From 79bf62decb828965079274501e7109b0ba2380ae Mon Sep 17 00:00:00 2001 From: KsaweryZietara <91937141+KsaweryZietara@users.noreply.github.com> Date: Thu, 8 Aug 2024 13:32:04 +0200 Subject: [PATCH 1/8] Use postgres from internal docker registry (#1015) Use postgres from internal docker registry in e2e/cmd tests --- cmd/broker/provisioning.go | 6 +- go.mod | 6 +- go.sum | 2 + .../create_runtime_resource_step.go | 45 ++++++- .../create_runtime_resource_step_test.go | 116 +++++++++++------- 5 files changed, 125 insertions(+), 50 deletions(-) diff --git a/cmd/broker/provisioning.go b/cmd/broker/provisioning.go index 7a6fbcdb12..4ec5b72fe7 100644 --- a/cmd/broker/provisioning.go +++ b/cmd/broker/provisioning.go @@ -2,6 +2,7 @@ package main import ( "context" + "github.com/kyma-project/kyma-environment-broker/internal/runtime" "github.com/kyma-project/kyma-environment-broker/internal/provider" @@ -43,6 +44,9 @@ func NewProvisioningProcessingQueue(ctx context.Context, provisionManager *proce Once the stage is done it will never be retried. */ + oidcDefaults, err := runtime.ReadOIDCDefaultValuesFromYAML(cfg.SkrOidcDefaultValuesYAMLFilePath) + fatalOnError(err, logs) + provisioningSteps := []struct { disabled bool stage string @@ -98,7 +102,7 @@ func NewProvisioningProcessingQueue(ctx context.Context, provisionManager *proce // postcondition: operation.KymaResourceName, operation.RuntimeResourceName is set { stage: createRuntimeStageName, - step: provisioning.NewCreateRuntimeResourceStep(db.Operations(), db.Instances(), cli, cfg.Broker.KimConfig, cfg.Provisioner, trialRegionsMapping, cfg.Broker.UseSmallerMachineTypes), + step: provisioning.NewCreateRuntimeResourceStep(db.Operations(), db.Instances(), cli, cfg.Broker.KimConfig, cfg.Provisioner, trialRegionsMapping, cfg.Broker.UseSmallerMachineTypes, oidcDefaults), }, { stage: createRuntimeStageName, diff --git a/go.mod b/go.mod index 310a94221d..e66a8b8a2e 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/kyma-incubator/compass/components/director v0.0.0-20240329103248-7710e72be80a github.com/kyma-project/control-plane/components/provisioner v0.0.0-20240529135026-c4ef757de24f github.com/kyma-project/control-plane/components/schema-migrator v0.0.0-20240612080429-83a7c0eb13b8 - github.com/kyma-project/infrastructure-manager v0.0.0-20240705113756-2ea9b23b6154 + github.com/kyma-project/infrastructure-manager v0.0.0-20240806115205-c1fb9fb5968a github.com/lib/pq v1.10.9 github.com/matryer/is v1.4.1 github.com/pivotal-cf/brokerapi/v8 v8.2.3 @@ -38,9 +38,9 @@ require ( golang.org/x/time v0.6.0 gopkg.in/yaml.v2 v2.4.0 gopkg.in/yaml.v3 v3.0.1 - k8s.io/api v0.30.2 + k8s.io/api v0.30.3 k8s.io/apiextensions-apiserver v0.30.1 - k8s.io/apimachinery v0.30.2 + k8s.io/apimachinery v0.30.3 k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible sigs.k8s.io/controller-runtime v0.18.4 sigs.k8s.io/yaml v1.4.0 diff --git a/go.sum b/go.sum index 66509501ed..a34fb21e13 100644 --- a/go.sum +++ b/go.sum @@ -204,6 +204,8 @@ github.com/kyma-project/control-plane/components/schema-migrator v0.0.0-20240612 github.com/kyma-project/control-plane/components/schema-migrator v0.0.0-20240612080429-83a7c0eb13b8/go.mod h1:vABrhytVuZpchbdlIVdUDlhB/Q/3GIZld2JmdS2rZ6I= github.com/kyma-project/infrastructure-manager v0.0.0-20240705113756-2ea9b23b6154 h1:1nE1nmUlhaQAaPA2/p6tcrx6pFJsCKqQzw46OoqI51o= github.com/kyma-project/infrastructure-manager v0.0.0-20240705113756-2ea9b23b6154/go.mod h1:VIXFOtvzBYNj9RKB5K4do6loUxp9i9XNEvhqAQIZ5G8= +github.com/kyma-project/infrastructure-manager v0.0.0-20240806115205-c1fb9fb5968a h1:9AMvbR/9hSumE5WXQ/HAlyRjlScqQU1sVcRolsknHSw= +github.com/kyma-project/infrastructure-manager v0.0.0-20240806115205-c1fb9fb5968a/go.mod h1:0uJ/bMp2Qq9fTq2CV4PmWXDgPSwGzKKYswhVv/CW0AE= github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= diff --git a/internal/process/provisioning/create_runtime_resource_step.go