From 1ccb0d34607c9dac5e74dd1837f241ba72f17870 Mon Sep 17 00:00:00 2001
From: Tim Schrodi <tim.schrodi@sap.com>
Date: Thu, 14 Mar 2019 08:38:29 +0100
Subject: [PATCH] Add ssl support for s3 instances

---
 .../templates/deployment-tm-controller.yaml              | 1 +
 cmd/testrunner/cmd/runtemplate/run_template.go           | 3 +++
 pkg/testmachinery/garbagecollection/minio.go             | 2 +-
 pkg/testmachinery/types.go                               | 1 +
 pkg/testrunner/result/output.go                          | 8 ++++----
 pkg/testrunner/result/types.go                           | 9 ++++++---
 6 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/charts/testmachinery/templates/deployment-tm-controller.yaml b/charts/testmachinery/templates/deployment-tm-controller.yaml
index c5b98927dc..292e05ff37 100644
--- a/charts/testmachinery/templates/deployment-tm-controller.yaml
+++ b/charts/testmachinery/templates/deployment-tm-controller.yaml
@@ -37,6 +37,7 @@ spec:
       containers:
       - name: testmachinery-controller
         image: "{{ .Values.controller.image }}:{{ .Values.controller.tag }}"
+        imagePullPolicy: Always
 {{ if .Values.local.enabled }}
         command: ["/testmachinery-controller", "-insecure=true"]
 {{end}}
diff --git a/cmd/testrunner/cmd/runtemplate/run_template.go b/cmd/testrunner/cmd/runtemplate/run_template.go
index 3b3b663761..77b8a3bb35 100644
--- a/cmd/testrunner/cmd/runtemplate/run_template.go
+++ b/cmd/testrunner/cmd/runtemplate/run_template.go
@@ -36,6 +36,7 @@ var (
 	outputFilePath          string
 	elasticSearchConfigName string
 	s3Endpoint              string
+	s3SSL                   bool
 	concourseOnErrorDir     string
 
 	testrunChartPath         string
@@ -98,6 +99,7 @@ var runCmd = &cobra.Command{
 			OutputFile:          outputFilePath,
 			ESConfigName:        elasticSearchConfigName,
 			S3Endpoint:          s3Endpoint,
+			S3SSL:               s3SSL,
 			ConcourseOnErrorDir: concourseOnErrorDir,
 		}
 
@@ -161,6 +163,7 @@ func init() {
 	runCmd.Flags().StringVar(&outputFilePath, "output-file-path", "./testout", "The filepath where the summary should be written to.")
 	runCmd.Flags().StringVar(&elasticSearchConfigName, "es-config-name", "sap_internal", "The elasticsearch secret-server config name.")
 	runCmd.Flags().StringVar(&s3Endpoint, "s3-endpoint", os.Getenv("S3_ENDPOINT"), "S3 endpoint of the testmachinery cluster.")
+	runCmd.Flags().BoolVar(&s3SSL, "s3-ssl", false, "S3 has SSL enabled.")
 	runCmd.Flags().StringVar(&concourseOnErrorDir, "concourse-onError-dir", os.Getenv("ON_ERROR_DIR"), "On error dir which is used by Concourse.")
 
 	// parameter flags
diff --git a/pkg/testmachinery/garbagecollection/minio.go b/pkg/testmachinery/garbagecollection/minio.go
index 2414b7f1c6..1f311a4229 100644
--- a/pkg/testmachinery/garbagecollection/minio.go
+++ b/pkg/testmachinery/garbagecollection/minio.go
@@ -32,7 +32,7 @@ func NewObjectStore() (*ObjectStore, error) {
 
