diff --git a/test/e2e/suite/conformance/certificates/acme/acme.go b/test/e2e/suite/conformance/certificates/acme/acme.go index 15522c82c..1c0fb5be2 100644 --- a/test/e2e/suite/conformance/certificates/acme/acme.go +++ b/test/e2e/suite/conformance/certificates/acme/acme.go @@ -39,33 +39,18 @@ var _ = framework.ConformanceDescribe("Certificates", func() { certificates.DurationFeature, ) - provisioner := &acmeIssuerProvisioner{setGroupName: false} + provisioner := new(acmeIssuerProvisioner) (&certificates.Suite{ Name: "ACME HTTP01", CreateIssuerFunc: provisioner.create, DeleteIssuerFunc: provisioner.delete, UnsupportedFeatures: unsupportedFeatures, }).Define() - - // crProvisioner sets the issuerRef.group field on Certificates it creates - crProvisioner := &acmeIssuerProvisioner{setGroupName: true} - (&certificates.Suite{ - Name: "ACME HTTP01 (CertificateRequest)", - CreateIssuerFunc: crProvisioner.create, - DeleteIssuerFunc: crProvisioner.delete, - UnsupportedFeatures: unsupportedFeatures, - }).Define() }) type acmeIssuerProvisioner struct { tiller *tiller.Tiller pebble *pebble.Pebble - // if setGroupName is true, the 'group name' field on the IssuerRef will be - // set the 'cert-manager.io'. - // Setting the group name will cause the new 'certificate requests' based - // implementation to be used, however this is not implemented for ACME yet - // See: https://github.com/jetstack/cert-manager/pull/1943 - setGroupName bool } func (a *acmeIssuerProvisioner) delete(f *framework.Framework, ref cmmeta.ObjectReference) { @@ -128,17 +113,8 @@ func (a *acmeIssuerProvisioner) create(f *framework.Framework) cmmeta.ObjectRefe Expect(err).NotTo(HaveOccurred(), "failed to create acme issuer") return cmmeta.ObjectReference{ - Group: emptyOrString(a.setGroupName, cmapi.SchemeGroupVersion.Group), + Group: cmapi.SchemeGroupVersion.Group, Kind: cmapi.IssuerKind, Name: issuer.Name, } } - -// emptyOrString will return the given string 's' if 'set' is true, -// otherwise it will return the empty string. -func emptyOrString(set bool, s string) string { - if set { - return s - } - return "" -} diff --git a/test/e2e/suite/conformance/certificates/vault/vault.go b/test/e2e/suite/conformance/certificates/vault/vault.go index 24ae74cf5..878263be1 100644 --- a/test/e2e/suite/conformance/certificates/vault/vault.go +++ b/test/e2e/suite/conformance/certificates/vault/vault.go @@ -26,35 +26,48 @@ import ( cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha1" "github.com/jetstack/cert-manager/test/e2e/framework" "github.com/jetstack/cert-manager/test/e2e/framework/addon/tiller" - vaultaddon "github.com/jetstack/cert-manager/test/e2e/framework/addon/vault" + vault "github.com/jetstack/cert-manager/test/e2e/framework/addon/vault" "github.com/jetstack/cert-manager/test/e2e/suite/conformance/certificates" ) var _ = framework.ConformanceDescribe("Certificates", func() { + provisioner := new(vaultProvisioner) + (&certificates.Suite{ Name: "Vault", - CreateIssuerFunc: createVaultIssuer, + CreateIssuerFunc: provisioner.create, + DeleteIssuerFunc: provisioner.delete, }).Define() }) -func createVaultIssuer(f *framework.Framework) cmapi.ObjectReference { +type vaultProvisioner struct { + tiller *tiller.Tiller + vault *vault.Vault +} + +func (v *vaultProvisioner) delete(f *framework.Framework, ref