Re-enable kubeconfig related SKR tests (#870)

* Revert "Use new KCP CLI in SKR tests  (#857)"

This reverts commit 48d5f55.

* Add auth type

testing/e2e/skr/kcp/client.js

@@ -15,34 +15,63 @@ class KCPConfig {
   constructor() {
     this.authType = getEnvOrThrow('KCP_AUTH_TYPE');
     this.host = getEnvOrThrow('KCP_KEB_API_URL');
-    this.kubeConfigApiUrl = getEnvOrThrow('KCP_KUBECONFIG_API_URL');
-    this.oauthClientID = getEnvOrThrow('KCP_OAUTH2_CLIENT_ID');
-    this.oauthSecret = getEnvOrThrow('KCP_OAUTH2_CLIENT_SECRET');
-    this.oauthIssuer = getEnvOrThrow('KCP_OAUTH2_ISSUER_URL');
+    this.issuerURL = getEnvOrThrow('KCP_OIDC_ISSUER_URL');
     this.gardenerNamespace = getEnvOrThrow('KCP_GARDENER_NAMESPACE');
+    this.username = getEnvOrThrow('KCP_TECH_USER_LOGIN');
+    this.password = getEnvOrThrow('KCP_TECH_USER_PASSWORD');
+    this.clientID = getEnvOrThrow('KCP_OIDC_CLIENT_ID');
+
+    if (process.env.KCP_OIDC_CLIENT_SECRET) {
+      this.clientSecret = getEnvOrThrow('KCP_OIDC_CLIENT_SECRET');
+    } else {
+      this.oauthClientID = getEnvOrThrow('KCP_OAUTH2_CLIENT_ID');
+      this.oauthSecret = getEnvOrThrow('KCP_OAUTH2_CLIENT_SECRET');
+      this.oauthIssuer = getEnvOrThrow('KCP_OAUTH2_ISSUER_URL');
+    }
+
+    this.motherShipApiUrl = getEnvOrThrow('KCP_MOTHERSHIP_API_URL');
+    this.kubeConfigApiUrl = getEnvOrThrow('KCP_KUBECONFIG_API_URL');
   }
 }
 
 class KCPWrapper {
   constructor(config) {
     this.authType = config.authType;
+    this.kcpConfigPath = config.kcpConfigPath;
     this.gardenerNamespace = config.gardenerNamespace;
+    this.clientID = config.clientID;
+    this.clientSecret = config.clientSecret;
     this.oauthClientID = config.oauthClientID;
     this.oauthSecret = config.oauthSecret;
     this.oauthIssuer = config.oauthIssuer;
+
+    this.issuerURL = config.issuerURL;
+    this.motherShipApiUrl = config.motherShipApiUrl;
     this.kubeConfigApiUrl = config.kubeConfigApiUrl;
+
+    this.username = config.username;
+    this.password = config.password;
     this.host = config.host;
-    this.kcpConfigPath = 'config.yaml';
 
+    this.kcpConfigPath = 'config.yaml';
     const stream = fs.createWriteStream(`${this.kcpConfigPath}`);
     stream.once('open', (_) => {
       stream.write(`auth-type: "${this.authType}"\n`);
+      stream.write(`gardener-namespace: "${this.gardenerNamespace}"\n`);
+      if (process.env.KCP_OIDC_CLIENT_SECRET) {
+        stream.write(`oidc-client-id: "${this.clientID}"\n`);
+        stream.write(`oidc-client-secret: ${this.clientSecret}\n`);
+        stream.write(`username: ${this.username}\n`);
+      } else {
+        stream.write(`oauth2-client-id: "${this.oauthClientID}"\n`);
+        stream.write(`oauth2-client-secret: "${this.oauthSecret}"\n`);
+        stream.write(`oauth2-issuer-url: "${this.oauthIssuer}"\n`);
+      }
+
       stream.write(`keb-api-url: "${this.host}"\n`);
+      stream.write(`oidc-issuer-url: "${this.issuerURL}"\n`);
+      stream.write(`mothership-api-url: "${this.motherShipApiUrl}"\n`);
       stream.write(`kubeconfig-api-url: "${this.kubeConfigApiUrl}"\n`);
-      stream.write(`oauth2-client-id: "${this.oauthClientID}"\n`);
-      stream.write(`oauth2-client-secret: "${this.oauthSecret}"\n`);
-      stream.write(`oauth2-issuer-url: "${this.oauthIssuer}"\n`);
-      stream.write(`gardener-namespace: "${this.gardenerNamespace}"\n`);
       stream.end();
     });
   }
@@ -81,7 +110,13 @@ class KCPWrapper {
   }
 
   async login() {
-    const args = ['login'];
+    let args;
+    if (process.env.KCP_OIDC_CLIENT_SECRET) {
+      args = ['login', '-u', `${this.username}`, '-p', `${this.password}`];
+    } else {
+      args = ['login'];
+    }
+
     return await this.exec(args);
   }
 

testing/e2e/skr/kyma-environment-broker/helpers.js

@@ -51,7 +51,7 @@ async function provisionSKR(
 async function getShoot(kcp, shootName) {
   debug(`Fetching shoot: ${shootName}`);
 
