From 1292c71dd1b3566f9ef657beae3b51447cfe82a2 Mon Sep 17 00:00:00 2001 From: tjons Date: Fri, 24 Nov 2023 14:20:02 +0000 Subject: [PATCH] update tests Signed-off-by: tjons --- build/install-istio-with-kind.sh | 2 +- test/bats/istio-cm-patch.yaml | 18 ++++++++++++++++++ test/bats/test.bats | 5 +++++ 3 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 test/bats/istio-cm-patch.yaml diff --git a/build/install-istio-with-kind.sh b/build/install-istio-with-kind.sh index 88c50bc91..aabc05261 100755 --- a/build/install-istio-with-kind.sh +++ b/build/install-istio-with-kind.sh @@ -7,7 +7,7 @@ set -x GOARCH=$(go env GOARCH) GOOS=$(go env GOOS) KIND_VERSION=0.11.1 -ISTIO_VERSION=1.8.6 +ISTIO_VERSION=1.9.9 # Download and install kind curl -L https://github.com/kubernetes-sigs/kind/releases/download/v${KIND_VERSION}/kind-${GOOS}-${GOARCH} --output kind && chmod +x kind && sudo mv kind /usr/local/bin/ diff --git a/test/bats/istio-cm-patch.yaml b/test/bats/istio-cm-patch.yaml new file mode 100644 index 000000000..7f0fff365 --- /dev/null +++ b/test/bats/istio-cm-patch.yaml @@ -0,0 +1,18 @@ +data: + mesh: |- + extensionProviders: + - name: opa-ext-authz-grpc + envoyExtAuthzGrpc: + service: opa-ext-authz-grpc.local + port: "9191" + accessLogFile: /dev/stdout + defaultConfig: + discoveryAddress: istiod.istio-system.svc:15012 + proxyMetadata: {} + tracing: + zipkin: + address: zipkin.istio-system:9411 + enablePrometheusMerge: true + rootNamespace: istio-system + trustDomain: cluster.local + meshNetworks: 'networks: {}' \ No newline at end of file diff --git a/test/bats/test.bats b/test/bats/test.bats index 51322a27f..114500455 100644 --- a/test/bats/test.bats +++ b/test/bats/test.bats @@ -11,6 +11,11 @@ SLEEP_TIME=1 assert_success } +@test "register OPA sidecars as external authorizer in the mesh" { + run kubectl patch configmap istio -n istio-system --patch-file test/bats/istio-cm-patch.yaml + assert_success +} + @test "label default namespace for Istio Proxy and OPA-Envoy sidecar injection" { run kubectl label namespace default opa-istio-injection="enabled" assert_success