diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 1fa24e903..7f0effd79 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -43,7 +43,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - - uses: actions/setup-go@v2 + - name: Install Go + uses: actions/setup-go@v2 + with: + go-version: 1.16.x - name: golangci-lint uses: golangci/golangci-lint-action@v2 - name: setup node diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3f378c0fe..a313d7371 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -27,9 +27,6 @@ jobs: - minimal --skip-all - k8s - datasources - - quarantine - - restic - - s3 runs-on: ubuntu-latest steps: - name: Install Go @@ -48,6 +45,10 @@ jobs: restore-keys: | cache- - run: make bin + - name: Install restic + run: | + sudo apt-get install restic + sudo restic self-update - name: Test env: KUBERNETES_VERSION: v1.20.7 diff --git a/Makefile b/Makefile index e202f092e..ad19e1779 100644 --- a/Makefile +++ b/Makefile @@ -170,7 +170,7 @@ ifeq (, $(shell which controller-gen)) CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\ cd $$CONTROLLER_GEN_TMP_DIR ;\ go mod init tmp ;\ - go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.0 ;\ + go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.0 ;\ rm -rf $$CONTROLLER_GEN_TMP_DIR ;\ } CONTROLLER_GEN=$(GOBIN)/controller-gen @@ -187,7 +187,7 @@ ifeq (, $(shell which kustomize)) KUSTOMIZE_GEN_TMP_DIR=$$(mktemp -d) ;\ cd $$KUSTOMIZE_GEN_TMP_DIR ;\ go mod init tmp ;\ - go get sigs.k8s.io/kustomize/kustomize/v4@v4.0.3 ;\ + go install sigs.k8s.io/kustomize/kustomize/v4@v4.0.3 ;\ rm -rf $$KUSTOMIZE_GEN_TMP_DIR ;\ } KUSTOMIZE=$(GOBIN)/kustomize @@ -201,7 +201,7 @@ endif _TMP_DIR=$$(mktemp -d) ;\ cd $$_TMP_DIR ;\ go mod init tmp ;\ - go get github.com/jstemmer/go-junit-report ;\ + go install github.com/jstemmer/go-junit-report ;\ rm -rf $$_TMP_DIR cp $(GOBIN)/go-junit-report .bin/go-junit-report ;\ @@ -212,7 +212,7 @@ endif ln -s apache-jmeter-5.4.1/bin/jmeter .bin/jmeter .bin/restic: - wget -nv https://github.com/restic/restic/releases/download/v0.12.0/restic_0.12.0_$(OS)_$(ARCH).bz2 -O .bin/restic.bz2 && \ + wget -nv https://github.com/restic/restic/releases/download/v0.12.1/restic_0.12.1_$(OS)_$(ARCH).bz2 -O .bin/restic.bz2 && \ bunzip2 .bin/restic.bz2 && \ chmod +x .bin/restic @@ -224,7 +224,7 @@ endif wget -q https://github.com/flanksource/karina/releases/download/v0.50.0/karina_$(OS)-$(ARCH) -O .bin/karina && \ chmod +x .bin/karina -.bin/yq: +.bin/yq: .bin curl -sSLo .bin/yq https://github.com/mikefarah/yq/releases/download/v4.9.6/yq_$(OS)_$(ARCH) && chmod +x .bin/yq YQ = $(realpath ./.bin/yq) diff --git a/api/v1/checks.go b/api/v1/checks.go index 12551c70a..c912def77 100644 --- a/api/v1/checks.go +++ b/api/v1/checks.go @@ -144,8 +144,6 @@ type S3BucketCheck struct { FolderTest `yaml:",inline" json:",inline"` Filter FolderFilter `yaml:"filter,omitempty" json:"filter,omitempty"` Bucket string `yaml:"bucket" json:"bucket"` - // glob path to restrict matches to a subset - ObjectPath string `yaml:"objectPath" json:"objectPath,omitempty"` // Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY UsePathStyle bool `yaml:"usePathStyle" json:"usePathStyle,omitempty"` } @@ -464,7 +462,7 @@ type HelmCheck struct { Chartmuseum string `yaml:"chartmuseum" json:"chartmuseum,omitempty"` Project string `yaml:"project,omitempty" json:"project,omitempty"` Auth *Authentication `yaml:"auth,omitempty" json:"auth,omitempty"` - CaFile *string `yaml:"cafile,omitempty" json:"cafile,omitempty"` + CaFile string `yaml:"cafile,omitempty" json:"cafile,omitempty"` } func (c HelmCheck) GetEndpoint() string { diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index 41ab0faf9..3518d6b44 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* @@ -807,11 +808,6 @@ func (in *HelmCheck) DeepCopyInto(out *HelmCheck) { *out = new(Authentication) (*in).DeepCopyInto(*out) } - if in.CaFile != nil { - in, out := &in.CaFile, &out.CaFile - *out = new(string) - **out = **in - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HelmCheck. diff --git a/checks/helm.go b/checks/helm.go index bf281cadb..25650ec17 100644 --- a/checks/helm.go +++ b/checks/helm.go @@ -44,8 +44,8 @@ func (c *HelmChecker) Run(ctx *context.Context) []*pkg.CheckResult { func (c *HelmChecker) Check(ctx *context.Context, extConfig external.Check) *pkg.CheckResult { config := extConfig.(v1.HelmCheck) start := time.Now() + result := pkg.Success(config) var uploadOK, downloadOK = true, true - chartmuseum := fmt.Sprintf("%s/chartrepo/%s/", config.Chartmuseum, config.Project) logger.Tracef("Uploading test chart") namespace := ctx.Canary.Namespace var err error @@ -54,95 +54,50 @@ func (c *HelmChecker) Check(ctx *context.Context, extConfig external.Check) *pkg return Failf(config, "failed to fetch auth details: %v", err) } client, _ := pusher.NewClient( - pusher.URL(chartmuseum), + pusher.URL(config.Chartmuseum), pusher.Username(auth.Username.Value), pusher.Password(auth.Password.Value), pusher.ContextPath(""), pusher.Timeout(60), - pusher.CAFile(*config.CaFile)) + pusher.CAFile(config.CaFile)) chartPath, err := createTestChart() if err != nil { - return &pkg.CheckResult{ - Pass: false, - Check: config, - Invalid: true, - Duration: 0, - Message: fmt.Sprintf("Failed to create test chart: %v", err), - } + return result.ErrorMessage(err).StartTime(start) } response, err := client.UploadChartPackage(*chartPath, false) if err != nil { - return &pkg.CheckResult{ - Check: config, - Pass: false, - Invalid: true, - Duration: 0, - Message: fmt.Sprintf("Failed to check: %v", err), - } + return result.ErrorMessage(err).StartTime(start) } - defer func() { response.Close = true }() - if response.StatusCode != 201 { - return &pkg.CheckResult{ - Check: config, - Pass: false, - Invalid: false, - Duration: 0, - Message: "Failed to push test chart", - } - } - - if err != nil { - return &pkg.CheckResult{ - Check: config, - Pass: false, - Invalid: true, - Duration: 0, - Message: fmt.Sprintf("Failed to get user: %v", err), - } + return result.ErrorMessage(fmt.Errorf("failed to upload test chart. Error code: %d", response.StatusCode)).StartTime(start) } defer os.RemoveAll("./test-chart-0.1.0.tgz") // nolint: errcheck iCli := action.NewPull() - if config.CaFile != nil { - iCli.CaFile = *config.CaFile + if config.CaFile != "" { + iCli.CaFile = config.CaFile } kubeconfigPath := pkg.GetKubeconfig() iCli.Settings = &cli.EnvSettings{ KubeConfig: kubeconfigPath, } - logger.Tracef("Pulling test chart") - url, err := url.Parse(chartmuseum) + url, err := url.Parse(config.Chartmuseum) if err != nil { - return &pkg.CheckResult{ - Check: config, - Pass: false, - Invalid: true, - Duration: 0, - Message: fmt.Sprintf("Failed to parse chartmuseum url: %v", err), - } + return result.ErrorMessage(err).StartTime(start) } url.Path = path.Join(url.Path, "charts/test-chart-0.1.0.tgz") _, err = iCli.Run(url.String()) if err != nil { - return &pkg.CheckResult{ - Check: config, - Pass: