_connect_test.go index 18df1185c0..052eaf7760 100644 --- a/src/test/e2e/21_connect_test.go +++ b/src/test/e2e/21_connect_test.go @@ -20,10 +20,9 @@ type RegistryResponse struct { func TestConnect(t *testing.T) { t.Log("E2E: Connect") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) // Make the Registry contains the images we expect - stdOut, stdErr, err := e2e.ExecZarfCommand("tools", "registry", "catalog") + stdOut, stdErr, err := e2e.Zarf("tools", "registry", "catalog") require.NoError(t, err, stdOut, stdErr) registryList := strings.Split(strings.Trim(stdOut, "\n "), "\n") @@ -56,6 +55,6 @@ func TestConnect(t *testing.T) { require.NoError(t, err) require.Equal(t, 200, respLog.StatusCode) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "init", "--components=logging", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "init", "--components=logging", "--confirm") require.NoError(t, err, stdOut, stdErr) } diff --git a/src/test/e2e/22_git_and_flux_test.go b/src/test/e2e/22_git_and_flux_test.go index 97870cb873..a65e1cc7fb 100644 --- a/src/test/e2e/22_git_and_flux_test.go +++ b/src/test/e2e/22_git_and_flux_test.go @@ -20,17 +20,16 @@ import ( func TestGitAndFlux(t *testing.T) { t.Log("E2E: Git and flux") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) - buildPath := filepath.Join("src", "test", "test-packages", "22-git-and-flux") - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", buildPath, "--confirm", "-o=build", "--skip-sbom") + buildPath := filepath.Join("src", "test", "packages", "22-git-and-flux") + stdOut, stdErr, err := e2e.Zarf("package", "create", buildPath, "-o=build", "--confirm", "--skip-sbom") require.NoError(t, err, stdOut, stdErr) - path := fmt.Sprintf("build/zarf-package-git-data-check-secrets-%s-v1.0.0.tar.zst", e2e.Arch) + path := fmt.Sprintf("build/zarf-package-git-data-check-secrets-%s-1.0.0.tar.zst", e2e.Arch) defer e2e.CleanFiles(path) // Deploy the gitops example - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--confirm") require.NoError(t, err, stdOut, stdErr) // This package contains SBOMable things but was created with --skip-sbom @@ -47,9 +46,8 @@ func TestGitAndFlux(t *testing.T) { testGitServerTagAndHash(t, tunnel.HTTPEndpoint()) waitFluxPodInfoDeployment(t) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "podinfo-flux", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "podinfo-flux", "--confirm") require.NoError(t, err, stdOut, stdErr) - } func testGitServerConnect(t *testing.T, gitURL string) { @@ -111,9 +109,6 @@ func testGitServerTagAndHash(t *testing.T, gitURL string) { func waitFluxPodInfoDeployment(t *testing.T) { // Deploy the flux example and verify that it works path := fmt.Sprintf("build/zarf-package-podinfo-flux-%s.tar.zst", e2e.Arch) - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", path, "--confirm") require.NoError(t, err, stdOut, stdErr) - - kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "-n=podinfo", "rollout", "status", "deployment/podinfo") - require.Contains(t, string(kubectlOut), "successfully rolled out") } diff --git a/src/test/e2e/23_data_injection_test.go b/src/test/e2e/23_data_injection_test.go index c8b848e9a1..306e54ac37 100644 --- a/src/test/e2e/23_data_injection_test.go +++ b/src/test/e2e/23_data_injection_test.go @@ -19,13 +19,11 @@ import ( func TestDataInjection(t *testing.T) { t.Log("E2E: Data injection") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) path := fmt.Sprintf("build/zarf-package-data-injection-%s.tar", e2e.Arch) - sbomPath := filepath.Join(os.TempDir(), ".sbom-location") - - e2e.CleanFiles(sbomPath) + tmpdir := t.TempDir() + sbomPath := filepath.Join(tmpdir, ".sbom-location") // Repeat the injection action 3 times to ensure the data injection is idempotent and doesn't fail to perform an upgrade for i := 0; i < 3; i++ { @@ -33,16 +31,16 @@ func TestDataInjection(t *testing.T) { } // Verify the file and injection marker were created - stdOut, stdErr, err := e2e.ExecZarfCommand("tools", "kubectl", "--namespace=demo", "logs", "--tail=5", "--selector=app=data-injection", "-c=data-injection") + stdOut, stdErr, err := e2e.Kubectl("--namespace=demo", "logs", "--tail=5", "--selector=app=data-injection", "-c=data-injection") require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdOut, "this-is-an-example-file.txt") require.Contains(t, stdOut, ".zarf-injection-") - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "data-injection", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "data-injection", "--confirm") require.NoError(t, err, stdOut, stdErr) // Ensure that the `requirements.txt` file is discovered correctly - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", path, "--sbom-out", sbomPath) + stdOut, stdErr, err = e2e.Zarf("package", "inspect", path, "--sbom-out", sbomPath) require.NoError(t, err, stdOut, stdErr) _, err = os.ReadFile(filepath.Join(sbomPath, "data-injection", "compare.html")) require.NoError(t, err) @@ -51,8 +49,6 @@ func TestDataInjection(t *testing.T) { withInitContainerJSON, err := os.ReadFile(filepath.Join(sbomPath, "data-injection", "zarf-component-with-init-container.json")) require.NoError(t, err) require.Contains(t, string(withInitContainerJSON), "pytz") - - e2e.CleanFiles(sbomPath) } func runDataInjection(t *testing.T, path string) { diff --git a/src/test/e2e/24_variables_test.go b/src/test/e2e/24_variables_test.go index aa0e3477ae..04e3ed86d6 100644 --- a/src/test/e2e/24_variables_test.go +++ b/src/test/e2e/24_variables_test.go @@ -15,7 +15,6 @@ import ( func TestVariables(t *testing.T) { t.Log("E2E: Package variables") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) path := fmt.Sprintf("build/zarf-package-variables-%s.tar.zst", e2e.Arch) tfPath := "modified-terraform.tf" @@ -23,12 +22,12 @@ func TestVariables(t *testing.T) { e2e.CleanFiles(tfPath) // Test that not specifying a prompted variable results in an error - _, stdErr, _ := e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + _, stdErr, _ := e2e.Zarf("package", "deploy", path, "--confirm") expectedOutString := "variable 'SITE_NAME' must be '--set' when using the '--confirm' flag" require.Contains(t, stdErr, "", expectedOutString) // Deploy nginx - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--set", "SITE_NAME=Lula Web", "--set", "AWS_REGION=unicorn-land", "-l", "trace") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", path, "--confirm", "--set", "SITE_NAME=Lula Web", "--set", "AWS_REGION=unicorn-land", "-l", "trace") require.NoError(t, err, stdOut, stdErr) // Verify that the sensitive variable 'unicorn-land' was not printed to the screen require.NotContains(t, stdErr, "unicorn-land") @@ -43,7 +42,7 @@ func TestVariables(t *testing.T) { require.Contains(t, string(outputTF), "unicorn-land") // Verify the configmap was properly templated - kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "-n", "nginx", "get", "configmap", "nginx-configmap", "-o", "jsonpath='{.data.index\\.html}' ") + kubectlOut, _, _ := e2e.Kubectl("-n", "nginx", "get", "configmap", "nginx-configmap", "-o", "jsonpath='{.data.index\\.html}' ") // OPTIONAL_FOOTER should remain unset because it was not set during deploy require.Contains(t, string(kubectlOut), "\n \n ") // STYLE should take the default value @@ -55,12 +54,7 @@ func TestVariables(t *testing.T) { // AWS_REGION should have been templated and also templated into this config map require.Contains(t, string(kubectlOut), "unicorn-land") - // Verify that the nginx deployment was successful (the NGINX_VERSION constant templated the image correctly) - kubectlOut, _, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "pods", "-l", "app in (nginx)", "-n", "nginx", "-o", "jsonpath={.items[*].status.phase}") - require.NoError(t, err) - require.Contains(t, kubectlOut, "Running") - - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", path, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", path, "--confirm") require.NoError(t, err, stdOut, stdErr) e2e.CleanFiles(tfPath) diff --git a/src/test/e2e/25_helm_test.go b/src/test/e2e/25_helm_test.go index 33f066a4e1..3b6d79d052 100644 --- a/src/test/e2e/25_helm_test.go +++ b/src/test/e2e/25_helm_test.go @@ -7,102 +7,67 @@ package test import ( "fmt" "os/exec" + "path/filepath" + "strings" "testing" "github.com/stretchr/testify/require" ) +var helmChartsPkg string + func TestHelm(t *testing.T) { t.Log("E2E: Helm chart") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) - - testHelmReleaseName(t) - - testHelmGitChartWithRegistryOverride(t) - - testHelmLocalChart(t) - - testHelmEscaping(t) - testHelmOCIChart(t) + helmChartsPkg = filepath.Join("build", fmt.Sprintf("zarf-package-helm-charts-%s-0.0.1.tar.zst", e2e.Arch)) testHelmUninstallRollback(t) testHelmAdoption(t) -} - -func testHelmReleaseName(t *testing.T) { - t.Log("E2E: Helm chart releasename") - - path := fmt.Sprintf("build/zarf-package-helm-alt-release-name-%s.tar.zst", e2e.Arch) - // Deploy the package. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm") - require.NoError(t, err, stdOut, stdErr) + t.Run("helm charts example", testHelmChartsExample) - // Verify multiple helm installs of different release names were deployed. - kubectlOut, _ := exec.Command("kubectl", "get", "pods", "-n=helm-alt-release-name", "--no-headers").Output() - require.Contains(t, string(kubectlOut), "cool-name-podinfo") - - // Remove the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "helm-alt-release-name", "--confirm") - require.NoError(t, err, stdOut, stdErr) + t.Run("helm escaping", testHelmEscaping) } -func testHelmGitChartWithRegistryOverride(t *testing.T) { - t.Log("E2E: Git Helm chart w/Registry Override") - - // Create the package. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", "examples/helm-git-chart", "-o", "build", "--registry-override", "ghcr.io=docker.io", "--confirm") +func testHelmChartsExample(t *testing.T) { + t.Parallel() + t.Log("E2E: Helm chart example") + // Create the package with a registry override + stdOut, stdErr, err := e2e.Zarf("package", "create", "examples/helm-charts", "-o", "build", "--registry-override", "ghcr.io=docker.io", "--confirm") require.NoError(t, err, stdOut, stdErr) - path := fmt.Sprintf("build/zarf-package-helm-git-chart-%s.tar.zst", e2e.Arch) - // Deploy the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + allComponents := []string{ + "demo-helm-local-chart", + "demo-helm-git-chart", + "demo-helm-oci-chart", + "demo-helm-alt-release-name", + } + componentsFlag := fmt.Sprintf("--components=%s", strings.Join(allComponents, ",")) + stdOut, stdErr, err = e2e.Zarf("package", "deploy", helmChartsPkg, componentsFlag, "--confirm") require.NoError(t, err, stdOut, stdErr) require.Contains(t, string(stdErr), "registryOverrides", "registry overrides was not saved to build data") require.Contains(t, string(stdErr), "docker.io", "docker.io not found in registry overrides") - // Verify that nginx successfully deploys in the cluster - kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "-n=podinfo-from-git", "rollout", "status", "deployment/podinfo") - require.Contains(t, string(kubectlOut), "successfully rolled out") - // Remove the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "helm-git-chart", "--confirm") - require.NoError(t, err, stdOut, stdErr) -} - -func testHelmLocalChart(t *testing.T) { - t.Log("E2E: Local Helm chart") - - path := fmt.Sprintf("build/zarf-package-helm-local-chart-%s-0.0.1.tar.zst", e2e.Arch) - - // Deploy the package. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm") - require.NoError(t, err, stdOut, stdErr) - - // Verify that nginx successfully deploys in the cluster - kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "-n=local-chart", "rollout", "status", "deployment/local-demo") - require.Contains(t, string(kubectlOut), "successfully rolled out") - - // Remove the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "helm-local-chart", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "helm-charts", "--confirm") require.NoError(t, err, stdOut, stdErr) } func testHelmEscaping(t *testing.T) { + t.Parallel() t.Log("E2E: Helm chart escaping") // Create the package. