Update k8s version in CI to unblock CI tests

.github/workflows/kubeapps-general.yaml

@@ -52,7 +52,7 @@ env:
   # Currently, we only build the images for linux/amd64 because building cross-platform images is extremely slow...
   IMG_PLATFORMS: "linux/amd64"
   KAPP_CONTROLLER_VERSION: "v0.43.2"
-  K8S_KIND_VERSION: "v1.22.15@sha256:bfd5eaae36849bfb3c1e3b9442f3da17d730718248939d9d547e86bbac5da586"
+  K8S_KIND_VERSION: "v1.24.7@sha256:5c015142d9b60a0f6c45573f809957076514e38ec973565e2b2fe828b91597f5"
   KIND_VERSION: "v0.17.0"
   KUBECTL_VERSION: "v1.24.7"
   MKCERT_VERSION: "v1.4.4"
@@ -507,7 +507,7 @@ jobs:
       - name: "Run e2e tests script"
         run: ./script/run_e2e_tests.sh
       - name: "Print k8s KubeappsAPIs logs if the tests fail"
-        run: kubectl --context kind-kubeapps-ci --kubeconfig ${HOME}/.kube/kind-config-kubeapps-ci logs -n kubeapps deploy/kubeapps-internal-kubeappsapis
+        run: kubectl --context kind-kubeapps-ci --kubeconfig ${HOME}/.kube/kind-config-kubeapps-ci logs -n kubeapps deploy/kubeapps-ci-internal-kubeappsapis
         if: failure() && env.TEST_RESULT == 1
         continue-on-error: true
       - name: 'Upload Artifacts'

cmd/kubeapps-apis/plugins/pkg/resourcerefs/resourcerefs.go

@@ -6,17 +6,19 @@ package resourcerefs
 import (
 	"context"
 	goerrs "errors"
-	"github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/pkg/helm"
 	"io"
 	"strings"
 
+	"github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/pkg/helm"
+
 	corev1 "github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/gen/core/packages/v1alpha1"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 	"helm.sh/helm/v3/pkg/action"
 	"helm.sh/helm/v3/pkg/storage/driver"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/yaml"
+	log "k8s.io/klog/v2"
 )
 
 type yamlMetadata struct {
@@ -91,6 +93,7 @@ func GetInstalledPackageResourceRefs(
 	ctx context.Context,
 	helmReleaseName types.NamespacedName,
 	actionConfigGetter helm.HelmActionConfigGetterFunc) ([]*corev1.ResourceRef, error) {
+	log.InfoS("+resourcerefs GetInstalledPackageResourceRefs", "helmReleaseName", helmReleaseName)
 	namespace := helmReleaseName.Namespace
 
 	actionConfig, err := actionConfigGetter(ctx, namespace)
@@ -109,6 +112,7 @@ func GetInstalledPackageResourceRefs(
 	release, err := getcmd.Run(helmReleaseName.Name)
 	if err != nil {
 		if err == driver.ErrReleaseNotFound {
+			log.ErrorS(err, "resourcerefs GetInstalledPackageResourceRefs")
 			return nil, status.Errorf(codes.NotFound, "Unable to find Helm release %q in namespace %q: %+v", helmReleaseName, namespace, err)
 		}
 		return nil, status.Errorf(codes.Internal, "Unable to run Helm get action: %v", err)

script/e2e-test.sh

@@ -252,6 +252,7 @@ installFlux() {
   # Warning  FailedScheduling  19s (x7 over 6m)  default-scheduler  0/1 nodes are available: 1 Insufficient cpu.
   curl -o /tmp/flux_install.yaml -LO "${url}"
   cat /tmp/flux_install.yaml | sed -e 's/cpu: 100m/cpu: 75m/g' | kubectl apply -f -
+  kubectl --namespace ${namespace} scale --replicas=0 deployment/image-automation-controller deployment/image-reflector-controller deployment/kustomize-controller
 
   # wait for deployments to be ready
   k8s_wait_for_deployment ${namespace} helm-controller
@@ -499,20 +500,50 @@ done
 kubectl cp ./tests "default/${pod}:/app/"
 info "Copied tests to e2e-runner pod default/${pod}"
 