false, - Invalid: false, - Duration: 0, - } + return result.ErrorMessage(err).StartTime(start) } - defer cleanUp("test-chart", chartmuseum, config, auth.Username.Value, auth.Password.Value) // nolint: errcheck + defer cleanUp("test-chart", config.Chartmuseum, config, auth.Username.Value, auth.Password.Value) // nolint: errcheck - if err != nil { - logger.Warnf("Failed to perform cleanup: %v", err) - } elapsed := time.Since(start) return &pkg.CheckResult{ Check: config, @@ -153,7 +108,7 @@ func (c *HelmChecker) Check(ctx *context.Context, extConfig external.Check) *pkg } func cleanUp(chartname string, chartmuseum string, config v1.HelmCheck, username, password string) error { - caCert, err := ioutil.ReadFile(*config.CaFile) + caCert, err := ioutil.ReadFile(config.CaFile) if err != nil { return fmt.Errorf("failed to read certificate file: %v", err) } diff --git a/checks/junit.go b/checks/junit.go index 886716add..183e8b504 100644 --- a/checks/junit.go +++ b/checks/junit.go @@ -65,7 +65,7 @@ func newPod(ctx *context.Context, check v1.JunitCheck) *corev1.Pod { pod.Spec = check.Spec for _, container := range pod.Spec.Containers { if len(container.Command) > 0 { - // attemp to wrap the command so that it always completes, allowing for access to junit results + // attempt to wrap the command so that it always completes, allowing for access to junit results container.Args = []string{fmt.Sprintf(` set -e EXIT_CODE=0 @@ -115,7 +115,7 @@ func newPod(ctx *context.Context, check v1.JunitCheck) *corev1.Pod { } func deletePod(ctx *context.Context, pod *corev1.Pod) { - if ctx.Canary.Annotations["skipDelete"] == "true" { + if ctx.Canary.Annotations["skipDelete"] == "true" { // nolint: goconst return } if err := ctx.Kommons.DeleteByKind(podKind, pod.Namespace, pod.Name); err != nil { diff --git a/checks/s3_bucket.go b/checks/s3_bucket.go index fb3c7e27f..533ff1ab2 100644 --- a/checks/s3_bucket.go +++ b/checks/s3_bucket.go @@ -101,7 +101,7 @@ type S3 struct { Bucket string } -func (conn *S3) CheckFolder(ctx *context.Context, path string, filter v1.FolderFilter) (*FolderCheck, error) { +func (conn *S3) CheckFolder(ctx *context.Context, filter v1.FolderFilter) (*FolderCheck, error) { result := FolderCheck{} var marker *string = nil @@ -180,7 +180,7 @@ func (c *S3BucketChecker) Check(ctx *context.Context, extConfig external.Check) }), Bucket: bucket.Bucket, } - folders, err := client.CheckFolder(ctx, bucket.ObjectPath, bucket.Filter) + folders, err := client.CheckFolder(ctx, bucket.Filter) if err != nil { return result.ErrorMessage(fmt.Errorf("failed to retrieve s3://%s: %v", bucket.Bucket, err)) } diff --git a/config/deploy/crd.yaml b/config/deploy/crd.yaml index c1d9cc953..242546e28 100644 --- a/config/deploy/crd.yaml +++ b/config/deploy/crd.yaml @@ -5666,9 +5666,6 @@ spec: name: description: Name of the check type: string - objectPath: - description: glob path to restrict matches to a subset - type: string region: type: string secretKey: diff --git a/config/deploy/manifests.yaml b/config/deploy/manifests.yaml index 06f021185..ac8ec2f42 100644 --- a/config/deploy/manifests.yaml +++ b/config/deploy/manifests.yaml @@ -5673,9 +5673,6 @@ spec: name: description: Name of the check type: string - objectPath: - description: glob path to restrict matches to a subset - type: string region: type: string secretKey: diff --git a/fixtures/restic/_setup.sh b/fixtures/datasources/_setup.sh similarity index 83% rename from fixtures/restic/_setup.sh rename to fixtures/datasources/_setup.sh index ce183657f..25094605c 100644 --- a/fixtures/restic/_setup.sh +++ b/fixtures/datasources/_setup.sh @@ -1,7 +1,10 @@ +#!