diff --git a/.github/workflows/kubernetes-tests.yml b/.github/workflows/kubernetes-tests.yml index 92b5d07f4ad..102742ffedd 100644 --- a/.github/workflows/kubernetes-tests.yml +++ b/.github/workflows/kubernetes-tests.yml @@ -199,7 +199,29 @@ jobs: - name: Tenant KES run: | "${GITHUB_WORKSPACE}/testing/console-tenant+kes.sh" - + test-cert-manager: + timeout-minutes: 30 + runs-on: ${{ matrix.os }} + needs: + - operator + strategy: + matrix: + go-version: [ 1.21.x ] + os: [ ubuntu-latest ] + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v4 + with: + go-version: ${{ matrix.go-version }} + - uses: actions/cache@v3 + name: Operator Binary Cache + with: + path: | + ./minio-operator + key: ${{ runner.os }}-binary-${{ github.run_id }} + - name: Deploy Tenant with cert-manager + run: | + "${GITHUB_WORKSPACE}/testing/deploy-cert-manager-tenant.sh" test-policy-binding: timeout-minutes: 30 runs-on: ${{ matrix.os }} diff --git a/testing/common.sh b/testing/common.sh index bb12bf3998f..efd0f937013 100644 --- a/testing/common.sh +++ b/testing/common.sh @@ -56,6 +56,12 @@ function setup_kind() { try kubectl get nodes } +# Function Intended to Test cert-manager for Tenant's certificate. +function install_cert_manager() { + # https://github.com/minio/operator/blob/master/docs/cert-manager.md + kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.13.2/cert-manager.yaml +} + function install_operator() { # To compile current branch @@ -244,6 +250,15 @@ function check_tenant_status() { echo "Done." } +# To install tenant with cert-manager from our example provided. +function install_cert_manager_tenant() { + kubectl apply -k github.com/minio/operator/examples/kustomization/tenant-certmanager + # https://github.com/minio/operator/blob/master/docs/cert-manager.md + kubectl get secrets -n tenant-certmanager tenant-certmanager-tls -o=jsonpath='{.data.ca\.crt}' | base64 -d > public.crt + kubectl create secret generic operator-ca-tls --from-file=public.crt -n minio-operator + kubectl rollout restart deployment.apps/minio-operator -n minio-operator +} + # Install tenant function is being used by deploy-tenant and check-prometheus function install_tenant() { # Check if we are going to install helm, latest in this branch or a particular version diff --git a/testing/deploy-cert-manager-tenant.sh b/testing/deploy-cert-manager-tenant.sh new file mode 100644 index 00000000000..98d4ff8dd65 --- /dev/null +++ b/testing/deploy-cert-manager-tenant.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash +# Copyright (C) 2022, MinIO, Inc. +# +# This code is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License, version 3, +# as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License, version 3, +# along with this program. If not, see + +# This script requires: kubectl, kind + +SCRIPT_DIR=$(dirname "$0") +export SCRIPT_DIR + +source "${SCRIPT_DIR}/common.sh" + +function main() { + destroy_kind + + setup_kind + + install_cert_manager + + install_operator + + install_cert_manager_tenant + + check_tenant_status tenant-certmanager myminio + + destroy_kind +} + +main "$@"