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", "src/test/test-packages/25-evil-templates/", "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "create", "src/test/packages/25-evil-templates/", "--confirm") require.NoError(t, err, stdOut, stdErr) path := fmt.Sprintf("zarf-package-evil-templates-%s.tar.zst", e2e.Arch) // Deploy the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--confirm") require.NoError(t, err, stdOut, stdErr) // Verify the configmap was deployed and escaped. @@ -113,27 +78,7 @@ func testHelmEscaping(t *testing.T) { require.Contains(t, string(kubectlOut), `description: Pod {{$labels.pod}} in {{$labels.namespace}} got OOMKilled`) // Remove the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "evil-templates", "--confirm") - require.NoError(t, err, stdOut, stdErr) -} - -func testHelmOCIChart(t *testing.T) { - t.Log("E2E: Helm OCI chart") - - path := fmt.Sprintf("build/zarf-package-helm-oci-chart-%s-0.0.1.tar.zst", e2e.Arch) - - // Deploy the package. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm") - require.NoError(t, err, stdOut, stdErr) - - // Verify that podinfo successfully deploys in the cluster - kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "-n=helm-oci-demo", "rollout", "status", "deployment/podinfo") - require.Contains(t, string(kubectlOut), "successfully rolled out") - kubectlOut, _, _ = e2e.ExecZarfCommand("tools", "kubectl", "-n=helm-oci-demo", "get", "deployment", "podinfo", "-o=jsonpath={.metadata.labels}") - require.Contains(t, string(kubectlOut), "6.3.3") - - // Remove the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "helm-oci-chart", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "evil-templates", "--confirm") require.NoError(t, err, stdOut, stdErr) } @@ -144,11 +89,11 @@ func testHelmUninstallRollback(t *testing.T) { evilPath := fmt.Sprintf("zarf-package-dos-games-%s.tar.zst", e2e.Arch) // Create the evil package (with the bad configmap). - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", "src/test/test-packages/25-evil-dos-games/", "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "create", "src/test/packages/25-evil-dos-games/", "--confirm") require.NoError(t, err, stdOut, stdErr) // Deploy the evil package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", evilPath, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", evilPath, "--confirm") require.Error(t, err, stdOut, stdErr) // Ensure that this does not leave behind a dos-games chart @@ -157,7 +102,7 @@ func testHelmUninstallRollback(t *testing.T) { require.NotContains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") // Deploy the good package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", goodPath, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", goodPath, "--confirm") require.NoError(t, err, stdOut, stdErr) // Ensure that this does create a dos-games chart @@ -166,7 +111,7 @@ func testHelmUninstallRollback(t *testing.T) { require.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") // Deploy the evil package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", evilPath, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", evilPath, "--confirm") require.Error(t, err, stdOut, stdErr) // Ensure that the dos-games chart was not uninstalled @@ -175,7 +120,7 @@ func testHelmUninstallRollback(t *testing.T) { require.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") // Remove the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "dos-games", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "dos-games", "--confirm") require.NoError(t, err, stdOut, stdErr) } @@ -183,14 +128,14 @@ func testHelmAdoption(t *testing.T) { t.Log("E2E: Helm Adopt a Deployment") packagePath := fmt.Sprintf("build/zarf-package-dos-games-%s.tar.zst", e2e.Arch) - deploymentManifest := "src/test/test-packages/25-manifest-adoption/deployment.yaml" + deploymentManifest := "src/test/packages/25-manifest-adoption/deployment.yaml" // Deploy dos-games manually into the cluster without Zarf - kubectlOut, _, _ := e2e.ExecZarfCommand("tools", "kubectl", "apply", "-f", deploymentManifest) + kubectlOut, _, _ := e2e.Kubectl("apply", "-f", deploymentManifest) require.Contains(t, string(kubectlOut), "deployment.apps/game created") // Deploy dos-games into the cluster with Zarf - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", packagePath, "--confirm", "--adopt-existing-resources") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", packagePath, "--confirm", "--adopt-existing-resources") require.NoError(t, err, stdOut, stdErr) // Ensure that this does create a dos-games chart @@ -199,6 +144,6 @@ func testHelmAdoption(t *testing.T) { require.Contains(t, string(helmOut), "zarf-f53a99d4a4dd9a3575bedf59cd42d48d751ae866") // Remove the package. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "dos-games", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "dos-games", "--confirm") require.NoError(t, err, stdOut, stdErr) } diff --git a/src/test/e2e/26_simple_packages_test.go b/src/test/e2e/26_simple_packages_test.go index 772b8ab86d..fadf7cfc0d 100644 --- a/src/test/e2e/26_simple_packages_test.go +++ b/src/test/e2e/26_simple_packages_test.go @@ -16,12 +16,11 @@ import ( func TestDosGames(t *testing.T) { t.Log("E2E: Dos games") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) path := fmt.Sprintf("build/zarf-package-dos-games-%s.tar.zst", e2e.Arch) // Deploy the game - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", path, "--confirm") require.NoError(t, err, stdOut, stdErr) tunnel, err := cluster.NewZarfTunnel() @@ -35,22 +34,21 @@ func TestDosGames(t *testing.T) { require.NoError(t, err, resp) require.Equal(t, 200, resp.StatusCode) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "dos-games", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "dos-games", "--confirm") require.NoError(t, err, stdOut, stdErr) } func TestRemoteManifests(t *testing.T) { t.Log("E2E: Remote Manifests") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) path := fmt.Sprintf("build/zarf-package-remote-manifests-%s-0.0.1.tar.zst", e2e.Arch) // Deploy the package - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", path, "--confirm") require.NoError(t, err, stdOut, stdErr) // Remove the package - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "remote-manifests", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "remote-manifests", "--confirm") require.NoError(t, err, stdOut, stdErr) } diff --git a/src/test/e2e/27_cosign_deploy_test.go b/src/test/e2e/27_cosign_deploy_test.go index 086ac57329..b149df9897 100644 --- a/src/test/e2e/27_cosign_deploy_test.go +++ b/src/test/e2e/27_cosign_deploy_test.go @@ -16,7 +16,6 @@ import ( func TestCosignDeploy(t *testing.T) { t.Log("E2E: Cosign deploy") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) // Test with command from https://zarf.dev/install/ command := fmt.Sprintf("%s package deploy sget://defenseunicorns/zarf-hello-world:$(uname -m) --confirm", e2e.ZarfBinPath) @@ -24,6 +23,6 @@ func TestCosignDeploy(t *testing.T) { stdOut, stdErr, err := exec.CmdWithContext(context.TODO(), exec.PrintCfg(), "sh", "-c", command) require.NoError(t, err, stdOut, stdErr) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "dos-games", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "dos-games", "--confirm") require.NoError(t, err, stdOut, stdErr) } diff --git a/src/test/e2e/28_wait_test.go b/src/test/e2e/28_wait_test.go index 488b1342cb..16d2ddff4f 100644 --- a/src/test/e2e/28_wait_test.go +++ b/src/test/e2e/28_wait_test.go @@ -5,15 +5,11 @@ package test import ( - // "context" "fmt" - "os/exec" "time" - // "os/exec" "testing" - // "github.com/stretchr/testify/assert" "github.com/defenseunicorns/zarf/src/test" "github.com/stretchr/testify/require" ) @@ -25,14 +21,16 @@ type zarfCommandResult struct { } func zarfCommandWStruct(e2e test.ZarfE2ETest, path string) (result zarfCommandResult) { - result.stdOut, result.stdErr, result.err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + result.stdOut, result.stdErr, result.err = e2e.Zarf("package", "deploy", path, "--confirm") return result } -func TestWait(t *testing.T) { +func TestNoWait(t *testing.T) { t.Log("E2E: Helm Wait") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) + + stdOut, stdErr, err := e2e.Zarf("package", "create", "src/test/packages/28-helm-no-wait", "-o=build", "--confirm") + require.NoError(t, err, stdOut, stdErr) path := fmt.Sprintf("build/zarf-package-helm-no-wait-%s.tar.zst", e2e.Arch) @@ -41,9 +39,9 @@ func TestWait(t *testing.T) { zarfChannel <- zarfCommandWStruct(e2e, path) }() - var stdOut string - var stdErr string - var err error + stdOut = "" + stdErr = "" + err = nil select { case res := <-zarfChannel: @@ -53,15 +51,10 @@ func TestWait(t *testing.T) { case <-time.After(30 * time.Second): t.Error("Timeout waiting for zarf deploy (it tried to wait)") t.Log("Removing hanging namespace...") - kubectlOut, err := exec.Command("kubectl", "delete", "namespace", "no-wait", "--force=true", "--wait=false", "--grace-period=0").Output() - if err != nil { - t.Log(kubectlOut) - } else { - panic(err) - } + _, _, _ = e2e.Kubectl("delete", "namespace", "no-wait", "--force=true", "--wait=false", "--grace-period=0") } require.NoError(t, err, stdOut, stdErr) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "helm-no-wait", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "helm-no-wait", "--confirm") require.NoError(t, err, stdOut, stdErr) } diff --git a/src/test/e2e/29_mismatched_architectures_test.go b/src/test/e2e/29_mismatched_architectures_test.go index f3e897a720..374e423453 100644 --- a/src/test/e2e/29_mismatched_architectures_test.go +++ b/src/test/e2e/29_mismatched_architectures_test.go @@ -16,34 +16,20 @@ import ( func TestMismatchedArchitectures(t *testing.T) { t.Log("E2E: Mismatched architectures") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) var ( mismatchedArch = e2e.GetMismatchedArch() mismatchedGamesPackage = fmt.Sprintf("zarf-package-dos-games-%s.tar.zst", mismatchedArch) - initPackageVersion = "UnknownVersion" - mismatchedInitPackage = fmt.Sprintf("zarf-init-%s-%s.tar.zst", mismatchedArch, initPackageVersion) expectedErrorMessage = fmt.Sprintf("this package architecture is %s", mismatchedArch) ) - // Build init package with different arch than the cluster arch. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", ".", "--architecture", mismatchedArch, "--confirm") - require.NoError(t, err, stdOut, stdErr) - defer e2e.CleanFiles(mismatchedInitPackage) - // Build dos-games package with different arch than the cluster arch. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "create", "examples/dos-games/", "--architecture", mismatchedArch, "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "create", "examples/dos-games/", "--architecture", mismatchedArch, "--confirm") require.NoError(t, err, stdOut, stdErr) defer e2e.CleanFiles(mismatchedGamesPackage) - // Ensure zarf init returns an error because of the mismatched architectures. - // We need to use the --architecture flag here to force zarf to find the package. - _, stdErr, err = e2e.ExecZarfCommand("init", "--architecture", mismatchedArch, "--confirm") - require.Error(t, err, stdErr) - require.Contains(t, stdErr, expectedErrorMessage) - // Ensure zarf package deploy returns an error because of the mismatched architectures. - _, stdErr, err = e2e.ExecZarfCommand("package", "deploy", mismatchedGamesPackage, "--confirm") + _, stdErr, err = e2e.Zarf("package", "deploy", mismatchedGamesPackage, "--confirm") require.Error(t, err, stdErr) require.Contains(t, stdErr, expectedErrorMessage) } diff --git a/src/test/e2e/30_config_file_test.go b/src/test/e2e/30_config_file_test.go index 06cd44e689..7cbba5fb38 100644 --- a/src/test/e2e/30_config_file_test.go +++ b/src/test/e2e/30_config_file_test.go @@ -16,7 +16,6 @@ import ( func TestConfigFile(t *testing.T) { t.Log("E2E: Config file") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) var ( path = fmt.Sprintf("zarf-package-config-file-%s.tar.zst", e2e.Arch) @@ -33,19 +32,19 @@ func TestConfigFile(t *testing.T) { configFileDefaultTests(t) - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "remove", path, "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "remove", path, "--confirm") require.NoError(t, err, stdOut, stdErr) e2e.CleanFiles(path) } func configFileTests(t *testing.T, dir, path string) { - _, stdErr, err := e2e.ExecZarfCommand("package", "create", dir, "--confirm") + _, stdErr, err := e2e.Zarf("package", "create", dir, "--confirm") require.NoError(t, err) require.Contains(t, string(stdErr), "This is a zebra and they have stripes") require.Contains(t, string(stdErr), "This is a leopard and they have spots") - _, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + _, stdErr, err = e2e.Zarf("package", "deploy", path, "--confirm") require.NoError(t, err) require.Contains(t, string(stdErr), "📦 LION COMPONENT") require.NotContains(t, string(stdErr), "📦 LEOPARD COMPONENT") @@ -55,10 +54,43 @@ func configFileTests(t *testing.T, dir, path string) { require.NotContains(t, string(stdErr), "This package does NOT contain an SBOM.") // Verify the configmap was properly templated - kubectlOut, _, err := e2e.ExecZarfCommand("tools", "kubectl", "-n", "zarf", "get", "configmap", "simple-configmap", "-o", "jsonpath='{.data.templateme\\.properties}'") + kubectlOut, _, err := e2e.Kubectl("-n", "zarf", "get", "configmap", "simple-configmap", "-o", "jsonpath={.data.templateme\\.properties}") require.NoError(t, err) require.Contains(t, string(kubectlOut), "scorpion=iridescent") require.Contains(t, string(kubectlOut), "camel_spider=matte") + + // verify the multiline dummy private key was properly templated + tlsKey := `-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDvKUzWiZucm6/ +8D2Nx4KVe8t6uHtARpw112f4yGv7xKcOJkbxLbVtor8pj/HS5tRSZq2ziIQl9y98 +8TVAOBezgzPPMDxOqDeyHl5gAtqzpK/eSPmueZIhR88BH2+SMYqa5kxmjn752Rf0 +jVeCrVdQ5MD9rqA00oQi/zO+gQQoz6QSuiEQ2pSKYB3gv9oIoJorIU1n4qLYAezn +TvFwjmKWPPhRdyslpcAi1rVO+mVX3Y2DKU/CfpWNFVVT+H788Srn4yP6iWUymfQU +vHOXII1erMnES2H9BDffumrRf3m3IpgueQ3vPhB8ftjFZozURj2t/WSeaKsyQSoZ +Wr99DWxpAgMBAAECggEAAW8ARsACSAzOgtlfmgo8Cpw9gUiYnn/l5P8O4+OT5uQp +1RCytFGBYqwuej9zpffK1k+qNgZp8V0+G8wod6/xfH8Zggr4ZhsVTVirmEhtEaPD +Jf2i1oRNbbD48yknyApU2Y2WQaoJhArzAfeHDI34db83KqR8x+ZC0X7NAjgvr5zS +b0OfY2tht4oxEWh2m67FzlFgF+cWyszRYyfvHfOFBqLesuCnSfMoOzmbT3SlnxHo +6GSa1e/kCJVzFJNb74BZTIH0w6Ar/a0QG829VXivqj8lRENU/1xUI2JhNz4RdH7F +6MeiwQbq4pWjHfh4djuzQFIwOgCnSNRnNuNywOVuAQKBgQDjleEI1XFQawXmHtHu +6GMhbgptRoSUyutDDdo2MHGvDbxDOIsczIBjxCuYAM47nmGMuWbDJUN+2VQAX32J +WZagRxWikxnEqv3B7No7tLSQ42rRo/tDBrZPCCuS9u/ZJM4o7MCa/VzTtbicGOCh +bTIoTeEtT2piIdkrjHFGGlYOLQKBgQDcLNFHrSJCkHfCoz75+zytfYan+2dIxuV/ +MlnrT8XHt33cst4ZwoIQbsE6mv7J4CJqOgUYDvoJpioLV3InUACDxXd+bVY7RwxP +j25pXzYL++RctVO3IEOCmFkwlq0fNFdrOn8Y/cnRTwd2e60n08rCKgJS8KhEAaO0 +QvVmAHw4rQKBgQDL7hCAnunzuoLFqpZI8tlpKjaTpp3EynO3WSFQb2ZfCvrIbVFS +U/kz7KN3iDlEeO5GcBeiA7EQaGN6FhbiTXHIWwoK7K8paGMMM1V2LL2kGvQruDm8 +3LXd6Z9KCJXxSKanS0ZnW2KjnnE3Bp+6ZqOMNATzWfckydnUyPrza0PzXQKBgEYS +1YCUb8Tzqcn+nrp85XDp9INeFh8pfj0fT1L/DpljouEs5Fcaer60ITd/wPuLJCje +0mQ30AhmJBd7+07bvW4y2LcaIUm4cQiZQ7CxpsfloWaIJ16vHA1iY3B9ZBf8Vp4/ +/dd8XlEJb/ybnB6C35MwP5EaGtOaGfnzHZsbKG35AoGAWm9tpqhuldQ3MCvoAr5Q +b42JLSKqwpvVjQDiFZPI/0wZTo3WkWm9Rd7CAACheb8S70K1r/JIzsmIcnj0v4xs +sfd+R35UE+m8MExbDP4lKFParmvi2/UZfb3VFNMmMPTV6AEIBl6N4PmhHMZOsIRs +H4RxbE+FpmsMAUCpdrzvFkc= +-----END PRIVATE KEY-----` + kubectlOut, _, err = e2e.Kubectl("-n", "zarf", "get", "configmap", "simple-configmap", "-o", "jsonpath={.data.tls-key}") + require.NoError(t, err) + require.Equal(t, tlsKey, kubectlOut) } func configFileDefaultTests(t *testing.T) { @@ -108,25 +140,25 @@ func configFileDefaultTests(t *testing.T) { os.Setenv("ZARF_CONFIG", filepath.Join("src", "test", "zarf-config-test.toml")) // Test global flags - stdOut, _, _ := e2e.ExecZarfCommand("--help") + stdOut, _, _ := e2e.Zarf("--help") for _, test := range globalFlags { require.Contains(t, string(stdOut), test) } // Test init flags - stdOut, _, _ = e2e.ExecZarfCommand("init", "--help") + stdOut, _, _ = e2e.Zarf("init", "--help") for _, test := range initFlags { require.Contains(t, string(stdOut), test) } // Test package create flags - stdOut, _, _ = e2e.ExecZarfCommand("package", "create", "--help") + stdOut, _, _ = e2e.Zarf("package", "create", "--help") for _, test := range packageCreateFlags { require.Contains(t, string(stdOut), test) } // Test package deploy flags - stdOut, _, _ = e2e.ExecZarfCommand("package", "deploy", "--help") + stdOut, _, _ = e2e.Zarf("package", "deploy", "--help") for _, test := range packageDeployFlags { require.Contains(t, string(stdOut), test) } diff --git a/src/test/e2e/31_component_action_remove_test.go b/src/test/e2e/31_component_action_remove_test.go index 1cd02facb9..17f68c05a6 100644 --- a/src/test/e2e/31_component_action_remove_test.go +++ b/src/test/e2e/31_component_action_remove_test.go @@ -14,14 +14,13 @@ import ( func TestComponentActionRemove(t *testing.T) { t.Log("E2E: Component action remove") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) path := fmt.Sprintf("build/zarf-package-component-actions-%s.tar.zst", e2e.Arch) - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", path, "--confirm", "--components=on-remove") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", path, "--confirm", "--components=on-remove") require.NoError(t, err, stdOut, stdErr) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", path, "--confirm", "--components=on-remove") + stdOut, stdErr, err = e2e.Zarf("package", "remove", path, "--confirm", "--components=on-remove") require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "NAME") require.Contains(t, stdErr, "DATA") diff --git a/src/test/e2e/32_checksum_and_signature_test.go b/src/test/e2e/32_checksum_and_signature_test.go index 3444544b02..c3d57acab0 100644 --- a/src/test/e2e/32_checksum_and_signature_test.go +++ b/src/test/e2e/32_checksum_and_signature_test.go @@ -14,39 +14,38 @@ import ( func TestChecksumAndSignature(t *testing.T) { t.Log("E2E: Checksum and Signature") e2e.SetupWithCluster(t) - defer e2e.Teardown(t) testPackageDirPath := "examples/dos-games" pkgName := fmt.Sprintf("zarf-package-dos-games-%s.tar.zst", e2e.Arch) - privateKeyFlag := "--key=src/test/test-packages/zarf-test.prv-key" - publicKeyFlag := "--key=src/test/test-packages/zarf-test.pub" + privateKeyFlag := "--key=src/test/packages/zarf-test.prv-key" + publicKeyFlag := "--key=src/test/packages/zarf-test.pub" - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", testPackageDirPath, privateKeyFlag, "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "create", testPackageDirPath, privateKeyFlag, "--confirm") require.NoError(t, err, stdOut, stdErr) defer e2e.CleanFiles(pkgName) /* Test operations during package inspect */ // Test that we can inspect the yaml of the package without the private key - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", pkgName) + stdOut, stdErr, err = e2e.Zarf("package", "inspect", pkgName) require.NoError(t, err, stdOut, stdErr) // Test that we don't get an error when we remember to provide the public key - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", pkgName, publicKeyFlag) + stdOut, stdErr, err = e2e.Zarf("package", "inspect", pkgName, publicKeyFlag) require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "Verified OK") /* Test operations during package deploy */ // Test that we get an error when trying to deploy a package without providing the public key - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", pkgName, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", pkgName, "--confirm") require.Error(t, err, stdOut, stdErr) require.Contains(t, stdErr, "Failed to deploy package: package is signed but no key was provided") // Test that we don't get an error when we remember to provide the public key - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", pkgName, publicKeyFlag, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", pkgName, publicKeyFlag, "--confirm") require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "Zarf deployment complete") // Remove the package - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", pkgName, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", pkgName, "--confirm") require.NoError(t, err, stdOut, stdErr) } diff --git a/src/test/e2e/40_deprecated_component_scripts_test.go b/src/test/e2e/40_deprecated_component_scripts_test.go deleted file mode 100644 index 001003e65d..0000000000 --- a/src/test/e2e/40_deprecated_component_scripts_test.go +++ /dev/null @@ -1,62 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package test provides e2e tests for Zarf. -package test - -import ( - "fmt" - "testing" - - "github.com/stretchr/testify/require" -) - -// TestDeprecatedComponentScripts verifies that deprecated component scripts are still able to be executed (after being internally -// migrated into zarf actions). -func TestDeprecatedComponentScripts(t *testing.T) { - t.Log("E2E: Testing deprecated component scripts") - e2e.Setup(t) - defer e2e.Teardown(t) - - // Note these files will be created in the package directory, not CWD - testPackageDirPath := "src/test/test-packages/40-deprecated-component-scripts" - prepareArtifact := fmt.Sprintf("%s/test-deprecated-prepare-hook.txt", testPackageDirPath) - deployArtifacts := []string{ - "test-deprecated-deploy-before-hook.txt", - "test-deprecated-deploy-after-hook.txt", - } - allArtifacts := append(deployArtifacts, prepareArtifact) - e2e.CleanFiles(allArtifacts...) - defer e2e.CleanFiles(allArtifacts...) - - // 1. Try creating the package to test the create scripts - testPackagePath := fmt.Sprintf("%s/zarf-package-deprecated-component-scripts-%s.tar.zst", testPackageDirPath, e2e.Arch) - outputFlag := fmt.Sprintf("-o=%s", testPackageDirPath) - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", testPackageDirPath, outputFlag, "--confirm") - defer e2e.CleanFiles(testPackagePath) - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "Component '1-test-deprecated-prepare-scripts' is using scripts") - require.Contains(t, stdErr, "Component '2-test-deprecated-deploy-scripts' is using scripts") - require.Contains(t, stdErr, "Component '3-test-deprecated-timeout-scripts' is using scripts") - - // Test for package create prepare artifact - require.FileExists(t, prepareArtifact) - - // Test to ensure the deploy scripts are not executed - for _, artifact := range deployArtifacts { - require.NoFileExists(t, artifact) - } - - // 2. Deploy the simple script that should pass - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", testPackagePath, "--confirm", "--components=2-test-deprecated-deploy-scripts") - require.NoError(t, err, stdOut, stdErr) - - // Check that the deploy artifacts were created - for _, artifact := range deployArtifacts { - require.FileExists(t, artifact) - } - - // 3. Deploy the simple script that should fail the timeout - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", testPackagePath, "--confirm", "--components=3-test-deprecated-timeout-scripts") - require.Error(t, err, stdOut, stdErr) -} diff --git a/src/test/e2e/41_deprecations_set_variables_test.go b/src/test/e2e/41_deprecations_set_variables_test.go deleted file mode 100644 index 57465e7acf..0000000000 --- a/src/test/e2e/41_deprecations_set_variables_test.go +++ /dev/null @@ -1,56 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package test provides e2e tests for Zarf. -package test - -import ( - "fmt" - "testing" - - "github.com/stretchr/testify/require" -) - -// TestDeprecatedSetAndPackageVariables verifies that deprecated setVariables and PKG_VARs still able to be set. -func TestDeprecatedSetAndPackageVariables(t *testing.T) { - t.Log("E2E: Testing deprecated set variables") - e2e.Setup(t) - defer e2e.Teardown(t) - - // Note prepare script files will be created in the package directory, not CWD - testPackageDirPath := "src/test/test-packages/41-deprecated-set-variable" - prepareArtifact := fmt.Sprintf("%s/test-deprecated-prepare-hook.txt", testPackageDirPath) - deployArtifacts := []string{ - "test-deprecated-deploy-before-hook.txt", - "test-deprecated-deploy-after-hook.txt", - } - allArtifacts := append(deployArtifacts, prepareArtifact) - e2e.CleanFiles(allArtifacts...) - defer e2e.CleanFiles(allArtifacts...) - - // 2. Try creating the package to test the create scripts - testPackagePath := fmt.Sprintf("%s/zarf-package-deprecated-set-variable-%s.tar.zst", testPackageDirPath, e2e.Arch) - outputFlag := fmt.Sprintf("-o=%s", testPackageDirPath) - - // Check that the command still errors out - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", testPackageDirPath, outputFlag, "--confirm") - require.Error(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "template 'ECHO' must be '--set'") - - // Check that the command displays a warning on create - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "create", testPackageDirPath, outputFlag, "--confirm", "--set", "ECHO=Zarf-The-Axolotl") - defer e2e.CleanFiles(testPackagePath) - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "Component '1-test-deprecated-set-variable' is using setVariable") - require.Contains(t, stdErr, "deprecated syntax ###ZARF_PKG_VAR_ECHO###") - - // 1. Deploy the setVariable action that should pass and output the variable - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", testPackagePath, "--confirm", "--components=1-test-deprecated-set-variable") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "Hello from: Hello Kitteh") - - // 2. Deploy the setVariable action that should pass and output the variable - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", testPackagePath, "--confirm", "--components=2-test-deprecated-pkg-var") - require.NoError(t, err, stdOut, stdErr) - require.Contains(t, stdErr, "Zarf-The-Axolotl") -} diff --git a/src/test/e2e/50_oci_package_test.go b/src/test/e2e/50_oci_package_test.go index 849c6199c4..62ad84ed95 100644 --- a/src/test/e2e/50_oci_package_test.go +++ b/src/test/e2e/50_oci_package_test.go @@ -11,12 +11,14 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/utils" "github.com/defenseunicorns/zarf/src/pkg/utils/exec" + "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" "oras.land/oras-go/v2/registry" ) type RegistryClientTestSuite struct { suite.Suite + *require.Assertions Remote *utils.OrasRemote Reference registry.Reference PackagesDir string @@ -29,6 +31,7 @@ var badRef = registry.Reference{ } func (suite *RegistryClientTestSuite) SetupSuite() { + suite.Assertions = require.New(suite.T()) // spin up a local registry e2e.SetupDockerRegistry(suite.T(), 5000) suite.Reference.Registry = "localhost:5000" @@ -36,10 +39,10 @@ func (suite *RegistryClientTestSuite) SetupSuite() { } func (suite *RegistryClientTestSuite) TearDownSuite() { - local := fmt.Sprintf("zarf-package-helm-oci-chart-%s-0.0.1.tar.zst", e2e.Arch) + local := fmt.Sprintf("zarf-package-helm-charts-%s-0.0.1.tar.zst", e2e.Arch) e2e.CleanFiles(local) - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "remove", "helm-oci-chart", "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "remove", "helm-charts", "--confirm") suite.NoError(err, stdOut, stdErr) _, _, err = exec.Cmd("docker", "rm", "-f", "registry") @@ -50,30 +53,30 @@ func (suite *RegistryClientTestSuite) Test_0_Publish() { suite.T().Log("E2E: Package Publish oci://") // Publish package. - example := filepath.Join(suite.PackagesDir, fmt.Sprintf("zarf-package-helm-oci-chart-%s-0.0.1.tar.zst", e2e.Arch)) + example := filepath.Join(suite.PackagesDir, fmt.Sprintf("zarf-package-helm-charts-%s-0.0.1.tar.zst", e2e.Arch)) ref := suite.Reference.String() - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "publish", example, "oci://"+ref, "--insecure") + stdOut, stdErr, err := e2e.Zarf("package", "publish", example, "oci://"+ref, "--insecure") suite.NoError(err, stdOut, stdErr) suite.Contains(stdErr, "Published "+ref) // Publish w/ package missing `metadata.version` field. example = filepath.Join(suite.PackagesDir, fmt.Sprintf("zarf-package-dos-games-%s.tar.zst", e2e.Arch)) - _, stdErr, err = e2e.ExecZarfCommand("package", "publish", example, "oci://"+ref, "--insecure") + _, stdErr, err = e2e.Zarf("package", "publish", example, "oci://"+ref, "--insecure") suite.Error(err, stdErr) } func (suite *RegistryClientTestSuite) Test_1_Pull() { suite.T().Log("E2E: Package Pull oci://") - out := fmt.Sprintf("zarf-package-helm-oci-chart-%s-0.0.1.tar.zst", e2e.Arch) + out := fmt.Sprintf("zarf-package-helm-charts-%s-0.0.1.tar.zst", e2e.Arch) // Build the fully qualified reference. - suite.Reference.Repository = "helm-oci-chart" + suite.Reference.Repository = "helm-charts" suite.Reference.Reference = fmt.Sprintf("0.0.1-%s", e2e.Arch) ref := suite.Reference.String() // Pull the package via OCI. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "pull", "oci://"+ref, "--insecure") + stdOut, stdErr, err := e2e.Zarf("package", "pull", "oci://"+ref, "--insecure") suite.NoError(err, stdOut, stdErr) suite.Contains(stdErr, "Pulled "+ref) @@ -81,7 +84,7 @@ func (suite *RegistryClientTestSuite) Test_1_Pull() { suite.FileExists(out) // Test pull w/ bad ref. - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "pull", "oci://"+badRef.String(), "--insecure") + stdOut, stdErr, err = e2e.Zarf("package", "pull", "oci://"+badRef.String(), "--insecure") suite.Error(err, stdOut, stdErr) } @@ -89,58 +92,50 @@ func (suite *RegistryClientTestSuite) Test_2_Deploy() { suite.T().Log("E2E: Package Deploy oci://") // Build the fully qualified reference. - suite.Reference.Repository = "helm-oci-chart" + suite.Reference.Repository = "helm-charts" suite.Reference.Reference = fmt.Sprintf("0.0.1-%s", e2e.Arch) ref := suite.Reference.String() // Deploy the package via OCI. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", "oci://"+ref, "--insecure", "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", "oci://"+ref, "--components=demo-helm-oci-chart", "--insecure", "--confirm") suite.NoError(err, stdOut, stdErr) suite.Contains(stdErr, "Pulled "+ref) - stdOut, stdErr, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "pods", "-n=helm-oci-demo", "--no-headers") - suite.NoError(err, stdErr) - suite.Contains(string(stdOut), "podinfo-") - // Test deploy w/ bad ref. - _, stdErr, err = e2e.ExecZarfCommand("package", "deploy", "oci://"+badRef.String(), "--insecure", "--confirm") + _, stdErr, err = e2e.Zarf("package", "deploy", "oci://"+badRef.String(), "--insecure", "--confirm") suite.Error(err, stdErr) } func (suite *RegistryClientTestSuite) Test_3_Inspect() { suite.T().Log("E2E: Package Inspect oci://") - suite.Reference.Repository = "helm-oci-chart" + suite.Reference.Repository = "helm-charts" suite.Reference.Reference = fmt.Sprintf("0.0.1-%s", e2e.Arch) ref := suite.Reference.String() - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "inspect", "oci://"+ref, "--insecure") + stdOut, stdErr, err := e2e.Zarf("package", "inspect", "oci://"+ref, "--insecure") suite.NoError(err, stdOut, stdErr) suite.Contains(stdErr, "without downloading the entire package.") // Test inspect w/ bad ref. - _, stdErr, err = e2e.ExecZarfCommand("package", "inspect", "oci://"+badRef.String(), "--insecure") + _, stdErr, err = e2e.Zarf("package", "inspect", "oci://"+badRef.String(), "--insecure") suite.Error(err, stdErr) } func (suite *RegistryClientTestSuite) Test_4_Pull_And_Deploy() { suite.T().Log("E2E: Package Pull oci:// && Package Deploy tarball") - local := fmt.Sprintf("zarf-package-helm-oci-chart-%s-0.0.1.tar.zst", e2e.Arch) + local := fmt.Sprintf("zarf-package-helm-charts-%s-0.0.1.tar.zst", e2e.Arch) defer e2e.CleanFiles(local) // Verify the package was pulled. suite.FileExists(local) // Deploy the local package. - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "deploy", local, "--confirm") + stdOut, stdErr, err := e2e.Zarf("package", "deploy", local, "--confirm") suite.NoError(err, stdOut, stdErr) - - stdOut, stdErr, err = e2e.ExecZarfCommand("tools", "kubectl", "get", "pods", "-n=helm-oci-demo", "--no-headers") - suite.NoError(err, stdErr) - suite.Contains(string(stdOut), "podinfo-") } func TestRegistryClientTestSuite(t *testing.T) { e2e.SetupWithCluster(t) - defer e2e.Teardown(t) + suite.Run(t, new(RegistryClientTestSuite)) } diff --git a/src/test/e2e/51_oci_compose_test.go b/src/test/e2e/51_oci_compose_test.go index 5702c31cf0..5c6ea8cf17 100644 --- a/src/test/e2e/51_oci_compose_test.go +++ b/src/test/e2e/51_oci_compose_test.go @@ -17,29 +17,32 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/utils" "github.com/defenseunicorns/zarf/src/pkg/utils/exec" "github.com/defenseunicorns/zarf/src/types" + "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" "oras.land/oras-go/v2/registry" ) type SkeletonSuite struct { suite.Suite + *require.Assertions Remote *utils.OrasRemote Reference registry.Reference } var ( - importEverything = filepath.Join("src", "test", "test-packages", "51-import-everything") - importception = filepath.Join("src", "test", "test-packages", "51-import-everything", "inception") - everythingExternal = filepath.Join("src", "test", "test-packages", "everything-external") + importEverything = filepath.Join("src", "test", "packages", "51-import-everything") + importception = filepath.Join("src", "test", "packages", "51-import-everything", "inception") + everythingExternal = filepath.Join("src", "test", "packages", "everything-external") absNoCode = filepath.Join("/", "tmp", "nocode") ) func (suite *SkeletonSuite) SetupSuite() { - err := os.MkdirAll(filepath.Join("src", "test", "test-packages", "51-import-everything", "charts"), 0755) + suite.Assertions = require.New(suite.T()) + err := os.MkdirAll(filepath.Join("src", "test", "packages", "51-import-everything", "charts"), 0755) suite.NoError(err) - err = utils.CreatePathAndCopy(filepath.Join("examples", "helm-local-chart", "chart"), filepath.Join("src", "test", "test-packages", "51-import-everything", "charts", "local")) + err = utils.CreatePathAndCopy(filepath.Join("examples", "helm-charts", "chart"), filepath.Join("src", "test", "packages", "51-import-everything", "charts", "local")) suite.NoError(err) - suite.DirExists(filepath.Join("src", "test", "test-packages", "51-import-everything", "charts", "local")) + suite.DirExists(filepath.Join("src", "test", "packages", "51-import-everything", "charts", "local")) err = utils.CreatePathAndCopy(importEverything, everythingExternal) suite.NoError(err) @@ -51,7 +54,6 @@ func (suite *SkeletonSuite) SetupSuite() { e2e.SetupDockerRegistry(suite.T(), 555) suite.Reference.Registry = "localhost:555" - } func (suite *SkeletonSuite) TearDownSuite() { @@ -61,7 +63,7 @@ func (suite *SkeletonSuite) TearDownSuite() { suite.NoError(err) err = os.RemoveAll(absNoCode) suite.NoError(err) - err = os.RemoveAll(filepath.Join("src", "test", "test-packages", "51-import-everything", "charts", "local")) + err = os.RemoveAll(filepath.Join("src", "test", "packages", "51-import-everything", "charts", "local")) suite.NoError(err) err = os.RemoveAll(filepath.Join("files")) suite.NoError(err) @@ -70,30 +72,30 @@ func (suite *SkeletonSuite) TearDownSuite() { func (suite *SkeletonSuite) Test_0_Publish_Skeletons() { suite.T().Log("E2E: Skeleton Package Publish oci://") - helmLocal := filepath.Join("examples", "helm-local-chart") + helmLocal := filepath.Join("examples", "helm-charts") ref := suite.Reference.String() - _, stdErr, err := e2e.ExecZarfCommand("package", "publish", helmLocal, "oci://"+ref, "--insecure") + _, stdErr, err := e2e.Zarf("package", "publish", helmLocal, "oci://"+ref, "--insecure") suite.NoError(err) suite.Contains(stdErr, "Published "+ref) - _, stdErr, err = e2e.ExecZarfCommand("package", "publish", importEverything, "oci://"+ref, "--insecure") + _, stdErr, err = e2e.Zarf("package", "publish", importEverything, "oci://"+ref, "--insecure") suite.NoError(err) suite.Contains(stdErr, "Published "+ref) - _, _, err = e2e.ExecZarfCommand("package", "inspect", "oci://"+ref+"/import-everything:0.0.1-skeleton", "--insecure") + _, _, err = e2e.Zarf("package", "inspect", "oci://"+ref+"/import-everything:0.0.1-skeleton", "--insecure") suite.NoError(err) - _, _, err = e2e.ExecZarfCommand("package", "pull", "oci://"+ref+"/helm-local-chart:0.0.1-skeleton", "-o", "build", "--insecure") + _, _, err = e2e.Zarf("package", "pull", "oci://"+ref+"/helm-charts:0.0.1-skeleton", "-o", "build", "--insecure") suite.NoError(err) } func (suite *SkeletonSuite) Test_1_Compose() { suite.T().Log("E2E: Skeleton Package Compose oci://") - _, _, err := e2e.ExecZarfCommand("package", "create", importEverything, "--confirm", "-o", "build", "--insecure") + _, _, err := e2e.Zarf("package", "create", importEverything, "--confirm", "-o", "build", "--insecure") suite.NoError(err) - _, _, err = e2e.ExecZarfCommand("package", "create", importception, "--confirm", "-o", "build", "--insecure") + _, _, err = e2e.Zarf("package", "create", importception, "--confirm", "-o", "build", "--insecure") suite.NoError(err) } @@ -103,7 +105,7 @@ func (suite *SkeletonSuite) Test_3_FilePaths() { pkgTars := []string{ filepath.Join("build", fmt.Sprintf("zarf-package-import-everything-%s-0.0.1.tar.zst", e2e.Arch)), filepath.Join("build", fmt.Sprintf("zarf-package-importception-%s-0.0.1.tar.zst", e2e.Arch)), - filepath.Join("build", "zarf-package-helm-local-chart-skeleton-0.0.1.tar.zst"), + filepath.Join("build", "zarf-package-helm-charts-skeleton-0.0.1.tar.zst"), } for _, pkgTar := range pkgTars { @@ -112,7 +114,7 @@ func (suite *SkeletonSuite) Test_3_FilePaths() { unpacked := strings.TrimSuffix(pkgTar, ".tar.zst") defer os.RemoveAll(unpacked) defer os.RemoveAll(pkgTar) - _, _, err := e2e.ExecZarfCommand("tools", "archiver", "decompress", pkgTar, unpacked, "--unarchive-all") + _, _, err := e2e.Zarf("tools", "archiver", "decompress", pkgTar, unpacked, "--unarchive-all") suite.NoError(err) suite.DirExists(unpacked) @@ -124,7 +126,7 @@ func (suite *SkeletonSuite) Test_3_FilePaths() { suite.NotNil(components) isSkeleton := false - if pkgTar == filepath.Join("build", "zarf-package-helm-local-chart-skeleton-0.0.1.tar.zst") { + if pkgTar == filepath.Join("build", "zarf-package-helm-charts-skeleton-0.0.1.tar.zst") { isSkeleton = true } suite.verifyComponentPaths(unpacked, components, isSkeleton) @@ -230,6 +232,6 @@ func (suite *SkeletonSuite) verifyComponentPaths(unpackedPath string, components func TestSkeletonSuite(t *testing.T) { e2e.SetupWithCluster(t) - defer e2e.Teardown(t) + suite.Run(t, new(SkeletonSuite)) } diff --git a/src/test/e2e/52_oci_compose_differential_test.go b/src/test/e2e/52_oci_compose_differential_test.go index 9ea5660724..077cb513b2 100644 --- a/src/test/e2e/52_oci_compose_differential_test.go +++ b/src/test/e2e/52_oci_compose_differential_test.go @@ -14,6 +14,7 @@ import ( "github.com/defenseunicorns/zarf/src/pkg/utils/exec" "github.com/defenseunicorns/zarf/src/types" "github.com/mholt/archiver/v3" + "github.com/stretchr/testify/require" "github.com/stretchr/testify/suite" "oras.land/oras-go/v2/registry" ) @@ -21,70 +22,70 @@ import ( // OCIDifferentialSuite validates that OCI imported components get handled correctly when performing a `zarf package create --differential` type OCIDifferentialSuite struct { suite.Suite + *require.Assertions Remote *utils.OrasRemote Reference registry.Reference + tmpdir string } var ( - tmpPath, _ = utils.MakeTempDir("") differentialPackageName = "" normalPackageName = "" - createOutFlag = fmt.Sprintf("-o=%s", tmpPath) - examplePackagePath = filepath.Join("examples", "helm-oci-chart") - anotherPackagePath = filepath.Join("src", "test", "test-packages", "52-oci-differential") + examplePackagePath = filepath.Join("examples", "helm-charts") + anotherPackagePath = filepath.Join("src", "test", "packages", "52-oci-differential") ) func (suite *OCIDifferentialSuite) SetupSuite() { + suite.tmpdir = suite.T().TempDir() + suite.Assertions = require.New(suite.T()) suite.Reference.Registry = "localhost:555" differentialPackageName = fmt.Sprintf("zarf-package-podinfo-with-oci-flux-%s-v0.24.0-differential-v0.25.0.tar.zst", e2e.Arch) normalPackageName = fmt.Sprintf("zarf-package-podinfo-with-oci-flux-%s-v0.24.0.tar.zst", e2e.Arch) _ = e2e.SetupDockerRegistry(suite.T(), 555) - - // publish one of the example packages to the registry - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "publish", examplePackagePath, "oci://"+suite.Reference.String(), "--insecure") - suite.NoError(err, stdOut, stdErr) - - // build the package that we are going to publish - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "create", anotherPackagePath, "--insecure", "--set=PACKAGE_VERSION=v0.24.0", createOutFlag, "--confirm") - suite.NoError(err, stdOut, stdErr) - - // publish the package that we just built - normalPackagePath := filepath.Join(tmpPath, normalPackageName) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "publish", normalPackagePath, "oci://"+suite.Reference.String(), "--insecure") - suite.NoError(err, stdOut, stdErr) } func (suite *OCIDifferentialSuite) TearDownSuite() { _, _, err := exec.Cmd("docker", "rm", "-f", "registry") suite.NoError(err) - - os.RemoveAll(tmpPath) } func (suite *OCIDifferentialSuite) Test_0_Create_Differential_OCI() { suite.T().Log("E2E: Test Differential Packages w/ OCI Imports") + // publish one of the example packages to the registry + stdOut, stdErr, err := e2e.Zarf("package", "publish", examplePackagePath, "oci://"+suite.Reference.String(), "--insecure") + suite.NoError(err, stdOut, stdErr) + + // build the package that we are going to publish + stdOut, stdErr, err = e2e.Zarf("package", "create", anotherPackagePath, "--insecure", "--set=PACKAGE_VERSION=v0.24.0", "-o", suite.tmpdir, "--confirm") + suite.NoError(err, stdOut, stdErr) + + // publish the package that we just built + normalPackagePath := filepath.Join(suite.tmpdir, normalPackageName) + stdOut, stdErr, err = e2e.Zarf("package", "publish", normalPackagePath, "oci://"+suite.Reference.String(), "--insecure") + suite.NoError(err, stdOut, stdErr) + // Build without differential - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", anotherPackagePath, "--insecure", "--set=PACKAGE_VERSION=v0.25.0", createOutFlag, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "create", anotherPackagePath, "--insecure", "--set=PACKAGE_VERSION=v0.25.0", "-o", suite.tmpdir, "--confirm") suite.NoError(err, stdOut, stdErr) // Extract and load the zarf.yaml config for the normally built package - err = archiver.Extract(filepath.Join(tmpPath, normalPackageName), "zarf.yaml", tmpPath) + err = archiver.Extract(filepath.Join(suite.tmpdir, normalPackageName), "zarf.yaml", suite.tmpdir) suite.NoError(err, "unable to extract zarf.yaml from the differential git package") var normalZarfConfig types.ZarfPackage - err = utils.ReadYaml(filepath.Join(tmpPath, "zarf.yaml"), &normalZarfConfig) + err = utils.ReadYaml(filepath.Join(suite.tmpdir, "zarf.yaml"), &normalZarfConfig) suite.NoError(err, "unable to read zarf.yaml from the differential git package") - os.Remove(filepath.Join(tmpPath, "zarf.yaml")) + os.Remove(filepath.Join(suite.tmpdir, "zarf.yaml")) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "create", anotherPackagePath, "--differential", "oci://"+suite.Reference.String()+"/podinfo-with-oci-flux:v0.24.0-amd64", "--insecure", "--set=PACKAGE_VERSION=v0.25.0", createOutFlag, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "create", anotherPackagePath, "--differential", "oci://"+suite.Reference.String()+"/podinfo-with-oci-flux:v0.24.0-amd64", "--insecure", "--set=PACKAGE_VERSION=v0.25.0", "-o", suite.tmpdir, "--confirm") suite.NoError(err, stdOut, stdErr) // Extract and load the zarf.yaml config for the differentially built package - err = archiver.Extract(filepath.Join(tmpPath, differentialPackageName), "zarf.yaml", tmpPath) + err = archiver.Extract(filepath.Join(suite.tmpdir, differentialPackageName), "zarf.yaml", suite.tmpdir) suite.NoError(err, "unable to extract zarf.yaml from the differential git package") var differentialZarfConfig types.ZarfPackage - err = utils.ReadYaml(filepath.Join(tmpPath, "zarf.yaml"), &differentialZarfConfig) + err = utils.ReadYaml(filepath.Join(suite.tmpdir, "zarf.yaml"), &differentialZarfConfig) suite.NoError(err, "unable to read zarf.yaml from the differential git package") /* Perform a bunch of asserts around the non-differential package */ @@ -92,15 +93,15 @@ func (suite *OCIDifferentialSuite) Test_0_Create_Differential_OCI() { suite.Equal(normalZarfConfig.Metadata.Version, "v0.24.0") suite.False(normalZarfConfig.Build.Differential) suite.Len(normalZarfConfig.Build.OCIImportedComponents, 1) - suite.Equal(normalZarfConfig.Build.OCIImportedComponents["oci://127.0.0.1:555/helm-oci-chart:0.0.1-skeleton"], "helm-oci-chart") + suite.Equal(normalZarfConfig.Build.OCIImportedComponents["oci://127.0.0.1:555/helm-charts:0.0.1-skeleton"], "demo-helm-oci-chart") // Check the component data for the normal package suite.Len(normalZarfConfig.Components, 3) - suite.Equal(normalZarfConfig.Components[0].Name, "helm-oci-chart") + suite.Equal(normalZarfConfig.Components[0].Name, "demo-helm-oci-chart") suite.Equal(normalZarfConfig.Components[0].Charts[0].URL, "oci://ghcr.io/stefanprodan/charts/podinfo") - suite.Equal(normalZarfConfig.Components[0].Images[0], "ghcr.io/stefanprodan/podinfo:6.3.3") + suite.Equal(normalZarfConfig.Components[0].Images[0], "ghcr.io/stefanprodan/podinfo:6.3.5") suite.Len(normalZarfConfig.Components[1].Images, 2) - suite.Len(normalZarfConfig.Components[1].Repos, 4) + suite.Len(normalZarfConfig.Components[1].Repos, 2) suite.Len(normalZarfConfig.Components[2].Images, 1) suite.Len(normalZarfConfig.Components[2].Repos, 3) @@ -109,7 +110,7 @@ func (suite *OCIDifferentialSuite) Test_0_Create_Differential_OCI() { suite.Equal(differentialZarfConfig.Metadata.Version, "v0.25.0") suite.True(differentialZarfConfig.Build.Differential) suite.Len(differentialZarfConfig.Build.DifferentialMissing, 1) - suite.Equal(differentialZarfConfig.Build.DifferentialMissing[0], "helm-oci-chart") + suite.Equal(differentialZarfConfig.Build.DifferentialMissing[0], "demo-helm-oci-chart") suite.Len(differentialZarfConfig.Build.OCIImportedComponents, 0) // Check the component data for the differential package @@ -123,11 +124,10 @@ func (suite *OCIDifferentialSuite) Test_0_Create_Differential_OCI() { suite.Len(differentialZarfConfig.Components[1].Repos, 3) suite.Equal(differentialZarfConfig.Components[1].Images[0], "ghcr.io/stefanprodan/podinfo:latest") suite.Equal(differentialZarfConfig.Components[1].Repos[0], "https://github.com/stefanprodan/podinfo.git") - } func TestOCIDifferentialSuite(t *testing.T) { e2e.SetupWithCluster(t) - defer e2e.Teardown(t) + suite.Run(t, new(OCIDifferentialSuite)) } diff --git a/src/test/e2e/99_yolo_test.go b/src/test/e2e/99_yolo_test.go index 126e1a6326..7768f89a05 100644 --- a/src/test/e2e/99_yolo_test.go +++ b/src/test/e2e/99_yolo_test.go @@ -22,16 +22,15 @@ func TestYOLOMode(t *testing.T) { } e2e.SetupWithCluster(t) - defer e2e.Teardown(t) // Destroy the cluster to test Zarf cleaning up after itself - stdOut, stdErr, err := e2e.ExecZarfCommand("destroy", "--confirm", "--remove-components") + stdOut, stdErr, err := e2e.Zarf("destroy", "--confirm", "--remove-components") require.NoError(t, err, stdOut, stdErr) path := fmt.Sprintf("build/zarf-package-yolo-%s.tar.zst", e2e.Arch) // Deploy the YOLO package - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "deploy", path, "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "deploy", path, "--confirm") require.NoError(t, err, stdOut, stdErr) tunnel, err := cluster.NewZarfTunnel() @@ -45,6 +44,6 @@ func TestYOLOMode(t *testing.T) { require.NoError(t, err, resp) require.Equal(t, 200, resp.StatusCode) - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "remove", "yolo", "--confirm") + stdOut, stdErr, err = e2e.Zarf("package", "remove", "yolo", "--confirm") require.NoError(t, err, stdOut, stdErr) } diff --git a/src/test/external-test/README.md b/src/test/external/README.md similarity index 99% rename from src/test/external-test/README.md rename to src/test/external/README.md index ad22aad998..d6dbbe1bc3 100644 --- a/src/test/external-test/README.md +++ b/src/test/external/README.md @@ -1,18 +1,21 @@ # Test Initializing Zarf w/ An External Git Repository and A External Container Registry + > Note: For this test case, we deploy an 'external' Git server and container registry as pods running within the k8s cluster. These are still considered 'external' servers since they already existed inside the k8s cluster before `zarf init` command is executed This directory holds the tests that verify Zarf can initialize a cluster to use an already existing Git server and container registry that is external to the resources Zarf manages. The tests in this directory are currently only run when manually executed. - ## Running Tests Locally ### Dependencies + Running the tests locally have the same