From 384fd516ded28d75b6f50adf4085549518a6b207 Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Wed, 1 May 2024 06:09:40 +0200 Subject: [PATCH 1/5] chore(e2e): refactor e2e tests --- .github/workflows/tests.yaml | 211 +++++++++++++++++------------------ 1 file changed, 102 insertions(+), 109 deletions(-) diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index e1260063..19707635 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -8,130 +8,123 @@ on: - "*" pull_request: schedule: - - cron: '0 5 * * *' + - cron: '0 5 * * *' jobs: style: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: 'temurin' - java-version: '11' - cache: 'gradle' - - name: Check style - run: make -C functionaltest-jenkins-plugin style + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '11' + cache: 'gradle' + - name: Check style + run: make -C functionaltest-jenkins-plugin style build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - - uses: actions/setup-java@v4 - with: - distribution: 'temurin' - java-version: '11' - cache: 'maven' + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '11' + cache: 'maven' - - name: Initialize CodeQL - if: github.event_name == 'push' - uses: github/codeql-action/init@v3 - with: - languages: java, javascript + - name: Initialize CodeQL + if: github.event_name == 'push' + uses: github/codeql-action/init@v3 + with: + languages: java, javascript - - name: Build with Maven - run: cd stackrox-container-image-scanner && ./mvnw -B verify package hpi:hpi cyclonedx:makeAggregateBom - - uses: actions/upload-artifact@v4 - with: - name: stackrox-container-image-scanner.hpi - path: stackrox-container-image-scanner/target/stackrox-container-image-scanner.hpi - - uses: actions/upload-artifact@v4 - with: - name: stackrox-container-image-scanner.jar - path: stackrox-container-image-scanner/target/stackrox-container-image-scanner.jar + - name: Build with Maven + run: cd stackrox-container-image-scanner && ./mvnw -B verify package hpi:hpi cyclonedx:makeAggregateBom + - uses: actions/upload-artifact@v4 + with: + name: stackrox-container-image-scanner.hpi + path: stackrox-container-image-scanner/target/stackrox-container-image-scanner.hpi + - uses: actions/upload-artifact@v4 + with: + name: stackrox-container-image-scanner.jar + path: stackrox-container-image-scanner/target/stackrox-container-image-scanner.jar - - name: Perform CodeQL Analysis - if: github.event_name == 'push' - uses: github/codeql-action/analyze@v3 + - name: Perform CodeQL Analysis + if: github.event_name == 'push' + uses: github/codeql-action/analyze@v3 e2e: if: github.event_name == 'push' || !github.event.pull_request.head.repo.fork runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v4 - - uses: actions/checkout@v4 - with: - repository: stackrox/stackrox - path: stackrox - - uses: docker/setup-buildx-action@v3 - - uses: actions/setup-java@v4 - with: - distribution: 'temurin' - java-version: '11' - cache: 'gradle' - - name: Install kubectl - run: sudo snap install kubectl --classic - - name: Install gcloud - run: | - sudo snap install google-cloud-cli --classic - echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | sudo tee -a /etc/apt/sources.list.d/google-cloud-sdk.list - curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - - sudo apt-get update - sudo apt-get install google-cloud-sdk-gke-gcloud-auth-plugin - - uses: actions/download-artifact@v4 - with: - name: stackrox-container-image-scanner.hpi - path: jenkins - - uses: actions/download-artifact@v4 - with: - name: stackrox-container-image-scanner.hpi - path: stackrox-container-image-scanner/target/ - - name: Build jenkins image - uses: docker/build-push-action@v5 - with: - tags: jenkins-test - context: jenkins - push: false - load: true - - name: Run jenkins in background - run: docker run -d --add-host host.docker.internal:host-gateway -p 8080:8080 jenkins-test - - name: Create GKE cluster - id: create-cluster - env: - GCP_SERVICE_ACCOUNT_STACKROX_CI: ${{ secrets.GCP_SERVICE_ACCOUNT_STACKROX_CI }} - run: | - cd stackrox - source "scripts/ci/gke.sh" - provision_gke_cluster "jenkins-plugin-e2e" - echo "CLUSTER_NAME=${CLUSTER_NAME}" >> $GITHUB_OUTPUT - wait_for_cluster - - name: Deploy Stackrox - id: deploy - env: - MAIN_IMAGE_TAG: latest - MONITORING_SUPPORT: false - run: | - cd stackrox - ./deploy/k8s/central.sh - pass=$(cat deploy/k8s/central-deploy/password) - echo "ROX_PASSWORD=$(cat deploy/k8s/central-deploy/password)" >> $GITHUB_OUTPUT - - name: Wait for API - run: | - cd stackrox - source "tests/e2e/lib.sh" - export USE_MIDSTREAM_IMAGES=false - wait_for_api - - name: Run tests - env: - ROX_PASSWORD: ${{ steps.deploy.outputs.ROX_PASSWORD }} - ROX_ENDPOINT: https://localhost:8000 - JENKINS_ROX_ENDPOINT: https://host.docker.internal:8000 - run: make -C functionaltest-jenkins-plugin test - - name: Teardown GKE cluster - if: always() && steps.create-cluster.outputs.CLUSTER_NAME != '' - env: - CLUSTER_NAME: ${{ steps.create-cluster.outputs.CLUSTER_NAME }} - run: | - source "stackrox/scripts/ci/gke.sh" - teardown_gke_cluster + - uses: actions/checkout@v4 + - name: Setup infractl + uses: stackrox/actions/infra/install-infractl@main + - uses: actions/checkout@v4 + with: + repository: stackrox/stackrox + path: stackrox + - uses: docker/setup-buildx-action@v3 + - uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '11' + cache: 'gradle' + + - uses: actions/download-artifact@v4 + with: + name: stackrox-container-image-scanner.hpi + path: jenkins + - uses: actions/download-artifact@v4 + with: + name: stackrox-container-image-scanner.hpi + path: stackrox-container-image-scanner/target/ + - name: Build jenkins image + uses: docker/build-push-action@v5 + with: + tags: jenkins-test + context: jenkins + push: false + load: true + - name: Run jenkins in background + run: docker run -d --add-host host.docker.internal:host-gateway -p 8080:8080 jenkins-test + + - name: Create GKE infra cluster + uses: stackrox/actions/infra/create-cluster@v1.0.14 + with: + token: ${{ secrets.INFRA_TOKEN }} + flavor: qa-demo + name: jenkins-plugin-${{ github.run_id }} + lifespan: 1h + args: main-image=quay.io/stackrox-io/main:latest + wait: "true" + no-slack: "true" + - name: Setup environment from cluster artifacts + env: + CLUSTER_NAME: jenkins-plugin-${{ github.run_id }} + INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }} + ARTIFACTS_DIR: ${{ runner.temp }}/gke-artifacts + run: | + # Fetch the artifacts for the GKE cluster. + infractl artifacts --download-dir=${ARTIFACTS_DIR} ${CLUSTER_NAME} >/dev/null + # Set both URL and admin password. + ROX_PASSWORD=$(cat ${ARTIFACTS_DIR}/admin-password) + ROX_ENDPOINT=https://$(cat ${ARTIFACTS_DIR}/url) + echo "::add-mask::$ROX_PASSWORD" + echo "::add-mask::$ROX_ENDPOINT" + echo "ROX_PASSWORD=$ROX_PASSWORD" >> $GITHUB_ENV + echo "ROX_ENDPOINT=$ROX_ENDPOINT" >> $GITHUB_ENV + + - name: Run tests + env: + JENKINS_ROX_ENDPOINT: https://host.docker.internal:8000 + run: make -C functionaltest-jenkins-plugin test + + - name: Teardown cluster + if: always() + env: + INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }} + run: | + infractl delete jenkins-plugin-${{ github.run_id }} || echo "Failed to remove the infra cluster" From b19b20ae10927823fff34ba8cd3544e1dc11932f Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Thu, 2 May 2024 20:53:39 +0200 Subject: [PATCH 2/5] fix --- .github/workflows/tests.