Skip to content

Commit

Permalink
Set sync setting in config automatically
Browse files Browse the repository at this point in the history
Signed-off-by: Yi Rae Kim <[email protected]>
  • Loading branch information
yiraeChristineKim committed Nov 13, 2023
1 parent 8ab1797 commit 4f91b50
Show file tree
Hide file tree
Showing 29 changed files with 1,400 additions and 48 deletions.
50 changes: 45 additions & 5 deletions .github/workflows/ci_tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -82,11 +82,51 @@ jobs:
- name: E2E Tests
run: |
make deploy-ci NAMESPACE=mygatekeeper IMG=localhost:5000/gatekeeper-operator:$GITHUB_SHA
kubectl -n mygatekeeper wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s
kubectl -n mygatekeeper logs deployment/gatekeeper-operator-controller -c manager -f > operator.log &
make test-e2e NAMESPACE=mygatekeeper
kubectl delete --wait namespace mygatekeeper
make deploy-ci NAMESPACE=gatekeeper-system IMG=localhost:5000/gatekeeper-operator:$GITHUB_SHA
kubectl -n gatekeeper-system wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s
kubectl -n gatekeeper-system logs deployment/gatekeeper-operator-controller -c manager -f > operator.log &
make test-e2e NAMESPACE=gatekeeper-system
- name: Debug
if: ${{ failure() }}
run: |
echo "::group::Operator Logs"
cat operator.log
echo "::endgroup::"
configsync-e2e-test:
name: Run configsync e2e tests
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Fetch all history for all tags and branches

- uses: actions/setup-go@v3
with:
go-version-file: go.mod

- name: Download binaries
run: |
make download-binaries
- name: Create K8s KinD Cluster
run: |
kind version
make test-cluster
- name: Build and Push Test Container Image to KIND node
run: |
make docker-build IMG=localhost:5000/gatekeeper-operator:$GITHUB_SHA
kind load docker-image localhost:5000/gatekeeper-operator:$GITHUB_SHA
- name: E2E Tests
run: |
make deploy-ci NAMESPACE=gatekeeper-system IMG=localhost:5000/gatekeeper-operator:$GITHUB_SHA
kubectl -n gatekeeper-system wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s
kubectl -n gatekeeper-system logs deployment/gatekeeper-operator-controller -c manager -f > operator.log &
make test-e2e NAMESPACE=gatekeeper-system LABEL_FILTER=config
- name: Debug
if: ${{ failure() }}
Expand Down
14 changes: 7 additions & 7 deletions .github/workflows/olm_tests.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,18 +53,18 @@ jobs:
- name: Deploy resources on KIND cluster to install Gatekeeper
run: |
make deploy-using-olm REPO=localhost:5000 VERSION=$GITHUB_SHA NAMESPACE=mygatekeeper
while ! kubectl -n mygatekeeper get deployment gatekeeper-operator-controller; do \
make deploy-using-olm REPO=localhost:5000 VERSION=$GITHUB_SHA NAMESPACE=gatekeeper-system
while ! kubectl -n gatekeeper-system get deployment gatekeeper-operator-controller; do \
echo "Waiting for operator deployment"; \
sleep 2; \
done
kubectl -n mygatekeeper wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s
kubectl -n gatekeeper-system wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s
- name: E2E Tests
run: |
kubectl -n mygatekeeper logs deployment/gatekeeper-operator-controller -c manager -f > operator.log &
make test-e2e NAMESPACE=mygatekeeper
kubectl delete --wait namespace mygatekeeper
kubectl -n gatekeeper-system logs deployment/gatekeeper-operator-controller -c manager -f > operator.log &
make test-e2e NAMESPACE=gatekeeper-system
kubectl delete --wait namespace gatekeeper-system
- name: Debug
if: ${{ failure() }}
Expand All @@ -74,5 +74,5 @@ jobs:
echo "::endgroup::"
echo "::group::Deployments"
kubectl -n mygatekeeper get deployments -o yaml
kubectl -n gatekeeper-system get deployments -o yaml
echo "::endgroup::"
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -19,3 +19,5 @@ testbin/*
!vendor/**/zz_generated.*

ci-tools/

.vscode/*
19 changes: 17 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -141,11 +141,12 @@ tidy: ## Run go mod tidy

