1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-15 17:51:01 +00:00
external-secrets/e2e/run.sh

91 lines
3.7 KiB
Bash
Raw Normal View History

2021-04-24 23:39:06 +00:00
#!/bin/bash
# Copyright 2019 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -euo pipefail
2021-04-24 23:39:06 +00:00
if ! command -v kind --version &> /dev/null; then
echo "kind is not installed. Use the package manager or visit the official site https://kind.sigs.k8s.io/"
exit 1
fi
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cd $DIR
echo "Kubernetes cluster:"
kubectl get nodes -o wide
echo -e "Granting permissions to e2e service account..."
kubectl create serviceaccount external-secrets-e2e || true
kubectl create clusterrolebinding permissive-binding \
--clusterrole=cluster-admin \
--user=admin \
--user=kubelet \
--serviceaccount=default:external-secrets-e2e || true
echo -e "Granting anonymous access to service account issuer discovery"
kubectl create clusterrolebinding service-account-issuer-discovery-binding \
--clusterrole=system:service-account-issuer-discovery \
--group=system:unauthenticated || true
echo -e "Starting the e2e test pod ${E2E_IMAGE_NAME}:${VERSION}"
2021-04-24 23:39:06 +00:00
kubectl run --rm \
--attach \
--restart=Never \
--pod-running-timeout=5m \
--labels="app=eso-e2e" \
--env="ACK_GINKGO_DEPRECATIONS=2.9.5" \
--env="GINKGO_LABELS=${GINKGO_LABELS:-.*}" \
2021-07-12 18:27:48 +00:00
--env="GCP_SM_SA_JSON=${GCP_SM_SA_JSON:-}" \
--env="GCP_PROJECT_ID=${GCP_PROJECT_ID:-}" \
2021-12-29 12:02:56 +00:00
--env="GCP_GSA_NAME=${GCP_GSA_NAME:-}" \
--env="GCP_KSA_NAME=${GCP_KSA_NAME:-}" \
--env="GCP_GKE_ZONE=${GCP_GKE_ZONE:-}" \
--env="GCP_GKE_CLUSTER=${GCP_GKE_CLUSTER:-}" \
--env="AWS_REGION=${AWS_REGION:-}" \
--env="AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID:-}" \
--env="AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY:-}" \
--env="AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN:-}" \
--env="AWS_SA_NAME=${AWS_SA_NAME:-}" \
--env="AWS_SA_NAMESPACE=${AWS_SA_NAMESPACE:-}" \
2021-07-12 18:27:48 +00:00
--env="AZURE_CLIENT_ID=${AZURE_CLIENT_ID:-}" \
--env="AZURE_CLIENT_SECRET=${AZURE_CLIENT_SECRET:-}" \
2021-11-10 13:57:37 +00:00
--env="AKEYLESS_ACCESS_ID=${AKEYLESS_ACCESS_ID:-}" \
--env="AKEYLESS_ACCESS_TYPE=${AKEYLESS_ACCESS_TYPE:-}" \
--env="AKEYLESS_ACCESS_TYPE_PARAM=${AKEYLESS_ACCESS_TYPE_PARAM:-}" \
2021-07-12 18:27:48 +00:00
--env="TENANT_ID=${TENANT_ID:-}" \
--env="VAULT_URL=${VAULT_URL:-}" \
2021-08-04 09:42:07 +00:00
--env="GITLAB_TOKEN=${GITLAB_TOKEN:-}" \
--env="GITLAB_PROJECT_ID=${GITLAB_PROJECT_ID:-}" \
--env="GITLAB_ENVIRONMENT=${GITLAB_ENVIRONMENT:-}" \
--env="ORACLE_USER_OCID=${ORACLE_USER_OCID:-}" \
2021-09-09 22:57:43 +00:00
--env="ORACLE_TENANCY_OCID=${ORACLE_TENANCY_OCID:-}" \
--env="ORACLE_REGION=${ORACLE_REGION:-}" \
--env="ORACLE_FINGERPRINT=${ORACLE_FINGERPRINT:-}" \
--env="ORACLE_KEY=${ORACLE_KEY:-}" \
Feature/scaleway provider (#2086) * wip: basic structure of scaleway provider Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: add some tests for GetAllSecrets Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: implement PushSecret Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: improved test fixtures Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: allow finding secrets by project using the path property Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: add delete secret method Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * Delete dupplicate of push remote ref test implem Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: add capability to use a secret for configuring access token Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: implement GetSecretMap Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: filtering by name and projetc id Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: add test for finding secret by name regexp Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: config validation Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: handle situation where no namespace is specified and we cannot provide a default Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: reference secrets by id or name Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: invalid request caused by pagination handling Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: log the error when failing to access secret version Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: pass context to sdk where missing Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: add a cache for reducing AccessSecretVersion() calls Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * refacto: use GetSecret with name instead of ListSecrets Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: allow using secret name in ExternalSecrets Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: use latest_enabled instead of latest Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * refacto: optimized PushSecret and improved its test coverage Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: doesConfigDependOnNamespace was always true Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: use new api with refactored name-based endpoints Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * remove useless todo Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * fix: use secret names as key for GetAllSecrets Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: support gjson propery lookup Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: e2e tests Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: e2e test using secret to store api key Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: cleanup left over resources on the secret manager before each e2e run Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * doc: add doc for scaleway provider Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * refacto: fix lint issues Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * test: cleanup code in e2e was commented Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: the previous version is disabled when we push to a secret Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * doc: add comments to ScalewayProvider struct to point to console and doc Signed-off-by: Julien Loctaux <no.mail@jloc.fr> * feat: add missing e2e env vars for scaleway Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> * docs: add scaleway to support/stability table Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> --------- Signed-off-by: Julien Loctaux <no.mail@jloc.fr> Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Moritz Johner <beller.moritz@googlemail.com>
2023-03-16 00:03:52 +00:00
--env="SCALEWAY_API_URL=${SCALEWAY_API_URL:-}" \
--env="SCALEWAY_REGION=${SCALEWAY_REGION:-}" \
--env="SCALEWAY_PROJECT_ID=${SCALEWAY_PROJECT_ID:-}" \
--env="SCALEWAY_ACCESS_KEY=${SCALEWAY_ACCESS_KEY:-}" \
--env="SCALEWAY_SECRET_KEY=${SCALEWAY_SECRET_KEY:-}" \
--env="DELINEA_TLD=${DELINEA_TLD:-}" \
--env="DELINEA_URL_TEMPLATE=${DELINEA_URL_TEMPLATE:-}" \
--env="DELINEA_TENANT=${DELINEA_TENANT:-}" \
--env="DELINEA_CLIENT_ID=${DELINEA_CLIENT_ID:-}" \
--env="DELINEA_CLIENT_SECRET=${DELINEA_CLIENT_SECRET:-}" \
--env="VERSION=${VERSION}" \
--env="TEST_SUITES=${TEST_SUITES}" \
2021-04-24 23:39:06 +00:00
--overrides='{ "apiVersion": "v1", "spec":{"serviceAccountName": "external-secrets-e2e"}}' \
e2e --image=${E2E_IMAGE_NAME}:${VERSION}