Skip to content

Commit cc7d379

Browse files
Enable CyberArk integration and E2E tests in CI
Additionally, use a real UID in integration tests to satisfy real API validation And add a cluster name, a shorter upload period, and a sample secret so that it's easier to find the uploaded Secret in the UI. Signed-off-by: Richard Wall <richard.wall@cyberark.com>
1 parent 915353f commit cc7d379

File tree

6 files changed

+56
-5
lines changed

6 files changed

+56
-5
lines changed

.github/workflows/tests.yaml

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,46 @@ jobs:
6767
key: downloaded-${{ runner.os }}-${{ hashFiles('klone.yaml') }}-test-unit
6868

6969
- run: make -j test-unit test-helm
70+
env:
71+
# These environment variables are required to run the CyberArk client integration tests
72+
ARK_DISCOVERY_API: https://platform-discovery.integration-cyberark.cloud/
73+
ARK_SUBDOMAIN: ${{ secrets.ARK_SUBDOMAIN }}
74+
ARK_USERNAME: ${{ secrets.ARK_USERNAME }}
75+
ARK_SECRET: ${{ secrets.ARK_SECRET }}
76+
77+
ark-test-e2e:
78+
runs-on: ubuntu-latest
79+
steps:
80+
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
81+
# Adding `fetch-depth: 0` makes sure tags are also fetched. We need
82+
# the tags so `git describe` returns a valid version.
83+
# see https://github.com/actions/checkout/issues/701 for extra info about this option
84+
with: { fetch-depth: 0 }
85+
86+
- uses: ./.github/actions/repo_access
87+
with:
88+
DEPLOY_KEY_READ_VENAFI_CONNECTION_LIB: ${{ secrets.DEPLOY_KEY_READ_VENAFI_CONNECTION_LIB }}
89+
90+
- id: go-version
91+
run: |
92+
make print-go-version >> "$GITHUB_OUTPUT"
93+
94+
- uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
95+
with:
96+
go-version: ${{ steps.go-version.outputs.result }}
97+
98+
- uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
99+
with:
100+
path: _bin/downloaded
101+
key: downloaded-${{ runner.os }}-${{ hashFiles('klone.yaml') }}-test-unit
102+
103+
- run: make -j ark-test-e2e
104+
env:
105+
# These environment variables are required to connect to CyberArk Disco APIs
106+
ARK_DISCOVERY_API: https://platform-discovery.integration-cyberark.cloud/
107+
ARK_SUBDOMAIN: ${{ secrets.ARK_SUBDOMAIN }}
108+
ARK_USERNAME: ${{ secrets.ARK_USERNAME }}
109+
ARK_SECRET: ${{ secrets.ARK_SECRET }}
70110

71111
test-e2e:
72112
if: contains(github.event.pull_request.labels.*.name, 'test-e2e')

hack/ark/test-e2e.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,15 @@ kubectl create secret generic agent-credentials \
6565
--from-literal=ARK_SUBDOMAIN=$ARK_SUBDOMAIN \
6666
--from-literal=ARK_DISCOVERY_API=$ARK_DISCOVERY_API
6767

68+
# Create a sample secret in the cluster
69+
#
70+
# TODO(wallrj): See if there's an API for checking that this secret has been
71+
# imported by the backend. For now we have to log into the Disco web UI and
72+
# search for this secret.
73+
kubectl create secret generic e2e-sample-secret-$(date '+%s') \
74+
--namespace default \
75+
--from-literal=username=${RANDOM}
76+
6877
# We use a non-existent tag and omit the `--version` flag, to work around a Helm
6978
# v4 bug. See: https://github.com/helm/helm/issues/31600
7079
helm upgrade agent "oci://${ARK_CHART}:NON_EXISTENT_TAG@${ARK_CHART_DIGEST}" \
@@ -76,7 +85,9 @@ helm upgrade agent "oci://${ARK_CHART}:NON_EXISTENT_TAG@${ARK_CHART_DIGEST}" \
7685
--set pprof.enabled=true \
7786
--set fullnameOverride=disco-agent \
7887
--set "image.digest=${ARK_IMAGE_DIGEST}" \
88+
--set config.clusterName="e2e-test-cluster" \
7989
--set config.clusterDescription="A temporary cluster for E2E testing. Contact @wallrj-cyberark." \
90+
--set config.period=60s \
8091
--set-json "podLabels={\"disco-agent.cyberark.cloud/test-id\": \"${RANDOM}\"}"
8192

8293
kubectl rollout status deployments/disco-agent --namespace "${NAMESPACE}"

internal/cyberark/client_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ func TestCyberArkClient_PutSnapshot_MockAPI(t *testing.T) {
3636
require.NoError(t, err)
3737

3838
err = cl.PutSnapshot(ctx, dataupload.Snapshot{
39-
ClusterID: "success-cluster-id",
39+
ClusterID: "ffffffff-ffff-ffff-ffff-ffffffffffff",
4040
AgentVersion: version.PreflightVersion,
4141
})
4242
require.NoError(t, err)
@@ -73,7 +73,7 @@ func TestCyberArkClient_PutSnapshot_RealAPI(t *testing.T) {
7373
require.NoError(t, err)
7474

7575
err = cl.PutSnapshot(ctx, dataupload.Snapshot{
76-
ClusterID: "bb068932-c80d-460d-88df-34bc7f3f3297",
76+
ClusterID: "ffffffff-ffff-ffff-ffff-ffffffffffff",
7777
AgentVersion: version.PreflightVersion,
7878
})
7979
require.NoError(t, err)

internal/cyberark/dataupload/dataupload_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ func TestCyberArkClient_PutSnapshot_MockAPI(t *testing.T) {
3535
{
3636
name: "successful upload",
3737
snapshot: dataupload.Snapshot{
38-
ClusterID: "success-cluster-id",
38+
ClusterID: "ffffffff-ffff-ffff-ffff-ffffffffffff",
3939
AgentVersion: version.PreflightVersion,
4040
},
4141
authenticate: setToken("success-token"),

internal/cyberark/dataupload/mock.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ import (
2222
const (
2323
successBearerToken = "success-token"
2424

25-
successClusterID = "success-cluster-id"
25+
successClusterID = "ffffffff-ffff-ffff-ffff-ffffffffffff"
2626
)
2727

2828
type mockDataUploadServer struct {

pkg/client/client_cyberark_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ func fakeReadings() []*api.DataReading {
107107
{
108108
DataGatherer: "ark/discovery",
109109
Data: &api.DiscoveryData{
110-
ClusterID: "success-cluster-id",
110+
ClusterID: "ffffffff-ffff-ffff-ffff-ffffffffffff",
111111
ServerVersion: &k8sversion.Info{
112112
GitVersion: "v1.21.0",
113113
},

0 commit comments

Comments
 (0)