/bin/bash + +set -e restic version # Initialize Restic Repo # Do not fail if it already exists RESTIC_PASSWORD="S0m3p@sswd" AWS_ACCESS_KEY_ID="minio" AWS_SECRET_ACCESS_KEY="minio123" restic --cacert .certs/ingress-ca.crt -r s3:https://minio.${DOMAIN}/restic-canary-checker init || true #take some backup in restic -RESTIC_PASSWORD="S0m3p@sswd" AWS_ACCESS_KEY_ID="minio" AWS_SECRET_ACCESS_KEY="minio123" restic --cacert .certs/ingress-ca.crt -r s3:https://minio.${DOMAIN}/restic-canary-checker backup $(pwd) +RESTIC_PASSWORD="S0m3p@sswd" AWS_ACCESS_KEY_ID="minio" AWS_SECRET_ACCESS_KEY="minio123" restic --cacert .certs/ingress-ca.crt -r s3:https://minio.${DOMAIN}/restic-canary-checker backup "$(pwd)" diff --git a/fixtures/datasources/_setup.yaml b/fixtures/datasources/_setup.yaml index eec311f96..b88306e41 100644 --- a/fixtures/datasources/_setup.yaml +++ b/fixtures/datasources/_setup.yaml @@ -548,3 +548,65 @@ kind: ConfigMap metadata: name: jmeter-fail-test namespace: default +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: chartmuseum + name: chartmuseum + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + app: chartmuseum + template: + metadata: + labels: + app: chartmuseum + spec: + containers: + - image: ghcr.io/helm/chartmuseum:v0.13.1 + name: chartmuseum + imagePullPolicy: "IfNotPresent" + ports: + - containerPort: 8080 + env: + - name: STORAGE + value: local + - name: STORAGE_LOCAL_ROOTDIR + value: /tmp/charts + - name: BASIC_AUTH_USER + value: admin + - name: BASIC_AUTH_PASS + value: passwd + - name: ALLOW_OVERWRITE + value: "true" + - name: AUTH_ANONYMOUS_GET + value: "true" + +--- +apiVersion: v1 +kind: Service +metadata: + name: chartmuseum + namespace: default +spec: + ports: + - name: chartmuseum + port: 8080 + targetPort: 8080 + protocol: TCP + selector: + app: chartmuseum +--- +apiVersion: v1 +kind: Secret +metadata: + name: aws-credentials + namespace: default +stringData: + AWS_ACCESS_KEY_ID: minio + AWS_SECRET_ACCESS_KEY: minio123 +--- diff --git a/fixtures/s3/go.mod b/fixtures/datasources/go.mod similarity index 100% rename from fixtures/s3/go.mod rename to fixtures/datasources/go.mod diff --git a/fixtures/s3/go.sum b/fixtures/datasources/go.sum similarity index 100% rename from fixtures/s3/go.sum rename to fixtures/datasources/go.sum diff --git a/fixtures/datasources/helm_pass.yaml b/fixtures/datasources/helm_pass.yaml new file mode 100644 index 000000000..860c64458 --- /dev/null +++ b/fixtures/datasources/helm_pass.yaml @@ -0,0 +1,14 @@ +apiVersion: canaries.flanksource.com/v1 +kind: Canary +metadata: + name: helm-pass +spec: + interval: 30 + helm: + - chartmuseum: http://chartmuseum.default:8080 + project: library + auth: + username: + value: admin + password: + value: passwd \ No newline at end of file diff --git a/fixtures/s3/main.go b/fixtures/datasources/main.go similarity index 100% rename from fixtures/s3/main.go rename to fixtures/datasources/main.go diff --git a/fixtures/restic/restic_fail.yaml b/fixtures/datasources/restic_fail.yaml similarity index 64% rename from fixtures/restic/restic_fail.yaml rename to fixtures/datasources/restic_fail.yaml index 669143515..3113a92b3 100644 --- a/fixtures/restic/restic_fail.yaml +++ b/fixtures/datasources/restic_fail.yaml @@ -1,5 +1,5 @@ restic: - - repository: