diff --git a/Makefile b/Makefile index b70ac817..69487554 100644 --- a/Makefile +++ b/Makefile @@ -110,7 +110,7 @@ test-e2e: $(GINKGO) ## Run the e2e tests $(GINKGO) --tags $(GO_BUILD_TAGS) $(E2E_FLAGS) --trace $(FOCUS) test/e2e e2e: KIND_CLUSTER_NAME=rukpak-e2e -e2e: run image-registry local-git kind-load-bundles registry-load-bundles test-e2e kind-cluster-cleanup ## Run e2e tests against an ephemeral kind cluster +e2e: run image-registry secure-image-registry local-git kind-load-bundles registry-load-bundles secure-registry-load-bundles test-e2e kind-cluster-cleanup ## Run e2e tests against an ephemeral kind cluster kind-cluster: $(KIND) kind-cluster-cleanup ## Standup a kind cluster $(KIND) create cluster --name ${KIND_CLUSTER_NAME} ${KIND_CLUSTER_CONFIG} @@ -120,6 +120,11 @@ kind-cluster-cleanup: $(KIND) ## Delete the kind cluster $(KIND) delete cluster --name ${KIND_CLUSTER_NAME} image-registry: ## Setup in-cluster image registry + ./test/tools/imageregistry/image-registry.sh ${REGISTRY_NAMESPACE} ${REGISTRY_NAME} + +secure-image-registry: REGISTRY_NAME="docker-registry-secure" +secure-image-registry: DNS_NAME=$(REGISTRY_NAME).$(REGISTRY_NAMESPACE).svc.cluster.local +secure-image-registry: ## Setup a private in-cluster image registry ./test/tools/imageregistry/setup_imageregistry.sh ${KIND_CLUSTER_NAME} local-git: ## Setup in-cluster git repository @@ -211,6 +216,20 @@ kind-load: $(KIND) ## Loads the currently constructed image onto the cluster $(KIND) load docker-image $(IMAGE) --name $(KIND_CLUSTER_NAME) registry-load-bundles: ## Load selected e2e testdata container images created in kind-load-bundles into registry + testdata/bundles/plain-v0/valid/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/plain-v0:valid + testdata/bundles/plain-v0/dependent/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/plain-v0:dependent + testdata/bundles/plain-v0/provides/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/plain-v0:provides + testdata/bundles/plain-v0/empty/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/plain-v0:empty + testdata/bundles/plain-v0/no-manifests/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/plain-v0:no-manifests + testdata/bundles/plain-v0/invalid-missing-crds/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/plain-v0:invalid-missing-crds + testdata/bundles/plain-v0/invalid-crds-and-crs/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/plain-v0:invalid-crds-and-crs + testdata/bundles/plain-v0/subdir/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/plain-v0:subdir + testdata/bundles/registry/valid/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/registry:valid + testdata/bundles/registry/invalid/build-push-e2e-bundle.sh ${REGISTRY_NAMESPACE} $(DNS_NAME):5000/bundles/registry:invalid + +secure-registry-load-bundles: REGISTRY_NAME="docker-registry-secure" +secure-regsitry-load-bundles: DNS_NAME=$(REGISTRY_NAME).$(REGISTRY_NAMESPACE).svc.cluster.local +secure-registry-load-bundles: ## Load selected e2e testdata container images created in kind-load-bundles into private registry $(CONTAINER_RUNTIME) tag localhost/testdata/bundles/plain-v0:valid $(DNS_NAME):5000/bundles/plain-v0:valid ./test/tools/imageregistry/load_test_image.sh $(KIND) $(KIND_CLUSTER_NAME) diff --git a/internal/source/image_registry.go b/internal/source/image_registry.go index 60bf732c..7ea83b21 100644 --- a/internal/source/image_registry.go +++ b/internal/source/image_registry.go @@ -159,22 +159,19 @@ func unpackImage(ctx context.Context, imgRef name.Reference, unpackPath string, return fmt.Errorf("error getting image layers: %w", err) } - dirBase := "manifests" for _, layer := range layers { layerRc, err := layer.Uncompressed() if err != nil { return fmt.Errorf("error getting uncompressed layer data: %w", err) } - // Apply the layer contents, but filter on the directory that contains catalog contents so we only cache the - // catalog contents and nothing else. This filter ensures that the files created have the proper UID and GID + // This filter ensures that the files created have the proper UID and GID // for the filesystem they will be stored on to ensure no permission errors occur when attempting to create the // files. _, err = archive.Apply(ctx, unpackPath, layerRc, archive.WithFilter(func(th *tar.Header) (bool, error) { th.Uid = os.Getuid() th.Gid = os.Getgid() - dir, file := filepath.Split(th.Name) - return (dir == "" && file == dirBase) || strings.HasPrefix(dir, fmt.Sprintf("%s/", dirBase)), nil + return true, nil })) if err != nil { return fmt.Errorf("error applying layer to archive: %w", err) diff --git a/test/e2e/image_repo.go b/test/e2e/image_repo.go index 8784f8e0..c559e87a 100644 --- a/test/e2e/image_repo.go +++ b/test/e2e/image_repo.go @@ -2,4 +2,4 @@ package e2e // ImageRepo is meant to be set via -ldflags during execution of this code // where it will then be used to configure the testing suite. -var ImageRepo = "localhost/testdata/bundles" +var ImageRepo = "docker-registry.rukpak-e2e.svc.cluster.local:5000/bundles" diff --git a/test/e2e/plain_provisioner_test.go b/test/e2e/plain_provisioner_test.go index fba55fe6..a05e4994 100644 --- a/test/e2e/plain_provisioner_test.go +++ b/test/e2e/plain_provisioner_test.go @@ -66,7 +66,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:valid"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:valid"), + InsecureSkipTLSVerify: true, }, }, }, @@ -107,7 +108,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:valid"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:valid"), + InsecureSkipTLSVerify: true, }, }, }, @@ -122,7 +124,6 @@ var _ = Describe("plain provisioner bundle", func() { }) It("should eventually report a successful state", func() { - By("eventually writing a non-empty image digest to the status", func() { Eventually(func() (*rukpakv1alpha2.BundleSource, error) { if err := c.Get(ctx, client.ObjectKeyFromObject(bundleDeployment), bundleDeployment); err != nil { @@ -139,42 +140,6 @@ var _ = Describe("plain provisioner bundle", func() { )) }) }) - - It("should re-create underlying system resources", func() { - var ( - pod *corev1.Pod - ) - - By("getting the underlying bundle unpacking pod") - selector := util.NewBundleDeploymentLabelSelector(bundleDeployment) - Eventually(func() bool { - pods := &corev1.PodList{} - if err := c.List(ctx, pods, &client.ListOptions{ - Namespace: defaultSystemNamespace, - LabelSelector: selector, - }); err != nil { - return false - } - if len(pods.Items) != 1 { - return false - } - pod = &pods.Items[0] - return true - }).Should(BeTrue()) - - By("storing the pod's original UID") - originalUID := pod.GetUID() - - By("deleting the underlying pod and waiting for it to be re-created") - err := c.Delete(context.Background(), pod) - Expect(err).ToNot(HaveOccurred()) - - By("verifying the pod's UID has changed") - Eventually(func() (types.UID, error) { - err := c.Get(ctx, client.ObjectKeyFromObject(pod), pod) - return pod.GetUID(), err - }).ShouldNot(Equal(originalUID)) - }) }) When("a valid Bundle Deployment referencing a remote private container image is created", func() { @@ -196,8 +161,9 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: "docker-registry.rukpak-e2e.svc.cluster.local:5000/bundles/plain-v0:valid", - ImagePullSecretName: "registrysecret", + Ref: "docker-registry-secure.rukpak-e2e.svc.cluster.local:5000/bundles/plain-v0:valid", + ImagePullSecretName: "registrysecret", + InsecureSkipTLSVerify: true, }, }, }, @@ -264,7 +230,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:non-existent-tag"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:non-existent-tag"), + InsecureSkipTLSVerify: true, }, }, }, @@ -279,26 +246,6 @@ var _ = Describe("plain provisioner bundle", func() { }) It("checks the bundle's phase is stuck in pending", func() { - By("waiting until the pod is reporting ImagePullBackOff state") - Eventually(func() bool { - pod := &corev1.Pod{} - if err := c.Get(ctx, types.NamespacedName{ - Name: bundleDeployment.GetName(), - Namespace: defaultSystemNamespace, - }, pod); err != nil { - return false - } - if pod.Status.Phase != corev1.PodPending { - return false - } - for _, status := range pod.Status.ContainerStatuses { - if status.State.Waiting != nil && status.State.Waiting.Reason == "ImagePullBackOff" { - return true - } - } - return false - }).Should(BeTrue()) - By("waiting for the bundle to report back that