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 19707635..0e97f422 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -111,7 +111,7 @@ jobs: infractl artifacts --download-dir=${ARTIFACTS_DIR} ${CLUSTER_NAME} >/dev/null # Set both URL and admin password. ROX_PASSWORD=$(cat ${ARTIFACTS_DIR}/admin-password) - ROX_ENDPOINT=https://$(cat ${ARTIFACTS_DIR}/url) + ROX_ENDPOINT=$(cat ${ARTIFACTS_DIR}/url) echo "::add-mask::$ROX_PASSWORD" echo "::add-mask::$ROX_ENDPOINT" echo "ROX_PASSWORD=$ROX_PASSWORD" >> $GITHUB_ENV @@ -119,6 +119,7 @@ jobs: - name: Run tests env: + ROX_ENDPOINT: https://${{ env.ROX_ENDPOINT }} JENKINS_ROX_ENDPOINT: https://host.docker.internal:8000 run: make -C functionaltest-jenkins-plugin test From a5bf128ce8c594c44a9cf44b7d7ff743f150cd97 Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Thu, 2 May 2024 21:45:14 +0200 Subject: [PATCH 3/5] debug --- .github/workflows/tests.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 0e97f422..4e2068a4 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -113,7 +113,7 @@ jobs: ROX_PASSWORD=$(cat ${ARTIFACTS_DIR}/admin-password) ROX_ENDPOINT=$(cat ${ARTIFACTS_DIR}/url) echo "::add-mask::$ROX_PASSWORD" - echo "::add-mask::$ROX_ENDPOINT" + #echo "::add-mask::$ROX_ENDPOINT" echo "ROX_PASSWORD=$ROX_PASSWORD" >> $GITHUB_ENV echo "ROX_ENDPOINT=$ROX_ENDPOINT" >> $GITHUB_ENV @@ -121,7 +121,9 @@ jobs: env: ROX_ENDPOINT: https://${{ env.ROX_ENDPOINT }} JENKINS_ROX_ENDPOINT: https://host.docker.internal:8000 - run: make -C functionaltest-jenkins-plugin test + run: | + echo $ROX_ENDPOINT + make -C functionaltest-jenkins-plugin test - name: Teardown cluster if: always() From edd0cfd262967b3af31f0a91621de2fabbca8607 Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Thu, 2 May 2024 22:15:18 +0200 Subject: [PATCH 4/5] fix --- .github/workflows/tests.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 4e2068a4..43f30881 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -113,13 +113,12 @@ jobs: ROX_PASSWORD=$(cat ${ARTIFACTS_DIR}/admin-password) ROX_ENDPOINT=$(cat ${ARTIFACTS_DIR}/url) echo "::add-mask::$ROX_PASSWORD" - #echo "::add-mask::$ROX_ENDPOINT" + echo "::add-mask::$ROX_ENDPOINT" echo "ROX_PASSWORD=$ROX_PASSWORD" >> $GITHUB_ENV echo "ROX_ENDPOINT=$ROX_ENDPOINT" >> $GITHUB_ENV - name: Run tests env: - ROX_ENDPOINT: https://${{ env.ROX_ENDPOINT }} JENKINS_ROX_ENDPOINT: https://host.docker.internal:8000 run: | echo $ROX_ENDPOINT From fff98e89adac1ea9c06750bce3ff5dde97b376d1 Mon Sep 17 00:00:00 2001 From: Daniel Haus Date: Thu, 2 May 2024 23:03:33 +0200 Subject: [PATCH 5/5] fix --- .github/workflows/tests.yaml | 2 -- .../src/main/groovy/util/Config.groovy | 4 ---- .../src/test/groovy/ImageScanningTest.groovy | 2 +- 3 files changed, 1 insertion(+), 7 deletions(-) diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 43f30881..63efddf9 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -118,8 +118,6 @@ jobs: echo "ROX_ENDPOINT=$ROX_ENDPOINT" >> $GITHUB_ENV - name: Run tests - env: - JENKINS_ROX_ENDPOINT: https://host.docker.internal:8000 run: | echo $ROX_ENDPOINT make -C functionaltest-jenkins-plugin test diff --git a/functionaltest-jenkins-plugin/src/main/groovy/util/Config.groovy b/functionaltest-jenkins-plugin/src/main/groovy/util/Config.groovy index 0f964593..7a332d17 100644 --- a/functionaltest-jenkins-plugin/src/main/groovy/util/Config.groovy +++ b/functionaltest-jenkins-plugin/src/main/groovy/util/Config.groovy @@ -4,10 +4,6 @@ import groovy.transform.CompileStatic @CompileStatic class Config { - static String getCentralUri() { - return getEnv("JENKINS_ROX_ENDPOINT") - } - static String getRoxEndpoint() { return getEnv("ROX_ENDPOINT") } diff --git a/functionaltest-jenkins-plugin/src/test/groovy/ImageScanningTest.groovy b/functionaltest-jenkins-plugin/src/test/groovy/ImageScanningTest.groovy index ec80a9f5..4902a903 100644 --- a/functionaltest-jenkins-plugin/src/test/groovy/ImageScanningTest.groovy +++ b/functionaltest-jenkins-plugin/src/test/groovy/ImageScanningTest.groovy @@ -19,7 +19,7 @@ import spock.lang.Unroll class ImageScanningTest extends BaseSpecification { - protected static final String CENTRAL_URI = Config.centralUri + protected static final String CENTRAL_URI = Config.roxEndpoint protected static final String QUAY_REPO = "quay.io/openshifttest/" @Unroll