Add spire-agent CLI commands integration test #4969
Conversation
FedeNQ
requested review from
evan2645,
amartinezfayo,
azdagron,
MarcosDY and
rturner3
as code owners
| INVALID_CONFIG=0 | ||
|
|
||
|
|
||
| for ((m=1;m<=$RETRIES;m++)); do |
There was a problem hiding this comment.
since step 4 will validate that agent is up, I think the same validation in all test cases is not required
| HEALTHCHECK_FAIL=1 | ||
| fi | ||
|
|
||
| if [ $AGENT_FOUND -eq 1 ] && [ $HEALTHCHECK -eq 1 ] && [ $HEALTHCHECK_FAIL -eq 1 ]; then |
There was a problem hiding this comment.
how can we know witch one fails? may we verify one at time? (same comment for all test cases)
| fi | ||
| done | ||
|
|
||
| echo "$AGENTS" |
There was a problem hiding this comment.
are echos required here?
| wait $API_WATCH_PID | ||
|
|
||
|
|
||
| # Continuously check the output file for the desired pattern with a timeout of 20 seconds |
There was a problem hiding this comment.
since the function behind api watch is to watch updates on SVID/bundles, what do you think about setting very log SVID rotations (1m or something like that) and verify that SVID rotates?
| INVALID_CONFIG=1 | ||
| fi | ||
|
|
||
| if [ $VALID_CONFIG -eq 1 ] && [ $INVALID_CONFIG -eq 1 ]; then |
There was a problem hiding this comment.
can you add log to understand quickly witch one fails?
|
|
||
| # If timeout is reached, the test was succesful | ||
| if [ $TIMEOUT_REACHED -eq 1 ]; then | ||
| kill -9 $API_WATCH_PID # If timeout reached, kill the background process |
There was a problem hiding this comment.
why it is required? are not we going to finish compose?
There was a problem hiding this comment.
We decided to stop the api watch command in the succesful path, so we can add the entry, start to look again in another file, and after that assert that we receive the "Received" message (in 07-check-api-watch)
But that was just one of the valid approachs that we have, maybe is there another way to do it?
There was a problem hiding this comment.
maybe this can be related to previous comment :D
| CURRENT_TIME=$(date +%s) | ||
| ELAPSED_TIME=$((CURRENT_TIME - START_TIME)) | ||
| if [ $ELAPSED_TIME -gt $TIMEOUT ]; then | ||
| echo "Error: Timeout reached while waiting for 'Received' message." |
There was a problem hiding this comment.
Should I remove the echo message too?
|
|
||
| TIMEOUT=60 | ||
| START_TIME=$(date +%s) | ||
| while true; do |
There was a problem hiding this comment.
what is the intention here?
Server has a ttl of 10m that measn that svids will be rotating every 5m,
but this test case is for 1m, so there is no rotation here,
maybe you can reduce ttl to 1m and verify that the svid rotated once, that will reduce the time for this for to 30s (because it will be finishing as soon an update is done)
| echo "$SUCCESS" | ||
| docker-compose logs |
There was a problem hiding this comment.
| echo "$SUCCESS" | |
| docker-compose logs | |
| docker-compose logs |
Signed-off-by: FedeNQ <[email protected]>
Signed-off-by: FedeNQ <[email protected]>
Signed-off-by: FedeNQ <[email protected]>
Signed-off-by: FedeNQ <[email protected]>
Signed-off-by: FedeNQ <[email protected]>
Signed-off-by: FedeNQ <[email protected]>
Signed-off-by: FedeNQ <[email protected]>
Signed-off-by: FedeNQ <[email protected]>
Signed-off-by: FedeNQ <[email protected]>
FedeNQ
force-pushed
the
add-agent-integration-test
branch
from
dc9f0fd to
ca4bcc9
Compare
Pull Request check list
Affected functionality
Integration tests have been implemented for the following spire agent commands:
Which issue this PR fixes
Fixes #1890