🧹 more e2e stability improvements (#1035)

Signed-off-by: Ivan Milchev <[email protected]>
mondoohq · Feb 27, 2024 · 3646a0a · 3646a0a
1 parent 2e812d0
commit 3646a0a
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 8 deletions.
diff --git a/controllers/admission/deployment_handler.go b/controllers/admission/deployment_handler.go
@@ -294,7 +294,7 @@ func (n *DeploymentHandler) isWebhookDegraded(deployment *appsv1.Deployment) boo
 		return true
 	}
 
-	return deployment.Status.Replicas != deployment.Status.ReadyReplicas
+	return deployment.Status.ReadyReplicas < deployment.Status.Replicas
 }
 
 func (n *DeploymentHandler) prepareValidatingWebhook(ctx context.Context, vwc *webhooksv1.ValidatingWebhookConfiguration) error {
@@ -370,9 +370,9 @@ func (n *DeploymentHandler) applyWebhooks(ctx context.Context) (ctrl.Result, err
 		return ctrl.Result{}, nil
 	}
 	// The ValidatingWebhook must be created after Scan API and Webhook are running. Otherwise it will reject their creation.
-	if n.Mondoo.Spec.Admission.Mode == mondoov1alpha2.Enforcing && n.isWebhookDegraded(deployment) {
+	cond := mondoo.FindMondooAuditConditions(n.Mondoo.Status.Conditions, mondoov1alpha2.AdmissionDegraded)
+	if n.Mondoo.Spec.Admission.Mode == mondoov1alpha2.Enforcing && (cond == nil || (cond != nil && cond.Status == corev1.ConditionTrue)) {
 		webhookLog.Info("Waiting for Webhook and Scan API deployment before creating the ValidationWebhook.")
-		// return reconcile.Result{Requeue: true}, nil
 		return ctrl.Result{}, nil
 	}
 

diff --git a/tests/integration/audit_config_base_suite.go b/tests/integration/audit_config_base_suite.go
@@ -873,10 +873,10 @@ func (s *AuditConfigBaseSuite) checkDeployments(auditConfig *mondoov2.MondooAudi
 
 	time.Sleep(5 * time.Second)
 	cicdProject, err := s.integration.GetCiCdProject(s.ctx)
-	s.Require().NoError(err, "Failed to get CICD project")
+	s.Require().NoErrorf(err, "Failed to get CICD project")
 
-	assets, err := cicdProject.ListAssets(s.ctx)
-	s.Require().NoError(err, "Failed to list CICD assets")
+	assets, err := s.WaitUntilCiCdAssetsScored(cicdProject)
+	s.Require().NoErrorf(err, "Failed to list scored CICD assets")
 
 	assetNames := utils.CiCdJobNames(assets)
 	s.Contains(assetNames, fmt.Sprintf("%s/%s", passingDeployment.Namespace, passingDeployment.Name))
@@ -891,8 +891,8 @@ func (s *AuditConfigBaseSuite) checkDeployments(auditConfig *mondoov2.MondooAudi
 		s.NoErrorf(err, "Failed creating a Deployment in permissive mode.")
 	}
 
-	assets, err = cicdProject.ListAssets(s.ctx)
-	s.Require().NoError(err, "Failed to list CICD assets")
+	assets, err = s.WaitUntilCiCdAssetsScored(cicdProject)
+	s.Require().NoErrorf(err, "Failed to list scored CICD assets")
 
 	assetNames = utils.CiCdJobNames(assets)
 	s.Contains(assetNames, fmt.Sprintf("%s/%s", failingDeployment.Namespace, failingDeployment.Name))
@@ -904,6 +904,24 @@ func (s *AuditConfigBaseSuite) checkDeployments(auditConfig *mondoov2.MondooAudi
 	s.NoErrorf(s.testCluster.K8sHelper.WaitForResourceDeletion(failingDeployment), "Error waiting for deleteion of failingDeployment")
 }
 
+func (s *AuditConfigBaseSuite) WaitUntilCiCdAssetsScored(cicdProject *nexusK8s.CiCdProject) ([]nexusK8s.CiCdJob, error) {
+	var assets []nexusK8s.CiCdJob
+	var err error
+	err = s.testCluster.K8sHelper.ExecuteWithRetries(func() (bool, error) {
+		assets, err = cicdProject.ListAssets(s.ctx)
+		if err != nil {
+			return false, err
+		}
+		for _, asset := range assets {
+			if asset.Grade == "U" {
+				return false, nil
+			}
+		}
+		return true, nil
+	})
+	return assets, err
+}
+
 func (s *AuditConfigBaseSuite) getWebhookLabelsString() string {
 	webhookDeploymentLabels := mondooadmission.WebhookDeploymentLabels()