.PHONY: test
test: manifests generate fmt vet envtest ## Run tests.
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" GOFLAGS=$(GOFLAGS) go test ./... -coverprofile cover.out
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" GOFLAGS=$(GOFLAGS) go test $(go list ./... | grep -v /test/) -coverprofile cover.out

LABEL_FILTER=gatekeeper-controller
.PHONY: test-e2e
test-e2e: e2e-dependencies generate fmt vet ## Run e2e tests, using the configured Kubernetes cluster in ~/.kube/config
GOFLAGS=$(GOFLAGS) USE_EXISTING_CLUSTER=true $(GINKGO) --trace --fail-fast --label-filter="$(LABEL_FILTER)" ./test/e2e -- --namespace="$(NAMESPACE)" --timeout="5m" --delete-timeout="10m"
GOFLAGS=$(GOFLAGS) USE_EXISTING_CLUSTER=true $(GINKGO) -v --trace --fail-fast --label-filter="$(LABEL_FILTER)" ./test/e2e -- --namespace="$(NAMESPACE)" --timeout="5m" --delete-timeout="10m"

.PHONY: test-cluster
test-cluster: ## Create a local kind cluster with a registry for testing
Expand All @@ -163,6 +164,20 @@ download-binaries: kustomize go-bindata envtest controller-gen
curl -sSLO https://github.com/bats-core/bats-core/archive/v${BATS_VERSION}.tar.gz && tar -zxvf v${BATS_VERSION}.tar.gz && bash bats-core-${BATS_VERSION}/install.sh $(PWD)/ci-tools
rm -rf bats-core-${BATS_VERSION} v${BATS_VERSION}.tar.gz

DEV_IMG=localhost:5000/gatekeeper-operator:dev
.PHONY: kind-bootstrap-cluster
kind-bootstrap-cluster: test-cluster dev-build
kubectl label ns $(NAMESPACE) --overwrite pod-security.kubernetes.io/audit=privileged
kubectl label ns $(NAMESPACE) --overwrite pod-security.kubernetes.io/enforce=privileged
kubectl label ns $(NAMESPACE) --overwrite pod-security.kubernetes.io/warn=privileged
kind load docker-image $(DEV_IMG)
$(MAKE) deploy-ci NAMESPACE=$(NAMESPACE) IMG=$(DEV_IMG)
kubectl -n $(NAMESPACE) wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s

.PHONY: dev-build
dev-build: export DOCKER_DEFAULT_PLATFORM=linux/amd64
dev-build: ## Build docker image with the manager for Mac user
$(DOCKER) build --build-arg GOOS=linux --build-arg GOARCH=amd64 --build-arg LDFLAGS=${LDFLAGS} -t ${DEV_IMG} .
##@ Build

.PHONY: build
Expand Down
7 changes: 4 additions & 3 deletions api/v1alpha1/gatekeeper_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -140,12 +140,13 @@ const (
LogLevelError LogLevelMode = "ERROR"
)

// +kubebuilder:validation:Enum:=Enabled;Disabled
// +kubebuilder:validation:Enum:=Enabled;Disabled;Automatic
type AuditFromCacheMode string

const (
AuditFromCacheEnabled AuditFromCacheMode = "Enabled"
AuditFromCacheDisabled AuditFromCacheMode = "Disabled"
AuditFromCacheEnabled AuditFromCacheMode = "Enabled"
AuditFromCacheDisabled AuditFromCacheMode = "Disabled"
AuditFromCacheAutomatic AuditFromCacheMode = "Automatic"
)

// +kubebuilder:validation:Enum:=Enabled;Disabled
Expand Down
1 change: 1 addition & 0 deletions bundle/manifests/operator.gatekeeper.sh_gatekeepers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -867,6 +867,7 @@ spec:
enum:
- Enabled
- Disabled
- Automatic
type: string
auditInterval:
type: string
Expand Down
1 change: 1 addition & 0 deletions config/crd/bases/operator.gatekeeper.sh_gatekeepers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -867,6 +867,7 @@ spec:
enum:
- Enabled
- Disabled
- Automatic
type: string
auditInterval:
type: string
Expand Down
Loading

0 comments on commit 4f91b50

Please sign in to comment.