state") Eventually(func() bool { err := c.Get(ctx, client.ObjectKeyFromObject(bundleDeployment), bundleDeployment) @@ -306,13 +253,7 @@ var _ = Describe("plain provisioner bundle", func() { return false } unpackPending := meta.FindStatusCondition(bundleDeployment.Status.Conditions, rukpakv1alpha2.PhaseUnpacked) - if unpackPending == nil { - return false - } - if unpackPending.Message != fmt.Sprintf(`Back-off pulling image "%s"`, bundleDeployment.Spec.Source.Image.Ref) { - return false - } - return true + return unpackPending != nil }).Should(BeTrue()) }) }) @@ -336,7 +277,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:empty"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:empty"), + InsecureSkipTLSVerify: true, }, }, }, @@ -386,7 +328,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:no-manifests"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:no-manifests"), + InsecureSkipTLSVerify: true, }, }, }, @@ -418,18 +361,14 @@ var _ = Describe("plain provisioner bundle", func() { }) When("Bundles are backed by a git repository", func() { - var ( - ctx context.Context - ) + var ctx context.Context BeforeEach(func() { ctx = context.Background() }) When("the bundle is backed by a git commit", func() { - var ( - bundleDeployment *rukpakv1alpha2.BundleDeployment - ) + var bundleDeployment *rukpakv1alpha2.BundleDeployment BeforeEach(func() { bundleDeployment = &rukpakv1alpha2.BundleDeployment{ ObjectMeta: metav1.ObjectMeta{ @@ -477,9 +416,7 @@ var _ = Describe("plain provisioner bundle", func() { }) }) When("the bundle deployment is backed by a git tag", func() { - var ( - bundleDeployment *rukpakv1alpha2.BundleDeployment - ) + var bundleDeployment *rukpakv1alpha2.BundleDeployment BeforeEach(func() { bundleDeployment = &rukpakv1alpha2.BundleDeployment{ ObjectMeta: metav1.ObjectMeta{ @@ -546,9 +483,7 @@ var _ = Describe("plain provisioner bundle", func() { }) When("the bundle deployment is backed by a git branch", func() { - var ( - bundleDeployment *rukpakv1alpha2.BundleDeployment - ) + var bundleDeployment *rukpakv1alpha2.BundleDeployment BeforeEach(func() { bundleDeployment = &rukpakv1alpha2.BundleDeployment{ ObjectMeta: metav1.ObjectMeta{ @@ -615,9 +550,7 @@ var _ = Describe("plain provisioner bundle", func() { }) When("the bundle deployment has a custom manifests directory", func() { - var ( - bundleDeployment *rukpakv1alpha2.BundleDeployment - ) + var bundleDeployment *rukpakv1alpha2.BundleDeployment BeforeEach(func() { bundleDeployment = &rukpakv1alpha2.BundleDeployment{ ObjectMeta: metav1.ObjectMeta{ @@ -1025,7 +958,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:subdir"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:subdir"), + InsecureSkipTLSVerify: true, }, }, }, @@ -1219,7 +1153,7 @@ var _ = Describe("plain provisioner bundle", func() { }) }) - var _ = Describe("plain provisioner bundleDeployment", func() { + _ = Describe("plain provisioner bundleDeployment", func() { When("a BundleDeployment is dependent on another BundleDeployment", func() { var ( ctx context.Context @@ -1238,7 +1172,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:dependent"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:dependent"), + InsecureSkipTLSVerify: true, }, }, }, @@ -1249,7 +1184,6 @@ var _ = Describe("plain provisioner bundle", func() { AfterEach(func() { By("deleting the testing dependent BundleDeployment resource") Expect(client.IgnoreNotFound(c.Delete(ctx, dependentBD))).To(Succeed()) - }) When("the providing BundleDeployment does not exist", func() { It("should eventually project a failed installation for the dependent BundleDeployment", func() { @@ -1269,9 +1203,7 @@ var _ = Describe("plain provisioner bundle", func() { }) }) When("the providing BundleDeployment is created", func() { - var ( - providesBD *rukpakv1alpha2.BundleDeployment - ) + var providesBD *rukpakv1alpha2.BundleDeployment BeforeEach(func() { ctx = context.Background() @@ -1286,7 +1218,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:provides"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:provides"), + InsecureSkipTLSVerify: true, }, }, }, @@ -1297,7 +1230,6 @@ var _ = Describe("plain provisioner bundle", func() { AfterEach(func() { By("deleting