cmapi.ObjectReference) { + Expect(v.vault.Deprovision()).NotTo(HaveOccurred(), "failed to deprovision vault") + Expect(v.tiller.Deprovision()).NotTo(HaveOccurred(), "failed to deprovision tiller") +} + +func (v *vaultProvisioner) create(f *framework.Framework) cmapi.ObjectReference { By("Creating a Vault issuer") - var ( - tiller = &tiller.Tiller{ - Name: "tiller-deploy", - Namespace: f.Namespace.Name, - ClusterPermissions: false, - } - vault = &vaultaddon.Vault{ - Tiller: tiller, - Namespace: f.Namespace.Name, - Name: "cm-e2e-create-vault-issuer", - } - ) + v.tiller = &tiller.Tiller{ + Name: "tiller-deploy", + Namespace: f.Namespace.Name, + ClusterPermissions: false, + } + Expect(v.tiller.Setup(f.Config)).NotTo(HaveOccurred(), "failed to setup tiller") + Expect(v.tiller.Provision()).NotTo(HaveOccurred(), "failed to provision tiller") - f.RequireAddon(tiller) - f.RequireAddon(vault) + v.vault = &vault.Vault{ + Tiller: v.tiller, + Namespace: f.Namespace.Name, + Name: "cm-e2e-create-vault-issuer", + } + Expect(v.vault.Setup(f.Config)).NotTo(HaveOccurred(), "failed to setup vault") + Expect(v.vault.Provision()).NotTo(HaveOccurred(), "failed to provision vault") intermediateMount := "intermediate-ca" role := "kubernetes-vault" @@ -63,22 +76,21 @@ func createVaultIssuer(f *framework.Framework) cmapi.ObjectReference { authPath := "approle" By("Configuring the Vault server") - vaultInit := &vaultaddon.VaultInitializer{ - Details: *vault.Details(), + vaultInit := &vault.VaultInitializer{ + Details: *v.vault.Details(), RootMount: "root-ca", IntermediateMount: intermediateMount, Role: role, AuthPath: authPath, } - err := vaultInit.Init() - Expect(err).NotTo(HaveOccurred()) - err = vaultInit.Setup() - Expect(err).NotTo(HaveOccurred()) - roleID, secretID, err := vaultInit.CreateAppRole() - Expect(err).NotTo(HaveOccurred()) + Expect(vaultInit.Init()).NotTo(HaveOccurred(), "failed to init vault") + Expect(vaultInit.Setup()).NotTo(HaveOccurred(), "fauled to setup vault") - _, err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Create(vaultaddon.NewVaultAppRoleSecret(vaultSecretAppRoleName, secretID)) - Expect(err).NotTo(HaveOccurred()) + roleID, secretID, err := vaultInit.CreateAppRole() + Expect(err).NotTo(HaveOccurred(), "vault to create app role from vault") + + _, err = f.KubeClientSet.CoreV1().Secrets(f.Namespace.Name).Create(vault.NewVaultAppRoleSecret(vaultSecretAppRoleName, secretID)) + Expect(err).NotTo(HaveOccurred(), "vault to store app role secret from vault") issuer, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(&cmapi.Issuer{ ObjectMeta: metav1.ObjectMeta{ @@ -87,9 +99,9 @@ func createVaultIssuer(f *framework.Framework) cmapi.ObjectReference { Spec: cmapi.IssuerSpec{ IssuerConfig: cmapi.IssuerConfig{ Vault: &cmapi.VaultIssuer{ - Server: vault.Details().Host, + Server: v.vault.Details().Host, Path: vaultPath, - CABundle: vault.Details().VaultCA, + CABundle: v.vault.Details().VaultCA, Auth: cmapi.VaultAuth{ AppRole: cmapi.VaultAppRole{ Path: authPath, diff --git a/test/e2e/suite/conformance/certificates/venafi/BUILD.bazel b/test/e2e/suite/conformance/certificates/venafi/BUILD.bazel index 1c2a5a768..454ab9b20 100644 --- a/test/e2e/suite/conformance/certificates/venafi/BUILD.bazel +++ b/test/e2e/suite/conformance/certificates/venafi/BUILD.bazel @@ -8,6 +8,7 @@ go_library( deps = [ "//pkg/apis/certmanager/v1alpha1:go_default_library", "//test/e2e/framework:go_default_library", + "//test/e2e/framework/util/errors:go_default_library", "//test/e2e/suite/conformance/certificates:go_default_library", "//test/e2e/suite/issuers/venafi/addon:go_default_library", "//vendor/github.com/onsi/ginkgo:go_default_library", diff --git a/test/e2e/suite/conformance/certificates/venafi/venafi.go b/test/e2e/suite/conformance/certificates/venafi/venafi.go index c80d8c457..d1c744706 100644 --- a/test/e2e/suite/conformance/certificates/venafi/venafi.go +++ b/test/e2e/suite/conformance/certificates/venafi/venafi.go @@ -22,6 +22,7 @@ import ( cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha1" "github.com/jetstack/cert-manager/test/e2e/framework" + "github.com/jetstack/cert-manager/test/e2e/framework/util/errors" "github.com/jetstack/cert-manager/test/e2e/suite/conformance/certificates" vaddon "github.com/jetstack/cert-manager/test/e2e/suite/issuers/venafi/addon" ) @@ -34,25 +35,41 @@ var _ = framework.ConformanceDescribe("Certificates", func() { certificates.DurationFeature, ) + provisioner := new(venafiProvisioner) (&certificates.Suite{ Name: "Venafi", - CreateIssuerFunc: createVenafiIssuer, + CreateIssuerFunc: provisioner.create, + DeleteIssuerFunc: provisioner.delete, UnsupportedFeatures: unsupportedFeatures, }).Define() }) -func createVenafiIssuer(f *framework.Framework) cmapi.ObjectReference { +type venafiProvisioner struct { + tpp *vaddon.VenafiTPP +} + +func (v *venafiProvisioner) delete(f *framework.Framework, ref cmapi.ObjectReference) { + Expect(v.tpp.Deprovision()).NotTo(HaveOccurred(), "failed to deprovision tpp venafi") +} + +func (v *venafiProvisioner) create(f *framework.Framework) cmapi.ObjectReference { By("Creating a Venafi issuer") - tppAddon := &vaddon.VenafiTPP{ + v.tpp = &vaddon.VenafiTPP{ Namespace: f.Namespace.Name, } - f.RequireAddon(tppAddon) + err := v.tpp.Setup(f.Config) + if errors.IsSkip(err) { + framework.Skipf("Skipping test as addon could not be setup: %v", err) + } + Expect(err).NotTo(HaveOccurred(), "failed to setup tpp venafi") - issuer := tppAddon.Details().BuildIssuer() - issuer, err := f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(issuer) - Expect(err).NotTo(HaveOccurred()) + Expect(v.tpp.Provision()).NotTo(HaveOccurred(), "failed to provision tpp venafi") + + issuer := v.tpp.Details().BuildIssuer() + issuer, err = f.CertManagerClientSet.CertmanagerV1alpha1().Issuers(f.Namespace.Name).Create(issuer) + Expect(err).NotTo(HaveOccurred(), "failed to create issuer for venafi") return cmapi.ObjectReference{ Group: cmapi.SchemeGroupVersion.Group, diff --git a/test/e2e/suite/issuers/venafi/addon/tpp.go b/test/e2e/suite/issuers/venafi/addon/tpp.go index 74ac797aa..27ed74ff3 100644 --- a/test/e2e/suite/issuers/venafi/addon/tpp.go +++ b/test/e2e/suite/issuers/venafi/addon/tpp.go @@ -107,8 +107,7 @@ func (v *VenafiTPP) Details() *TPPDetails { } func (v *VenafiTPP) Deprovision() error { - v.Base.Details().KubeClient.CoreV1().Secrets(v.createdSecret.Namespace).Delete(v.createdSecret.Name, nil) - return nil + return v.Base.Details().KubeClient.CoreV1().Secrets(v.createdSecret.Namespace).Delete(v.createdSecret.Name, nil) } func (v *VenafiTPP) SupportsGlobal() bool {