Update versions and fix KES Test (#1457)

minio · Feb 28, 2023 · fdacf35 · fdacf35
1 parent 6c2cb23
commit fdacf35
Show file tree

Hide file tree

Showing 14 changed files with 126 additions and 79 deletions.
diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml
@@ -10,12 +10,12 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       -
         name: Set up Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
-          go-version: 1.19.x
+          go-version: 1.20.x
       -
         # Add support for more platforms with QEMU (optional)
         # https://github.com/docker/setup-qemu-action

diff --git a/.github/workflows/helm.yaml b/.github/workflows/helm.yaml
@@ -22,14 +22,14 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
 
@@ -45,14 +45,14 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
 

diff --git a/.github/workflows/kubernetes-tests.yml b/.github/workflows/kubernetes-tests.yml
@@ -10,11 +10,11 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: Get Dependedencies
@@ -26,12 +26,12 @@ jobs:
       - getdeps
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: Lint
@@ -43,12 +43,12 @@ jobs:
       - getdeps
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: govet
@@ -60,12 +60,12 @@ jobs:
       - getdeps
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: Go Test
@@ -77,12 +77,12 @@ jobs:
       - getdeps
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: Logsearch Binary
@@ -94,12 +94,12 @@ jobs:
       - getdeps
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: Operator Binary
@@ -112,12 +112,12 @@ jobs:
       - operator
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: Docker Container
@@ -136,12 +136,12 @@ jobs:
       - govet
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: Prometheus test on Kind
@@ -158,12 +158,12 @@ jobs:
       - govet
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
       - name: Tenant upgrade test on Kind
@@ -180,12 +180,12 @@ jobs:
       - govet
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
 
@@ -204,12 +204,12 @@ jobs:
       - govet
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
 
@@ -228,12 +228,12 @@ jobs:
       - govet
     strategy:
       matrix:
-        go-version: [ 1.19.x ]
+        go-version: [ 1.20.x ]
         os: [ ubuntu-latest ]
 
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-go@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
 

diff --git a/.github/workflows/shellcheck.yaml b/.github/workflows/shellcheck.yaml
@@ -11,7 +11,7 @@ jobs:
     name: Shellcheck
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - uses: actions/setup-go@v3
 
     - name: Run ShellCheck

diff --git a/.github/workflows/vulncheck.yml b/.github/workflows/vulncheck.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        go-version: [ 1.19 ]
+        go-version: [ 1.20.x ]
     steps:
     - name: Check out code into the Go module directory
       uses: actions/checkout@v3

diff --git a/.golangci.yml b/.golangci.yml
@@ -5,7 +5,7 @@ linters-settings:
     locale: US
 
 run:
-  go: '1.19'
+  go: '1.20'
 
 linters:
   disable-all: true

diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -15,7 +15,7 @@ before:
   hooks:
     - make clean
     - go generate ./...
-    - go mod tidy -compat=1.19
+    - go mod tidy -compat=1.20
     - go mod download
 
 builds:

diff --git a/Makefile b/Makefile
@@ -27,7 +27,7 @@ getdeps:
 	@echo "Checking dependencies"
 	@mkdir -p ${GOPATH}/bin
 	@echo "Installing golangci-lint" && \
-		go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.49.0 && \
+		go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest && \
 		echo "Installing govulncheck" && \
 		go install golang.org/x/vuln/cmd/govulncheck@latest
 

diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/minio/operator
 
-go 1.19
+go 1.20
 
 require (
 	github.com/blang/semver/v4 v4.0.0

diff --git a/kubectl-minio/go.mod b/kubectl-minio/go.mod
@@ -1,6 +1,6 @@
 module github.com/minio/kubectl-minio
 
-go 1.19
+go 1.20
 
 replace github.com/minio/operator => ../
 

diff --git a/logsearchapi/go.mod b/logsearchapi/go.mod
@@ -1,6 +1,6 @@
 module github.com/minio/operator/logsearchapi
 
-go 1.19
+go 1.20
 
 require (
 	github.com/georgysavva/scany v1.2.1

diff --git a/testing/common.sh b/testing/common.sh
@@ -88,9 +88,6 @@ function install_operator() {
     value=minio-operator
   fi
 
-  echo "Scaling down MinIO Operator Deployment"
-  try kubectl -n minio-operator scale deployment minio-operator --replicas=1
-
   # Reusing the wait for both, Kustomize and Helm
   echo "Waiting for k8s api"
   sleep 10
@@ -128,9 +125,6 @@ function install_operator_version() {
   # Initialize the MinIO Kubernetes Operator
   kubectl minio init
 
-  echo "Scaling down MinIO Operator Deployment"
-  try kubectl -n minio-operator scale deployment minio-operator --replicas=1
-
   # Verify installation of the plugin
   echo "Installed operator release: $(kubectl minio version)"
 

diff --git a/testing/console-tenant+kes.sh b/testing/console-tenant+kes.sh
@@ -109,29 +109,23 @@ function test_kes_tenant() {
       return 1
     fi
 
