From 0bfee479ed7e95f8df575dbd6a2e0e70a9251942 Mon Sep 17 00:00:00 2001 From: Sharif Elgamal Date: Wed, 24 Mar 2021 16:18:28 -0700 Subject: [PATCH] add integration test for pulling private image --- test/integration/addons_test.go | 38 ++++++++++++++------ test/integration/testdata/private-image.yaml | 12 +++++++ 2 files changed, 40 insertions(+), 10 deletions(-) create mode 100644 test/integration/testdata/private-image.yaml diff --git a/test/integration/addons_test.go b/test/integration/addons_test.go index 155bdbe01..ce13f2952 100644 --- a/test/integration/addons_test.go +++ b/test/integration/addons_test.go @@ -46,17 +46,20 @@ func TestAddons(t *testing.T) { ctx, cancel := context.WithTimeout(context.Background(), Minutes(40)) defer Cleanup(t, profile, cancel) - // Set an env var to point to our dummy credentials file - err := os.Setenv("GOOGLE_APPLICATION_CREDENTIALS", filepath.Join(*testdataDir, "gcp-creds.json")) - defer os.Unsetenv("GOOGLE_APPLICATION_CREDENTIALS") - if err != nil { - t.Fatalf("Failed setting GOOGLE_APPLICATION_CREDENTIALS env var: %v", err) - } + // We don't need a dummy file is we're on GCE + if !detect.IsOnGCE() { + // Set an env var to point to our dummy credentials file + err := os.Setenv("GOOGLE_APPLICATION_CREDENTIALS", filepath.Join(*testdataDir, "gcp-creds.json")) + defer os.Unsetenv("GOOGLE_APPLICATION_CREDENTIALS") + if err != nil { + t.Fatalf("Failed setting GOOGLE_APPLICATION_CREDENTIALS env var: %v", err) + } - err = os.Setenv("GOOGLE_CLOUD_PROJECT", "this_is_fake") - defer os.Unsetenv("GOOGLE_CLOUD_PROJECT") - if err != nil { - t.Fatalf("Failed setting GOOGLE_CLOUD_PROJECT env var: %v", err) + err = os.Setenv("GOOGLE_CLOUD_PROJECT", "this_is_fake") + defer os.Unsetenv("GOOGLE_CLOUD_PROJECT") + if err != nil { + t.Fatalf("Failed setting GOOGLE_CLOUD_PROJECT env var: %v", err) + } } args := append([]string{"start", "-p", profile, "--wait=true", "--memory=4000", "--alsologtostderr", "--addons=registry", "--addons=metrics-server", "--addons=olm", "--addons=volumesnapshots", "--addons=csi-hostpath-driver"}, StartArgs()...) @@ -618,6 +621,21 @@ func validateGCPAuthAddon(ctx context.Context, t *testing.T, profile string) { t.Errorf("'printenv GOOGLE_APPLICATION_CREDENTIALS' returned %s, expected %s", got, expected) } + // If we're on GCE, we have proper credentials and can test the registry secrets with an artifact registry image + if detect.IsOnGCE() { + rr, err = Run(t, exec.CommandContext(ctx, "kubectl", "--context", profile, "apply", "-f", filepath.Join(*testdataDir, "private-image.yaml"))) + if err != nil { + t.Fatalf("print env project: %v", err) + } + + // Make sure the pod is up and running, which means we successfully pulled the private image down + // 8 minutes, because 4 is not enough for images to pull in all cases. + _, err := PodWait(ctx, t, profile, "default", "integration-test=private-image", Minutes(8)) + if err != nil { + t.Fatalf("wait for private image: %v", err) + } + } + rr, err = Run(t, exec.CommandContext(ctx, Target(), "-p", profile, "addons", "disable", "gcp-auth", "--alsologtostderr", "-v=1")) if err != nil { t.Errorf("failed disabling gcp-auth addon. arg %q.s %v", rr.Command(), err) diff --git a/test/integration/testdata/private-image.yaml b/test/integration/testdata/private-image.yaml new file mode 100644 index 000000000..294a1729c --- /dev/null +++ b/test/integration/testdata/private-image.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Deployment +metadata: + name: private-image + labels: + integration-test: private-image +spec: + containers: + - image: + imagePullPolicy: IfNotPresent + name: private-image + restartPolicy: Always \ No newline at end of file -- GitLab