the testing providing BundleDeployment resource") Expect(client.IgnoreNotFound(c.Delete(ctx, providesBD))).To(Succeed()) - }) It("should eventually project a successful installation for the dependent BundleDeployment", func() { Eventually(func() (*metav1.Condition, error) { @@ -1335,7 +1267,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:invalid-crds-and-crs"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:invalid-crds-and-crs"), + InsecureSkipTLSVerify: true, }, }, }, @@ -1366,8 +1299,7 @@ var _ = Describe("plain provisioner bundle", func() { }) }) - var _ = Describe("plain provisioner garbage collection", func() { - + _ = Describe("plain provisioner garbage collection", func() { When("a BundleDeployment has been deleted", func() { var ( ctx context.Context @@ -1390,7 +1322,8 @@ var _ = Describe("plain provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:valid"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "plain-v0:valid"), + InsecureSkipTLSVerify: true, }, }, }, diff --git a/test/e2e/registry_provisioner_test.go b/test/e2e/registry_provisioner_test.go index e45eb3a9..73c425d1 100644 --- a/test/e2e/registry_provisioner_test.go +++ b/test/e2e/registry_provisioner_test.go @@ -37,7 +37,8 @@ var _ = Describe("registry provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "registry:valid"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "registry:valid"), + InsecureSkipTLSVerify: true, }, }, }, @@ -87,7 +88,8 @@ var _ = Describe("registry provisioner bundle", func() { Source: rukpakv1alpha2.BundleSource{ Type: rukpakv1alpha2.SourceTypeImage, Image: &rukpakv1alpha2.ImageSource{ - Ref: fmt.Sprintf("%v/%v", ImageRepo, "registry:invalid"), + Ref: fmt.Sprintf("%v/%v", ImageRepo, "registry:invalid"), + InsecureSkipTLSVerify: true, }, }, }, diff --git a/test/tools/imageregistry/image-registry.sh b/test/tools/imageregistry/image-registry.sh new file mode 100755 index 00000000..b3d2d6af --- /dev/null +++ b/test/tools/imageregistry/image-registry.sh @@ -0,0 +1,104 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +image-registry.sh is a script to stand up an image registry within a cluster. +Usage: + image-registry.sh [NAMESPACE] [NAME] + +Argument Descriptions: + - NAMESPACE is the namespace that should be created and is the namespace in which the image registry will be created + - NAME is the name that should be used for the image registry Deployment and Service +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +name=$2 + +kubectl apply -f - << EOF +apiVersion: v1 +kind: Namespace +metadata: + name: ${namespace} +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: ${namespace} +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: ${namespace}-registry + namespace: ${namespace} +spec: + secretName: ${namespace}-registry + isCA: true + dnsNames: + - ${name}.${namespace}.svc + privateKey: + algorithm: ECDSA + size: 256 + issuerRef: + name: selfsigned-issuer + kind: Issuer + group: cert-manager.io +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ${name} + namespace: ${namespace} + labels: + app: registry +spec: + replicas: 1 + selector: + matchLabels: + app: registry + template: + metadata: + labels: + app: registry + spec: + containers: + - name: registry + image: registry:2 + volumeMounts: + - name: certs-vol + mountPath: "/certs" + env: + - name: REGISTRY_HTTP_TLS_CERTIFICATE + value: "/certs/tls.crt" + - name: REGISTRY_HTTP_TLS_KEY + value: "/certs/tls.key" + volumes: + - name: certs-vol + secret: + secretName: ${namespace}-registry +--- +apiVersion: v1 +kind: Service +metadata: + name: ${name} + namespace: ${namespace} +spec: + selector: + app: registry + ports: + - port: 5000 + targetPort: 5000 +EOF + +kubectl wait --for=condition=Available -n "${namespace}" "deploy/${name}" --timeout=60s diff --git a/test/tools/imageregistry/load_test_image.sh b/test/tools/imageregistry/load_test_image.sh index 3347e6ad..a0159a36 100755 --- a/test/tools/imageregistry/load_test_image.sh +++ b/test/tools/imageregistry/load_test_image.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -export REGISTRY_NAME="docker-registry" +export REGISTRY_NAME="docker-registry-secure" export REGISTRY_NAMESPACE=rukpak-e2e export DNS_NAME=$REGISTRY_NAME.