-
Notifications
You must be signed in to change notification settings - Fork 30
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
103 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -82,3 +82,101 @@ jobs: | |
|
||
- name: Unit tests and envtest integration tests | ||
run: make test | ||
|
||
# k3d integration tests | ||
- name: In cluster integration tests | ||
run: | | ||
export GNUPGHOME="$(mktemp -d)" | ||
cat >$GNUPGHOME/foo <<EOF | ||
%echo Generating a basic OpenPGP key | ||
Key-Type: DSA | ||
Key-Length: 1024 | ||
Subkey-Type: ELG-E | ||
Subkey-Length: 1024 | ||
Name-Real: Joe Tester | ||
Name-Comment: with stupid passphrase | ||
Name-Email: [email protected] | ||
Expire-Date: 0 | ||
Passphrase: abc | ||
%no-protection | ||
%commit | ||
%echo done | ||
EOF | ||
gpg2 --batch --gen-key $GNUPGHOME/foo | ||
export SOPS_GPG_EXEC=$( which gpg2 ) | ||
export FP=$( gpg2 --with-colons --fingerprint | awk -F: '$1 == "fpr" {print $10; exit}' ) | ||
echo "Fingreprint: $FP ; gpg executable: $SOPS_GPG_EXEC" | ||
# Run k8s related commands | ||
kubectl create namespace sops | ||
make install | ||
sleep 3 | ||
sops -e -p $FP \ | ||
--encrypted-suffix='Templates' \ | ||
config/samples/isindir_v1alpha3_sopssecret.yaml \ | ||
> config/samples/isindir_v1alpha3_sopssecret.enc.yaml | ||
file config/samples/isindir_v1alpha3_sopssecret.enc.yaml | ||
echo "=====================================" | ||
cat config/samples/isindir_v1alpha3_sopssecret.enc.yaml | ||
echo "=====================================" | ||
kubectl apply -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops | ||
sleep 3 | ||
nohup make run & | ||
sleep 150 | ||
kubectl get sops --namespace sops | ||
echo | ||
kubectl get secrets --namespace sops | ||
echo | ||
export SECRETS_NUMBER=$( kubectl get secrets --namespace sops --no-headers \ | ||
| awk '$0 !~ /default-token/ { print $1; }' \ | ||
| wc -l ) | ||
if [[ $SECRETS_NUMBER -ne 5 ]]; then | ||
echo "Expected number of secrets in sops namespace is 5 - Failed" | ||
tail -40 nohup.out | ||
exit 1 | ||
fi | ||
# Check specific k8s for amount of data entries | ||
## my-secret-name-0 | ||
export DATA_ENTRIES=$( kubectl get secrets my-secret-name-0 --namespace sops --no-headers \ | ||
| awk '{print $3}' ) | ||
if [[ $DATA_ENTRIES -ne 2 ]]; then | ||
echo "Expected number of data entries in my-secret-name-0 is 2 - Failed" | ||
tail -40 nohup.out | ||
exit 1 | ||
fi | ||
## my-secret-name-1 | ||
export DATA_ENTRIES=$( kubectl get secrets my-secret-name-1 --namespace sops --no-headers \ | ||
| awk '{print $3}' ) | ||
if [[ $DATA_ENTRIES -ne 3 ]]; then | ||
echo "Expected number of data entries in my-secret-name-1 is 3 - Failed" | ||
tail -40 nohup.out | ||
exit 1 | ||
fi | ||
## my-secret-name-2 | ||
export DATA_ENTRIES=$( kubectl get secrets my-secret-name-2 --namespace sops --no-headers \ | ||
| awk '{print $3}' ) | ||
if [[ $DATA_ENTRIES -ne 2 ]]; then | ||
echo "Expected number of data entries in my-secret-name-2 is 2 - Failed" | ||
tail -40 nohup.out | ||
exit 1 | ||
fi | ||
# Delete to check GC works | ||
kubectl delete -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops | ||
sleep 15 | ||
kubectl get sops --namespace sops | ||
echo | ||
kubectl get secrets --namespace sops | ||
echo | ||
export SECRETS_NUMBER=$( kubectl get secrets --namespace sops \ | ||
| awk '$0!~/default-token/ && $0!~/NAME/ { print $1; }' \ | ||
| wc -l ) | ||
if [[ $SECRETS_NUMBER -ne 0 ]]; then | ||
echo "Expected number of secrets in sops namespace is 0 - Failed" | ||
exit 1 | ||
fi | ||
rm -fr $GNUPGHOME | ||
- name: Docker build | ||
run: | | ||
make docker-login | ||
make docker-cross-build |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters