separate KMS into its own suite and reduce nodegroup creation time (#…

…4900) * separate KMS into its own suite and reduce nodegroup creation time * remove redundant fargate tests
eksctl-io · Mar 7, 2022 · 2d5e62b · 2d5e62b
1 parent 5cd40b8
commit 2d5e62b
Show file tree

Hide file tree

Showing 3 changed files with 118 additions and 91 deletions.
diff --git a/integration/tests/fargate/fargate_test.go b/integration/tests/fargate/fargate_test.go
@@ -148,39 +148,6 @@ var _ = Describe("(Integration) Fargate", func() {
 			deleteCluster(ft.clusterName)
 		})
 	})
-
-	Context("Creating a cluster with --fargate and --managed", func() {
-		ft := &fargateTest{}
-
-		BeforeEach(func() {
-			setup(ft, "--fargate", "--managed")
-		})
-
-		It("should support Fargate", func() {
-			testDefaultFargateProfile(ft.clusterName, ft.kubeTest)
-			testCreateFargateProfile(ft.clusterName, ft.kubeTest)
-		})
-
-		AfterEach(func() {
-			deleteCluster(ft.clusterName)
-		})
-	})
-
-	Context("Creating a cluster without --fargate", func() {
-		ft := &fargateTest{}
-
-		BeforeEach(func() {
-			setup(ft)
-		})
-
-		It("should allow creation of new Fargate profiles", func() {
-			testCreateFargateProfile(ft.clusterName, ft.kubeTest)
-		})
-
-		AfterEach(func() {
-			deleteCluster(ft.clusterName)
-		})
-	})
 })
 
 var _ = AfterSuite(func() {

diff --git a/integration/tests/kms/kms_test.go b/integration/tests/kms/kms_test.go
@@ -0,0 +1,118 @@
+//go:build integration
+// +build integration
+
+package kms
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"testing"
+	"time"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/kms"
+	. "github.com/weaveworks/eksctl/integration/runner"
+	"github.com/weaveworks/eksctl/integration/tests"
+	api "github.com/weaveworks/eksctl/pkg/apis/eksctl.io/v1alpha5"
+	"github.com/weaveworks/eksctl/pkg/eks"
+	"github.com/weaveworks/eksctl/pkg/testutils"
+
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
+)
+
+var params *tests.Params
+
+func init() {
+	// Call testing.Init() prior to tests.NewParams(), as otherwise -test.* will not be recognised. See also: https://golang.org/doc/go1.13#testing
+	testing.Init()
+	params = tests.NewParams("kms")
+}
+
+func TestEKSkms(t *testing.T) {
+	testutils.RegisterAndRun(t)
+}
+
+var _ = Describe("(Integration) [EKS kms test]", func() {
+	Context("Creating a cluster and enabling kms", func() {
+		var (
+			kmsKeyARN   *string
+			clusterName string
+			ctl         api.ClusterProvider
+		)
+
+		BeforeSuite(func() {
+			clusterName = params.NewClusterName("kms")
+			clusterConfig := api.NewClusterConfig()
+			clusterConfig.Metadata.Name = clusterName
+			clusterConfig.Metadata.Version = "latest"
+			clusterConfig.Metadata.Region = params.Region
+
+			data, err := json.Marshal(clusterConfig)
+			Expect(err).NotTo(HaveOccurred())
+
+			cmd := params.EksctlCreateCmd.
+				WithArgs(
+					"cluster",
+					"--config-file", "-",
+					"--verbose", "4",
+				).
+				WithoutArg("--region", params.Region).
+				WithStdin(bytes.NewReader(data))
+			Expect(cmd).To(RunSuccessfully())
+
+			clusterProvider, err := eks.New(&api.ProviderConfig{Region: params.Region}, clusterConfig)
+			Expect(err).NotTo(HaveOccurred())
+			ctl = clusterProvider.Provider
+
+			kmsClient := kms.New(ctl.ConfigProvider())
+			output, err := kmsClient.CreateKey(&kms.CreateKeyInput{
+				Description: aws.String(fmt.Sprintf("Key to test KMS encryption on EKS cluster %s", clusterName)),
+			})
+			Expect(err).NotTo(HaveOccurred())
+			kmsKeyARN = output.KeyMetadata.Arn
+		})
+
+		AfterSuite(func() {
+			cmd := params.EksctlDeleteCmd.WithArgs(
+				"cluster", clusterName,
+				"--verbose", "2",
+			)
+			Expect(cmd).To(RunSuccessfully())
+
+			kmsClient := kms.New(ctl.ConfigProvider())
+			_, err := kmsClient.ScheduleKeyDeletion(&kms.ScheduleKeyDeletionInput{
+				KeyId:               kmsKeyARN,
+				PendingWindowInDays: aws.Int64(7),
+			})
+			Expect(err).NotTo(HaveOccurred())
+		})
+
+		It("supports enabling KMS encryption", func() {
+			enableEncryptionCMD := func() Cmd {
+				return params.EksctlUtilsCmd.
+					WithTimeout(2*time.Hour).
+					WithArgs(
+						"enable-secrets-encryption",
+						"--cluster", clusterName,
+						"--key-arn", *kmsKeyARN,
+					)
+			}
+
+			By(fmt.Sprintf("enabling KMS encryption on the cluster using key %q", *kmsKeyARN))
+			cmd := enableEncryptionCMD()
+			Expect(cmd).To(RunSuccessfullyWithOutputStringLines(
+				ContainElement(ContainSubstring("initiated KMS encryption")),
+				ContainElement(ContainSubstring("KMS encryption applied to all Secret resources")),
+			))
+
+			By("ensuring `enable-secrets-encryption` works when KMS encryption is already enabled on the cluster")
+			cmd = enableEncryptionCMD()
+			Expect(cmd).To(RunSuccessfullyWithOutputStringLines(
+				ContainElement(ContainSubstring("KMS encryption is already enabled on the cluster")),
+				ContainElement(ContainSubstring("KMS encryption applied to all Secret resources")),
+			))
+		})
+	})
+})
diff --git a/integration/tests/unowned_cluster/unowned_cluster_test.go b/integration/tests/unowned_cluster/unowned_cluster_test.go
@@ -15,7 +15,6 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	cfn "github.com/aws/aws-sdk-go/service/cloudformation"
 	awseks "github.com/aws/aws-sdk-go/service/eks"
-	"github.com/aws/aws-sdk-go/service/kms"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 	"github.com/onsi/gomega/gbytes"
@@ -47,7 +46,6 @@ var _ = Describe("(Integration) [non-eksctl cluster & nodegroup support]", func(
 		ctl                        api.ClusterProvider
 		configFile                 *os.File
 		cfg                        *api.ClusterConfig
-		kmsKeyARN                  *string
 	)
 
