Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

There are end-to-end tests for Kubernetes sidecars with Conjur Enterprise and follower outside Kubernetes #244

Closed
2 tasks done
izgeri opened this issue Mar 15, 2021 · 1 comment · Fixed by #362
Closed
2 tasks done

There are end-to-end tests for Kubernetes sidecars with Conjur Enterprise and follower outside Kubernetes #244

izgeri opened this issue Mar 15, 2021 · 1 comment · Fixed by #362
Assignees
@john-odonnell
Labels
component/k8s kind/quality

Comments

@izgeri
Copy link
Contributor

izgeri commented Mar 15, 2021
edited by john-odonnell
Loading

Overview

CI automation is required to perform E2E testing of the deployment of Kubernetes authenticator sidecars
using Conjur Enterprise with followers outside of the Kubernetes cluster in which the authenticator sidecars are deployed.

This task will use the E2E scripting that is created in Issue #239 to do the "backend" work of deploying the authenticators and a sample sidecar application.

However, scripts will need to be added to add a "front-end" installation of Conjur Enterprise with followers outside of the Kubernetes cluster (to be done before calling the scripts developed for Issue #239). This can probably be based on dap-intro scripts to deploy a Conjur enterprise instance in Jenkins with followers outside of the Kubernetes cluster.

TBD

  • Which clusters does this need to run in?
    The Conjur followers, authenticator containers, and applications need to run in a "Kubernetes cluster".
    This can probably be either:
    • Jenkins+GKE, or...
    • Github Actions + KinD
      although this may depend upon easily those types of clusters integrate
      with the dap-intro scripts.
  • Which sidecar flows will run?
    Since E2E flows for all of the authenticator sidecar/init container types is already covered in
    Issue There are end-to-end tests for Kubernetes sidecars with Conjur OSS in Kubernetes #242 (E2E using Conjur OSS), it may be sufficient to test one type of authenticator
    sidecar/init container here. (The assumption here is that if one authenticator sidecar/init
    container type can authenticate with a given configuration, the others "should" work in
    that they should be fairly agnostic of the endpoints they're using for authentication???)

Dependencies

DoD

  • CI is able to spin up a Conjur cluster with follower(s) outside of the Kubernetes cluster
  • CI is able to successfully run the E2E authenticator / application test script
@izgeri izgeri mentioned this issue Mar 16, 2021
Closed
2 tasks
This was referenced Mar 16, 2021
Closed
Open
@izgeri
Copy link
Contributor Author

izgeri commented Apr 16, 2021

As in #242, is #247 required for this? we can get the e2e flow running with authn-k8s sidecar first

@john-odonnell john-odonnell mentioned this issue Aug 2, 2021
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@john-odonnell john-odonnell

Labels
component/k8s kind/quality
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

E2E Workflow scripts test against Enterprise follower outside K8s cyberark/conjur-authn-k8s-client
2 participants
@izgeri @john-odonnell