s3:https://minio.127.0.0.1.nip.io/restic-canary-checker + - repository: s3:http://minio.minio:9000/restic-canary-checker password: value: S0m3p@sswd maxAge: 10s diff --git a/fixtures/datasources/restic_pass.yaml b/fixtures/datasources/restic_pass.yaml new file mode 100644 index 000000000..b20db0a9f --- /dev/null +++ b/fixtures/datasources/restic_pass.yaml @@ -0,0 +1,15 @@ +apiVersion: canaries.flanksource.com/v1 +kind: Canary +metadata: + name: restic-pass +spec: + interval: 30 + restic: + - repository: s3:http://minio.minio:9000/restic-canary-checker + password: + value: S0m3p@sswd + maxAge: 1h + accessKey: + value: minio + secretKey: + value: minio123 \ No newline at end of file diff --git a/fixtures/restic/restic_with_integrity_pass.yaml b/fixtures/datasources/restic_with_integrity_pass.yaml similarity index 60% rename from fixtures/restic/restic_with_integrity_pass.yaml rename to fixtures/datasources/restic_with_integrity_pass.yaml index 445485ebf..ade856ebb 100644 --- a/fixtures/restic/restic_with_integrity_pass.yaml +++ b/fixtures/datasources/restic_with_integrity_pass.yaml @@ -5,7 +5,7 @@ metadata: spec: interval: 30 restic: - - repository: s3:https://minio.minio.svc/restic-canary-checker + - repository: s3:http://minio.minio:9000/restic-canary-checker password: value: S0m3p@sswd maxAge: 1h @@ -13,5 +13,4 @@ spec: value: minio secretKey: value: minio123 - checkIntegrity: true - caCert: /home/runner/work/canary-checker/canary-checker/.certs/ingress-ca.crt + checkIntegrity: true \ No newline at end of file diff --git a/fixtures/restic/restic_without_integrity_pass.yaml b/fixtures/datasources/restic_without_integrity_pass.yaml similarity index 57% rename from fixtures/restic/restic_without_integrity_pass.yaml rename to fixtures/datasources/restic_without_integrity_pass.yaml index 2978f4c99..7c4779558 100644 --- a/fixtures/restic/restic_without_integrity_pass.yaml +++ b/fixtures/datasources/restic_without_integrity_pass.yaml @@ -5,12 +5,11 @@ metadata: spec: interval: 30 restic: - - repository: s3:https://minio.minio.svc/restic-canary-checker + - repository: s3:http://minio.minio:9000/restic-canary-checker password: value: S0m3p@sswd maxAge: 1h accessKey: value: minio secretKey: - value: minio123 - caCert: /home/runner/work/canary-checker/canary-checker/.certs/ingress-ca.crt + value: minio123 \ No newline at end of file diff --git a/fixtures/s3/s3_bucket_fail.yaml b/fixtures/datasources/s3_bucket_fail.yaml similarity index 52% rename from fixtures/s3/s3_bucket_fail.yaml rename to fixtures/datasources/s3_bucket_fail.yaml index bad0394e1..d736e2093 100644 --- a/fixtures/s3/s3_bucket_fail.yaml +++ b/fixtures/datasources/s3_bucket_fail.yaml @@ -7,7 +7,7 @@ spec: s3Bucket: # Check for any mysql backup not older than 7 days and min size 100 bytes - bucket: tests-e2e-1 - accessKeyID: + accessKey: valueFrom: secretKeyRef: name: aws-credentials @@ -18,16 +18,16 @@ spec: name: aws-credentials key: AWS_SECRET_ACCESS_KEY region: "minio" - endpoint: "https://minio.minio.svc" - objectPath: "^mysql\\/backups\\/(.*)\\/mysql.zip$" - readWrite: true + endpoint: "http://minio.minio:9000" + filter: + regex: "^mysql\\/backups\\/(.*)\\/mysql.zip$" maxAge: 7d minSize: 100b usePathStyle: true skipTLSVerify: true # Check for any pg backup not older than 3 days and min size 20 bytes - bucket: tests-e2e-1 - accessKeyID: + accessKey: valueFrom: secretKeyRef: name: aws-credentials @@ -38,30 +38,10 @@ spec: name: aws-credentials key: AWS_SECRET_ACCESS_KEY region: "minio" - endpoint: "https://minio.minio.svc" - objectPath: "pg\\/backups\\/(.