diff --git a/tests/ginkgo/sequential/1-120_repo_server_system_ca_trust.go b/tests/ginkgo/sequential/1-120_repo_server_system_ca_trust.go index ba2f6fdaf..df67b00b8 100644 --- a/tests/ginkgo/sequential/1-120_repo_server_system_ca_trust.go +++ b/tests/ginkgo/sequential/1-120_repo_server_system_ca_trust.go @@ -55,11 +55,6 @@ import ( ) var ( - // The differences between the upstream image using Ubuntu, and the downstream one using rhel. - image = "" // argocd-operator default - imageVersion = "" // argocd-operator default - caBundlePath = "/etc/ssl/certs/ca-certificates.crt" - trustedHelmAppSource = &appv1alpha1.ApplicationSource{ RepoURL: "https://stefanprodan.github.io/podinfo", Chart: "podinfo", @@ -74,14 +69,17 @@ var ( Helm: &appv1alpha1.ApplicationSourceHelm{Values: "service:\n type: ClusterIP"}, } - k8sClient client.Client - ctx context.Context + k8sClient client.Client + ctx context.Context + ns *corev1.Namespace + cleanupNs func() + image string + imageVersion string clusterSupportsClusterTrustBundles bool ) var _ = Describe("GitOps Operator Sequential E2E Tests", func() { - Context("1-120_repo_server_system_ca_trust", func() { BeforeEach(func() { fixture.EnsureSequentialCleanSlate() @@ -93,12 +91,13 @@ var _ = Describe("GitOps Operator Sequential E2E Tests", func() { }) AfterEach(func() { + fixture.OutputDebugOnFail(ns) + cleanupNs() purgeCtbs() }) It("ensures that missing Secret aborts startup", func() { - ns, cleanupFunc := fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() - defer cleanupFunc() + ns, cleanupNs = fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() By("creating Argo CD instance with missing Secret") argoCD := argoCDSpec(ns, argov1beta1api.ArgoCDRepoSpec{ @@ -120,8 +119,7 @@ var _ = Describe("GitOps Operator Sequential E2E Tests", func() { Skip("Cluster does not support ClusterTrustBundles") } - ns, cleanupFunc := fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() - defer cleanupFunc() + ns, cleanupNs = fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() // Create a bundle with 2 CA certs in it. Ubuntu's update-ca-certificates issues a warning, but apparently it works // It is desirable to test with multiple certs in one bundle because OpenShift permits it @@ -161,8 +159,7 @@ var _ = Describe("GitOps Operator Sequential E2E Tests", func() { }) It("ensures that CMs and Secrets are trusted in repo-server and plugins", func() { - ns, cleanupFunc := fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() - defer cleanupFunc() + ns, cleanupNs = fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() cmCert := createCmFromCert(ns, getCACert("github.com")) Expect(k8sClient.Create(ctx, cmCert)).To(Succeed()) @@ -210,8 +207,7 @@ var _ = Describe("GitOps Operator Sequential E2E Tests", func() { }) It("ensures that 0 trusted certs with DropImageCertificates trusts nothing", func() { - ns, cleanupFunc := fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() - defer cleanupFunc() + ns, cleanupNs = fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() By("creating Argo CD instance with empty system trust") argoCD := argoCDSpec(ns, argov1beta1api.ArgoCDRepoSpec{ @@ -243,8 +239,7 @@ var _ = Describe("GitOps Operator Sequential E2E Tests", func() { }) It("ensures that empty trust keeps image certs in place", func() { - ns, cleanupFunc := fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() - defer cleanupFunc() + ns, cleanupNs = fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() By("creating Argo CD instance with empty system trust") argoCD := argoCDSpec(ns, argov1beta1api.ArgoCDRepoSpec{ @@ -258,8 +253,7 @@ var _ = Describe("GitOps Operator Sequential E2E Tests", func() { }) It("ensures that Secrets and ConfigMaps get reconciled", func() { - ns, cleanupFunc := fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() - defer cleanupFunc() + ns, cleanupNs = fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() By("creating Argo CD instance with empty system trust, but full of anticipation") argoCD := argoCDSpec(ns, argov1beta1api.ArgoCDRepoSpec{ @@ -350,8 +344,7 @@ var _ = Describe("GitOps Operator Sequential E2E Tests", func() { Skip("Cluster does not support ClusterTrustBundles") } - ns, cleanupFunc := fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() - defer cleanupFunc() + ns, cleanupNs = fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() combinedCtb := createCtbFromCerts(getCACert("github.com"), getCACert("github.io")) _ = k8sClient.Delete(ctx, combinedCtb) // Exists only in case of previous failures, must be deleted before argo starts! @@ -403,8 +396,7 @@ var _ = Describe("GitOps Operator Sequential E2E Tests", func() { Skip("Cluster does not support ClusterTrustBundles") } - ns, cleanupFunc := fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() - defer cleanupFunc() + ns, cleanupNs = fixture.CreateRandomE2ETestNamespaceWithCleanupFunc() // Use random label value not to collide with leftover CTBs fom other tests labelVal := rand.String(5) @@ -794,7 +786,9 @@ func getTrustedCertCount(rsPod *corev1.Pod) int { command := []string{ "kubectl", "-n", rsPod.Namespace, "exec", "-c", "argocd-repo-server", rsPod.Name, "--", - "cat", caBundlePath, + "bash", "-c", + // Ubuntu or RHEL location + "cat /etc/ssl/certs/ca-certificates.crt || cat /etc/ssl/certs/ca-bundle.crt", } var out string @@ -852,6 +846,7 @@ func findRunningRepoServerPod(k8sClient client.Client, ns *corev1.Namespace) *co pod = runningPods[0] return nil } + return fmt.Errorf("expected exactly one running repo-server pod, found %d", len(runningPods)) }, "40s", "5s").WithOffset(1).Should(Succeed(), "Failed to find Running repo-server pod")