b/internal/process/provisioning/create_runtime_resource_step.go index 826ce4947e..e09a762e7a 100644 --- a/internal/process/provisioning/create_runtime_resource_step.go +++ b/internal/process/provisioning/create_runtime_resource_step.go @@ -3,6 +3,7 @@ package provisioning import ( "context" "fmt" + "github.com/kyma-project/kyma-environment-broker/internal/ptr" "time" "github.com/kyma-project/kyma-environment-broker/internal/process/steps" @@ -39,10 +40,11 @@ type CreateRuntimeResourceStep struct { config input.Config trialPlatformRegionMapping map[string]string useSmallerMachineTypes bool + oidcDefaultValues internal.OIDCConfigDTO } func NewCreateRuntimeResourceStep(os storage.Operations, is storage.Instances, k8sClient client.Client, kimConfig kim.Config, cfg input.Config, - trialPlatformRegionMapping map[string]string, useSmallerMachines bool) *CreateRuntimeResourceStep { + trialPlatformRegionMapping map[string]string, useSmallerMachines bool, oidcDefaultValues internal.OIDCConfigDTO) *CreateRuntimeResourceStep { return &CreateRuntimeResourceStep{ operationManager: process.NewOperationManager(os), instanceStorage: is, @@ -51,6 +53,7 @@ func NewCreateRuntimeResourceStep(os storage.Operations, is storage.Instances, k config: cfg, trialPlatformRegionMapping: trialPlatformRegionMapping, useSmallerMachineTypes: useSmallerMachines, + oidcDefaultValues: oidcDefaultValues, } } @@ -141,6 +144,7 @@ func (s *CreateRuntimeResourceStep) updateRuntimeResourceObject(runtime *imv1.Ru runtime.Spec.Shoot.EnforceSeedLocation = operation.ProvisioningParameters.Parameters.ShootAndSeedSameRegion runtime.Spec.Security = s.createSecurityConfiguration(operation) runtime.Spec.Shoot.Networking = s.createNetworkingConfiguration(operation) + runtime.Spec.Shoot.Kubernetes = s.createKubernetesConfiguration(operation) return nil } @@ -341,6 +345,45 @@ func (s *CreateRuntimeResourceStep) getEmptyOrExistingRuntimeResource(name, name return &runtime, nil } +func (s *CreateRuntimeResourceStep) createKubernetesConfiguration(operation internal.Operation) imv1.Kubernetes { + oidc := gardener.OIDCConfig{ + ClientID: &s.oidcDefaultValues.ClientID, + GroupsClaim: &s.oidcDefaultValues.GroupsClaim, + IssuerURL: &s.oidcDefaultValues.IssuerURL, + SigningAlgs: s.oidcDefaultValues.SigningAlgs, + UsernameClaim: &s.oidcDefaultValues.UsernameClaim, + UsernamePrefix: &s.oidcDefaultValues.UsernamePrefix, + } + if operation.ProvisioningParameters.Parameters.OIDC != nil { + if operation.ProvisioningParameters.Parameters.OIDC.ClientID != "" { + oidc.ClientID = &operation.ProvisioningParameters.Parameters.OIDC.ClientID + } + if operation.ProvisioningParameters.Parameters.OIDC.GroupsClaim != "" { + oidc.GroupsClaim = &operation.ProvisioningParameters.Parameters.OIDC.GroupsClaim + } + if operation.ProvisioningParameters.Parameters.OIDC.IssuerURL != "" { + oidc.IssuerURL = &operation.ProvisioningParameters.Parameters.OIDC.IssuerURL + } + if len(operation.ProvisioningParameters.Parameters.OIDC.SigningAlgs) > 0 { + oidc.SigningAlgs = operation.ProvisioningParameters.Parameters.OIDC.SigningAlgs + } + if operation.ProvisioningParameters.Parameters.OIDC.UsernameClaim != "" { + oidc.UsernameClaim = &operation.ProvisioningParameters.Parameters.OIDC.UsernameClaim + } + if operation.ProvisioningParameters.Parameters.OIDC.UsernamePrefix != "" { + oidc.UsernamePrefix = &operation.ProvisioningParameters.Parameters.OIDC.UsernamePrefix + } + } + + return imv1.Kubernetes{ + Version: ptr.String(s.config.KubernetesVersion), + KubeAPIServer: imv1.APIServer{ + OidcConfig: oidc, + AdditionalOidcConfig: nil, + }, + } +} + func DefaultIfParamNotSet[T interface{}](d T, param *T) T { if param == nil { return d diff --git a/internal/process/provisioning/create_runtime_resource_step_test.go b/internal/process/provisioning/create_runtime_resource_step_test.go index 19b30d7599..c4073e4686 100644 --- a/internal/process/provisioning/create_runtime_resource_step_test.go +++ b/internal/process/provisioning/create_runtime_resource_step_test.go @@ -47,6 +47,58 @@ var defaultNetworking = imv1.Networking{ Pods: networking.DefaultPodsCIDR, Services: networking.DefaultServicesCIDR, } +var defaultOIDSConfig = internal.OIDCConfigDTO{ + ClientID: "client-id-default", + GroupsClaim: "gc-default", + IssuerURL: "issuer-url-default", + SigningAlgs: []string{"sa-default"}, + UsernameClaim: "uc-default", + UsernamePrefix: "up-default", +} + +func TestCreateRuntimeResourceStep_OIDC(t *testing.T) { + // given + err := imv1.AddToScheme(scheme.Scheme) + assert.NoError(t, err) + log := logrus.New() + memoryStorage := storage.NewMemoryStorage() + instance, operation := fixInstanceAndOperation(broker.AzurePlanID, "westeurope", "platform-region") + operation.ProvisioningParameters.Parameters.OIDC = &internal.OIDCConfigDTO{ + ClientID: "client-id-custom", + GroupsClaim: "gc-custom", + IssuerURL: "issuer-url-custom", + SigningAlgs: []string{"sa-custom"}, + UsernameClaim: "uc-custom", + UsernamePrefix: "up-custom", + } + assertInsertions(t, memoryStorage, instance, operation) + kimConfig := fixKimConfig("azure", false) + inputConfig := input.Config{MultiZoneCluster: true} + cli := getClientForTests(t) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) + + // when + entry := log.WithFields(logrus.Fields{"step": "TEST"}) + _, repeat, err := step.Run(operation, entry) + + // then + assert.NoError(t, err) + assert.Zero(t, repeat) + runtime := imv1.Runtime{} + err = cli.Get(context.Background(), client.ObjectKey{ + Namespace: "kyma-system", + Name: operation.RuntimeID, + }, &runtime) + assert.NoError(t, err) + assert.Equal(t, gardener.OIDCConfig{ + ClientID: ptr.String("client-id-custom"), + GroupsClaim: ptr.String("gc-custom"), + IssuerURL: ptr.String("issuer-url-custom"), + SigningAlgs: []string{"sa-custom"}, + UsernameClaim: ptr.String("uc-custom"), + UsernamePrefix: ptr.String("up-custom"), + }, runtime.Spec.Shoot.Kubernetes.KubeAPIServer.OidcConfig) +} func TestCreateRuntimeResourceStep_Defaults_Azure_MultiZone_YamlOnly(t *testing.T) { // given @@ -59,7 +111,7 @@ func TestCreateRuntimeResourceStep_Defaults_Azure_MultiZone_YamlOnly(t *testing. kimConfig := fixKimConfig("azure", true) inputConfig := input.Config{MultiZoneCluster: true} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), nil, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), nil, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -99,7 +151,7 @@ func TestCreateRuntimeResourceStep_AllYamls(t *testing.T) { kimConfig := fixKimConfigWithAllPlans(true) inputConfig := input.Config{MultiZoneCluster: testCase.multiZone} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), nil, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), nil, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -129,7 +181,7 @@ func TestCreateRuntimeResourceStep_Defaults_AWS_SingleZone_EnforceSeed_ActualCre inputConfig := input.Config{MultiZoneCluster: false, ControlPlaneFailureTolerance: "zone"} cli := getClientForTests(t) - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -179,7 +231,7 @@ func TestCreateRuntimeResourceStep_Defaults_AWS_SingleZone_DefaultAdmin_ActualCr inputConfig := input.Config{MultiZoneCluster: false, ControlPlaneFailureTolerance: "zone"} cli := getClientForTests(t) - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -188,47 +240,21 @@ func TestCreateRuntimeResourceStep_Defaults_AWS_SingleZone_DefaultAdmin_ActualCr // then assert.NoError(t, err) assert.Zero(t, repeat) - - runtime := imv1.Runtime{} - err = cli.Get(context.Background(), client.ObjectKey{ - Namespace: "kyma-system", - Name: operation.RuntimeID, - }, &runtime) - assert.NoError(t, err) - assert.Equal(t, runtime.Name, operation.RuntimeID) - assert.Equal(t, "runtime-58f8c703-1756-48ab-9299-a847974d1fee", runtime.Labels["operator.kyma-project.io/kyma-name"]) - - assertLabelsKIMDriven(t, operation, runtime) - assertSecurityWithDefaultAdministrator(t, runtime) - - assert.Equal(t, "aws", runtime.Spec.Shoot.Provider.Type) - assert.Equal(t, "eu-west-2", runtime.Spec.Shoot.Region) - assert.Equal(t, "production", string(runtime.Spec.Shoot.Purpose)) - assert.Equal(t, SecretBindingName, runtime.Spec.Shoot.SecretBindingName) - assertWorkers(t, runtime.Spec.Shoot.Provider.Workers, "m6i.large", 20, 3, 1, 0, 1, []string{"eu-west-2a", "eu-west-2b", "eu-west-2c"}) - assert.Equal(t, "zone", string(runtime.Spec.Shoot.ControlPlane.HighAvailability.FailureTolerance.Type)) - assertDefaultNetworking(t, runtime.Spec.Shoot.Networking) - - _, err = memoryStorage.Instances().GetByID(operation.InstanceID) - assert.NoError(t, err) } -func TestCreateRuntimeResourceStep_Defaults_AWS_SingleZone_DryRun_ActualCreation(t *testing.T) { +func TestCreateRuntimeResourceStep_Defaults_AWS_SingleZone_YamlOnly(t *testing.T) { // given log := logrus.New() memoryStorage := storage.NewMemoryStorage() - err := imv1.AddToScheme(scheme.Scheme) - instance, operation := fixInstanceAndOperation(broker.AWSPlanID, "eu-west-2", "platform-region") assertInsertions(t, memoryStorage, instance, operation) - kimConfig := fixKimConfig("aws", false) - kimConfig.ViewOnly = true - inputConfig := input.Config{MultiZoneCluster: false, ControlPlaneFailureTolerance: "zone"} + kimConfig := fixKimConfig("aws", true) + inputConfig := input.Config{MultiZoneCluster: false} cli := getClientForTests(t) - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -332,7 +358,7 @@ func TestCreateRuntimeResourceStep_Defaults_AWS_MultiZone_ActualCreation(t *test cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: true} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -377,7 +403,7 @@ func TestCreateRuntimeResourceStep_Defaults_Preview_SingleZone_ActualCreation(t cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: false} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -423,7 +449,7 @@ func TestCreateRuntimeResourceStep_Defaults_Preview_SingleZone_ActualCreation_Wi cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: false} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -489,7 +515,7 @@ func TestCreateRuntimeResourceStep_Defaults_Preview_MultiZone_ActualCreation(t * cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: true} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -534,7 +560,7 @@ func TestCreateRuntimeResourceStep_Defaults_Azure_SingleZone_ActualCreation(t *t cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: false} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -581,7 +607,7 @@ func TestCreateRuntimeResourceStep_Defaults_AzureLite_ActualCreation(t *testing. cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: false} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -628,7 +654,7 @@ func TestCreateRuntimeResourceStep_Defaults_Azure_MultiZone_ActualCreation(t *te cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: true} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -675,7 +701,7 @@ func TestCreateRuntimeResourceStep_Defaults_GCP_SingleZone_ActualCreation(t *tes cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: false} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -722,7 +748,7 @@ func TestCreateRuntimeResourceStep_Defaults_GCP_MultiZone_ActualCreation(t *test cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: true} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -779,7 +805,7 @@ func TestCreateRuntimeResourceStep_SapConvergedCloud(t *testing.T) { cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: testCase.expectedZonesCount > 1} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -830,7 +856,7 @@ func TestCreateRuntimeResourceStep_Defaults_Freemium(t *testing.T) { cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: true} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) From 722843aedcd16510512380bcb10fd4ad22171bdd Mon Sep 17 00:00:00 2001 From: Miskiewicz Date: Thu, 8 Aug 2024 