*)\\/backup.zip$" - readWrite: true + endpoint: "http://minio.minio:9000" + filter: + regex: "pg\\/backups\\/(.*)\\/backup.zip$" maxAge: 3d minSize: 100b usePathStyle: true - skipTLSVerify: true - # Check for any pg backup not older than 3 days and min size 20 bytes - - bucket: tests-e2e-2 - accessKeyID: - valueFrom: - secretKeyRef: - name: aws-credentials - key: AWS_ACCESS_KEY_ID - secretKey: - valueFrom: - secretKeyRef: - name: aws-credentials - key: AWS_SECRET_ACCESS_KEY - region: "minio" - endpoint: "https://minio.minio.svc" - objectPath: "pg\\/backups\\/(.*)\\/backup.zip$" - readWrite: true - maxAge: 3d - minSize: 20b - usePathStyle: true - skipTLSVerify: true + skipTLSVerify: true \ No newline at end of file diff --git a/fixtures/s3/s3_bucket_pass.yaml b/fixtures/datasources/s3_bucket_pass.yaml similarity index 78% rename from fixtures/s3/s3_bucket_pass.yaml rename to fixtures/datasources/s3_bucket_pass.yaml index e50b0cf92..6420ee477 100644 --- a/fixtures/s3/s3_bucket_pass.yaml +++ b/fixtures/datasources/s3_bucket_pass.yaml @@ -7,7 +7,7 @@ spec: s3Bucket: # Check for any backup not older than 7 days and min size 25 bytes - bucket: tests-e2e-1 - accessKeyID: + accessKey: valueFrom: secretKeyRef: name: aws-credentials @@ -18,16 +18,16 @@ spec: name: aws-credentials key: AWS_SECRET_ACCESS_KEY region: "minio" - endpoint: "https://minio.minio.svc" - objectPath: "(.*)backup.zip$" - readWrite: true + endpoint: "http://minio.minio:9000" + filter: + regex: "(.*)backup.zip$" maxAge: 7d minSize: 25b usePathStyle: true skipTLSVerify: true # Check for any mysql backup not older than 7 days and min size 25 bytes - bucket: tests-e2e-1 - accessKeyID: + accessKey: valueFrom: secretKeyRef: name: aws-credentials @@ -38,16 +38,16 @@ spec: name: aws-credentials key: AWS_SECRET_ACCESS_KEY region: "minio" - endpoint: "https://minio.minio.svc" - objectPath: "mysql\\/backups\\/(.*)\\/mysql.zip$" - readWrite: true + endpoint: "http://minio.minio:9000" + filter: + regex: "mysql\\/backups\\/(.*)\\/mysql.zip$" maxAge: 7d minSize: 25b usePathStyle: true skipTLSVerify: true # Check for any pg backup not older than 7 days and min size 50 bytes - bucket: tests-e2e-1 - accessKeyID: + accessKey: valueFrom: secretKeyRef: name: aws-credentials @@ -58,9 +58,9 @@ spec: name: aws-credentials key: AWS_SECRET_ACCESS_KEY region: "minio" - endpoint: "https://minio.minio.svc" - objectPath: "pg\\/backups\\/(.*)\\/backup.zip$" - readWrite: true + endpoint: "http://minio.minio:9000" + filter: + regex: "pg\\/backups\\/(.*)\\/backup.zip$" maxAge: 7d minSize: 25b usePathStyle: true diff --git a/fixtures/k8s/namespace_pass.yaml b/fixtures/k8s/namespace_pass.yaml index 7b6ed5358..61916ba8c 100644 --- a/fixtures/k8s/namespace_pass.yaml +++ b/fixtures/k8s/namespace_pass.yaml @@ -26,7 +26,7 @@ spec: readyTimeout: 5000 httpTimeout: 15000 deleteTimeout: 12000 - ingressTimeout: 10000 + ingressTimeout: 20000 deadline: 29000 httpRetryInterval: 200 expectedContent: bar diff --git a/fixtures/k8s/pod_pass.yaml b/fixtures/k8s/pod_pass.yaml index 066619f93..bb0010004 100644 --- a/fixtures/k8s/pod_pass.yaml +++ b/fixtures/k8s/pod_pass.yaml @@ -52,7 +52,7 @@ spec: path: /foo/bar ingressName: hello-world-ruby ingressHost: "hello-world-ruby.127.0.0.1.nip.io" - scheduleTimeout: 10000 + scheduleTimeout: 30000 readyTimeout: 12000 httpTimeout: 7000 deleteTimeout: 12000 diff --git a/fixtures/quarantine/helm_pass.yaml b/fixtures/quarantine/helm_pass.yaml deleted file mode 100644 index 4fe5dca35..000000000 --- a/fixtures/quarantine/helm_pass.