Eventing TLS: Test ContainerSource with eventshub TLS receiver as sink #6957
Conversation
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
knative-prow
bot
added
do-not-merge/work-in-progress
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
vishal-chdhry
changed the title
knative-prow
bot
removed
the
do-not-merge/work-in-progress
|
We need this fix to get the test to pass knative-extensions/reconciler-test#530, in addition, I've updated the PR to make it "work" #6956, like CA certs indentation for the resource, CRD update to include CACerts field, etc |
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Codecov ReportPatch and project coverage have no change.
Additional details and impacted files@@ Coverage Diff @@
## main #6957 +/- ##
=======================================
Coverage 79.80% 79.80%
=======================================
Files 244 244
Lines 12793 12793
=======================================
Hits 10209 10209
Misses 2078 2078
Partials 506 506 ☔ View full report in Codecov by Sentry. |
## Proposed Changes - 🎁 Provide the underlying channels CACerts in the Brokers status as an annotation (`knative.dev/channelCACerts`). Similar as the channelsAddress is provided in the `knative.dev/channelAddress` annoation. --------- Signed-off-by: Christoph Stäbler <cstabler@redhat.com>
Cron -knative-prow-robot /cc knative/eventing-writers /assign knative/eventing-writers Produced by: knative-sandbox/knobots/actions/update-deps Signed-off-by: Knative Automation <automation@knative.team>
Fixes knative#6963 <!-- Please include the 'why' behind your changes if no issue exists --> ## Proposed Changes <!-- Please categorize your changes: - 🎁 Add new feature - 🐛 Fix bug - 🧹 Update or clean up current behavior - 🗑️ Remove feature or internal logic --> - use EventType v1b2 on sources `duck` controller/reconciler - updating reconciler testing for v1b2, adding listers/factory ### Pre-review Checklist <!-- If these boxes are not checked, you will be asked to complete these requirements or explain why they do not apply to your PR. --> - [ ] **At least 80% unit test coverage** - [ ] **E2E tests** for any new behavior - [ ] **Docs PR** for any user-facing impact - [ ] **Spec PR** for any new API feature - [ ] **Conformance test** for any change to the spec **Release Note** <!-- 📄 If this change has user-visible impact, write a release note in the block below. Include the string "action required" if additional action is required of users switching to the new release, for example in case of a breaking change. Write as if you are speaking to users, not other Knative contributors. If this change has no user-visible impact, no release note is needed. --> ```release-note EventType v1b2 on sources `duck` controller/reconciler used ``` **Docs** <!-- 📖 If this change has user-visible impact, link to an issue or PR in https://github.com/knative/docs. --> Signed-off-by: Matthias Wessendorf <mwessend@redhat.com>
knative-prow
bot
added
size/XXL
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
|
@vishal-chdhry I think you need to rebase/merge main because there are quite a few unrelated changes |
knative-prow
bot
added
size/L
|
@pierDipi done |
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
|
/test reconciler-tests |
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
| f.Stable("containersource as event source"). | ||
| Must("delivers events", | ||
| assert.OnStore(sink).MatchEvent( | ||
| test.HasType("dev.knative.eventing.samples.heartbeat"), |
There was a problem hiding this comment.
TLS tests and your PR made me realize this: knative-extensions/reconciler-test#535, so technically, this match might match events that are "rejected" so travelling in plaintext on non TLS connection, therefore, for the time being, we need the MatchKind call, similar to APIServerSource TLS test:
eventing/test/rekt/features/apiserversource/data_plane.go
Lines 203 to 206 in 5e245ac
There was a problem hiding this comment.
I added the matching, all the events were of type "rejected"
There was a problem hiding this comment.
Ok, that's a nice finding, I believe we need to add CACerts to the SinkBinding resources (similar to changes in config/core/resources/containersource.yaml) since ContainerSource uses SinkBinding under the hood, so if CACerts is not propagated to it, it won't work
There was a problem hiding this comment.
Thanks @vishal-chdhry, I left a few suggestions but it looks good!
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
Signed-off-by: Vishal Choudhary <sendtovishalchoudhary@gmail.com>
|
/test unit-tests |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: pierDipi, Vishal-Chdhry The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Thanks! |
knative-prow
bot
added
the
approved
|
/retest-required |
Fixes #6937
Proposed Changes
Pre-review Checklist
Release Note
Docs