-## Create admin user
+## Create admin user with manual token
 kubectl create serviceaccount kubeapps-operator -n kubeapps
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubeapps-operator-token
+  namespace: kubeapps
+  annotations:
+    kubernetes.io/service-account.name: kubeapps-operator
+type: kubernetes.io/service-account-token
+EOF
 kubectl create clusterrolebinding kubeapps-operator-admin --clusterrole=cluster-admin --serviceaccount kubeapps:kubeapps-operator
 kubectl create clusterrolebinding kubeapps-repositories-write --clusterrole kubeapps:kubeapps:apprepositories-write --serviceaccount kubeapps:kubeapps-operator
 kubectl create rolebinding kubeapps-sa-operator-apprepositories-write -n kubeapps-user-namespace --clusterrole=kubeapps:kubeapps:apprepositories-write --serviceaccount kubeapps:kubeapps-operator
 ## Create view user
 kubectl create serviceaccount kubeapps-view -n kubeapps
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubeapps-view-token
+  namespace: kubeapps
+  annotations:
+    kubernetes.io/service-account.name: kubeapps-view
+type: kubernetes.io/service-account-token
+EOF
 kubectl create role view-secrets --verb=get,list,watch --resource=secrets
 kubectl create rolebinding kubeapps-view-secret --role view-secrets --serviceaccount kubeapps:kubeapps-view
 kubectl create clusterrolebinding kubeapps-view --clusterrole=view --serviceaccount kubeapps:kubeapps-view
 kubectl create rolebinding kubeapps-view-user-apprepo-read -n kubeapps-user-namespace --clusterrole=kubeapps:kubeapps:apprepositories-read --serviceaccount kubeapps:kubeapps-view
 kubectl create rolebinding kubeapps-view-user -n kubeapps-user-namespace --clusterrole=edit --serviceaccount kubeapps:kubeapps-view
 ## Create edit user
 kubectl create serviceaccount kubeapps-edit -n kubeapps
+cat <<EOF | kubectl apply -f -
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kubeapps-edit-token
+  namespace: kubeapps
+  annotations:
+    kubernetes.io/service-account.name: kubeapps-edit
+type: kubernetes.io/service-account-token
+EOF
 # TODO(minelson): Many of these roles/bindings need to be cleaned up. Some are
 # unnecessary (with chart changes), some should not be created (such as edit
 # here having the edit cluster role in the kubeapps namespace - should just be
@@ -535,9 +566,9 @@ retry_while "kubectl get -n kubeapps serviceaccount kubeapps-operator -o name" "
 retry_while "kubectl get -n kubeapps serviceaccount kubeapps-view -o name" "5" "1"
 retry_while "kubectl get -n kubeapps serviceaccount kubeapps-edit -o name" "5" "1"
 ## Retrieve tokens
-admin_token="$(kubectl get -n kubeapps secret "$(kubectl get -n kubeapps serviceaccount kubeapps-operator -o jsonpath='{.secrets[].name}')" -o go-template='{{.data.token | base64decode}}')"
-view_token="$(kubectl get -n kubeapps secret "$(kubectl get -n kubeapps serviceaccount kubeapps-view -o jsonpath='{.secrets[].name}')" -o go-template='{{.data.token | base64decode}}')"
-edit_token="$(kubectl get -n kubeapps secret "$(kubectl get -n kubeapps serviceaccount kubeapps-edit -o jsonpath='{.secrets[].name}')" -o go-template='{{.data.token | base64decode}}')"
+admin_token="$(kubectl get -n kubeapps secret kubeapps-operator-token -o go-template='{{.data.token | base64decode}}')"
+view_token="$(kubectl get -n kubeapps secret kubeapps-view-token -o go-template='{{.data.token | base64decode}}')"
+edit_token="$(kubectl get -n kubeapps secret kubeapps-edit-token -o go-template='{{.data.token | base64decode}}')"
 
 info "Bootstrap time: $(elapsedTimeSince "$startTime")"
 

script/makefiles/cluster-kind.mk

@@ -6,7 +6,7 @@
 KUBE ?= ${HOME}/.kube
 CLUSTER_NAME ?= kubeapps
 ADDITIONAL_CLUSTER_NAME ?= kubeapps-additional
-IMAGE ?= kindest/node:v1.24.0@sha256:0866296e693efe1fed79d5e6c7af8df71fc73ae45e3679af05342239cdc5bc8e
+IMAGE ?= kindest/node:v1.24.7@sha256:5c015142d9b60a0f6c45573f809957076514e38ec973565e2b2fe828b91597f5
 
 CLUSTER_CONFIG = ${KUBE}/kind-config-${CLUSTER_NAME}
 ADDITIONAL_CLUSTER_CONFIG = ${KUBE}/kind-config-${ADDITIONAL_CLUSTER_NAME}