-    COOKIE=$(curl 'http://localhost:9090/api/v1/login/operator' -X POST \
-		  -H 'Content-Type: application/json' \
-		  --data-raw '{"jwt":"'$SA_TOKEN'"}' -i | grep "Set-Cookie: token=" | sed -e "s/Set-Cookie: token=//g" | awk -F ';' '{print $1}')
-    echo "COOKIE: ${COOKIE}"
-
-    echo "Creating Tenant"
-    CREDENTIALS=$(curl 'http://localhost:9090/api/v1/tenants' \
-		       -X POST \
-		       -H 'Content-Type: application/json' \
-		       -H 'Cookie: token='$COOKIE'' \
-		       --data-raw '{"name":"kes-tenant","namespace":"default","access_key":"","secret_key":"","access_keys":[],"secret_keys":[],"enable_tls":true,"enable_console":true,"enable_prometheus":true,"service_name":"","image":"","expose_minio":true,"expose_console":true,"pools":[{"name":"pool-0","servers":4,"volumes_per_server":1,"volume_configuration":{"size":26843545600,"storage_class_name":"standard"},"securityContext":null,"affinity":{"podAntiAffinity":{"requiredDuringSchedulingIgnoredDuringExecution":[{"labelSelector":{"matchExpressions":[{"key":"v1.min.io/tenant","operator":"In","values":["kes-tenant"]},{"key":"v1.min.io/pool","operator":"In","values":["pool-0"]}]},"topologyKey":"kubernetes.io/hostname"}]}}}],"erasureCodingParity":2,"logSearchConfiguration":{"image":"minio/operator:dev","postgres_image":"","postgres_init_image":""},"prometheusConfiguration":{"image":"","sidecar_image":"","init_image":""},"tls":{"minio":[],"ca_certificates":[],"console_ca_certificates":[]},"encryption":{"replicas":"1","securityContext":{"runAsUser":"1000","runAsGroup":"1000","fsGroup":"1000","runAsNonRoot":true},"image":"","vault":{"endpoint":"http://vault.default.svc.cluster.local:8200","engine":"","namespace":"","prefix":"my-minio","approle":{"engine":"","id":"'$ROLE_ID'","secret":"'$SECRET_ID'","retry":0},"tls":{},"status":{"ping":0}}},"idp":{"keys":[{"access_key":"console","secret_key":"console123"}]}}')
-    echo "CREDENTIALS: ${CREDENTIALS}"
-
-    echo "Check Tenant Status in default name space for kes-tenant:"
-    check_tenant_status default kes-tenant
+	echo "Creating Tenant"
+	sed -i -e 's/ROLE_ID/'"$ROLE_ID"'/g' "${SCRIPT_DIR}/kes-config.yaml"
+	sed -i -e 's/SECRET_ID/'"$SECRET_ID"'/g' "${SCRIPT_DIR}/kes-config.yaml"
+	cp "${SCRIPT_DIR}/kes-config.yaml" "${SCRIPT_DIR}/../examples/kustomization/tenant-kes-encryption/kes-configuration-secret.yaml"
+	yq e -i '.spec.kes.image = "minio/kes:v0.22.3"' "${SCRIPT_DIR}/../examples/kustomization/tenant-kes-encryption/tenant.yaml"
+	kubectl apply -k "${SCRIPT_DIR}/../examples/kustomization/tenant-kes-encryption"
 
-    echo "Port Forwarding tenant"
-    try kubectl port-forward $(kubectl get pods -l v1.min.io/tenant=kes-tenant | grep -v NAME | awk '{print $1}' | head -1) 9000 &
+    echo "Check Tenant Status in tenant-kms-encrypted name space for storage-kms-encrypted:"
+    check_tenant_status tenant-kms-encrypted storage-kms-encrypted
 
-    TENANT_CONFIG_SECRET=$(kubectl -n default get tenants.minio.min.io kes-tenant -o jsonpath="{.spec.configuration.name}")
-    USER=$(kubectl -n default get secrets "$TENANT_CONFIG_SECRET" -o go-template='{{index .data "config.env"|base64decode }}' | grep 'export MINIO_ROOT_USER="' | sed -e 's/export MINIO_ROOT_USER="//g' | sed -e 's/"//g')
-    PASSWORD=$(kubectl -n default get secrets "$TENANT_CONFIG_SECRET" -o go-template='{{index .data "config.env"|base64decode }}' | grep 'export MINIO_ROOT_PASSWORD="' | sed -e 's/export MINIO_ROOT_PASSWORD="//g' | sed -e 's/"//g')
+    echo "Port Forwarding tenant"
+    try kubectl port-forward $(kubectl get pods -l v1.min.io/tenant=storage-kms-encrypted -n tenant-kms-encrypted | grep -v NAME | awk '{print $1}' | head -1) 9000 -n tenant-kms-encrypted &
 
+    TENANT_CONFIG_SECRET=$(kubectl -n tenant-kms-encrypted get tenants.minio.min.io storage-kms-encrypted -o jsonpath="{.spec.configuration.name}")
+    # kes-tenant-env-configuration
+    USER=$(kubectl -n tenant-kms-encrypted get secrets "$TENANT_CONFIG_SECRET" -o go-template='{{index .data "config.env"|base64decode }}' | grep 'export MINIO_ROOT_USER="' | sed -e 's/export MINIO_ROOT_USER="//g' | sed -e 's/"//g')
+    PASSWORD=$(kubectl -n tenant-kms-encrypted get secrets "$TENANT_CONFIG_SECRET" -o go-template='{{index .data "config.env"|base64decode }}' | grep 'export MINIO_ROOT_PASSWORD="' | sed -e 's/export MINIO_ROOT_PASSWORD="//g' | sed -e 's/"//g')
 
     totalwait=0
     until (mc config host add kestest https://localhost:9000 $USER $PASSWORD --insecure); do