-  // const kubeconfigPath = await kcp.getKubeconfig(shootName);
+  const kubeconfigPath = await kcp.getKubeconfig(shootName);
 
   const runtimeGardenerConfig = await kcp.getRuntimeGardenerConfig(shootName);
   const objRuntimeGardenerConfig = JSON.parse(runtimeGardenerConfig);
@@ -60,7 +60,7 @@ async function getShoot(kcp, shootName) {
 
   return {
     name: shootName,
-    // kubeconfig: kubeconfigPath,
+    kubeconfig: kubeconfigPath,
     oidcConfig: objRuntimeGardenerConfig.data[0].status.gardenerConfig.oidcConfig,
     machineType: objRuntimeGardenerConfig.data[0].status.gardenerConfig.machineType,
   };

testing/e2e/skr/skr-test/oidc/index.js

@@ -4,10 +4,10 @@ const {
   ensureValidShootOIDCConfig,
   ensureValidOIDCConfigInCustomerFacingKubeconfig,
 } = require('../../kyma-environment-broker');
-/* const {
+const {
   ensureKymaAdminBindingExistsForUser,
   ensureKymaAdminBindingDoesNotExistsForUser,
-} = require('../../utils'); */
+} = require('../../utils');
 const {keb, kcp, gardener} = require('../helpers');
 
 const updateTimeout = 1000 * 60 * 20; // 20m
@@ -34,9 +34,9 @@ function oidcE2ETest(getShootOptionsFunc, getShootInfoFunc) {
       await ensureValidOIDCConfigInCustomerFacingKubeconfig(keb, options.instanceID, givenOidcConfig);
     });
 
-    //  it('Assure initial cluster admin', async function() {
-    //    await ensureKymaAdminBindingExistsForUser(options.kebUserId); // default user id
-    //  });
+    it('Assure initial cluster admin', async function() {
+      await ensureKymaAdminBindingExistsForUser(options.kebUserId); // default user id
+    });
 
     it('Update SKR service instance with OIDC config', async function() {
       this.timeout(updateTimeout);
@@ -72,9 +72,9 @@ function oidcE2ETest(getShootOptionsFunc, getShootInfoFunc) {
       await ensureValidOIDCConfigInCustomerFacingKubeconfig(keb, options.instanceID, options.oidc1);
     });
 
-    // it('Assure cluster admin is preserved', async function() {
-    //   await ensureKymaAdminBindingExistsForUser(options.kebUserId);
-    // });
+    it('Assure cluster admin is preserved', async function() {
+      await ensureKymaAdminBindingExistsForUser(options.kebUserId);
+    });
 
     it('Update SKR service instance with new admins', async function() {
       this.timeout(updateTimeout);
@@ -99,11 +99,11 @@ function oidcE2ETest(getShootOptionsFunc, getShootInfoFunc) {
       console.log(`\nRuntime status: ${runtimeStatus}`);
     });
 
-    /* it('Assure only new cluster admins are configured', async function() {
+    it('Assure only new cluster admins are configured', async function() {
       await ensureKymaAdminBindingExistsForUser(options.administrators1[0]);
       await ensureKymaAdminBindingExistsForUser(options.administrators1[1]);
       await ensureKymaAdminBindingDoesNotExistsForUser(options.kebUserId);
-    });*/
+    });
   });
 }
 

testing/e2e/skr/skr-test/provision/provision-skr.js

@@ -5,7 +5,7 @@ const {
   keb,
   initK8sConfig,
   getSKRRuntimeStatus,
-  // initializeK8sClient,
+  initializeK8sClient,
 } = require('../helpers');
 
 const {provisionSKR}= require('../../kyma-environment-broker');
@@ -19,8 +19,8 @@ async function provisionSKRAndInitK8sConfig(options, provisioningTimeout) {
     console.log('Initiating K8s config...');
     await initK8sConfig(shoot);
   } else {
-    console.log('Initiating K8s client... skipped');
-    // await initializeK8sClient({kubeconfigPath: shoot.kubeconfig});
+    console.log('Initiating K8s client...');
+    await initializeK8sClient({kubeconfigPath: shoot.kubeconfig});
   }
 
   console.log('Initialization of K8s finished...');

testing/e2e/skr/skr-test/test.js

@@ -2,7 +2,7 @@ const {
   gatherOptions,
   oidcE2ETest,
   machineTypeE2ETest,
-  // btpManagerSecretTest,
+  btpManagerSecretTest,
 } = require('./index');
 const {provisionSKRAndInitK8sConfig} = require('./provision/provision-skr');
 const {deprovisionAndUnregisterSKR} = require('./provision/deprovision-skr');
@@ -34,7 +34,7 @@ describe('SKR test', function() {
   });
 
   // Run BTP Manager Secret tests
-  // btpManagerSecretTest();
+  btpManagerSecretTest();
 
   // Run OIDC tests
   oidcE2ETest(getShootOptionsFunc, getShootInfoFunc);