$REGISTRY_NAMESPACE.svc.cluster.local KIND=$1 diff --git a/test/tools/imageregistry/registry.yaml b/test/tools/imageregistry/registry.yaml index 24c718de..40e73219 100644 --- a/test/tools/imageregistry/registry.yaml +++ b/test/tools/imageregistry/registry.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: Pod metadata: - name: docker-registry-pod + name: docker-registry-secure-pod labels: - app: registry + app: registry-secure spec: initContainers: - name: auth diff --git a/test/tools/imageregistry/service.yaml b/test/tools/imageregistry/service.yaml index e99b2603..42be6e05 100644 --- a/test/tools/imageregistry/service.yaml +++ b/test/tools/imageregistry/service.yaml @@ -1,10 +1,10 @@ apiVersion: v1 kind: Service metadata: - name: docker-registry + name: docker-registry-secure spec: selector: - app: registry + app: registry-secure ports: - port: 5000 targetPort: 5000 diff --git a/test/tools/imageregistry/setup_imageregistry.sh b/test/tools/imageregistry/setup_imageregistry.sh index 0905e440..4f35e01f 100755 --- a/test/tools/imageregistry/setup_imageregistry.sh +++ b/test/tools/imageregistry/setup_imageregistry.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -export REGISTRY_NAME="docker-registry" +export REGISTRY_NAME="docker-registry-secure" export REGISTRY_NAMESPACE=rukpak-e2e export DNS_NAME=$REGISTRY_NAME.$REGISTRY_NAMESPACE.svc.cluster.local export KIND_CLUSTER_NAME=$1 @@ -47,6 +47,6 @@ echo IMAGE_PULL_RECRET $IMAGE_PULL_RECRET # clean up rm -rf /tmp/var/imageregistry/certs -kubectl wait --for=condition=ContainersReady --namespace=rukpak-e2e pod/docker-registry-pod --timeout=60s +kubectl wait --for=condition=ContainersReady --namespace=rukpak-e2e pod/docker-registry-secure-pod --timeout=60s kubectl wait --for=condition=ContainersReady --namespace=rukpak-e2e pod/nerdctl --timeout=60s diff --git a/testdata/bundles/plain-v0/dependent/build-push-e2e-bundle.sh b/testdata/bundles/plain-v0/dependent/build-push-e2e-bundle.sh new file mode 100755 index 00000000..e43d864b --- /dev/null +++ b/testdata/bundles/plain-v0/dependent/build-push-e2e-bundle.sh @@ -0,0 +1,75 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/plain-v0/dependent" +bundle_name="plain-dependent" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests" rukpak-e2e-${bundle_name}.manifests + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + initContainers: + - name: copy-manifests + image: busybox + command: ['sh', '-c', 'cp /manifests-data/* /manifests'] + volumeMounts: + - name: manifests + mountPath: /manifests + - name: manifests-data + mountPath: /manifests-data + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} + - name: manifests-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/plain-v0/empty/build-push-e2e-bundle.sh b/testdata/bundles/plain-v0/empty/build-push-e2e-bundle.sh new file mode 100755 index 00000000..8c55d740 --- /dev/null +++ b/testdata/bundles/plain-v0/empty/build-push-e2e-bundle.sh @@ -0,0 +1,58 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/plain-v0/empty" +bundle_name="plain-empty" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/plain-v0/invalid-crds-and-crs/build-push-e2e-bundle.sh b/testdata/bundles/plain-v0/invalid-crds-and-crs/build-push-e2e-bundle.sh new file mode 100755 index 00000000..59d8a791 --- /dev/null +++ b/testdata/bundles/plain-v0/invalid-crds-and-crs/build-push-e2e-bundle.sh @@ -0,0 +1,75 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/plain-v0/invalid-crds-and-crs" +bundle_name="plain-invalid-crds-and-crs" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests" rukpak-e2e-${bundle_name}.manifests + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + initContainers: + - name: copy-manifests + image: busybox + command: ['sh', '-c', 'cp /manifests-data/* /manifests'] + volumeMounts: + - name: manifests + mountPath: /manifests + - name: manifests-data + mountPath: /manifests-data + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} + - name: manifests-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/plain-v0/invalid-missing-crds/build-push-e2e-bundle.sh b/testdata/bundles/plain-v0/invalid-missing-crds/build-push-e2e-bundle.sh new file mode 100755 index 