Skip to content

Commit

Permalink
NODE-5655 add docker auth to tests
Browse files Browse the repository at this point in the history
  • Loading branch information
braek-neck committed Sep 18, 2024
1 parent c36e91d commit 9ad50c3
Show file tree
Hide file tree
Showing 7 changed files with 26 additions and 16 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ on:
branches: ['main']
types: ['opened', 'reopened', 'synchronize']
paths:
- '.github/workflows/ci.yaml'
- '.github/workflows/test.yaml'
- 'helm/**'
- 'files/**'
- 'cmd/**'
Expand Down
24 changes: 12 additions & 12 deletions .github/workflows/test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -154,9 +154,9 @@ jobs:
method: kubernetes
path: kubernetes-ci
secrets: |
kv-gitlab-ci/data/github/sidecar api_token ;
kv-gitlab-ci/data/github/shared/dockerhub-creds user | DOCKERHUB_USER ;
kv-gitlab-ci/data/github/shared/dockerhub-creds password | DOCKERHUB_PASSWORD ;
kv-gitlab-ci/data/github/sidecar api_token ;
- name: Checkout
uses: actions/checkout@v3
Expand All @@ -174,11 +174,6 @@ jobs:
kubectl cluster-info
kubectl wait --for=condition=Ready pods --all --timeout=180s -n kube-system
echo "current-context:" $(kubectl config current-context)
echo "[test-env] creating secret docker-registry ..."
kubectl create secret docker-registry dockerhub-secret \
--docker-username="${DOCKERHUB_USER}" \
--docker-password="${DOCKERHUB_PASSWORD}" \
[email protected]
- name: Load cache
if: ${{ inputs.load_artifact }}
Expand All @@ -193,6 +188,11 @@ jobs:
- name: Install Helm chart
run: |
unset KUBERNETES_SERVICE_HOST
echo "[test-env] creating secret docker-registry ..."
kubectl create secret docker-registry dockerhub-secret \
--docker-username="${DOCKERHUB_USER}" \
--docker-password="${DOCKERHUB_PASSWORD}" \
[email protected]
helm install wallarm-sidecar ./helm -f helm/values.test.yaml \
--set config.wallarm.api.token=${API_TOKEN} \
--debug \
Expand All @@ -209,6 +209,11 @@ jobs:
- name: Deploy pytest
run: |
unset KUBERNETES_SERVICE_HOST
kubectl create namespace pytest
kubectl -n pytest create secret docker-registry dockerhub-secret \
--docker-username="${DOCKERHUB_USER}" \
--docker-password="${DOCKERHUB_PASSWORD}" \
[email protected]
kubectl apply -f kind/docker/manifests/init/pytest.yaml
while [[ -z $(kubectl -n pytest get pods -o name) ]]; do
sleep 1
Expand Down Expand Up @@ -237,9 +242,9 @@ jobs:
method: kubernetes
path: kubernetes-ci
secrets: |
kv-gitlab-ci/data/github/sidecar api_token | WALLARM_API_TOKEN ;
kv-gitlab-ci/data/github/shared/dockerhub-creds user | DOCKERHUB_USER ;
kv-gitlab-ci/data/github/shared/dockerhub-creds password | DOCKERHUB_PASSWORD ;
kv-gitlab-ci/data/github/sidecar api_token | WALLARM_API_TOKEN ;
- name: Checkout
uses: actions/checkout@v3
Expand All @@ -251,11 +256,6 @@ jobs:
echo ${DOCKERHUB_PASSWORD} | docker login -u ${DOCKERHUB_USER} --password-stdin
kind create cluster --image kindest/node:v1.28.7
kubectl wait --for=condition=Ready pods --all --timeout=180s -n kube-system
echo "[test-env] creating secret docker-registry ..."
kubectl create secret docker-registry dockerhub-secret \
--docker-username="${DOCKERHUB_USER}" \
--docker-password="${DOCKERHUB_PASSWORD}" \
[email protected]
- name: Load cache
if: ${{ inputs.load_artifact }}
Expand Down
4 changes: 3 additions & 1 deletion helm/ci/deployment-existing-secret-values.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
imagePullSecrets:
- name: dockerhub-secret
config:
wallarm:
api:
existingSecret:
enabled: true
enabled: true
4 changes: 3 additions & 1 deletion helm/ci/deployment-external-tarantool-values.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
imagePullSecrets:
- name: dockerhub-secret
postanalytics:
external:
enabled: true
host: tarantool.domain.internal
host: tarantool.domain.internal
2 changes: 2 additions & 0 deletions helm/ci/deployment-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
imagePullSecrets:
- name: dockerhub-secret
5 changes: 3 additions & 2 deletions test/smoke/run.sh
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,10 @@ export INJECTION_STRATEGY="${INJECTION_STRATEGY:-single}"

K8S_VERSION=${K8S_VERSION:-1.28.7}

DOCKERHUB_REGISTRY_SERVER="https://index.docker.io/v1/"

# This will prevent the secret for index.docker.io from being used if the DOCKERHUB_USER is not set.
DOCKERHUB_REGISTRY_SERVER="https://index.docker.io/v1/"

if [ "${DOCKERHUB_USER:-false}" = "false" ]; then
DOCKERHUB_REGISTRY_SERVER="fake_docker_registry_server"
fi
Expand Down Expand Up @@ -152,7 +153,7 @@ sleep 10

echo "[test-env] deploying test workload ..."
kubectl apply -f "${DIR}"/workload.yaml --wait
kubectl wait --for=condition=Ready pods --all --timeout=140s
kubectl wait --for=condition=Ready pods --all --timeout=140s || (kubectl describe po -l "app.kubernetes.io/component=workload" && exit 1)

echo "[test-env] running smoke tests suite ..."
make -C "${DIR}"/../../ smoke-test
1 change: 1 addition & 0 deletions test/smoke/workload.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ spec:
labels:
app: workload
wallarm-sidecar: enabled
app.kubernetes.io/component: workload
annotations:
sidecar.wallarm.io/wallarm-mode: "block"
sidecar.wallarm.io/proxy-extra-volumes: '[{"name": "nginx-http-extra-config", "configMap": {"name": "sidecar-config"}}]'
Expand Down

0 comments on commit 9ad50c3

Please sign in to comment.