Create e2e test suite (#3136)

Co-authored-by: Bassem Dghaidi <568794+Link-@users.noreply.github.com>
2025-12-11 12:06:57 +00:00 · 2025-11-19 16:25:58 +01:00
parent 4615321588
commit 138b39bfcb
17 changed files with 1486 additions and 2 deletions
--- a/test/actions.github.com/self-signed-ca-setup.test.sh
+++ b/test/actions.github.com/self-signed-ca-setup.test.sh
@@ -0,0 +1,148 @@
+#!/bin/bash
+
+set -euo pipefail
+
+DIR="$(realpath "$(dirname "${BASH_SOURCE[0]}")")"
+
+ROOT_DIR="$(realpath "${DIR}/../..")"
+
+source "${DIR}/helper.sh" || {
+    echo "Failed to source helper.sh"
+    exit 1
+}
+
+TEMP_DIR=$(mktemp -d)
+LOCAL_CERT_PATH="${TEMP_DIR}/mitmproxy-ca-cert.crt"
+MITM_CERT_PATH="/root/.mitmproxy/mitmproxy-ca-cert.pem"
+
+trap 'rm -rf "$TEMP_DIR"' EXIT
+
+SCALE_SET_NAME="self-signed-crt-$(date '+%M%S')$(((RANDOM + 100) % 100 + 1))"
+SCALE_SET_NAMESPACE="arc-runners"
+WORKFLOW_FILE="arc-test-workflow.yaml"
+ARC_NAME="arc"
+ARC_NAMESPACE="arc-systems"
+
+MITMPROXY_NAMESPACE="mitmproxy"
+MITMPROXY_POD_NAME="mitmproxy"
+
+function install_arc() {
+    echo "Installing ARC"
+    helm install "${ARC_NAME}" \
+        --namespace "${ARC_NAMESPACE}" \
+        --create-namespace \
+        --set image.repository="${IMAGE_NAME}" \
+        --set image.tag="${IMAGE_TAG}" \
+        "${ROOT_DIR}/charts/gha-runner-scale-set-controller" \
+        --debug
+
+    if ! NAME="${ARC_NAME}" NAMESPACE="${ARC_NAMESPACE}" wait_for_arc; then
+        NAMESPACE="${ARC_NAMESPACE}" log_arc
+        return 1
+    fi
+}
+
+function install_scale_set() {
+    echo "Creating namespace ${SCALE_SET_NAMESPACE}"
+    kubectl create namespace "${SCALE_SET_NAMESPACE}"
+
+    echo "Installing ca-cert config map"
+    kubectl -n "${SCALE_SET_NAMESPACE}" create configmap ca-cert \
+        --from-file=mitmproxy-ca-cert.crt="${LOCAL_CERT_PATH}"
+
+    echo "Installing scale set ${SCALE_SET_NAME}/${SCALE_SET_NAMESPACE}"
+    helm install "${SCALE_SET_NAME}" \
+        --namespace "${SCALE_SET_NAMESPACE}" \
+        --create-namespace \
+        --set githubConfigUrl="https://github.com/${TARGET_ORG}/${TARGET_REPO}" \
+        --set githubConfigSecret.github_token="${GITHUB_TOKEN}" \
+        --set proxy.https.url="http://mitmproxy.mitmproxy.svc.cluster.local:8080" \
+        --set "proxy.noProxy[0]=10.96.0.1:443" \
+        --set "githubServerTLS.certificateFrom.configMapKeyRef.name=ca-cert" \
+        --set "githubServerTLS.certificateFrom.configMapKeyRef.key=mitmproxy-ca-cert.crt" \
+        --set "githubServerTLS.runnerMountPath=/usr/local/share/ca-certificates/" \
+        "${ROOT_DIR}/charts/gha-runner-scale-set" \
+        --debug
+
+    if ! NAME="${SCALE_SET_NAME}" NAMESPACE="${ARC_NAMESPACE}" wait_for_scale_set; then
+        NAMESPACE="${ARC_NAMESPACE}" log_arc
+        return 1
+    fi
+}
+
+function wait_for_mitmproxy_ready() {
+    echo "Waiting for mitmproxy pod to be ready"
+
+    # Wait for pod to be running
+    if ! kubectl wait --for=condition=ready pod -n "${MITMPROXY_NAMESPACE}" "${MITMPROXY_POD_NAME}" --timeout=60s; then
+        echo "Timeout waiting for mitmproxy pod"
+        kubectl get pods -n "${MITMPROXY_NAMESPACE}" || true
+        kubectl describe pod -n "${MITMPROXY_NAMESPACE}" "${MITMPROXY_POD_NAME}" || true
+        kubectl logs -n "${MITMPROXY_NAMESPACE}" "${MITMPROXY_POD_NAME}" || true
+        return 1
+    fi
+
+    echo "Mitmproxy pod is ready, trying to copy the certitficate..."
+
+    # Verify certificate exists
+    retry 15 1 kubectl exec -n "${MITMPROXY_NAMESPACE}" "${MITMPROXY_POD_NAME}" -- test -f "${MITM_CERT_PATH}"
+
+    echo "Getting mitmproxy CA certificate from pod"
+    if ! kubectl exec -n "${MITMPROXY_NAMESPACE}" "${MITMPROXY_POD_NAME}" -- cat "${MITM_CERT_PATH}" >"${LOCAL_CERT_PATH}"; then
+        echo "Failed to get mitmproxy CA certificate from pod"
+        return 1
+    fi
+    echo "Mitmproxy certificate generated successfully and stored to ${LOCAL_CERT_PATH}"
+    return 0
+}
+
+function run_mitmproxy() {
+    echo "Deploying mitmproxy to Kubernetes"
+
+    # Create namespace
+    kubectl create namespace "${MITMPROXY_NAMESPACE}" || true
+
+    # Create mitmproxy pod and service
+    kubectl apply -f "${DIR}/self-signed-ca-setup.mitm.yaml"
+
+    if ! wait_for_mitmproxy_ready; then
+        return 1
+    fi
+
+    echo "Mitmproxy is ready"
+}
+
+function main() {
+    local failed=()
+
+    build_image
+    create_cluster
+    install_arc
+    run_mitmproxy || {
+        echo "Failed to run mitmproxy"
+        echo "ARC logs:"
+        NAMESPACE="${ARC_NAMESPACE}" log_arc
+        echo "Deleting cluster..."
+        delete_cluster
+        exit 1
+    }
+    install_scale_set || {
+        echo "Failed to run mitmproxy"
+        echo "ARC logs:"
+        NAMESPACE="${ARC_NAMESPACE}" log_arc
+        echo "Deleting cluster..."
+        delete_cluster
+        exit 1
+    }
+
+    WORKFLOW_FILE="${WORKFLOW_FILE}" SCALE_SET_NAME="${SCALE_SET_NAME}" run_workflow || failed+=("run_workflow")
+    INSTALLATION_NAME="${SCALE_SET_NAME}" NAMESPACE="${SCALE_SET_NAMESPACE}" cleanup_scale_set || failed+=("cleanup_scale_set")
+
+    NAMESPACE="${ARC_NAMESPACE}" log_arc || failed+=("log_arc")
+
+    delete_cluster
+
+    print_results "${failed[@]}"
+}
+
+main