Skip to content

Commit

Permalink
upload custom CA into terraform state
Browse files Browse the repository at this point in the history
Signed-off-by: Tarun Pothulapati <[email protected]>
  • Loading branch information
Pothulapati committed Sep 27, 2022
1 parent c2a4a37 commit 523110a
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 4 deletions.
2 changes: 2 additions & 0 deletions .werft/eks-installer-tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,8 @@ pod:
value: "/mnt/secrets/sh-playground-sa-perm/sh-sa.json"
- name: TF_VAR_dns_sa_creds
value: "/mnt/secrets/sh-playground-dns-perm/sh-dns-sa.json"
- name: TF_VAR_sa_creds
value: "/mnt/secrets/sh-playground-sa-perm/sh-sa.json"
- name: NODENAME
valueFrom:
fieldRef:
Expand Down
11 changes: 7 additions & 4 deletions .werft/installer-tests.ts
Original file line number Diff line number Diff line change
Expand Up @@ -347,6 +347,12 @@ export async function installerTests(config: TestConfig) {
console.error("Failed to send message to Slack", error);
});

if (selfSigned === "true") {
exec(
`werft log result -d "Custom CA Certificate store underd GCP project 'sh-automated-tests'" url "gs://nightly-tests/tf-state/${process.env["TF_VAR_TEST_ID"]}-ca.pem"`,
);
}

exec(
`werft log result -d "Terraform state" url "Terraform state file name is ${process.env["TF_VAR_TEST_ID"]}"`,
);
Expand Down Expand Up @@ -384,10 +390,7 @@ function runIntegrationTests() {
function callMakeTargets(phase: string, description: string, makeTarget: string, failable: boolean = false) {
werft.log(phase, `Calling ${makeTarget}`);
// exporting cloud env var is important for the make targets
var env = `export TF_VAR_cluster_version=${k8s_version} cloud=${cloud} TF_VAR_domain=${baseDomain} TF_VAR_gcp_zone=${gcpDnsZone}`;
if (selfSigned) {
env = env.concat(` self_signed=${selfSigned}`)
}
const env = `export TF_VAR_cluster_version=${k8s_version} cloud=${cloud} TF_VAR_domain=${baseDomain} TF_VAR_gcp_zone=${gcpDnsZone}`;

const response = exec(
`${env} && make -C ${makefilePath} ${makeTarget}`,
Expand Down
6 changes: 6 additions & 0 deletions install/tests/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -314,6 +314,9 @@ self-signed-config:
envsubst < ./manifests/kots-config-self-signed.yaml > tmp_2_config.yml
yq m -i tmp_config.yml tmp_2_config.yml

# upload the Custom CA Cert into tf-state
gsutil cp ./ca.pem gs://nightly-tests/tf-state/${TF_VAR_TEST_ID}-ca.pem

storage-config-incluster:
@echo "Nothing to do"

Expand Down Expand Up @@ -449,6 +452,9 @@ destroy-kubeconfig:
gcloud auth activate-service-account --key-file=${GOOGLE_APPLICATION_CREDENTIALS} --project=sh-automated-tests
gsutil rm gs://nightly-tests/tf-state/${TF_VAR_TEST_ID}-kubeconfig || echo "No kubeconfig"
gsutil rm gs://nightly-tests/tf-state/${TF_VAR_TEST_ID}-creds || echo "No credentials file"
ifeq (true,$(self_signed))
gsutil rm gs://nightly-tests/tf-state/${TF_VAR_TEST_ID}-ca.pem || echo "No custom CA cert file"
endif
rm ${KUBECONFIG} || echo "No kubeconfig"

select-workspace:
Expand Down

0 comments on commit 523110a

Please sign in to comment.