Add e2e test script utilising 'kind'
Signed-off-by: James Munnelly <james@munnelly.eu>
This commit is contained in:
James Munnelly
parent
3945595be9
commit
f0234a0868
6
Makefile
6
Makefile
@ -16,7 +16,7 @@ PACKAGE_NAME := github.com/jetstack/cert-manager
|
||||
REGISTRY := quay.io/jetstack
|
||||
APP_NAME := cert-manager
|
||||
IMAGE_TAGS := canary
|
||||
GOPATH ?= $HOME/go
|
||||
GOPATH ?= $$HOME/go
|
||||
HACK_DIR ?= hack
|
||||
BUILD_TAG := build
|
||||
|
||||
@ -24,7 +24,7 @@ BUILD_TAG := build
|
||||
# which require a domain that resolves to the ingress controller to be used for
|
||||
# e2e tests.
|
||||
E2E_NGINX_CERTIFICATE_DOMAIN=
|
||||
|
||||
KUBECONFIG ?= $$HOME/.kube/config
|
||||
PEBBLE_IMAGE_REPO=quay.io/munnerz/pebble
|
||||
|
||||
# AppVersion is set as the AppVersion to be compiled into the controller binary.
|
||||
@ -139,7 +139,7 @@ e2e_test:
|
||||
mkdir -p "$$(pwd)/_artifacts"
|
||||
# TODO: make these paths configurable
|
||||
# Run e2e tests
|
||||
KUBECONFIG=$$HOME/.kube/config CERTMANAGERCONFIG=$$HOME/.kube/config \
|
||||
KUBECONFIG=$(KUBECONFIG) CERTMANAGERCONFIG=$(KUBECONFIG) \
|
||||
./e2e-tests \
|
||||
-acme-nginx-certificate-domain=$(E2E_NGINX_CERTIFICATE_DOMAIN) \
|
||||
-cloudflare-email=$${CLOUDFLARE_E2E_EMAIL} \
|
||||
|
||||
107
hack/ci/run-e2e-kind.sh
Executable file
107
hack/ci/run-e2e-kind.sh
Executable file
@ -0,0 +1,107 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Copyright 2018 The Jetstack cert-manager contributors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# This script will provision an end-to-end testing environment using 'kind'
|
||||
# (kubernetes-in-docker).
|
||||
#
|
||||
# It requires 'kind', 'helm', 'kubectl' and 'docker' to be installed.
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
set -o pipefail
|
||||
|
||||
SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")
|
||||
REPO_ROOT="${SCRIPT_ROOT}/../.."
|
||||
|
||||
KIND_CLUSTER_NAME="cm-e2e"
|
||||
# TODO: can we rely on this being fixed as such?
|
||||
KIND_CONTAINER_NAME="kind-${KIND_CLUSTER_NAME}-control-plane"
|
||||
|
||||
# cleanup will call kind delete - it will absorb errors
|
||||
cleanup() {
|
||||
# Ignore errors here
|
||||
kind delete --name="${KIND_CLUSTER_NAME}" || true
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
# deploy_kind will deploy a kubernetes-in-docker cluster
|
||||
deploy_kind() {
|
||||
# build kind base and node image
|
||||
# TODO: use pre-built kind images
|
||||
kind build base
|
||||
kind build node --type=apt
|
||||
|
||||
# Create a directory to contain the final KUBECONFIG file
|
||||
mkdir -p "$HOME/.kube"
|
||||
|
||||
# create the kind cluster
|
||||
kind create --name="${KIND_CLUSTER_NAME}" --config "${REPO_ROOT}"/test/fixtures/kind-config.yaml
|
||||
|
||||
export KUBECONFIG="${HOME}/.kube/kind-config-${KIND_CLUSTER_NAME}"
|
||||
|
||||
# copy kubectl out of the kind container if kubectl is not installed on the
|
||||
# host machine. This will *only* work on Linux :this_is_fine:
|
||||
if ! which kubectl; then
|
||||
tmp_path=$(mktemp -d)
|
||||
export PATH="${tmp_path}:${PATH}"
|
||||
docker cp "${KIND_CONTAINER_NAME}":"$(docker exec "${KIND_CONTAINER_NAME}" which kubectl)" "${tmp_path}/kubectl"
|
||||
fi
|
||||
|
||||
# Ensure the apiserver is responding
|
||||
kubectl get nodes
|
||||
}
|
||||
|
||||
# install_tiller will install tiller with the cluster-admin role bound to its
|
