Integrationtest waits longer for GOGS TLS

* also remove helm repo from dev script, helm config is different per user * remove unused block from e2e ci, workflow is never scheduled
rancher · Sep 20, 2024 · cbb647f · cbb647f
1 parent 70b5adf
commit cbb647f
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 35 deletions.
diff --git a/.github/workflows/e2e-ci.yml b/.github/workflows/e2e-ci.yml
@@ -136,15 +136,6 @@ jobs:
           ginkgo --github-output --label-filter='oci-registry' e2e/single-cluster
 
           e2e/testenv/infra/infra teardown
-      -
-        name: Acceptance Tests for Examples
-        if: >
-          matrix.test_type.name == 'default' &&
-          github.event_name == 'schedule'
-        env:
-          FLEET_E2E_NS: fleet-local
-        run: |
-          ginkgo --github-output e2e/acceptance/single-cluster-examples
       -
         name: Fleet Tests Requiring Github Secrets
         # These tests can't run for PRs, because PRs don't have access to the secrets

diff --git a/dev/setup-rancher-clusters b/dev/setup-rancher-clusters
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-set -euxo pipefail
+set -eux
 
 if [ ! -d ./.github/scripts ]; then
   echo "please change the current directory to the fleet repo checkout"
@@ -12,13 +12,10 @@ upstream_ctx="${FLEET_E2E_CLUSTER-k3d-upstream}"
 downstream_ctx="${FLEET_E2E_CLUSTER_DOWNSTREAM-k3d-downstream}"
 rancherpassword="${RANCHER_PASSWORD-rancherpassword}"
 
-# helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
-# helm repo update rancher-latest
-helm repo update
-
 version="${1-}"
+channel="${2-latest}" # latest or alpha
 if [ -z "$version" ]; then
-  version=$(curl -s https://api.github.com/repos/rancher/rancher/releases | jq -r "sort_by(.tag_name) | [ .[] | select(.draft | not) ] | .[-1].tag_name")
+  version=$(curl "https://releases.rancher.com/server-charts/$channel/index.yaml" | yq -r '.entries | to_entries | .[].value[] | .version' latest.yaml | sort -V | tail -1)
 fi
 
 kubectl config use-context "$upstream_ctx"
@@ -27,13 +24,14 @@ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.5
 kubectl wait --for=condition=Available deployment --timeout=2m -n cert-manager --all
 
 # set CATTLE_SERVER_URL and CATTLE_BOOTSTRAP_PASSWORD to get rancher out of "bootstrap" mode
-helm upgrade rancher rancher-latest/rancher --version "$version" \
+helm upgrade rancher "https://releases.rancher.com/server-charts/${channel}/rancher-${version#v}.tgz" \
   --devel \
   --install --wait \
   --create-namespace \
   --namespace cattle-system \
   --set replicas=1 \
   --set hostname="$public_hostname" \
+  --set agentTLSMode=system-store \
   --set bootstrapPassword=admin \
   --set "extraEnv[0].name=CATTLE_SERVER_URL" \
   --set "extraEnv[0].value=https://$public_hostname" \

diff --git a/e2e/testenv/fail.go b/e2e/testenv/fail.go
@@ -24,14 +24,14 @@ func FailAndGather(message string, callerSkip ...int) {
 
 	ginkgo.GinkgoWriter.Printf("💬 Gathering cluster info for '%s' to '%s'...\n", ginkgo.CurrentSpecReport().FullText(), pwd)
 	cmd := exec.Command("crust-gather", "collect",
-		"--exclude-namespace=kube-system", "--exclude-kind=Lease", "--duration=5s",
-		"-f", path)
+		"--exclude-namespace=kube-system", "--exclude-kind=Lease", "--duration=10s",
+		"-verror", "-f", path)
 	cmd.Stdout = ginkgo.GinkgoWriter
 	cmd.Stderr = ginkgo.GinkgoWriter
-	err := cmd.Run()
-	if err != nil {
-		ginkgo.GinkgoWriter.Printf("⛔ failed to gather cluster info: %v", err)
-	}
+	// Outputting errors, but don't care about error code as crust-gather
+	// often runs into a "deadline" error. Data collection is successful
+	// nevertheless.
+	_ = cmd.Run()
 