15:30:06 +0200 Subject: [PATCH 2/8] OIDC for KIM integration --- .../create_runtime_resource_step_test.go | 36 ++++++++++++++++--- 1 file changed, 31 insertions(+), 5 deletions(-) diff --git a/internal/process/provisioning/create_runtime_resource_step_test.go b/internal/process/provisioning/create_runtime_resource_step_test.go index c4073e4686..974e132b1c 100644 --- a/internal/process/provisioning/create_runtime_resource_step_test.go +++ b/internal/process/provisioning/create_runtime_resource_step_test.go @@ -151,7 +151,7 @@ func TestCreateRuntimeResourceStep_AllYamls(t *testing.T) { kimConfig := fixKimConfigWithAllPlans(true) inputConfig := input.Config{MultiZoneCluster: testCase.multiZone} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), nil, kimConfig, inputConfig, nil, false, defaultOIDSConfig) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), nil, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) @@ -240,18 +240,44 @@ func TestCreateRuntimeResourceStep_Defaults_AWS_SingleZone_DefaultAdmin_ActualCr // then assert.NoError(t, err) assert.Zero(t, repeat) + + runtime := imv1.Runtime{} + err = cli.Get(context.Background(), client.ObjectKey{ + Namespace: "kyma-system", + Name: operation.RuntimeID, + }, &runtime) + assert.NoError(t, err) + assert.Equal(t, runtime.Name, operation.RuntimeID) + assert.Equal(t, "runtime-58f8c703-1756-48ab-9299-a847974d1fee", runtime.Labels["operator.kyma-project.io/kyma-name"]) + + assertLabelsKIMDriven(t, operation, runtime) + assertSecurityWithDefaultAdministrator(t, runtime) + + assert.Equal(t, "aws", runtime.Spec.Shoot.Provider.Type) + assert.Equal(t, "eu-west-2", runtime.Spec.Shoot.Region) + assert.Equal(t, "production", string(runtime.Spec.Shoot.Purpose)) + assert.Equal(t, SecretBindingName, runtime.Spec.Shoot.SecretBindingName) + assertWorkers(t, runtime.Spec.Shoot.Provider.Workers, "m6i.large", 20, 3, 1, 0, 1, []string{"eu-west-2a", "eu-west-2b", "eu-west-2c"}) + assert.Equal(t, "zone", string(runtime.Spec.Shoot.ControlPlane.HighAvailability.FailureTolerance.Type)) + assertDefaultNetworking(t, runtime.Spec.Shoot.Networking) + + _, err = memoryStorage.Instances().GetByID(operation.InstanceID) + assert.NoError(t, err) } -func TestCreateRuntimeResourceStep_Defaults_AWS_SingleZone_YamlOnly(t *testing.T) { +func TestCreateRuntimeResourceStep_Defaults_AWS_SingleZone_DryRun_ActualCreation(t *testing.T) { // given log := logrus.New() memoryStorage := storage.NewMemoryStorage() + err := imv1.AddToScheme(scheme.Scheme) + instance, operation := fixInstanceAndOperation(broker.AWSPlanID, "eu-west-2", "platform-region") assertInsertions(t, memoryStorage, instance, operation) - kimConfig := fixKimConfig("aws", true) - inputConfig := input.Config{MultiZoneCluster: false} + kimConfig := fixKimConfig("aws", false) + kimConfig.ViewOnly = true + inputConfig := input.Config{MultiZoneCluster: false, ControlPlaneFailureTolerance: "zone"} cli := getClientForTests(t) step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) @@ -308,7 +334,7 @@ func TestCreateRuntimeResourceStep_Defaults_AWS_MultiZoneWithNetworking_ActualCr cli := getClientForTests(t) inputConfig := input.Config{MultiZoneCluster: true} - step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false) + step := NewCreateRuntimeResourceStep(memoryStorage.Operations(), memoryStorage.Instances(), cli, kimConfig, inputConfig, nil, false, defaultOIDSConfig) // when entry := log.WithFields(logrus.Fields{"step": "TEST"}) From edd744a0ecb488380ca2e009bebc5637333eb108 Mon Sep 17 00:00:00 2001 From: Miskiewicz Date: Thu, 8 Aug 2024 17:18:57 +0200 Subject: [PATCH 3/8] wip --- go.sum | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/go.sum b/go.sum index a34fb21e13..2f1ea7ed7c 100644 --- a/go.sum +++ b/go.sum @@ -202,8 +202,6 @@ github.com/kyma-project/control-plane/components/provisioner v0.0.0-202405291350 github.com/kyma-project/control-plane/components/provisioner v0.0.0-20240529135026-c4ef757de24f/go.mod h1:X+h9AdPV8nPmhgTg82BpFKEFsSL7OGSGG4D8+G3giPM= github.com/kyma-project/control-plane/components/schema-migrator v0.0.0-20240612080429-83a7c0eb13b8 h1:btliPhcS1pF+AlQbmLjkV8GuPnTS1VbZ+m9DkPsxDCA= github.com/kyma-project/control-plane/components/schema-migrator v0.0.0-20240612080429-83a7c0eb13b8/go.mod h1:vABrhytVuZpchbdlIVdUDlhB/Q/3GIZld2JmdS2rZ6I= -github.com/kyma-project/infrastructure-manager v0.0.0-20240705113756-2ea9b23b6154 h1:1nE1nmUlhaQAaPA2/p6tcrx6pFJsCKqQzw46OoqI51o= -github.com/kyma-project/infrastructure-manager v0.0.0-20240705113756-2ea9b23b6154/go.mod h1:VIXFOtvzBYNj9RKB5K4do6loUxp9i9XNEvhqAQIZ5G8= github.com/kyma-project/infrastructure-manager v0.0.0-20240806115205-c1fb9fb5968a h1:9AMvbR/9hSumE5WXQ/HAlyRjlScqQU1sVcRolsknHSw= github.com/kyma-project/infrastructure-manager v0.0.0-20240806115205-c1fb9fb5968a/go.mod h1:0uJ/bMp2Qq9fTq2CV4PmWXDgPSwGzKKYswhVv/CW0AE= github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= @@ -249,10 +247,17 @@ github.com/onrik/logrus v0.11.0 h1:pu+BCaWL36t0yQaj/2UHK2erf88dwssAKOT51mxPUVs= github.com/onrik/logrus v0.11.0/go.mod h1:fO2vlZwIdti6PidD3gV5YKt9Lq5ptpnP293RAe1ITwk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= +<<<<<<< HEAD github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= github.com/onsi/gomega v1.34.0 h1:eSSPsPNp6ZpsG8X1OVmOTxig+CblTc4AxpPBykhe2Os= github.com/onsi/gomega v1.34.0/go.mod h1:MIKI8c+f+QLWk+hxbePD4i0LMJSExPaZOVfkoex4cAo= +======= +github.com/onsi/ginkgo/v2 v2.19.1 h1:QXgq3Z8Crl5EL1WBAC98A5sEBHARrAJNzAmMxzLcRF0= +github.com/onsi/ginkgo/v2 v2.19.1/go.mod h1:O3DtEWQkPa/F7fBMgmZQKKsluAy8pd3rEQdrjkPb9zA= +github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= +github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= +>>>>>>> 77946d09 (wip) github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= From de68e52a5f26f1493e23d654b558dcf325cc4492 Mon Sep 17 00:00:00 2001 From: Miskiewicz Date: Thu, 8 Aug 2024 17:38:41 +0200 Subject: [PATCH 4/8] wip --- cmd/broker/broker_suite_test.go | 2 +- cmd/broker/main.go | 2 +- cmd/broker/provisioning.go | 8 +++----- cmd/broker/suite_test.go | 2 +- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/cmd/broker/broker_suite_test.go b/cmd/broker/broker_suite_test.go index cbc7705a45..0e5248e4ac 100644 --- a/cmd/broker/broker_suite_test.go +++ b/cmd/broker/broker_suite_test.go @@ -208,7 +208,7 @@ func NewBrokerSuiteTestWithConfig(t *testing.T, cfg *Config, version ...string) provisionManager := process.NewStagedManager(db.Operations(), eventBroker, cfg.OperationTimeout, cfg.Provisioning, logs.WithField("provisioning", "manager")) provisioningQueue := NewProvisioningProcessingQueue(context.Background(), provisionManager, workersAmount, cfg, db, provisionerClient, inputFactory, avsDel, internalEvalAssistant, externalEvalCreator, - edpClient, accountProvider, k8sClientProvider, cli, logs) + edpClient, accountProvider, k8sClientProvider, cli, defaultOIDCValues(), logs) provisioningQueue.SpeedUp(10000) provisionManager.SpeedUp(10000) diff --git a/cmd/broker/main.go b/cmd/broker/main.go index c16ab8bbc5..e2cced6745 100644 --- a/cmd/broker/main.go +++ b/cmd/broker/main.go @@ -322,7 +322,7 @@ func main() { provisionManager := process.NewStagedManager(db.Operations(), eventBroker, cfg.OperationTimeout, cfg.Provisioning, logs.WithField("provisioning", "manager")) provisionQueue := NewProvisioningProcessingQueue(ctx, provisionManager, cfg.Provisioning.WorkersAmount, &cfg, db, provisionerClient, inputFactory, avsDel, internalEvalAssistant, externalEvalCreator, - edpClient, accountProvider, skrK8sClientProvider, cli, logs) + edpClient, accountProvider, skrK8sClientProvider, cli, oidcDefaultValues, logs) deprovisionManager := process.NewStagedManager(db.Operations(), eventBroker, cfg.OperationTimeout, cfg.Deprovisioning, logs.WithField("deprovisioning", "manager")) deprovisionQueue := NewDeprovisioningProcessingQueue(ctx, cfg.Deprovisioning.WorkersAmount, deprovisionManager, &cfg, db, eventBroker, provisionerClient, diff --git a/cmd/broker/provisioning.go b/cmd/broker/provisioning.go index 4ec5b72fe7..d5123120a2 100644 --- a/cmd/broker/provisioning.go +++ b/cmd/broker/provisioning.go @@ -2,8 +2,7 @@ package main import ( "context" - "github.com/kyma-project/kyma-environment-broker/internal/runtime" - + "github.com/kyma-project/kyma-environment-broker/internal" "github.com/kyma-project/kyma-environment-broker/internal/provider" "github.com/kyma-project/kyma-environment-broker/common/hyperscaler" @@ -22,7 +21,7 @@ func NewProvisioningProcessingQueue(ctx context.Context, provisionManager *proce db storage.BrokerStorage, provisionerClient provisioner.Client, inputFactory input.CreatorForPlan, avsDel *avs.Delegator, internalEvalAssistant *avs.InternalEvalAssistant, externalEvalCreator *provisioning.ExternalEvalCreator, edpClient provisioning.EDPClient, accountProvider hyperscaler.AccountProvider, - k8sClientProvider provisioning.K8sClientProvider, cli client.Client, logs logrus.FieldLogger) *process.Queue { + k8sClientProvider provisioning.K8sClientProvider, cli client.Client, defaultOIDC internal.OIDCConfigDTO, logs logrus.FieldLogger) *process.Queue { trialRegionsMapping, err := provider.ReadPlatformRegionMappingFromFile(cfg.TrialRegionMappingFilePath) if err != nil { @@ -44,7 +43,6 @@ func NewProvisioningProcessingQueue(ctx context.Context, provisionManager *proce Once the stage is done it will never be retried. */ - oidcDefaults, err := runtime.ReadOIDCDefaultValuesFromYAML(cfg.SkrOidcDefaultValuesYAMLFilePath) fatalOnError(err, logs) provisioningSteps := []struct { @@ -102,7 +100,7 @@ func NewProvisioningProcessingQueue(ctx context.Context, provisionManager *proce // postcondition: operation.KymaResourceName, operation.RuntimeResourceName is set { stage: createRuntimeStageName, - step: provisioning.NewCreateRuntimeResourceStep(db.Operations(), db.Instances(), cli, cfg.Broker.KimConfig, cfg.Provisioner, trialRegionsMapping, cfg.Broker.UseSmallerMachineTypes, oidcDefaults), + step: provisioning.NewCreateRuntimeResourceStep(db.Operations(), db.Instances(), cli, cfg.Broker.KimConfig, cfg.Provisioner, trialRegionsMapping, cfg.Broker.UseSmallerMachineTypes, defaultOIDC), }, { stage: createRuntimeStageName, diff --git a/cmd/broker/suite_test.go b/cmd/broker/suite_test.go index 8a924da0e4..79efe66331 100644 --- a/cmd/broker/suite_test.go +++ b/cmd/broker/suite_test.go @@ -600,7 +600,7 @@ func NewProvisioningSuite(t *testing.T, multiZoneCluster bool, controlPlaneFailu provisionManager := process.NewStagedManager(db.Operations(), eventBroker, cfg.OperationTimeout, cfg.Provisioning, logs.WithField("provisioning", "manager")) provisioningQueue := NewProvisioningProcessingQueue(ctx, provisionManager, workersAmount, cfg, db, provisionerClient, inputFactory, avsDel, internalEvalAssistant, externalEvalCreator, edpClient, accountProvider, - kubeconfig.NewFakeK8sClientProvider(cli), cli, logs) + kubeconfig.NewFakeK8sClientProvider(cli), cli, defaultOIDCValues(), logs) provisioningQueue.SpeedUp(10000) provisionManager.SpeedUp(10000) From 7e391db8980b5e0d1ca64766388bed738675d587 Mon Sep 17 00:00:00 2001 From: Miskiewicz Date: Thu, 8 Aug 2024 17:42:51 +0200 Subject: [PATCH 5/8] wip --- cmd/broker/provisioning.go | 1 + internal/process/provisioning/create_runtime_resource_step.go | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/cmd/broker/provisioning.go b/cmd/broker/provisioning.go index d5123120a2..4b26784568 100644 --- a/cmd/broker/provisioning.go +++ b/cmd/broker/provisioning.go @@ -2,6 +2,7 @@ package main import ( "context" + "github.com/kyma-project/kyma-environment-broker/internal" "github.com/kyma-project/kyma-environment-broker/internal/provider" diff --git a/internal/process/provisioning/create_runtime_resource_step.go b/internal/process/provisioning/create_runtime_resource_step.go index