||||
# service account
|
||||
install_tiller() {
|
||||
# Install tiller with admin permissions
|
||||
kubectl create serviceaccount -n kube-system tiller
|
||||
# Bind the tiller service account to the cluster-admin role
|
||||
kubectl create clusterrolebinding tiller-binding --clusterrole=cluster-admin --serviceaccount kube-system:tiller
|
||||
# Deploy tiller
|
||||
helm init --service-account tiller --wait
|
||||
}
|
||||
|
||||
# install_nginx will install nginx-ingress in the cluster and expose it on the
|
||||
# fixed cluster IP of 10.0.0.15
|
||||
install_nginx() {
|
||||
# Install nginx-ingress with fixed IP
|
||||
helm install stable/nginx-ingress \
|
||||
--name nginx-ingress \
|
||||
--namespace kube-system \
|
||||
--set controller.service.clusterIP=10.0.0.15 \
|
||||
--set controller.service.type=ClusterIP \
|
||||
--wait
|
||||
}
|
||||
|
||||
# build_images will build cert-manager docker images and copy them across to the
|
||||
# kind docker container running the cluster, so they are available to the
|
||||
# cluster's docker daemon.
|
||||
build_images() {
|
||||
# Build cert-manager binaries & docker image
|
||||
make build APP_VERSION=build
|
||||
|
||||
docker save quay.io/jetstack/cert-manager-controller:build quay.io/jetstack/cert-manager-acmesolver:build quay.io/jetstack/cert-manager-webhook:build -o cmbundle.tar.gz
|
||||
docker cp cmbundle.tar.gz "${KIND_CONTAINER_NAME}":/cmbundle.tar.gz
|
||||
docker exec "${KIND_CONTAINER_NAME}" docker load -i /cmbundle.tar.gz
|
||||
}
|
||||
|
||||
deploy_kind
|
||||
install_tiller
|
||||
install_nginx
|
||||
build_images
|
||||
|
||||
make e2e_test E2E_NGINX_CERTIFICATE_DOMAIN=certmanager.kubernetes.network KUBECONFIG=${KUBECONFIG}
|
||||
32
test/fixtures/kind-config.yaml
vendored
Normal file
32
test/fixtures/kind-config.yaml
vendored
Normal file
@ -0,0 +1,32 @@
|
||||
# this config file is similar to the default, except we set the cluster's
|
||||
# service cidr range to be 10.0.0.0/16.
|
||||
# we do this because we need a fixed/predictable clusterIP of 10.0.0.15 for the
|
||||
# nginx-ingress service, in order to perform HTTP01 validations during tests.
|
||||
|
||||
apiVersion: kind.sigs.k8s.io/v1alpha1
|
||||
kind: Config
|
||||
# number of nodes in the cluster (currently only 1 is supported)
|
||||
numNodes: 1
|
||||
# template for kubeadm config, "" -> the default template
|
||||
kubeadmConfigTemplate: |
|
||||
# config generated by kind
|
||||
apiVersion: kubeadm.k8s.io/v1alpha2
|
||||
kind: MasterConfiguration
|
||||
clusterName: {{.ClusterName}}
|
||||
# on docker for mac we have to expose the api server via port forward,
|
||||
# so we need to ensure the cert is valid for localhost so we can talk
|
||||
# to the cluster after rewriting the kubeconfig to point to localhost
|
||||
apiServerCertSANs: [localhost]
|
||||
kubernetesVersion: {{.KubernetesVersion}}
|
||||
{{if ne .UnifiedControlPlaneImage ""}}
|
||||
# optionally specify a unified control plane image
|
||||
unifiedControlPlaneImage: {{.UnifiedControlPlaneImage}}:{{.DockerStableTag}}
|
||||
{{end}}
|
||||
networking:
|
||||
# Don't think setting pod subnet is currently required
|
||||
# podSubnet: ""
|
||||
serviceSubnet: 10.0.0.0/16
|
||||
kubeletConfiguration:
|
||||
baseConfig:
|
||||
clusterDNS:
|
||||
- 10.0.0.10
|
||||
Loading…
Reference in New Issue
Block a user