caa: adjust peer-pods test for node-installer-based CAA

edgelesssys · Dec 2, 2024 · aa53900 · aa53900
1 parent 6b019ce
commit aa53900
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 13 deletions.
diff --git a/.github/workflows/e2e_peerpods.yml b/.github/workflows/e2e_peerpods.yml
@@ -18,8 +18,17 @@ on:
 jobs:
   test:
     runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      packages: write
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: Log in to ghcr.io Container registry
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
       - uses: ./.github/actions/setup_nix
         with:
           githubToken: ${{ secrets.GITHUB_TOKEN }}
@@ -34,7 +43,9 @@ jobs:
           azure_image_id: ${{ inputs.image-id }}
           azure_resource_group: contrast-ci
           azure_location: germanywestcentral
+          container_registry: ghcr.io/edgelesssys
           CONTRAST_CACHE_DIR: "./workspace.cache"
+          DO_NOT_TRACK: 1
         run: |
           ssh-keygen -t rsa -f ./infra/azure-peerpods/id_rsa -N ""
           cat >infra/azure-peerpods/iam.auto.tfvars <<EOF

diff --git a/packages/test-peerpods.sh b/packages/test-peerpods.sh
@@ -22,23 +22,19 @@ EOF
 just create AKS-PEER-SNP
 just get-credentials AKS-PEER-SNP
 just node-installer AKS-PEER-SNP
+just runtime default AKS-PEER-SNP
+just apply-runtime default AKS-PEER-SNP
 
 set +x
-found=false
-for _ in $(seq 30); do
-  if kubectl get runtimeclass | grep -q kata-remote; then
-    found=true
-    break
-  fi
-  echo "Waiting for Kata installation to succeed ..."
-  sleep 10
-done
+runtime=$(kubectl get runtimeclass -o json | jq -r '.items[] | .metadata.name | select(startswith("contrast-cc-aks-peer"))')
 
-if [[ $found != true ]]; then
-  echo "Kata RuntimeClass not ready" >&2
+if [[ $runtime == "" ]]; then
+  echo "Contrast RuntimeClass not ready" >&2
   exit 1
 fi
 
+kubectl wait "--for=jsonpath={.status.numberReady}=1" ds/contrast-node-installer --timeout=5m
+
 cleanup() {
   kubectl delete deploy nginx
   kubectl wait --for=delete pod --selector=app=nginx --timeout=5m
@@ -63,7 +59,7 @@ spec:
       labels:
         app: nginx
     spec:
-      runtimeClassName: kata-remote
+      runtimeClassName: "$runtime"
       containers:
       - name: nginx
         image: nginx
@@ -72,6 +68,6 @@ EOF
 
 if ! kubectl wait --for=condition=available --timeout=5m deployment/nginx; then
   kubectl describe pods
-  kubectl logs -n confidential-containers-system -l app=cloud-api-adaptor --tail=-1 --all-containers
+  kubectl logs -l app.kubernetes.io/name=contrast-node-installer --tail=-1 --all-containers
   exit 1
 fi