Skip to content

Commit

Permalink
Adding tests for SSL and some fixes to test-cli
Browse files Browse the repository at this point in the history
Signed-off-by: jackyalbo <jacky.albo@gmail.com>
  • Loading branch information
jackyalbo committed Sep 14, 2023
1 parent bb1c788 commit 9ff275f
Show file tree
Hide file tree
Showing 9 changed files with 284 additions and 22 deletions.
5 changes: 5 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -199,6 +199,11 @@ test-cli-flow:
@echo "✅ test-cli-flow"
.PHONY: test-cli-flow

test-cli-flow-dev:
$(TIME) ./test/cli/test_cli_flow.sh --dev
@echo "✅ test-cli-flow-dev"
.PHONY: test-cli-flow-dev

test-core-config-map-flow:
$(TIME) ./test/cli/test_cli_flow.sh --check_core_config_map
@echo "✅ test-core-config-map-flow"
Expand Down
4 changes: 4 additions & 0 deletions pkg/backingstore/backingstore.go
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,10 @@ const (
// Test ENV minimal resources
testEnvMinCPUString string = "50m"
testEnvMinMemoryString string = "200Mi"

// Dev ENV minimal resources
devEnvMinCPUString string = "500m"
devEnvMinMemoryString string = "500Mi"
)

// CmdCreatePVPool returns a CLI command
Expand Down
6 changes: 6 additions & 0 deletions pkg/backingstore/reconciler.go
Original file line number Diff line number Diff line change
Expand Up @@ -1397,6 +1397,7 @@ func (r *Reconciler) upgradeBackingStore(sts *appsv1.StatefulSet) error {
}

func (r *Reconciler) reconcileResources(src, dst *corev1.ResourceList, minCPU, minMem resource.Quantity) error {
log := r.Logger
cpu := minCPU
mem := minMem

Expand All @@ -1416,6 +1417,7 @@ func (r *Reconciler) reconcileResources(src, dst *corev1.ResourceList, minCPU, m
mem = qty
}
}
log.Infof("BackingStore %q was created with resurce cpu:%v mem:%v.", r.BackingStore.Name, cpu, mem)

(*dst)[corev1.ResourceCPU] = cpu
(*dst)[corev1.ResourceMemory] = mem
Expand All @@ -1431,5 +1433,9 @@ func getMinimalResourcesByEnv() (string, string) {
minCPUStringByEnv = testEnvMinCPUString
minMemoryStringByEnv = testEnvMinMemoryString
}
if util.IsDevEnv() {
minCPUStringByEnv = devEnvMinCPUString
minMemoryStringByEnv = devEnvMinMemoryString
}
return minCPUStringByEnv, minMemoryStringByEnv
}
9 changes: 9 additions & 0 deletions pkg/operator/operator.go
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,15 @@ func RunInstall(cmd *cobra.Command, args []string) {
})
c.Deployment.Spec.Template.Spec.Containers[0].Env = operatorContainer.Env
}
devEnv, _ := cmd.Flags().GetBool("dev")
if devEnv {
operatorContainer := c.Deployment.Spec.Template.Spec.Containers[0]
operatorContainer.Env = append(operatorContainer.Env, corev1.EnvVar{
Name: "DEV_ENV",
Value: "true",
})
c.Deployment.Spec.Template.Spec.Containers[0].Env = operatorContainer.Env
}

admission, _ := cmd.Flags().GetBool("admission")
if admission {
Expand Down
12 changes: 11 additions & 1 deletion pkg/util/util.go
Original file line number Diff line number Diff line change
Expand Up @@ -434,7 +434,7 @@ func KubeDelete(obj client.Object, opts ...client.DeleteOption) bool {
}

time.Sleep(10 * time.Millisecond)

err = wait.PollUntilContextCancel(ctx, time.Second, true, func(ctx context.Context) (bool, error) {
err := klient.Delete(ctx, obj, opts...)
if err == nil {
Expand Down Expand Up @@ -2157,3 +2157,13 @@ func IsTestEnv() bool {
}
return false
}

