From d50b30abf2644be8b7e6a0fa442c885d341d9de7 Mon Sep 17 00:00:00 2001 From: Ivan Milchev Date: Thu, 12 Oct 2023 19:18:47 +0300 Subject: [PATCH] cleanup test configuration settings Signed-off-by: Ivan Milchev --- .env.example | 2 + .github/workflows/integration-tests.yaml | 5 -- .gitignore | 3 +- .vscode/settings.json | 1 + Makefile | 5 ++ tests/framework/nexus/client.go | 26 +++++-- tests/framework/nexus/k8s/integration.go | 2 +- tests/framework/utils/service_account.go | 35 ---------- tests/integration/audit_config_base_suite.go | 9 +-- .../audit_config_namespace_test.go | 1 + tests/integration/gql_test.go | 70 ------------------- 11 files changed, 34 insertions(+), 125 deletions(-) create mode 100644 .env.example delete mode 100644 tests/framework/utils/service_account.go delete mode 100644 tests/integration/gql_test.go diff --git a/.env.example b/.env.example new file mode 100644 index 000000000..ca4d08afd --- /dev/null +++ b/.env.example @@ -0,0 +1,2 @@ +MONDOO_API_TOKEN=xxxx +MONDOO_GQL_ENDPOINT=https://api.edge.mondoo.com/query \ No newline at end of file diff --git a/.github/workflows/integration-tests.yaml b/.github/workflows/integration-tests.yaml index d57306411..6c25e165e 100644 --- a/.github/workflows/integration-tests.yaml +++ b/.github/workflows/integration-tests.yaml @@ -80,11 +80,6 @@ jobs: - name: Wait a bit for the runner to become more stable run: for i in 1 2 3 4 5; do kubectl -n kube-system wait --for=condition=Ready pods --all --timeout=180s && break || sleep 10; done - # There are connection timeouts set to 30s in the k8s components. This means that they might seem like - # they are working but in fact they are just waiting on a connection. - - name: Wait for 40s - run: sleep 40 - - name: Run integration tests env: MONDOO_SERVICE_ACCOUNT_EDGE: ${{ secrets.MONDOO_SERVICE_ACCOUNT_EDGE}} diff --git a/.gitignore b/.gitignore index 9d6842844..476ac08a0 100644 --- a/.gitignore +++ b/.gitignore @@ -48,4 +48,5 @@ tests/integration/_output /cnquery /cnspec -package.json \ No newline at end of file +package.json +.env \ No newline at end of file diff --git a/.vscode/settings.json b/.vscode/settings.json index 231840713..2fca999dd 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -4,4 +4,5 @@ "gopls": { "formatting.gofumpt": true, }, + "go.testEnvFile": "${workspaceFolder}/.env", } \ No newline at end of file diff --git a/Makefile b/Makefile index 018ff0304..e48890c4e 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,8 @@ +ifneq (,$(wildcard ./.env)) + include .env + export +endif + # VERSION defines the project version for the bundle. # Update this value when you upgrade the version of your project. # To re-generate a bundle for another specific version without changing the standard setup, you can: diff --git a/tests/framework/nexus/client.go b/tests/framework/nexus/client.go index 2ef25f367..86f0f2bee 100644 --- a/tests/framework/nexus/client.go +++ b/tests/framework/nexus/client.go @@ -4,28 +4,40 @@ package nexus import ( - "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream" + "fmt" + "os" mondoogql "go.mondoo.com/mondoo-go" "go.mondoo.com/mondoo-go/option" ) -type Client struct { - spaceMrn string +const ( + MONDOO_API_TOKEN_VAR = "MONDOO_API_TOKEN" + MONDOO_GQL_ENDPOINT_VAR = "MONDOO_GQL_ENDPOINT" +) +type