prerequisites as running and building Zarf: + 1. GoLang >= `1.19.x` 2. Make 3. Access to a cluster to test against ### Actually Running The Test + Here are a few different ways to run the tests, based on your specific situation: ``` bash diff --git a/src/test/external-test/common.go b/src/test/external/common.go similarity index 92% rename from src/test/external-test/common.go rename to src/test/external/common.go index eee17d0ed5..04fe590bd3 100644 --- a/src/test/external-test/common.go +++ b/src/test/external/common.go @@ -1,8 +1,8 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2021-Present The Zarf Authors -// Package external_test provides a test for the external init flow. -package external_test +// Package external provides a test for the external init flow. +package external import ( "context" diff --git a/src/test/external-test/configure-gitea.sh b/src/test/external/configure-gitea.sh similarity index 100% rename from src/test/external-test/configure-gitea.sh rename to src/test/external/configure-gitea.sh diff --git a/src/test/external-test/docker-compose.yml b/src/test/external/docker-compose.yml similarity index 100% rename from src/test/external-test/docker-compose.yml rename to src/test/external/docker-compose.yml diff --git a/src/test/external-test/docker-registry-values.yaml b/src/test/external/docker-registry-values.yaml similarity index 100% rename from src/test/external-test/docker-registry-values.yaml rename to src/test/external/docker-registry-values.yaml diff --git a/src/test/external-test/ext_in_cluster_init_test.go b/src/test/external/ext_in_cluster_init_test.go similarity index 97% rename from src/test/external-test/ext_in_cluster_init_test.go rename to src/test/external/ext_in_cluster_init_test.go index 926ab1b820..933ac6d1af 100644 --- a/src/test/external-test/ext_in_cluster_init_test.go +++ b/src/test/external/ext_in_cluster_init_test.go @@ -1,8 +1,8 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2021-Present The Zarf Authors -// Package external_test provides a test for the external init flow. -package external_test +// Package external provides a test for the external init flow. +package external import ( "context" diff --git a/src/test/external-test/ext_out_cluster_init_test.go b/src/test/external/ext_out_cluster_init_test.go similarity index 97% rename from src/test/external-test/ext_out_cluster_init_test.go rename to src/test/external/ext_out_cluster_init_test.go index 97a0b4ae2e..4fe8edd790 100644 --- a/src/test/external-test/ext_out_cluster_init_test.go +++ b/src/test/external/ext_out_cluster_init_test.go @@ -1,8 +1,8 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2021-Present The Zarf Authors -// Package external_test provides a test for the external init flow. -package external_test +// Package external provides a test for the external init flow. +package external import ( "path" diff --git a/src/test/external-test/gitea-values.yaml b/src/test/external/gitea-values.yaml similarity index 100% rename from src/test/external-test/gitea-values.yaml rename to src/test/external/gitea-values.yaml diff --git a/src/test/nightly/ecr_publish_test.go b/src/test/nightly/ecr_publish_test.go index ec4324c100..9ce2402522 100644 --- a/src/test/nightly/ecr_publish_test.go +++ b/src/test/nightly/ecr_publish_test.go @@ -42,46 +42,46 @@ func TestECRPublishing(t *testing.T) { e2e.RunClusterTests = false // Set up variables for common names/locations - testPackageName := "helm-oci-chart" + testPackageName := "helm-charts" testPackageVersion := "0.0.1" testPackageFileName := fmt.Sprintf("zarf-package-%s-%s-%s.tar.zst", testPackageName, e2e.Arch, testPackageVersion) testPackageLocation := filepath.Join(tmpDir, testPackageFileName) registryURL := "oci://public.ecr.aws/t8y5r5z5/zarf-nightly" upstreamPackageURL := fmt.Sprintf("%s/%s:%s-%s", registryURL, testPackageName, testPackageVersion, e2e.Arch) - keyFlag := fmt.Sprintf("--key=%s", "./src/test/test-packages/zarf-test.pub") + keyFlag := fmt.Sprintf("--key=%s", "./src/test/packages/zarf-test.pub") // Build the package with our test signature - stdOut, stdErr, err := e2e.ExecZarfCommand("package", "create", "examples/helm-oci-chart", "--key=./src/test/test-packages/zarf-test.prv-key", "--confirm", fmt.Sprintf("-o=%s", tmpDir)) + stdOut, stdErr, err := e2e.Zarf("package", "create", "examples/helm-charts", "--key=./src/test/packages/zarf-test.prv-key", "--confirm", fmt.Sprintf("-o=%s", tmpDir)) require.NoError(t, err, stdOut, stdErr) require.FileExists(t, testPackageLocation) // Validate that we can publish the package to ECR without an issue - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "publish", testPackageLocation, registryURL) + stdOut, stdErr, err = e2e.Zarf("package", "publish", testPackageLocation, registryURL) require.NoError(t, err, stdOut, stdErr) // Ensure we get a warning when trying to inspect the online published package - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", upstreamPackageURL, keyFlag) + stdOut, stdErr, err = e2e.Zarf("package", "inspect", upstreamPackageURL, keyFlag) require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "Zarf is unable to validate the checksums of remote OCI packages.") require.Contains(t, stdErr, "Package signature validated!") // Ensure we get an error when trying to pull the package without providing the public key - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "pull", upstreamPackageURL) + stdOut, stdErr, err = e2e.Zarf("package", "pull", upstreamPackageURL) require.Error(t, err, stdOut, stdErr) //TODO: look for a specific error instead of just allowing ANY error // Validate that we can pull the package down from ECR - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "pull", upstreamPackageURL, keyFlag) + stdOut, stdErr, err = e2e.Zarf("package", "pull", upstreamPackageURL, keyFlag) require.NoError(t, err, stdOut, stdErr) defer e2e.CleanFiles(testPackageFileName) // Ensure we get a warning when trying to inspect the package without providing the public key - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", testPackageFileName) + stdOut, stdErr, err = e2e.Zarf("package", "inspect", testPackageFileName) require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "The package you are inspecting has been signed but a public key was not provided.") require.Contains(t, stdErr, "All of the checksums matched!") // Validate that we get no warnings when inspecting the package while providing the public key - stdOut, stdErr, err = e2e.ExecZarfCommand("package", "inspect", testPackageFileName, keyFlag) + stdOut, stdErr, err = e2e.Zarf("package", "inspect", testPackageFileName, keyFlag) require.NoError(t, err, stdOut, stdErr) require.Contains(t, stdErr, "All of the checksums matched!") require.Contains(t, stdErr, "Package signature validated!") diff --git a/src/test/test-packages/00-helm-annotations/zarf.yaml b/src/test/packages/00-helm-annotations/zarf.yaml similarity index 100% rename from src/test/test-packages/00-helm-annotations/zarf.yaml rename to src/test/packages/00-helm-annotations/zarf.yaml diff --git a/src/test/test-packages/00-kube-version-override/zarf.yaml b/src/test/packages/00-kube-version-override/zarf.yaml similarity index 100% rename from src/test/test-packages/00-kube-version-override/zarf.yaml rename to src/test/packages/00-kube-version-override/zarf.yaml diff --git a/src/test/test-packages/40-deprecated-component-scripts/zarf.yaml b/src/test/packages/03-deprecated-component-scripts/zarf.yaml similarity index 59% rename from src/test/test-packages/40-deprecated-component-scripts/zarf.yaml rename to src/test/packages/03-deprecated-component-scripts/zarf.yaml index 594291eab8..57a7c8f838 100644 --- a/src/test/test-packages/40-deprecated-component-scripts/zarf.yaml +++ b/src/test/packages/03-deprecated-component-scripts/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: deprecated-component-scripts - description: "Test to verify the deprecated component scripts functionality gets migrated to the 'actions' while maintaining past functionality (see src/pkg/packager/deprecated)" + description: Test to verify the deprecated component scripts functionality gets migrated to the 'actions' while maintaining past functionality (see src/pkg/packager/deprecated) components: # Test that prepare scripts become onCreate actions @@ -9,19 +9,19 @@ components: scripts: prepare: # on Windows, touch is replaced with New-Item - - "touch test-deprecated-prepare-hook.txt" + - touch test-deprecated-prepare-hook.txt # Test that deploy scripts become onCreate actions - name: 2-test-deprecated-deploy-scripts scripts: before: - - "touch test-deprecated-deploy-before-hook.txt" + - touch test-deprecated-deploy-before-hook.txt after: - - "touch test-deprecated-deploy-after-hook.txt" + - touch test-deprecated-deploy-after-hook.txt # Test that script timeouts still get set - name: 3-test-deprecated-timeout-scripts scripts: timeoutSeconds: 1 before: - - "sleep 30" + - sleep 5 diff --git a/src/test/test-packages/41-deprecated-set-variable/zarf.yaml b/src/test/packages/03-deprecated-set-variable/zarf.yaml similarity index 69% rename from src/test/test-packages/41-deprecated-set-variable/zarf.yaml rename to src/test/packages/03-deprecated-set-variable/zarf.yaml index 549a889c09..aa09069c11 100644 --- a/src/test/test-packages/41-deprecated-set-variable/zarf.yaml +++ b/src/test/packages/03-deprecated-set-variable/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: deprecated-set-variable - description: "Test to verify that setVariables and PKG_VARs are migrated to maintain past functionality (see src/pkg/packager/deprecated)" + description: Test to verify that setVariables and PKG_VARs are migrated to maintain past functionality (see src/pkg/packager/deprecated) components: # Test that setVariable becomes setVariables @@ -11,7 +11,7 @@ components: before: - cmd: echo "Hello Kitteh" setVariable: HELLO_KITTEH - - cmd: "echo \"Hello from: ${ZARF_VAR_HELLO_KITTEH}\"" + - cmd: echo "Hello from ${ZARF_VAR_HELLO_KITTEH}" # Test that ###ZARF_PKG_VAR_*### is still templated - name: 2-test-deprecated-pkg-var diff --git a/src/test/test-packages/04-file-folders-templating-sbom/include-files/requirements.txt b/src/test/packages/04-file-folders-templating-sbom/include-files/requirements.txt similarity index 100% rename from src/test/test-packages/04-file-folders-templating-sbom/include-files/requirements.txt rename to src/test/packages/04-file-folders-templating-sbom/include-files/requirements.txt diff --git a/src/test/test-packages/04-file-folders-templating-sbom/include-files/simple.txt b/src/test/packages/04-file-folders-templating-sbom/include-files/simple.txt similarity index 100% rename from src/test/test-packages/04-file-folders-templating-sbom/include-files/simple.txt rename to src/test/packages/04-file-folders-templating-sbom/include-files/simple.txt diff --git a/src/test/test-packages/04-file-folders-templating-sbom/include-files/something.yaml b/src/test/packages/04-file-folders-templating-sbom/include-files/something.yaml similarity index 100% rename from src/test/test-packages/04-file-folders-templating-sbom/include-files/something.yaml rename to src/test/packages/04-file-folders-templating-sbom/include-files/something.yaml diff --git a/src/test/test-packages/04-file-folders-templating-sbom/requirements.txt b/src/test/packages/04-file-folders-templating-sbom/requirements.txt similarity index 100% rename from src/test/test-packages/04-file-folders-templating-sbom/requirements.txt rename to src/test/packages/04-file-folders-templating-sbom/requirements.txt diff --git a/src/test/test-packages/04-file-folders-templating-sbom/zarf.yaml b/src/test/packages/04-file-folders-templating-sbom/zarf.yaml similarity index 100% rename from src/test/test-packages/04-file-folders-templating-sbom/zarf.yaml rename to src/test/packages/04-file-folders-templating-sbom/zarf.yaml diff --git a/src/test/test-packages/05-multi-part/zarf.yaml b/src/test/packages/05-multi-part/zarf.yaml similarity index 94% rename from src/test/test-packages/05-multi-part/zarf.yaml rename to src/test/packages/05-multi-part/zarf.yaml index 5b2d490981..36b36d68d2 100644 --- a/src/test/test-packages/05-multi-part/zarf.yaml +++ b/src/test/packages/05-multi-part/zarf.yaml @@ -10,4 +10,4 @@ components: files: - source: https://zarf-public.s3-us-gov-west-1.amazonaws.com/examples/multi-part-demo.dat shasum: 22ebd38c2f5e04821c87c924c910be57d2169c292f85b2936d53cae24ebf8055 - target: "multi-part-demo.dat" + target: multi-part-demo.dat diff --git a/src/test/test-packages/08-differential-package/README.md b/src/test/packages/08-differential-package/README.md similarity index 100% rename from src/test/test-packages/08-differential-package/README.md rename to src/test/packages/08-differential-package/README.md diff --git a/src/test/test-packages/08-differential-package/zarf.yaml b/src/test/packages/08-differential-package/zarf.yaml similarity index 65% rename from src/test/test-packages/08-differential-package/zarf.yaml rename to src/test/packages/08-differential-package/zarf.yaml index 3f4ad15da1..9d911a66d0 100644 --- a/src/test/test-packages/08-differential-package/zarf.yaml +++ b/src/test/packages/08-differential-package/zarf.yaml @@ -2,7 +2,7 @@ kind: ZarfPackageConfig metadata: name: differential-package version: "###ZARF_PKG_TMPL_PACKAGE_VERSION###" - description: "Demo Zarf loading resources into a gitops service" + description: Demo Zarf loading resources into a gitops service components: - name: versioned-assets @@ -11,11 +11,8 @@ components: - ghcr.io/stefanprodan/podinfo:6.0.0 - ghcr.io/defenseunicorns/zarf/agent:###ZARF_PKG_TMPL_PACKAGE_VERSION### repos: - # Do a full Git Repo Mirror of a flux repo - https://github.com/defenseunicorns/zarf.git@c74e2e9626da0400e0a41e78319b3054c53a5d4e - - https://me0515@dev.azure.com/me0515/zarf-public-test/_git/zarf-public-test@524980951ff16e19dc25232e9aea8fd693989ba6 - https://github.com/defenseunicorns/zarf.git@refs/tags/###ZARF_PKG_TMPL_PACKAGE_VERSION### - - https://github.com/defenseunicorns/zarf.git@refs/tags/v0.16.0 - name: generalized-assets required: true @@ -25,4 +22,4 @@ components: # Do a full Git Repo Mirror - https://github.com/stefanprodan/podinfo.git - https://github.com/kelseyhightower/nocode.git - - "https://github.com/DoD-Platform-One/big-bang.git@refs/heads/release-1.54.x" + - https://github.com/defenseunicorns/zarf.git@refs/heads/main diff --git a/src/test/packages/20-mismatched-arch-init/zarf.yaml b/src/test/packages/20-mismatched-arch-init/zarf.yaml new file mode 100644 index 0000000000..ba41af4f52 --- /dev/null +++ b/src/test/packages/20-mismatched-arch-init/zarf.yaml @@ -0,0 +1,33 @@ +kind: ZarfInitConfig +metadata: + name: init + description: Used to establish a new Zarf cluster + +components: + - name: k3s + import: + path: ../../../../packages/distros/k3s + + # This package moves the injector & registries binaries + - name: zarf-injector + required: true + import: + path: ../../../../packages/zarf-registry + + # Creates the temporary seed-registry + - name: zarf-seed-registry + required: true + import: + path: ../../../../packages/zarf-registry + + # Creates the permanent registry + - name: zarf-registry + required: true + import: + path: ../../../../packages/zarf-registry + + # Creates the pod+git mutating webhook + - name: zarf-agent + required: true + import: + path: ../../../../packages/zarf-agent diff --git a/src/test/test-packages/22-git-and-flux/zarf.yaml b/src/test/packages/22-git-and-flux/zarf.yaml similarity index 79% rename from src/test/test-packages/22-git-and-flux/zarf.yaml rename to src/test/packages/22-git-and-flux/zarf.yaml index f8b5d30e82..edfae44209 100644 --- a/src/test/test-packages/22-git-and-flux/zarf.yaml +++ b/src/test/packages/22-git-and-flux/zarf.yaml @@ -1,8 +1,8 @@ kind: ZarfPackageConfig metadata: name: git-data-check-secrets - version: v1.0.0 - description: "Demo Zarf loading resources into a gitops service - while checking that the component secret gets updated with each component" + version: 1.0.0 + description: Demo Zarf loading resources into a gitops service - while checking that the component secret gets updated with each component components: - name: flux-demo @@ -23,7 +23,7 @@ components: before: # Check to verify the package secret has been saved for the already deployed component - cmd: test $(./zarf tools kubectl get secret -n zarf zarf-package-git-data-check-secrets -o jsonpath='{.data.*}' | base64 --decode | jq -r .deployedComponents | jq '. | length') -eq 1 - description: "Check that the package secret has been updated with the deployed component" + description: Check that the package secret has been updated with the deployed component maxRetries: 3 - name: specific-tag @@ -38,20 +38,20 @@ components: before: # Check to verify the package secret has been saved for the already deployed component - cmd: test $(./zarf tools kubectl get secret -n zarf zarf-package-git-data-check-secrets -o jsonpath='{.data.*}' | base64 --decode | jq -r .deployedComponents | jq '. | length') -eq 2 - description: "Check that the package secret has been updated with the deployed component" + description: Check that the package secret has been updated with the deployed component maxRetries: 3 - name: specific-branch required: true repos: # Do a branch-provided Git Repo mirror - - "https://github.com/DoD-Platform-One/big-bang.git@refs/heads/release-1.54.x" + - https://github.com/DoD-Platform-One/big-bang.git@refs/heads/release-1.54.x actions: onDeploy: before: # Check to verify the package secret has been saved for the already deployed component - cmd: test $(./zarf tools kubectl get secret -n zarf zarf-package-git-data-check-secrets -o jsonpath='{.data.*}' | base64 --decode | jq -r .deployedComponents | jq '. | length') -eq 3 - description: "Check that the package secret has been updated with the deployed component" + description: Check that the package secret has been updated with the deployed component maxRetries: 3 - name: specific-hash @@ -66,9 +66,9 @@ components: before: # Check to verify the package secret has been saved for the already deployed component - cmd: test $(./zarf tools kubectl get secret -n zarf zarf-package-git-data-check-secrets -o jsonpath='{.data.*}' | base64 --decode | jq -r .deployedComponents | jq '. | length') -eq 4 - description: "Check that the package secret has been updated with the deployed component" + description: Check that the package secret has been updated with the deployed component maxRetries: 3 onSuccess: - cmd: test $(./zarf tools kubectl get secret -n zarf zarf-package-git-data-check-secrets -o jsonpath='{.data.*}' | base64 --decode | jq -r .deployedComponents | jq '. | length') -eq 5 - description: "Check that the package secret has been updated with the deployed component" + description: Check that the package secret has been updated with the deployed component maxRetries: 3 diff --git a/src/test/test-packages/25-evil-dos-games/manifests/deployment.yaml b/src/test/packages/25-evil-dos-games/manifests/deployment.yaml similarity index 100% rename from src/test/test-packages/25-evil-dos-games/manifests/deployment.yaml rename to src/test/packages/25-evil-dos-games/manifests/deployment.yaml diff --git a/src/test/test-packages/25-evil-dos-games/manifests/evil-service.yaml b/src/test/packages/25-evil-dos-games/manifests/evil-service.yaml similarity index 100% rename from src/test/test-packages/25-evil-dos-games/manifests/evil-service.yaml rename to src/test/packages/25-evil-dos-games/manifests/evil-service.yaml diff --git a/src/test/test-packages/25-evil-dos-games/zarf.yaml b/src/test/packages/25-evil-dos-games/zarf.yaml similarity index 79% rename from src/test/test-packages/25-evil-dos-games/zarf.yaml rename to src/test/packages/25-evil-dos-games/zarf.yaml index 84d97ddf83..9df2301902 100644 --- a/src/test/test-packages/25-evil-dos-games/zarf.yaml +++ b/src/test/packages/25-evil-dos-games/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfPackageConfig metadata: name: dos-games - description: "Simple example to load classic DOS games into K8s in the airgap" + description: Simple example to load classic DOS games into K8s in the airgap components: - name: baseline diff --git a/src/test/test-packages/25-evil-templates/configmap.yaml b/src/test/packages/25-evil-templates/configmap.yaml similarity index 100% rename from src/test/test-packages/25-evil-templates/configmap.yaml rename to src/test/packages/25-evil-templates/configmap.yaml diff --git a/src/test/test-packages/25-evil-templates/zarf.yaml b/src/test/packages/25-evil-templates/zarf.yaml similarity index 100% rename from src/test/test-packages/25-evil-templates/zarf.yaml rename to src/test/packages/25-evil-templates/zarf.yaml diff --git a/src/test/test-packages/25-manifest-adoption/deployment.yaml b/src/test/packages/25-manifest-adoption/deployment.yaml similarity index 100% rename from src/test/test-packages/25-manifest-adoption/deployment.yaml rename to src/test/packages/25-manifest-adoption/deployment.yaml diff --git a/src/test/packages/28-helm-no-wait/README.md b/src/test/packages/28-helm-no-wait/README.md new file mode 100644 index 0000000000..6e5df09b72 --- /dev/null +++ b/src/test/packages/28-helm-no-wait/README.md @@ -0,0 +1,3 @@ +# Helm No Wait + +This example shows how you can specify for zarf to not wait for resources to report ready within a component's `manifests`. This is also applicable to `charts`. diff --git a/examples/helm-no-wait/never-ready.pod.yaml b/src/test/packages/28-helm-no-wait/never-ready.pod.yaml similarity index 100% rename from examples/helm-no-wait/never-ready.pod.yaml rename to src/test/packages/28-helm-no-wait/never-ready.pod.yaml diff --git a/examples/helm-no-wait/zarf.yaml b/src/test/packages/28-helm-no-wait/zarf.yaml similarity index 83% rename from examples/helm-no-wait/zarf.yaml rename to src/test/packages/28-helm-no-wait/zarf.yaml index 24c3bb8432..86eac186fd 100644 --- a/examples/helm-no-wait/zarf.yaml +++ b/src/test/packages/28-helm-no-wait/zarf.yaml @@ -1,7 +1,8 @@ kind: ZarfPackageConfig metadata: name: helm-no-wait - description: "Deploys a pod which never becomes ready" + description: Deploys a pod which never becomes ready + components: - name: zarf-helm-no-wait required: true diff --git a/src/test/test-packages/51-import-everything/bar/zarf.yaml b/src/test/packages/51-import-everything/bar/zarf.yaml similarity index 95% rename from src/test/test-packages/51-import-everything/bar/zarf.yaml rename to src/test/packages/51-import-everything/bar/zarf.yaml index 2b73b847df..8df24ef40a 100644 --- a/src/test/test-packages/51-import-everything/bar/zarf.yaml +++ b/src/test/packages/51-import-everything/bar/zarf.yaml @@ -16,7 +16,7 @@ components: onCreate: before: - cmd: cat files/coffee-ipsum.txt - dir: "../" + dir: ../ after: - cmd: cat ../files/coffee-ipsum.txt onSuccess: diff --git a/src/test/test-packages/51-import-everything/files/coffee-ipsum.txt b/src/test/packages/51-import-everything/files/coffee-ipsum.txt similarity index 100% rename from src/test/test-packages/51-import-everything/files/coffee-ipsum.txt rename to src/test/packages/51-import-everything/files/coffee-ipsum.txt diff --git a/src/test/test-packages/51-import-everything/foo/zarf.yaml b/src/test/packages/51-import-everything/foo/zarf.yaml similarity index 100% rename from src/test/test-packages/51-import-everything/foo/zarf.yaml rename to src/test/packages/51-import-everything/foo/zarf.yaml diff --git a/src/test/test-packages/51-import-everything/inception/zarf.yaml b/src/test/packages/51-import-everything/inception/zarf.yaml similarity index 68% rename from src/test/test-packages/51-import-everything/inception/zarf.yaml rename to src/test/packages/51-import-everything/inception/zarf.yaml index 011aa0c325..563619564d 100644 --- a/src/test/test-packages/51-import-everything/inception/zarf.yaml +++ b/src/test/packages/51-import-everything/inception/zarf.yaml @@ -20,7 +20,17 @@ components: import: url: oci://localhost:555/import-everything:0.0.1-skeleton - - name: import-helm + - name: import-helm-local + required: true + import: + url: oci://localhost:555/import-everything:0.0.1-skeleton + + - name: import-helm-local-relative + required: true + import: + url: oci://localhost:555/import-everything:0.0.1-skeleton + + - name: import-helm-oci required: true import: url: oci://localhost:555/import-everything:0.0.1-skeleton diff --git a/src/test/test-packages/51-import-everything/zarf.yaml b/src/test/packages/51-import-everything/zarf.yaml similarity index 82% rename from src/test/test-packages/51-import-everything/zarf.yaml rename to src/test/packages/51-import-everything/zarf.yaml index 6355b8dc98..ea3901a32d 100644 --- a/src/test/test-packages/51-import-everything/zarf.yaml +++ b/src/test/packages/51-import-everything/zarf.yaml @@ -28,16 +28,7 @@ components: import: # name is optional, if not provided the name of the component will be used to import name: demo-helm-local-chart - url: oci://localhost:555/helm-local-chart:0.0.1-skeleton - actions: - onDeploy: - after: - - wait: - cluster: - kind: deployment - name: local-demo - namespace: local-chart - condition: available + url: oci://localhost:555/helm-charts:0.0.1-skeleton - name: file-imports required: false @@ -67,39 +58,56 @@ components: - cmd: test ! -f files/latte.txt - cmd: test ! -f files/zarf-readme.md - - name: import-helm + - name: import-helm-local required: false charts: - - name: local-demo + - name: podinfo localPath: charts/local namespace: local-chart - version: 0.1.0 - - name: local-demo - localPath: ../everything-external/charts/local - namespace: local-chart-relative - version: 0.1.0 - - name: oci-demo - version: 6.3.3 - namespace: podinfo - url: oci://ghcr.io/stefanprodan/charts/podinfo + version: 6.3.5 images: - - nginx:1.16.0 - - ghcr.io/stefanprodan/podinfo:6.3.3 + - ghcr.io/stefanprodan/podinfo:6.3.5 actions: onDeploy: after: - wait: cluster: kind: deployment - name: local-demo + name: podinfo namespace: local-chart condition: available + + - name: import-helm-local-relative + required: false + charts: + - name: podinfo + localPath: ../everything-external/charts/local + namespace: local-chart-relative + version: 6.3.5 + images: + - ghcr.io/stefanprodan/podinfo:6.3.5 + actions: + onDeploy: + after: - wait: cluster: kind: deployment - name: local-demo + name: podinfo namespace: local-chart-relative condition: available + + - name: import-helm-oci + required: false + charts: + - name: oci-demo + version: 6.3.5 + namespace: podinfo + url: oci://ghcr.io/stefanprodan/charts/podinfo + images: + - ghcr.io/stefanprodan/podinfo:6.3.5 + actions: + onDeploy: + after: - wait: cluster: kind: pod @@ -118,5 +126,4 @@ components: - name: import-images required: false images: - - nginx:1.16.0 - - ghcr.io/stefanprodan/podinfo:6.3.3 + - ghcr.io/stefanprodan/podinfo:6.3.5 diff --git a/src/test/test-packages/52-oci-differential/README.md b/src/test/packages/52-oci-differential/README.md similarity index 100% rename from src/test/test-packages/52-oci-differential/README.md rename to src/test/packages/52-oci-differential/README.md diff --git a/src/test/test-packages/52-oci-differential/zarf.yaml b/src/test/packages/52-oci-differential/zarf.yaml similarity index 54% rename from src/test/test-packages/52-oci-differential/zarf.yaml rename to src/test/packages/52-oci-differential/zarf.yaml index 77e6c56420..75e194f5e6 100644 --- a/src/test/test-packages/52-oci-differential/zarf.yaml +++ b/src/test/packages/52-oci-differential/zarf.yaml @@ -1,21 +1,21 @@ kind: ZarfPackageConfig metadata: name: podinfo-with-oci-flux - description: "Deploy flux and then podinfo via flux" + description: Deploy flux and then podinfo via flux version: "###ZARF_PKG_TMPL_PACKAGE_VERSION###" components: - - name: helm-oci-chart + - name: demo-helm-oci-chart required: true import: - url: oci://127.0.0.1:555/helm-oci-chart:0.0.1-skeleton + url: oci://127.0.0.1:555/helm-charts:0.0.1-skeleton - name: versioned-assets import: - path: ../../test-packages/08-differential-package + path: ../../packages/08-differential-package name: versioned-assets - name: generalized-assets import: - path: ../../test-packages/08-differential-package + path: ../../packages/08-differential-package name: generalized-assets diff --git a/src/test/test-packages/zarf-test.prv-key b/src/test/packages/zarf-test.prv-key similarity index 100% rename from src/test/test-packages/zarf-test.prv-key rename to src/test/packages/zarf-test.prv-key diff --git a/src/test/test-packages/zarf-test.pub b/src/test/packages/zarf-test.pub similarity index 100% rename from src/test/test-packages/zarf-test.pub rename to src/test/packages/zarf-test.pub diff --git a/src/test/upgrade-test/common.go b/src/test/upgrade-test/common.go deleted file mode 100644 index f4f45d216c..0000000000 --- a/src/test/upgrade-test/common.go +++ /dev/null @@ -1,5 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package upgrade_test provides a test for the upgrade flow. -package upgrade_test diff --git a/src/test/upgrade-test/README.md b/src/test/upgrade/README.md similarity index 84% rename from src/test/upgrade-test/README.md rename to src/test/upgrade/README.md index 7e1b37d5ec..fba99ed1d1 100644 --- a/src/test/upgrade-test/README.md +++ b/src/test/upgrade/README.md @@ -1,20 +1,23 @@ # Test Upgrading a Zarf package and Zarf itself + > Note: For this test case, we first deploy the podinfo package (from this directory) with version 6.3.3, then build a 6.3.4 package. This package is then deployed to an upgraded cluster with the new zarf version and the new zarf version builds and deploys a 6.3.5 version. This directory holds the tests that verify Zarf can perform these upgrade actions and that any deploy deprecations work as expected. - ## Running Tests Locally ### Dependencies + Running the tests locally have the same prerequisites as running and building Zarf: + 1. GoLang >= `1.19.x` -2. Make -3. Access to a cluster to test against -4. The zarf.yaml created and deployed with PODINFO_VERSION 6.3.3 -4. The zarf.yaml created with PODINFO_VERSION 6.3.4 +1. Make +1. Access to a cluster to test against +1. The zarf.yaml created and deployed with PODINFO_VERSION 6.3.3 +1. The zarf.yaml created with PODINFO_VERSION 6.3.4 ### Actually Running The Test + Here are a few different ways to run the tests, based on your specific situation: ``` bash @@ -24,5 +27,5 @@ make test-upgrade ``` bash # If you are in the root folder of the repository and already have everything built (i.e., the binary, the init-package and the flux-test example package): -go test ./src/test/upgrade-test/... +go test ./src/test/upgrade/... ``` diff --git a/src/test/upgrade-test/previously_built_test.go b/src/test/upgrade/previously_built_test.go similarity index 78% rename from src/test/upgrade-test/previously_built_test.go rename to src/test/upgrade/previously_built_test.go index 037fd9562e..b464f49937 100644 --- a/src/test/upgrade-test/previously_built_test.go +++ b/src/test/upgrade/previously_built_test.go @@ -1,8 +1,8 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-FileCopyrightText: 2021-Present The Zarf Authors -// Package upgrade_test provides a test for the upgrade flow. -package upgrade_test +// Package upgrade provides a test for the upgrade flow. +package upgrade import ( "path" @@ -13,18 +13,27 @@ import ( "github.com/stretchr/testify/require" ) +func kubectl(args ...string) (string, string, error) { + tk := []string{"tools", "kubectl"} + args = append(tk, args...) + return zarf(args...) +} + +func zarf(args ...string) (string, string, error) { + zarfBinPath := path.Join("../../../build", test.GetCLIName()) + return exec.Cmd(zarfBinPath, args...) +} + func TestPreviouslyBuiltZarfPackage(t *testing.T) { // This test tests that a package built with the previous version of zarf will still deploy with the newer version t.Log("Upgrade: Previously Built Zarf Package") - zarfBinPath := path.Join("../../../build", test.GetCLIName()) - // For the upgrade test, podinfo-upgrade should already be in the cluster (version 6.3.3) (see .github/workflows/test-upgrade.yml) kubeCtlRolloutArgs := []string{"-n=podinfo-upgrade", "rollout", "status", "deployment/podinfo-upgrade"} - kubectlOut, _, _ := exec.Cmd("kubectl", kubeCtlRolloutArgs...) + kubectlOut, _, _ := kubectl(kubeCtlRolloutArgs...) require.Contains(t, kubectlOut, "successfully rolled out") kubeCtlGetArgs := []string{"-n=podinfo-upgrade", "get", "deployment", "podinfo-upgrade", "-o=jsonpath={.metadata.labels}}"} - kubectlOut, _, _ = exec.Cmd("kubectl", kubeCtlGetArgs...) + kubectlOut, _, _ = kubectl(kubeCtlGetArgs...) require.Contains(t, kubectlOut, "6.3.3") // We also expect a 6.3.4 package to have been previously built @@ -32,7 +41,7 @@ func TestPreviouslyBuiltZarfPackage(t *testing.T) { // Deploy the package. zarfDeployArgs := []string{"package", "deploy", previouslyBuiltPackage, "--confirm"} - stdOut, stdErr, err := exec.Cmd(zarfBinPath, zarfDeployArgs...) + stdOut, stdErr, err := zarf(zarfDeployArgs...) require.NoError(t, err, stdOut, stdErr) // [DEPRECATIONS] We expect any deprecated things to work from the old package @@ -41,21 +50,21 @@ func TestPreviouslyBuiltZarfPackage(t *testing.T) { // Verify that podinfo-upgrade successfully deploys in the cluster (version 6.3.4) kubeCtlRolloutArgs = []string{"-n=podinfo-upgrade", "rollout", "status", "deployment/podinfo-upgrade"} - kubectlOut, _, _ = exec.Cmd("kubectl", kubeCtlRolloutArgs...) + kubectlOut, _, _ = kubectl(kubeCtlRolloutArgs...) require.Contains(t, kubectlOut, "successfully rolled out") kubeCtlGetArgs = []string{"-n=podinfo-upgrade", "get", "deployment", "podinfo-upgrade", "-o=jsonpath={.metadata.labels}}"} - kubectlOut, _, _ = exec.Cmd("kubectl", kubeCtlGetArgs...) + kubectlOut, _, _ = kubectl(kubeCtlGetArgs...) require.Contains(t, kubectlOut, "6.3.4") // We also want to build a new package. - zarfCreateArgs := []string{"package", "create", "../../../src/test/upgrade-test", "--set", "PODINFO_VERSION=6.3.5", "--confirm"} - stdOut, stdErr, err = exec.Cmd(zarfBinPath, zarfCreateArgs...) + zarfCreateArgs := []string{"package", "create", "../../../src/test/upgrade", "--set", "PODINFO_VERSION=6.3.5", "--confirm"} + stdOut, stdErr, err = zarf(zarfCreateArgs...) require.NoError(t, err, stdOut, stdErr) newlyBuiltPackage := "zarf-package-test-upgrade-package-amd64-6.3.5.tar.zst" // Deploy the package. zarfDeployArgs = []string{"package", "deploy", newlyBuiltPackage, "--confirm"} - stdOut, stdErr, err = exec.Cmd(zarfBinPath, zarfDeployArgs...) + stdOut, stdErr, err = zarf(zarfDeployArgs...) require.NoError(t, err, stdOut, stdErr) // [DEPRECATIONS] We expect any deprecated things to work from the new package @@ -64,14 +73,14 @@ func TestPreviouslyBuiltZarfPackage(t *testing.T) { // Verify that podinfo-upgrade successfully deploys in the cluster (version 6.3.5) kubeCtlRolloutArgs = []string{"-n=podinfo-upgrade", "rollout", "status", "deployment/podinfo-upgrade"} - kubectlOut, _, _ = exec.Cmd("kubectl", kubeCtlRolloutArgs...) + kubectlOut, _, _ = kubectl(kubeCtlRolloutArgs...) require.Contains(t, kubectlOut, "successfully rolled out") kubeCtlGetArgs = []string{"-n=podinfo-upgrade", "get", "deployment", "podinfo-upgrade", "-o=jsonpath={.metadata.labels}}"} - kubectlOut, _, _ = exec.Cmd("kubectl", kubeCtlGetArgs...) + kubectlOut, _, _ = kubectl(kubeCtlGetArgs...) require.Contains(t, kubectlOut, "6.3.5") // Remove the package. zarfRemoveArgs := []string{"package", "remove", "test-upgrade-package", "--confirm"} - stdOut, stdErr, err = exec.Cmd(zarfBinPath, zarfRemoveArgs...) + stdOut, stdErr, err = zarf(zarfRemoveArgs...) require.NoError(t, err, stdOut, stdErr) } diff --git a/src/test/upgrade-test/zarf.yaml b/src/test/upgrade/zarf.yaml similarity index 92% rename from src/test/upgrade-test/zarf.yaml rename to src/test/upgrade/zarf.yaml index 4bd403e36b..3092d27a28 100644 --- a/src/test/upgrade-test/zarf.yaml +++ b/src/test/upgrade/zarf.yaml @@ -21,8 +21,8 @@ components: actions: onDeploy: after: - - cmd: "cat podinfo-cosign.pub" + - cmd: cat podinfo-cosign.pub mute: true setVariable: PODINFO_COSIGN_PUB - cmd: "echo \"Successfully deployed podinfo ###ZARF_PKG_VAR_PODINFO_VERSION### with the following cosign key:\\n\\n${ZARF_VAR_PODINFO_COSIGN_PUB}\"" - - cmd: "rm podinfo-cosign.pub" + - cmd: rm podinfo-cosign.pub diff --git a/zarf.yaml b/zarf.yaml index c22d6435a4..859813fde5 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -1,7 +1,7 @@ kind: ZarfInitConfig metadata: name: init - description: "Used to establish a new Zarf cluster" + description: Used to establish a new Zarf cluster components: - name: k3s