 	cfg := testmachinery.GetConfig().ObjectStore
 
-	minioClient, err := minio.New(cfg.Endpoint, cfg.AccessKey, cfg.SecretKey, false)
+	minioClient, err := minio.New(cfg.Endpoint, cfg.AccessKey, cfg.SecretKey, cfg.SSL)
 	if err != nil {
 		return nil, err
 	}
diff --git a/pkg/testmachinery/types.go b/pkg/testmachinery/types.go
index 7b62543b61..a3d796fecf 100644
--- a/pkg/testmachinery/types.go
+++ b/pkg/testmachinery/types.go
@@ -56,6 +56,7 @@ type TmConfiguration struct {
 // ObjectStoreConfig is an object containing the ObjectStore specific configuration
 type ObjectStoreConfig struct {
 	Endpoint   string
+	SSL        bool
 	AccessKey  string
 	SecretKey  string
 	BucketName string
diff --git a/pkg/testrunner/result/output.go b/pkg/testrunner/result/output.go
index b2f2560d30..97f2ddb673 100644
--- a/pkg/testrunner/result/output.go
+++ b/pkg/testrunner/result/output.go
@@ -40,7 +40,6 @@ func Output(config *Config, tmKubeconfigPath, namespace string, tr *tmv1beta1.Te
 	if config.OutputFile == "" {
 		return nil
 	}
-	var s3Endpoint = config.S3Endpoint
 
 	metadata.TestrunID = tr.Name
 
@@ -59,7 +58,7 @@ func Output(config *Config, tmKubeconfigPath, namespace string, tr *tmv1beta1.Te
 		return err
 	}
 
-	osConfig, err := getOSConfig(tmKubeconfigPath, s3Endpoint, namespace)
+	osConfig, err := getOSConfig(tmKubeconfigPath, namespace, config.S3Endpoint, config.S3SSL)
 	if err != nil {
 		log.Warnf("Cannot get exported Test results of steps: %s", err.Error())
 	} else {
@@ -125,7 +124,7 @@ func getTestrunSummary(tr *tmv1beta1.Testrun, metadata *Metadata) (*elasticsearc
 
 func getExportedDocuments(cfg *testmachinery.ObjectStoreConfig, status tmv1beta1.TestrunStatus, metadata *Metadata) []byte {
 
-	minioClient, err := minio.New(cfg.Endpoint, cfg.AccessKey, cfg.SecretKey, false)
+	minioClient, err := minio.New(cfg.Endpoint, cfg.AccessKey, cfg.SecretKey, cfg.SSL)
 	if err != nil {
 		log.Errorf("Error creating minio client %s: %s", cfg.Endpoint, err.Error())
 		return nil
@@ -226,7 +225,7 @@ func writeToFile(fielPath string, data []byte) error {
 	return nil
 }
 
-func getOSConfig(tmKubeconfigPath, minioEndpoint, namespace string) (*testmachinery.ObjectStoreConfig, error) {
+func getOSConfig(tmKubeconfigPath, namespace, minioEndpoint string, ssl bool) (*testmachinery.ObjectStoreConfig, error) {
 	clusterClient, err := kubernetes.NewClientFromFile(tmKubeconfigPath, nil, client.Options{})
 	if err != nil {
 		return nil, fmt.Errorf("Cannot create client for %s: %s", tmKubeconfigPath, err.Error())
@@ -242,6 +241,7 @@ func getOSConfig(tmKubeconfigPath, minioEndpoint, namespace string) (*testmachin
 
 	return &testmachinery.ObjectStoreConfig{
 		Endpoint:   minioEndpoint,
+		SSL:        ssl,
 		AccessKey:  string(minioSecrets.Data["accessKey"]),
 		SecretKey:  string(minioSecrets.Data["secretKey"]),
 		BucketName: minioConfig.Data["objectstore.bucketName"],
diff --git a/pkg/testrunner/result/types.go b/pkg/testrunner/result/types.go
index 6f392fb221..e839427b3e 100644
--- a/pkg/testrunner/result/types.go
+++ b/pkg/testrunner/result/types.go
@@ -22,15 +22,18 @@ import (
 
 // Config represents the configuration for collecting and storing results from a testrun.
 type Config struct {
-	// outputFilePath is the path where the testresult is written to.
+	// OutputFilePath is the path where the testresult is written to.
 	OutputFile string
 
-	// config name of the elastic search to store the test results.
+	// Config name of the elasticsearch instance to store the test results.
 	ESConfigName string
 
-	// Endpint of the s3 storage of the testmachinery.
+	// Endpoint of the s3 storage of the testmachinery.
 	S3Endpoint string
 
+	// S3SSL indicates whether the S3 instance is SSL secured or not.
+	S3SSL bool
+
 	// Path to the error directory of concourse to put the notify.cfg in.
 	ConcourseOnErrorDir string
 }