Skip to content
This repository has been archived by the owner on Mar 19, 2024. It is now read-only.

Update e2e tests to work on k8s 1.24 #393

Merged
merged 4 commits into from
Sep 27, 2022
Merged

Update e2e tests to work on k8s 1.24 #393

merged 4 commits into from
Sep 27, 2022

Conversation

nathancoleman
Copy link
Member

@nathancoleman nathancoleman commented Sep 27, 2022
edited
Loading

Changes proposed in this PR:

Kubernetes 1.24 no longer implicitly creates a Secret w/ a token in it when a ServiceAccount is created. This PR modifies our e2e tests to create the Secret explicitly which is the documented solution.

I found this to be a helpful explanation of what's happening.

Note A pod running w/ the ServiceAccount still has a token mounted inside even though the Secret that previously contained this token is no longer created. This is why Consul API Gateway works on K8s 1.24 in a standard deployment; however, our e2e test deployment does not run inside a pod and so requires the changes in this PR.

How I've tested this PR:

🤖 tests pass

How I expect reviewers to test this PR:

See above

Checklist:

  • Tests added
  • CHANGELOG entry added

    Run make changelog-entry for guidance in authoring a changelog entry, and
    commit the resulting file, which should have a name matching your PR number.
    Entries should use imperative present tense (e.g. Add support for...)

@nathancoleman
Update kind control-plane image for e2e tests
e7e0fa6
@nathancoleman
Create service-account-token Secret explicitly
8397d55 
This enables our e2e tests to work w/ Kubernetes 1.24 which no longer implicitly creates the Secret when the ServiceAccount is created
@nathancoleman nathancoleman added the pr/no-changelog Skip the CI check that requires a changelog entry label Sep 27, 2022
@nathancoleman nathancoleman changed the title E2e k8s 124 Update e2e tests to work on k8s 1.24 Sep 27, 2022
@nathancoleman nathancoleman requested a review from a team September 27, 2022 19:00
@nathancoleman nathancoleman marked this pull request as ready for review September 27, 2022 19:00
nathancoleman
nathancoleman commented Sep 27, 2022
View reviewed changes
Copy link
Member Author

@nathancoleman nathancoleman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Personal review

internal/testing/e2e/kubernetes.go
Comment on lines -260 to -275
serviceAccount := core.ServiceAccount{}
if err := client.Resources().Get(ctx, account, namespace, &serviceAccount); err != nil {
return nil, err
}
if len(serviceAccount.Secrets) == 0 {
return nil, errors.New("can't find secret")
}
secretName := serviceAccount.Secrets[0].Name
token := core.Secret{}
if err := client.Resources().Get(ctx, secretName, namespace, &token); err != nil {
return nil, err
}
tokenData, found := token.Data["token"]
if !found {
return nil, errors.New("token not found")
}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This logic was fetching the same K8s token that already existed on ctx

.github/workflows/ci.yml
@@ -112,7 +112,7 @@ jobs:

- name: Install Dependencies
run: |
curl -L https://kind.sigs.k8s.io/dl/v0.11.1/kind-linux-amd64 -o ./kind
curl -L https://kind.sigs.k8s.io/dl/v0.16.0/kind-linux-amd64 -o ./kind
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

New version of kind needed to support the 1.24 control plane image

.github/actions/setup-kind/action.yml Outdated Show resolved Hide resolved
@nathancoleman nathancoleman marked this pull request as draft September 27, 2022 20:24
@nathancoleman nathancoleman marked this pull request as ready for review September 27, 2022 21:37
@nathancoleman nathancoleman merged commit 6d1d6fc into main Sep 27, 2022
@nathancoleman nathancoleman deleted the e2e-k8s-124 branch September 27, 2022 22:47
@mikemorris mikemorris mentioned this pull request Sep 28, 2022
Merged
2 tasks
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mikemorris mikemorris mikemorris approved these changes

Assignees
No one assigned
Labels
pr/no-changelog Skip the CI check that requires a changelog entry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nathancoleman @mikemorris