Skip to content

[VC-35565] Automate the e2e script to run in CI #716

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mladen-rusev-cyberark merged 10 commits into from
Sep 17, 2025
Merged

[VC-35565] Automate the e2e script to run in CI #716

mladen-rusev-cyberark merged 10 commits into from
Sep 17, 2025

Conversation

@mladen-rusev-cyberark
Copy link
Collaborator

@mladen-rusev-cyberark mladen-rusev-cyberark commented Sep 16, 2025
edited
Loading

  1. Add the test.sh script to be run by the CI
  2. Add all dependencies required to execute the script in extra_tools.mk
  3. Created a GCP account (via SNOW request) and setup inside it:
  • A service account with manage GKE permissions, Write Image Repository Permissions and the relevant APIs enabled.
  • A JSON auth key for this account was set as a secret to the CI runner in GCP_SA_KEY
  • A repository to push the images which the script builds
  1. A valid API key for https://glow-in-the-dark.venafi.cloud/ was set as a CI secret in VEN_API_KEY_PULL
  2. A valid VEN_ZONE was configured - mladen-test\Default. If this is not valid test would fail because the certificate request would be ignored.
  3. Created two labels: test-e2e and keep-e2e-cluster - one to trigger the e2e test and the other to keep the cluster alive in GKE for debugging.
  4. Reduced log level for cleaner logs.
time=2025-09-15T15:56:32.291Z level=DEBUG+3 msg="Request is not applicable for any policy so ignoring" logger=controller-manager/events type=Normal object="{Kind:CertificateRequest Namespace:team-1 Name:app-0-1 UID:12206e29-27b6-4ea4-8171-5c335fc61537 APIVersion:cert-manager.io/v1 ResourceVersion:1757948283819711024 FieldPath:}" reason=Unprocessed

Closes https://venafi.atlassian.net/browse/VC-35565

@mladen-rusev-cyberark mladen-rusev-cyberark self-assigned this Sep 16, 2025
wallrj-cyberark
wallrj-cyberark reviewed Sep 16, 2025
View reviewed changes
wallrj-cyberark
wallrj-cyberark reviewed Sep 16, 2025
View reviewed changes
wallrj-cyberark
wallrj-cyberark reviewed Sep 16, 2025
View reviewed changes
wallrj-cyberark
wallrj-cyberark reviewed Sep 16, 2025
View reviewed changes
wallrj-cyberark
wallrj-cyberark reviewed Sep 16, 2025
View reviewed changes
wallrj-cyberark
wallrj-cyberark reviewed Sep 16, 2025
View reviewed changes
wallrj-cyberark
wallrj-cyberark approved these changes Sep 16, 2025
View reviewed changes
Copy link
Member

@wallrj-cyberark wallrj-cyberark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few suggestions for things to be addressed now or in future PRs.

@mladen-rusev-cyberark mladen-rusev-cyberark added test-e2e To signal e2e test job to be run keep-e2e-cluster and removed keep-e2e-cluster labels Sep 16, 2025
wallrj-cyberark
wallrj-cyberark approved these changes Sep 17, 2025
View reviewed changes
Copy link
Member

@wallrj-cyberark wallrj-cyberark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @mladen-rusev-cyberark

Lets merge this and try it out and improve it in future PRs.

For example, I think we should probable add some labels to the GKE cluster so that the security team using Wiz.io can trace this back to our team and understand the purpose of the cluster.

Also have no idea how we are going to turn on coverage instrumentation in the agent binary and then copy the coverage report back from the agent running in this remote cluster.

@mladen-rusev-cyberark mladen-rusev-cyberark merged commit ab5ad03 into master Sep 17, 2025
3 checks passed
wallrj-cyberark
wallrj-cyberark reviewed Sep 17, 2025
View reviewed changes
make/02_mod.mk
## @category Testing
test-e2e-gke:
test-e2e-gke: | $(NEEDS_HELM) $(NEEDS_STEP) $(NEEDS_VENCTL)
./hack/e2e/test.sh
Copy link
Member

@wallrj-cyberark wallrj-cyberark Sep 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So does makefile-modules automatically add _bin/tools to the PATH?

Copy link
Collaborator Author

@mladen-rusev-cyberark mladen-rusev-cyberark Sep 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think so

@wallrj-cyberark wallrj-cyberark deleted the VC-35565-automate-e2e-testsh branch September 17, 2025 13:19
@maelvls maelvls removed their request for review October 17, 2025 12:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wallrj-cyberark wallrj-cyberark wallrj-cyberark approved these changes

@wallrj wallrj Awaiting requested review from wallrj

Assignees

@mladen-rusev-cyberark mladen-rusev-cyberark

Labels

test-e2e To signal e2e test job to be run

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mladen-rusev-cyberark @wallrj-cyberark