// IsDevEnv checks for DEV_ENV env var existance and equality
// to true and returns true or false accordingly
func IsDevEnv() bool {
devEnv, ok := os.LookupEnv("DEV_ENV")
if ok && devEnv == "true" {
return true
}
return false
}
107 changes: 107 additions & 0 deletions test/cli/resources/external-db-ssl.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
apiVersion: v1
kind: Service
metadata:
name: postgres-external
namespace: test
spec:
type: ClusterIP
selector:
app: external-db
ports:
- port: 5432
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ssl-postgres-conf-sh
namespace: test
labels:
app: noobaa
data:
sslconf.sh: |
#!/bin/bash
# echo ssl setting into pg_hba.conf configuration file
echo 'local all all trust' > /var/lib/postgresql/data/pg_hba.conf
echo 'hostssl all all all cert clientcert=verify-full' >> /var/lib/postgresql/data/pg_hba.conf
---
apiVersion: v1
kind: Pod
metadata:
labels:
app: external-db
name: postgres-external
namespace: test
spec:
initContainers:
- name: volume-mount-hack
image: postgres:15
command: ["sh", "-c", "cp /etc/ssl/server.key /etc/private/server.key && chown root:ssl-cert /etc/private/server.key"]
volumeMounts:
- name: postgres-ssl
mountPath: /etc/ssl
- name: key-volume
mountPath: /etc/private
containers:
- name: external-db-ssl
image: postgres:15
args:
- -c
- ssl=on
- -c
- ssl_cert_file=/etc/ssl/server.crt
- -c
- ssl_key_file=/etc/private/server.key
- -c
- ssl_ca_file=/etc/ssl/ca.crt
imagePullPolicy: IfNotPresent
resources:
# https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
# requests:
# cpu: 100m
# memory: 500Mi
# limits:
# cpu: 100m
# memory: 500Mi
requests:
cpu: 1000m
memory: 2Gi
limits:
cpu: 1000m
memory: 2Gi
env:
- name: POSTGRES_PASSWORD
value: noobaa
- name: LC_COLLATE
value: C
ports:
- containerPort: 5432
volumeMounts:
- name: postgres-ssl
mountPath: /etc/ssl
- name: key-volume
mountPath: /etc/private
- name: ssl-postgres-conf-sh-volume
mountPath: /docker-entrypoint-initdb.d
volumes:
- name: key-volume
emptyDir: {}
- name: ssl-postgres-conf-sh-volume
configMap:
name: ssl-postgres-conf-sh
items:
- key: sslconf.sh
path: sslconf.sh
- name: postgres-ssl
secret:
secretName: postgres-ssl
defaultMode: 0600
items:
- key: server.key
path: server.key
mode: 0640
- key: server.crt
path: server.crt
mode: 0777
- key: ca.crt
path: ca.crt
mode: 0777
39 changes: 39 additions & 0 deletions test/cli/resources/external-db.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
apiVersion: v1
kind: Service
metadata:
name: postgres-external
namespace: test
spec:
type: ClusterIP
selector:
app: external-db
ports:
- port: 5432
---
apiVersion: v1
kind: Pod
metadata:
labels:
app: external-db
name: postgres-external
namespace: test
spec:
containers:
- name: external-db
image: postgres:15
imagePullPolicy: IfNotPresent
resources:
requests:
cpu: 100m
memory: 500Mi
limits:
cpu: 100m
memory: 500Mi
env:
- name: POSTGRES_PASSWORD
value: noobaa
- name: LC_COLLATE
value: C
ports:
- containerPort: 5432

24 changes: 20 additions & 4 deletions test/cli/test_cli_flow.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ export PS4='\e[36m+ ${FUNCNAME:-main}\e[0m@\e[32m${BASH_SOURCE}:\e[35m${LINENO}

NAMESPACE='test'
CM=false
RESOURCE='mini'

function post_install_tests {
aws_credentials
Expand All @@ -31,12 +32,18 @@ function post_install_tests {
}

function main {
local install_external=$((RANDOM%2))
local install_external=$((RANDOM%3))
install_external=2
if [ ${install_external} -eq 0 ]
then
noobaa_install_external
else
noobaa_install
if [ ${install_external} -eq 1 ]
then
noobaa_install_external_ssl
else
noobaa_install
fi
fi
if [ "${CM}" == "true" ]
then
Expand All @@ -47,7 +54,12 @@ function main {
if [ ${install_external} -eq 0 ]
then
delete_external_postgres
fi
else
if [ ${install_external} -eq 1 ]
then
delete_external_postgres_ssl
fi
fi
}

function usage {
Expand Down Expand Up @@ -95,7 +107,11 @@ do
-n|--namespace) NAMESPACE=${2}
shift 2;;
--check_core_config_map) CM=true
shift;;
shift;;
--dev) RESOURCE='dev'
shift;;
--mini) RESOURCE='mini'
shift;;
-h|--help) usage;;
*) usage;;
esac
Expand Down
Loading

0 comments on commit 9ff275f

Please sign in to comment.