Merge pull request #811 from vmware-tanzu/test_shell_container_image
Replace one-off usages of busybox and debian images in integration tests
This commit is contained in:
commit
2b9b034bd2
@ -368,6 +368,8 @@ export PINNIPED_TEST_SUPERVISOR_UPSTREAM_OIDC_USERNAME=pinny@example.com
|
|||||||
export PINNIPED_TEST_SUPERVISOR_UPSTREAM_OIDC_PASSWORD=${dex_test_password}
|
export PINNIPED_TEST_SUPERVISOR_UPSTREAM_OIDC_PASSWORD=${dex_test_password}
|
||||||
export PINNIPED_TEST_SUPERVISOR_UPSTREAM_OIDC_EXPECTED_GROUPS= # Dex's local user store does not let us configure groups.
|
export PINNIPED_TEST_SUPERVISOR_UPSTREAM_OIDC_EXPECTED_GROUPS= # Dex's local user store does not let us configure groups.
|
||||||
export PINNIPED_TEST_API_GROUP_SUFFIX='${api_group_suffix}'
|
export PINNIPED_TEST_API_GROUP_SUFFIX='${api_group_suffix}'
|
||||||
|
# PINNIPED_TEST_SHELL_CONTAINER_IMAGE should be a container which includes bash and sleep, used by some tests.
|
||||||
|
export PINNIPED_TEST_SHELL_CONTAINER_IMAGE="ghcr.io/pinniped-ci-bot/test-kubectl:latest"
|
||||||
|
|
||||||
read -r -d '' PINNIPED_TEST_CLUSTER_CAPABILITY_YAML << PINNIPED_TEST_CLUSTER_CAPABILITY_YAML_EOF || true
|
read -r -d '' PINNIPED_TEST_CLUSTER_CAPABILITY_YAML << PINNIPED_TEST_CLUSTER_CAPABILITY_YAML_EOF || true
|
||||||
${pinniped_cluster_capability_file_content}
|
${pinniped_cluster_capability_file_content}
|
||||||
|
@ -948,8 +948,9 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl
|
|||||||
corev1.PodSpec{
|
corev1.PodSpec{
|
||||||
Containers: []corev1.Container{
|
Containers: []corev1.Container{
|
||||||
{
|
{
|
||||||
Name: "ignored-but-required",
|
Name: "sleeper",
|
||||||
Image: "busybox",
|
Image: env.ShellContainerImage,
|
||||||
|
ImagePullPolicy: corev1.PullIfNotPresent,
|
||||||
Command: []string{"sh", "-c", "sleep 3600"},
|
Command: []string{"sh", "-c", "sleep 3600"},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
@ -1064,7 +1065,7 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl
|
|||||||
// existing Concierge pod because we need more tools than we can get from a scratch/distroless base image.
|
// existing Concierge pod because we need more tools than we can get from a scratch/distroless base image.
|
||||||
runningTestPod := testlib.CreatePod(ctx, t, "impersonation-proxy", env.ConciergeNamespace, corev1.PodSpec{Containers: []corev1.Container{{
|
runningTestPod := testlib.CreatePod(ctx, t, "impersonation-proxy", env.ConciergeNamespace, corev1.PodSpec{Containers: []corev1.Container{{
|
||||||
Name: "impersonation-proxy-test",
|
Name: "impersonation-proxy-test",
|
||||||
Image: "debian:10.10-slim",
|
Image: env.ShellContainerImage,
|
||||||
ImagePullPolicy: corev1.PullIfNotPresent,
|
ImagePullPolicy: corev1.PullIfNotPresent,
|
||||||
Command: []string{"bash", "-c", `while true; do read VAR; echo "VAR: $VAR"; done`},
|
Command: []string{"bash", "-c", `while true; do read VAR; echo "VAR: $VAR"; done`},
|
||||||
Stdin: true,
|
Stdin: true,
|
||||||
|
@ -118,7 +118,8 @@ func TestLegacyPodCleaner(t *testing.T) {
|
|||||||
Spec: corev1.PodSpec{
|
Spec: corev1.PodSpec{
|
||||||
Containers: []corev1.Container{{
|
Containers: []corev1.Container{{
|
||||||
Name: "sleeper",
|
Name: "sleeper",
|
||||||
Image: "debian:10.9-slim",
|
Image: env.ShellContainerImage,
|
||||||
|
ImagePullPolicy: corev1.PullIfNotPresent,
|
||||||
Command: []string{"/bin/sleep", "infinity"},
|
Command: []string{"/bin/sleep", "infinity"},
|
||||||
}},
|
}},
|
||||||
},
|
},
|
||||||
|
@ -134,7 +134,7 @@ func TestWhoAmI_ServiceAccount_Legacy(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func TestWhoAmI_ServiceAccount_TokenRequest(t *testing.T) {
|
func TestWhoAmI_ServiceAccount_TokenRequest(t *testing.T) {
|
||||||
_ = testlib.IntegrationEnv(t)
|
env := testlib.IntegrationEnv(t)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
@ -168,8 +168,9 @@ func TestWhoAmI_ServiceAccount_TokenRequest(t *testing.T) {
|
|||||||
corev1.PodSpec{
|
corev1.PodSpec{
|
||||||
Containers: []corev1.Container{
|
Containers: []corev1.Container{
|
||||||
{
|
{
|
||||||
Name: "ignored-but-required",
|
Name: "sleeper",
|
||||||
Image: "busybox",
|
Image: env.ShellContainerImage,
|
||||||
|
ImagePullPolicy: corev1.PullIfNotPresent,
|
||||||
Command: []string{"sh", "-c", "sleep 3600"},
|
Command: []string{"sh", "-c", "sleep 3600"},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
@ -54,6 +54,7 @@ type TestEnv struct {
|
|||||||
SupervisorHTTPSIngressCABundle string `json:"supervisorHttpsIngressCABundle"`
|
SupervisorHTTPSIngressCABundle string `json:"supervisorHttpsIngressCABundle"`
|
||||||
Proxy string `json:"proxy"`
|
Proxy string `json:"proxy"`
|
||||||
APIGroupSuffix string `json:"apiGroupSuffix"`
|
APIGroupSuffix string `json:"apiGroupSuffix"`
|
||||||
|
ShellContainerImage string `json:"shellContainer"`
|
||||||
|
|
||||||
TestUser struct {
|
TestUser struct {
|
||||||
Token string `json:"token"`
|
Token string `json:"token"`
|
||||||
@ -224,6 +225,7 @@ func loadEnvVars(t *testing.T, result *TestEnv) {
|
|||||||
|
|
||||||
result.Proxy = os.Getenv("PINNIPED_TEST_PROXY")
|
result.Proxy = os.Getenv("PINNIPED_TEST_PROXY")
|
||||||
result.APIGroupSuffix = wantEnv("PINNIPED_TEST_API_GROUP_SUFFIX", "pinniped.dev")
|
result.APIGroupSuffix = wantEnv("PINNIPED_TEST_API_GROUP_SUFFIX", "pinniped.dev")
|
||||||
|
result.ShellContainerImage = needEnv(t, "PINNIPED_TEST_SHELL_CONTAINER_IMAGE")
|
||||||
|
|
||||||
result.CLIUpstreamOIDC = TestOIDCUpstream{
|
result.CLIUpstreamOIDC = TestOIDCUpstream{
|
||||||
Issuer: needEnv(t, "PINNIPED_TEST_CLI_OIDC_ISSUER"),
|
Issuer: needEnv(t, "PINNIPED_TEST_CLI_OIDC_ISSUER"),
|
||||||
|
Loading…
Reference in New Issue
Block a user