From 3646a0a85470c4ecf06f9d8fd8c84aa9ca0b4054 Mon Sep 17 00:00:00 2001 From: Ivan Milchev Date: Tue, 27 Feb 2024 18:05:08 +0100 Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=B9=20more=20e2e=20stability=20improve?= =?UTF-8?q?ments=20(#1035)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ivan Milchev --- controllers/admission/deployment_handler.go | 6 ++--- tests/integration/audit_config_base_suite.go | 28 ++++++++++++++++---- 2 files changed, 26 insertions(+), 8 deletions(-) diff --git a/controllers/admission/deployment_handler.go b/controllers/admission/deployment_handler.go index 04e8a7b8..a58f6c25 100644 --- a/controllers/admission/deployment_handler.go +++ b/controllers/admission/deployment_handler.go @@ -294,7 +294,7 @@ func (n *DeploymentHandler) isWebhookDegraded(deployment *appsv1.Deployment) boo return true } - return deployment.Status.Replicas != deployment.Status.ReadyReplicas + return deployment.Status.ReadyReplicas < deployment.Status.Replicas } func (n *DeploymentHandler) prepareValidatingWebhook(ctx context.Context, vwc *webhooksv1.ValidatingWebhookConfiguration) error { @@ -370,9 +370,9 @@ func (n *DeploymentHandler) applyWebhooks(ctx context.Context) (ctrl.Result, err return ctrl.Result{}, nil } // The ValidatingWebhook must be created after Scan API and Webhook are running. Otherwise it will reject their creation. - if n.Mondoo.Spec.Admission.Mode == mondoov1alpha2.Enforcing && n.isWebhookDegraded(deployment) { + cond := mondoo.FindMondooAuditConditions(n.Mondoo.Status.Conditions, mondoov1alpha2.AdmissionDegraded) + if n.Mondoo.Spec.Admission.Mode == mondoov1alpha2.Enforcing && (cond == nil || (cond != nil && cond.Status == corev1.ConditionTrue)) { webhookLog.Info("Waiting for Webhook and Scan API deployment before creating the ValidationWebhook.") - // return reconcile.Result{Requeue: true}, nil return ctrl.Result{}, nil } diff --git a/tests/integration/audit_config_base_suite.go b/tests/integration/audit_config_base_suite.go index cffe4392..5e083a06 100644 --- a/tests/integration/audit_config_base_suite.go +++ b/tests/integration/audit_config_base_suite.go @@ -873,10 +873,10 @@ func (s *AuditConfigBaseSuite) checkDeployments(auditConfig *mondoov2.MondooAudi time.Sleep(5 * time.Second) cicdProject, err := s.integration.GetCiCdProject(s.ctx) - s.Require().NoError(err, "Failed to get CICD project") + s.Require().NoErrorf(err, "Failed to get CICD project") - assets, err := cicdProject.ListAssets(s.ctx) - s.Require().NoError(err, "Failed to list CICD assets") + assets, err := s.WaitUntilCiCdAssetsScored(cicdProject) + s.Require().NoErrorf(err, "Failed to list scored CICD assets") assetNames := utils.CiCdJobNames(assets) s.Contains(assetNames, fmt.Sprintf("%s/%s", passingDeployment.Namespace, passingDeployment.Name)) @@ -891,8 +891,8 @@ func (s *AuditConfigBaseSuite) checkDeployments(auditConfig *mondoov2.MondooAudi s.NoErrorf(err, "Failed creating a Deployment in permissive mode.") } - assets, err = cicdProject.ListAssets(s.ctx) - s.Require().NoError(err, "Failed to list CICD assets") + assets, err = s.WaitUntilCiCdAssetsScored(cicdProject) + s.Require().NoErrorf(err, "Failed to list scored CICD assets") assetNames = utils.CiCdJobNames(assets) s.Contains(assetNames, fmt.Sprintf("%s/%s", failingDeployment.Namespace, failingDeployment.Name)) @@ -904,6 +904,24 @@ func (s *AuditConfigBaseSuite) checkDeployments(auditConfig *mondoov2.MondooAudi s.NoErrorf(s.testCluster.K8sHelper.WaitForResourceDeletion(failingDeployment), "Error waiting for deleteion of failingDeployment") } +func (s *AuditConfigBaseSuite) WaitUntilCiCdAssetsScored(cicdProject *nexusK8s.CiCdProject) ([]nexusK8s.CiCdJob, error) { + var assets []nexusK8s.CiCdJob + var err error + err = s.testCluster.K8sHelper.ExecuteWithRetries(func() (bool, error) { + assets, err = cicdProject.ListAssets(s.ctx) + if err != nil { + return false, err + } + for _, asset := range assets { + if asset.Grade == "U" { + return false, nil + } + } + return true, nil + }) + return assets, err +} + func (s *AuditConfigBaseSuite) getWebhookLabelsString() string { webhookDeploymentLabels := mondooadmission.WebhookDeploymentLabels()