Client struct { Client *mondoogql.Client } -func NewClient(serviceAccount *upstream.ServiceAccountCredentials) (*Client, error) { +func NewClient() (*Client, error) { + gqlEndpoint := os.Getenv(MONDOO_GQL_ENDPOINT_VAR) + if gqlEndpoint == "" { + return nil, fmt.Errorf("missing environment variable %s", MONDOO_GQL_ENDPOINT_VAR) + } + + apiToken := os.Getenv(MONDOO_API_TOKEN_VAR) + if apiToken == "" { + return nil, fmt.Errorf("missing environment variable %s", MONDOO_API_TOKEN_VAR) + } // Initialize the client - client, err := mondoogql.NewClient(option.WithEndpoint("https://api.edge.mondoo.com/query"), option.WithAPIToken("")) + client, err := mondoogql.NewClient(option.WithEndpoint(gqlEndpoint), option.WithAPIToken(apiToken)) if err != nil { return nil, err } return &Client{ - spaceMrn: serviceAccount.ParentMrn, - Client: client, + Client: client, }, nil } diff --git a/tests/framework/nexus/k8s/integration.go b/tests/framework/nexus/k8s/integration.go index ac41168e3..7fc6c17dd 100644 --- a/tests/framework/nexus/k8s/integration.go +++ b/tests/framework/nexus/k8s/integration.go @@ -183,7 +183,7 @@ type CiCdJob struct { Grade string } -func (p *CiCdProject) ListAssets(ctx context.Context, assetType string) ([]CiCdJob, error) { +func (p *CiCdProject) ListAssets(ctx context.Context) ([]CiCdJob, error) { var q struct { CicdProjectJobs struct { Jobs struct { diff --git a/tests/framework/utils/service_account.go b/tests/framework/utils/service_account.go deleted file mode 100644 index d5ee34182..000000000 --- a/tests/framework/utils/service_account.go +++ /dev/null @@ -1,35 +0,0 @@ -// Copyright (c) Mondoo, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package utils - -import ( - "encoding/base64" - "encoding/json" - "fmt" - "os" - - "go.mondoo.com/cnquery/v9/cli/config" - "go.mondoo.com/cnquery/v9/providers-sdk/v1/upstream" -) - -const ServiceAccountEnv = "MONDOO_SERVICE_ACCOUNT_EDGE" - -func GetServiceAccount() (*upstream.ServiceAccountCredentials, error) { - saBase64, ok := os.LookupEnv(ServiceAccountEnv) - if !ok { - return nil, fmt.Errorf("Service account not found in environment variable %s", ServiceAccountEnv) - } - - saString, err := base64.StdEncoding.DecodeString(saBase64) - if err != nil { - return nil, err - } - - config := &config.CommonOpts{} - err = json.Unmarshal(saString, config) - if err != nil { - return nil, err - } - return config.GetServiceCredential(), err -} diff --git a/tests/integration/audit_config_base_suite.go b/tests/integration/audit_config_base_suite.go index d1b861d8d..f0270f36a 100644 --- a/tests/integration/audit_config_base_suite.go +++ b/tests/integration/audit_config_base_suite.go @@ -64,10 +64,7 @@ func (s *AuditConfigBaseSuite) SetupSuite() { zerolog.SetGlobalLevel(zerolog.InfoLevel) s.ctx = context.Background() - sa, err := utils.GetServiceAccount() - s.Require().NoError(err, "Service account not set") - nexusClient, err := nexus.NewClient(sa) - + nexusClient, err := nexus.NewClient() s.Require().NoError(err, "Failed to create Nexus client") s.spaceClient = nexusClient.GetSpace() @@ -808,7 +805,7 @@ func (s *AuditConfigBaseSuite) checkDeployments(auditConfig *mondoov2.MondooAudi cicdProject, err := s.integration.GetCiCdProject(s.ctx) s.Require().NoError(err, "Failed to get CICD