00000000..927240b1 --- /dev/null +++ b/testdata/bundles/plain-v0/invalid-missing-crds/build-push-e2e-bundle.sh @@ -0,0 +1,75 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/plain-v0/invalid-missing-crds" +bundle_name="plain-invalid-missing-crds" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests" rukpak-e2e-${bundle_name}.manifests + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + initContainers: + - name: copy-manifests + image: busybox + command: ['sh', '-c', 'cp /manifests-data/* /manifests'] + volumeMounts: + - name: manifests + mountPath: /manifests + - name: manifests-data + mountPath: /manifests-data + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} + - name: manifests-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/plain-v0/no-manifests/build-push-e2e-bundle.sh b/testdata/bundles/plain-v0/no-manifests/build-push-e2e-bundle.sh new file mode 100755 index 00000000..6afe823d --- /dev/null +++ b/testdata/bundles/plain-v0/no-manifests/build-push-e2e-bundle.sh @@ -0,0 +1,61 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/plain-v0/no-manifests" +bundle_name="plain-no-manifests" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} +EOF +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/plain-v0/provides/build-push-e2e-bundle.sh b/testdata/bundles/plain-v0/provides/build-push-e2e-bundle.sh new file mode 100755 index 00000000..0256a10c --- /dev/null +++ b/testdata/bundles/plain-v0/provides/build-push-e2e-bundle.sh @@ -0,0 +1,75 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/plain-v0/provides" +bundle_name="plain-provides" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests" rukpak-e2e-${bundle_name}.manifests + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + initContainers: + - name: copy-manifests + image: busybox + command: ['sh', '-c', 'cp /manifests-data/* /manifests'] + volumeMounts: + - name: manifests + mountPath: /manifests + - name: manifests-data + mountPath: /manifests-data + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} + - name: manifests-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/plain-v0/subdir/build-push-e2e-bundle.sh b/testdata/bundles/plain-v0/subdir/build-push-e2e-bundle.sh new file mode 100755 index 00000000..ee054152 --- /dev/null +++ b/testdata/bundles/plain-v0/subdir/build-push-e2e-bundle.sh @@ -0,0 +1,87 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/plain-v0/subdir" +bundle_name="plain-subdir" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests" rukpak-e2e-${bundle_name}.manifests +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests/emptydir" rukpak-e2e-${bundle_name}.manifests.emptydir +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests/subdir" rukpak-e2e-${bundle_name}.manifests.subdir + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + initContainers: + - name: copy-manifests + image: busybox + command: ['sh', '-c', 'cp -r /manifests-data/* /manifests'] + volumeMounts: + - name: manifests + mountPath: /manifests + - name: manifests-data + mountPath: /manifests-data + - name: emptydir-data + mountPath: /manifests-data/emptydir + - name: subdir-data + mountPath: /manifests-data/subdir + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} + - name: manifests-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests + - name: emptydir-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests.emptydir + - name: subdir-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests.subdir +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/plain-v0/valid/build-push-e2e-bundle.sh b/testdata/bundles/plain-v0/valid/build-push-e2e-bundle.sh new file mode 100755 index 00000000..cd553293 --- /dev/null +++ b/testdata/bundles/plain-v0/valid/build-push-e2e-bundle.sh @@ -0,0 +1,75 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/plain-v0/valid" +bundle_name="plain-valid" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests" rukpak-e2e-${bundle_name}.manifests + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + initContainers: + - name: copy-manifests + image: busybox + command: ['sh', '-c', 'cp /manifests-data/* /manifests'] + volumeMounts: + - name: manifests + mountPath: /manifests + - name: manifests-data + mountPath: /manifests-data + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} + - name: manifests-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/registry/invalid/build-push-e2e-bundle.sh b/testdata/bundles/registry/invalid/build-push-e2e-bundle.sh new file mode 100755 index 00000000..0fa6542c --- /dev/null +++ b/testdata/bundles/registry/invalid/build-push-e2e-bundle.sh @@ -0,0 +1,91 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/registry/invalid" +bundle_name="registry-invalid" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests" rukpak-e2e-${bundle_name}.manifests +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/metadata" rukpak-e2e-${bundle_name}.metadata + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + initContainers: + - name: copy-manifests + image: busybox + command: ['sh', '-c', 'cp /manifests-data/* /manifests'] + volumeMounts: + - name: manifests + mountPath: /manifests + - name: manifests-data + mountPath: /manifests-data + - name: copy-metadata + image: busybox + command: ['sh', '-c', 'cp /metadata-data/* /metadata'] + volumeMounts: + - name: metadata + mountPath: /metadata + - name: metadata-data + mountPath: /metadata-data + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + - name: metadata + mountPath: /workspace/metadata/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} + - name: metadata + emptyDir: {} + - name: manifests-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests + - name: metadata-data + configMap: + name: rukpak-e2e-${bundle_name}.metadata +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s diff --git a/testdata/bundles/registry/valid/build-push-e2e-bundle.sh b/testdata/bundles/registry/valid/build-push-e2e-bundle.sh new file mode 100755 index 00000000..cce6c77f --- /dev/null +++ b/testdata/bundles/registry/valid/build-push-e2e-bundle.sh @@ -0,0 +1,91 @@ +#! /bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +help=" +build-push-e2e-bundle.sh is a script to build and push the e2e bundle image using kaniko. +Usage: + build-push-e2e-bundle.sh [NAMESPACE] [TAG] [BUNDLE_DIR] [BUNDLE_NAME] + +Argument Descriptions: + - NAMESPACE is the namespace the kaniko Job should be created in + - TAG is the full tag used to build and push the catalog image +" + +if [[ "$#" -ne 2 ]]; then + echo "Illegal number of arguments passed" + echo "${help}" + exit 1 +fi + +namespace=$1 +tag=$2 +bundle_dir="testdata/bundles/registry/valid" +bundle_name="registry-valid" + +echo "${namespace}" "${tag}" + +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/" rukpak-e2e-${bundle_name}.root +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/manifests" rukpak-e2e-${bundle_name}.manifests +kubectl create configmap -n "${namespace}" --from-file="${bundle_dir}/metadata" rukpak-e2e-${bundle_name}.metadata + +kubectl apply -f - << EOF +apiVersion: batch/v1 +kind: Job +metadata: + name: "kaniko-${bundle_name}" + namespace: "${namespace}" +spec: + template: + spec: + initContainers: + - name: copy-manifests + image: busybox + command: ['sh', '-c', 'cp /manifests-data/* /manifests'] + volumeMounts: + - name: manifests + mountPath: /manifests + - name: manifests-data + mountPath: /manifests-data + - name: copy-metadata + image: busybox + command: ['sh', '-c', 'cp /metadata-data/* /metadata'] + volumeMounts: + - name: metadata + mountPath: /metadata + - name: metadata-data + mountPath: /metadata-data + containers: + - name: kaniko + image: gcr.io/kaniko-project/executor:latest + args: ["--dockerfile=/workspace/Dockerfile", + "--context=/workspace/", + "--destination=${tag}", + "--skip-tls-verify"] + volumeMounts: + - name: dockerfile + mountPath: /workspace/ + - name: manifests + mountPath: /workspace/manifests/ + - name: metadata + mountPath: /workspace/metadata/ + restartPolicy: Never + volumes: + - name: dockerfile + configMap: + name: rukpak-e2e-${bundle_name}.root + - name: manifests + emptyDir: {} + - name: metadata + emptyDir: {} + - name: manifests-data + configMap: + name: rukpak-e2e-${bundle_name}.manifests + - name: metadata-data + configMap: + name: rukpak-e2e-${bundle_name}.metadata +EOF + +kubectl wait --for=condition=Complete -n "${namespace}" jobs/kaniko-${bundle_name} --timeout=60s