 	BeforeSuite(func() {
@@ -67,32 +65,17 @@ var _ = Describe("(Integration) [non-eksctl cluster & nodegroup support]", func(
 		var err error
 		configFile, err = os.CreateTemp("", "")
 		Expect(err).NotTo(HaveOccurred())
-
 		if !params.SkipCreate {
 			clusterProvider, err := eks.New(&api.ProviderConfig{Region: params.Region}, cfg)
 			Expect(err).NotTo(HaveOccurred())
 			ctl = clusterProvider.Provider
 			cfg.VPC = createClusterWithNodeGroup(params.ClusterName, stackName, mng1, version, ctl)
-
-			kmsClient := kms.New(ctl.ConfigProvider())
-			output, err := kmsClient.CreateKey(&kms.CreateKeyInput{
-				Description: aws.String(fmt.Sprintf("Key to test KMS encryption on EKS cluster %s", params.ClusterName)),
-			})
-			Expect(err).NotTo(HaveOccurred())
-			kmsKeyARN = output.KeyMetadata.Arn
 		}
 	})
 
 	AfterSuite(func() {
 		if !params.SkipCreate && !params.SkipDelete {
 			deleteStack(stackName, ctl)
-
-			kmsClient := kms.New(ctl.ConfigProvider())
-			_, err := kmsClient.ScheduleKeyDeletion(&kms.ScheduleKeyDeletionInput{
-				KeyId:               kmsKeyARN,
-				PendingWindowInDays: aws.Int64(7),
-			})
-			Expect(err).NotTo(HaveOccurred())
 		}
 		Expect(os.RemoveAll(configFile.Name())).To(Succeed())
 
@@ -104,19 +87,7 @@ var _ = Describe("(Integration) [non-eksctl cluster & nodegroup support]", func(
 				Name: ng1,
 			}},
 		}
-		// write config file so that the nodegroup creates have access to the vpc spec
-		configData, err := json.Marshal(&cfg)
-		Expect(err).NotTo(HaveOccurred())
-		Expect(os.WriteFile(configFile.Name(), configData, 0755)).To(Succeed())
-		cmd := params.EksctlCreateNodegroupCmd.
-			WithArgs(
-				"--config-file", configFile.Name(),
-				"--verbose", "2",
-			)
-		Expect(cmd).To(RunSuccessfully())
-	})
 
-	It("supports creating managed nodegroups", func() {
 		cfg.ManagedNodeGroups = []*api.ManagedNodeGroup{{
 			NodeGroupBase: &api.NodeGroupBase{
 				Name: mng2,
@@ -360,35 +331,6 @@ var _ = Describe("(Integration) [non-eksctl cluster & nodegroup support]", func(
 		Expect(cmd).To(RunSuccessfully())
 	})
 
-	It("supports enabling KMS encryption", func() {
-		if params.SkipCreate {
-			Skip("not enabling KMS encryption because params.SkipCreate is true")
-		}
-		enableEncryptionCMD := func() Cmd {
-			return params.EksctlUtilsCmd.
-				WithTimeout(2*time.Hour).
-				WithArgs(
-					"enable-secrets-encryption",
-					"--cluster", params.ClusterName,
-					"--key-arn", *kmsKeyARN,
-				)
-		}
-
-		By(fmt.Sprintf("enabling KMS encryption on the cluster using key %q", *kmsKeyARN))
-		cmd := enableEncryptionCMD()
-		Expect(cmd).To(RunSuccessfullyWithOutputStringLines(
-			ContainElement(ContainSubstring("initiated KMS encryption")),
-			ContainElement(ContainSubstring("KMS encryption applied to all Secret resources")),
-		))
-
-		By("ensuring `enable-secrets-encryption` works when KMS encryption is already enabled on the cluster")
-		cmd = enableEncryptionCMD()
-		Expect(cmd).To(RunSuccessfullyWithOutputStringLines(
-			ContainElement(ContainSubstring("KMS encryption is already enabled on the cluster")),
-			ContainElement(ContainSubstring("KMS encryption applied to all Secret resources")),
-		))
-	})
-
 	It("supports deleting clusters", func() {
 		if params.SkipDelete {
 			Skip("params.SkipDelete is true")