e09a762e7a..e20bda804f 100644 --- a/internal/process/provisioning/create_runtime_resource_step.go +++ b/internal/process/provisioning/create_runtime_resource_step.go @@ -3,9 +3,10 @@ package provisioning import ( "context" "fmt" - "github.com/kyma-project/kyma-environment-broker/internal/ptr" "time" + "github.com/kyma-project/kyma-environment-broker/internal/ptr" + "github.com/kyma-project/kyma-environment-broker/internal/process/steps" "k8s.io/apimachinery/pkg/api/errors" From 7ac440424e2825b9fc7c54c68d42861ac6f26630 Mon Sep 17 00:00:00 2001 From: Miskiewicz Date: Fri, 9 Aug 2024 07:23:05 +0200 Subject: [PATCH 6/8] wip --- .../process/deprovisioning/delete_runtime_resource_step.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/internal/process/deprovisioning/delete_runtime_resource_step.go b/internal/process/deprovisioning/delete_runtime_resource_step.go index d57d1966d0..cffaa68eb7 100644 --- a/internal/process/deprovisioning/delete_runtime_resource_step.go +++ b/internal/process/deprovisioning/delete_runtime_resource_step.go @@ -2,6 +2,7 @@ package deprovisioning import ( "context" + "github.com/kyma-project/kyma-environment-broker/internal/process/steps" "time" "github.com/kyma-project/kyma-environment-broker/internal" @@ -40,6 +41,10 @@ func (step *DeleteRuntimeResourceStep) Run(operation internal.Operation, logger resourceName := operation.RuntimeResourceName resourceNamespace := operation.KymaResourceNamespace + // if the resource name stored in the operation is empty, try to get it from the RuntimeID (when it was created by KIM migration process, not by the KEB) + if resourceName == "" { + resourceName = steps.KymaRuntimeResourceName(operation) + } if resourceName == "" { logger.Infof("Runtime resource name is empty, skipping") return operation, 0, nil From 5a98ff1d9dd03cfba4b1733926aadb37f7086186 Mon Sep 17 00:00:00 2001 From: Miskiewicz Date: Fri, 9 Aug 2024 08:16:07 +0200 Subject: [PATCH 7/8] wip --- .../process/deprovisioning/delete_runtime_resource_step.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/process/deprovisioning/delete_runtime_resource_step.go b/internal/process/deprovisioning/delete_runtime_resource_step.go index cffaa68eb7..a7dea9479f 100644 --- a/internal/process/deprovisioning/delete_runtime_resource_step.go +++ b/internal/process/deprovisioning/delete_runtime_resource_step.go @@ -2,9 +2,10 @@ package deprovisioning import ( "context" - "github.com/kyma-project/kyma-environment-broker/internal/process/steps" "time" + "github.com/kyma-project/kyma-environment-broker/internal/process/steps" + "github.com/kyma-project/kyma-environment-broker/internal" "github.com/kyma-project/kyma-environment-broker/internal/process" "github.com/kyma-project/kyma-environment-broker/internal/storage" From 442a16e0a4ab6ee8ded6bfc3218dab451047b9a6 Mon Sep 17 00:00:00 2001 From: Miskiewicz Date: Fri, 9 Aug 2024 11:45:13 +0200 Subject: [PATCH 8/8] wip --- go.sum | 7 ------- 1 file changed, 7 deletions(-) diff --git a/go.sum b/go.sum index 2f1ea7ed7c..c2ca22a331 100644 --- a/go.sum +++ b/go.sum @@ -247,17 +247,10 @@ github.com/onrik/logrus v0.11.0 h1:pu+BCaWL36t0yQaj/2UHK2erf88dwssAKOT51mxPUVs= github.com/onrik/logrus v0.11.0/go.mod h1:fO2vlZwIdti6PidD3gV5YKt9Lq5ptpnP293RAe1ITwk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -<<<<<<< HEAD -github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= -github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= -github.com/onsi/gomega v1.34.0 h1:eSSPsPNp6ZpsG8X1OVmOTxig+CblTc4AxpPBykhe2Os= -github.com/onsi/gomega v1.34.0/go.mod h1:MIKI8c+f+QLWk+hxbePD4i0LMJSExPaZOVfkoex4cAo= -======= github.com/onsi/ginkgo/v2 v2.19.1 h1:QXgq3Z8Crl5EL1WBAC98A5sEBHARrAJNzAmMxzLcRF0= github.com/onsi/ginkgo/v2 v2.19.1/go.mod h1:O3DtEWQkPa/F7fBMgmZQKKsluAy8pd3rEQdrjkPb9zA= github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= ->>>>>>> 77946d09 (wip) github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=