 	ginkgo.Fail(message, callerSkip...)
 }
diff --git a/integrationtests/gitcloner/clone_test.go b/integrationtests/gitcloner/clone_test.go
@@ -44,7 +44,8 @@ const (
 	gogsHTTPSPort = "3000"
 	gogsSSHPort   = "22"
 	testRepoName  = "test-repo"
-	timeout       = 120 * time.Second
+	timeout       = 240 * time.Second
+	interval      = 10 * time.Second
 )
 
 var (
@@ -370,42 +371,41 @@ func createGogsContainerWithHTTPS() (testcontainers.Container, error) {
 		ContainerRequest: req,
 		Started:          true,
 	})
-
 	if err != nil {
 		return nil, err
 	}
 
 	// create ca bundle and certs needed for https
 	_, _, err = container.Exec(context.Background(), []string{"./gogs", "cert", "-ca=true", "-duration=8760h0m0s", "-host=localhost"})
 	if err != nil {
-		return nil, err
+		return container, err
 	}
 	_, _, err = container.Exec(context.Background(), []string{"chown", "git:git", "cert.pem", "key.pem"})
 	if err != nil {
-		return nil, err
+		return container, err
 	}
 	caReader, err := container.CopyFileFromContainer(context.Background(), "/app/gogs/cert.pem")
 	if err != nil {
-		return nil, err
+		return container, err
 	}
 	gogsCABundle, err = io.ReadAll(caReader)
 	if err != nil {
-		return nil, err
+		return container, err
 	}
 
 	// restart gogs container to make sure https certs are picked
 	err = container.Stop(context.Background(), &[]time.Duration{timeout}[0])
 	if err != nil {
-		return nil, err
+		return container, err
 	}
 	err = container.Start(context.Background())
 	if err != nil {
-		return nil, err
+		return container, err
 	}
 
 	url, err := getHTTPSURL(context.Background(), container)
 	if err != nil {
-		return nil, err
+		return container, err
 	}
 
 	// create access token, we need to wait until the https server is available. We can't check this in testcontainers.WaitFor
@@ -417,9 +417,20 @@ func createGogsContainerWithHTTPS() (testcontainers.Container, error) {
 
 		// only continue if it's a TLS connection
 		addr := strings.Replace(url, "https://", "", 1)
-		_, err := tls.Dial("tcp", addr, conf)
-		if err != nil {
-			return err
+		if _, err := tls.Dial("tcp", addr, conf); err != nil {
+			GinkgoWriter.Printf("error dialing: %v", err)
+			orgErr := err
+
+			// debug the connection
+			conn, err := tls.Dial("tcp", addr, nil)
+			if err != nil {
+				GinkgoWriter.Printf("error dialing without tls: %v", err)
+				return orgErr
+			}
+			body, _ := io.ReadAll(conn)
+			GinkgoWriter.Printf("tcp connection response: %s", body)
+
+			return orgErr
 		}
 
 		tr := &http.Transport{TLSClientConfig: conf}
@@ -429,13 +440,14 @@ func createGogsContainerWithHTTPS() (testcontainers.Container, error) {
 			Name: "test",
 		})
 		if err != nil {
+			GinkgoWriter.Printf("error creating access token: %v", err)
 			return err
 		}
 		gogsClient = gogs.NewClient(url, token.Sha1)
 		gogsClient.SetHTTPClient(httpClient)
 
 		return nil
-	}, timeout, "10s").ShouldNot(HaveOccurred())
+	}, timeout, interval).ShouldNot(HaveOccurred())
 
 	return container, nil
 }