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: canaries.flanksource.com/v1 -kind: Canary -metadata: - name: helm-pass -spec: - interval: 30 - helm: - - chartmuseum: https://harbor.blue.lab.flanksource.com - project: library - username: admin - password: "" - cafile: "" diff --git a/fixtures/restic/_karina.yaml b/fixtures/restic/_karina.yaml deleted file mode 100644 index ce22241c6..000000000 --- a/fixtures/restic/_karina.yaml +++ /dev/null @@ -1,14 +0,0 @@ -configFrom: - - file: ../../test/karina.yaml -s3: - endpoint: http://minio.minio.svc:9000 - access_key: minio - secret_key: minio123 - region: us-east1 - usePathStyle: true - skipTLSVerify: true -minio: - version: RELEASE.2020-09-02T18-19-50Z - access_key: minio - secret_key: minio123 - replicas: 1 diff --git a/fixtures/restic/restic_pass.yaml b/fixtures/restic/restic_pass.yaml deleted file mode 100644 index 35d0be227..000000000 --- a/fixtures/restic/restic_pass.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: canaries.flanksource.com/v1 -kind: Canary -metadata: - name: restic-pass -spec: - interval: 30 - restic: - - repository: s3:https://minio.minio.svc/restic-canary-checker - password: S0m3p@sswd - maxAge: 1h - accessKey: minio - secretKey: minio123 - caCert: /home/runner/work/canary-checker/canary-checker/.certs/ingress-ca.crt diff --git a/fixtures/s3/_karina.yaml b/fixtures/s3/_karina.yaml deleted file mode 100644 index 530b67bd3..000000000 --- a/fixtures/s3/_karina.yaml +++ /dev/null @@ -1,35 +0,0 @@ -configFrom: - - file: ../../test/karina.yaml -ldap: - adminGroup: NA1 - username: uid=admin,ou=system - password: secret - port: 10636 - host: apacheds.ldap - userDN: ou=users,dc=example,dc=com - groupDN: ou=groups,dc=example,dc=com - groupObjectClass: groupOfNames - groupNameAttr: DN - e2e: - mock: true - username: test - password: secret -s3: - endpoint: http://minio.minio.svc:9000 - access_key: minio - secret_key: minio123 - region: us-east1 - usePathStyle: true - skipTLSVerify: true -minio: - version: RELEASE.2020-09-02T18-19-50Z - access_key: minio - secret_key: minio123 - replicas: 1 -monitoring: - disabled: false - grafana: - disabled: true - prometheus: - persistence: - capacity: 2Gi diff --git a/fixtures/s3/_setup.yaml b/fixtures/s3/_setup.yaml deleted file mode 100644 index 40e4a7729..000000000 --- a/fixtures/s3/_setup.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: aws-credentials - namespace: default -stringData: - AWS_ACCESS_KEY_ID: minio - AWS_SECRET_ACCESS_KEY: minio123 diff --git a/go.sum b/go.sum index 8e2acdc02..8610cec58 100644 --- a/go.sum +++ b/go.sum @@ -933,6 +933,7 @@ github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzE github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= +github.com/ncw/swift v1.0.47 h1:4DQRPj35Y41WogBxyhOXlrI37nzGlyEcsforeudyYPQ= github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= diff --git a/pkg/clients/aws/session.go b/pkg/clients/aws/session.go index 8d8e75253..6e390f848 100644 --- a/pkg/clients/aws/session.go +++ b/pkg/clients/aws/session.go @@ -14,7 +14,7 @@ import ( ) func isEmpty(val kommons.EnvVar) bool { - return val.Value == "" || val.ValueFrom == nil + return val.Value == "" && val.ValueFrom == nil } func NewSession(ctx *context.Context, conn v1.AWSConnection, tr http.RoundTripper) (*aws.Config, error) {