project") - assets, err := cicdProject.ListAssets(s.ctx, "") + assets, err := cicdProject.ListAssets(s.ctx) s.Require().NoError(err, "Failed to list CICD assets") assetNames := utils.CiCdJobNames(assets) @@ -824,7 +821,7 @@ func (s *AuditConfigBaseSuite) checkDeployments(auditConfig *mondoov2.MondooAudi s.NoErrorf(err, "Failed creating a Deployment in permissive mode.") } - assets, err = cicdProject.ListAssets(s.ctx, "") + assets, err = cicdProject.ListAssets(s.ctx) s.Require().NoError(err, "Failed to list CICD assets") assetNames = utils.CiCdJobNames(assets) diff --git a/tests/integration/audit_config_namespace_test.go b/tests/integration/audit_config_namespace_test.go index 904f31afc..62bee656a 100644 --- a/tests/integration/audit_config_namespace_test.go +++ b/tests/integration/audit_config_namespace_test.go @@ -86,6 +86,7 @@ func (s *AuditConfigCustomNamespaceSuite) TestReconcile_KubernetesResources() { func (s *AuditConfigCustomNamespaceSuite) TestReconcile_Containers() { auditConfig := utils.DefaultAuditConfigMinimal(s.ns.Name, false, true, false, false) + auditConfig.Spec.Scanner.ServiceAccountName = s.sa.Name // Ignore the operator namespace and the scanner namespace because we cannot scan a local image auditConfig.Spec.Filtering.Namespaces.Exclude = []string{s.ns.Name, s.testCluster.Settings.Namespace, "kube-system"} diff --git a/tests/integration/gql_test.go b/tests/integration/gql_test.go deleted file mode 100644 index 0eeff9c32..000000000 --- a/tests/integration/gql_test.go +++ /dev/null @@ -1,70 +0,0 @@ -package integration - -import ( - "context" - "testing" - - "github.com/rs/zerolog" - "github.com/stretchr/testify/suite" - "go.mondoo.com/mondoo-operator/tests/framework/nexus" - "go.mondoo.com/mondoo-operator/tests/framework/utils" - - mondoogql "go.mondoo.com/mondoo-go" -) - -type GqlSuite struct { - suite.Suite - ctx context.Context - spaceClient *nexus.Space - nexusClient *nexus.Client -} - -func (s *GqlSuite) SetupSuite() { - zerolog.SetGlobalLevel(zerolog.InfoLevel) - s.ctx = context.Background() - - sa, err := utils.GetServiceAccount() - s.Require().NoError(err, "Service account not set") - nexusClient, err := nexus.NewClient(sa) - s.Require().NoError(err, "Failed to create Nexus client") - - s.nexusClient = nexusClient -} - -func (s *GqlSuite) TestCreateSpace() { - // s.spaceClient = s.nexusClient.GetSpace() - // err := s.spaceClient.Delete(context.Background()) - // 29GPDsplmmH9Nt5XqhhHjiSqRpk - var q struct { - CiCdProjects struct { - Projects struct { - Projects struct { - Edges []struct { - Node struct { - Mrn string - Labels []struct { - Key string - Value string - } - } - } - } `graphql:"projects(first: $first)"` - } `graphql:"... on CicdProjects"` - } `graphql:"cicdProjects(input: $input)"` - } - - err := s.nexusClient.Client.Query(s.ctx, &q, map[string]interface{}{"input": mondoogql.CicdProjectsInput{SpaceMrn: "//captain.api.mondoo.app/spaces/dreamy-wilson-259171"}, "first": mondoogql.Int(100)}) - s.NoError(err) - // assets, err := assets.ListAssetsWithScores( - // context.Background(), - // "//captain.api.mondoo.app/spaces/dreamy-wilson-259171", - // "", - // s.nexusClient.Client) - // s.NotEmpty(assets) - // s.NoError(err) -} - -func TestGqlSuite(t *testing.T) { - s := new(GqlSuite) - suite.Run(t, s) -}