diff --git a/dex.values.yaml b/dex.values.yaml index ee43f1e..9cb2868 100644 --- a/dex.values.yaml +++ b/dex.values.yaml @@ -22,6 +22,10 @@ config: hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W" # password username: "test-client-oidc" userID: "73bca0b9-9be6-4e73-a8fb-347c2ac23255" + - email: "test-client-oidc-provisioning@example.com" + hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W" # password + username: "test-client-oidc-provisioning" + userID: "464d9494-5cc3-44e1-a380-c0403bd31fcb" - email: "test-exporter-oidc@example.com" hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W" # password username: "test-exporter-oidc" diff --git a/tests.bats b/tests.bats index 06d741f..ee617a6 100644 --- a/tests.bats +++ b/tests.bats @@ -1,6 +1,17 @@ setup() { bats_load_library bats-support bats_load_library bats-assert + + bats_require_minimum_version 1.5.0 +} + +wait_for_exporter() { + kubectl -n default wait --timeout 20m --for=condition=Online --for=condition=Registered \ + exporters.jumpstarter.dev/test-exporter-oidc + kubectl -n default wait --timeout 20m --for=condition=Online --for=condition=Registered \ + exporters.jumpstarter.dev/test-exporter-sa + kubectl -n default wait --timeout 20m --for=condition=Online --for=condition=Registered \ + exporters.jumpstarter.dev/test-exporter-legacy } @test "can create clients with admin cli" { @@ -31,6 +42,11 @@ setup() { --issuer https://dex.dex.svc.cluster.local:5556 \ --username test-client-oidc@example.com --password password --unsafe + jmp login --client test-client-oidc-provisioning \ + --endpoint "$ENDPOINT" --namespace default --name "" \ + --issuer https://dex.dex.svc.cluster.local:5556 \ + --username test-client-oidc-provisioning@example.com --password password --unsafe + jmp login --client test-client-sa \ --endpoint "$ENDPOINT" --namespace default --name test-client-sa \ --issuer https://dex.dex.svc.cluster.local:5556 \ @@ -78,17 +94,12 @@ while true; do done EOF - kubectl -n default wait --for=condition=Online --for=condition=Registered \ - exporters.jumpstarter.dev/test-exporter-oidc - kubectl -n default wait --for=condition=Online --for=condition=Registered \ - exporters.jumpstarter.dev/test-exporter-sa - kubectl -n default wait --for=condition=Online --for=condition=Registered \ - exporters.jumpstarter.dev/test-exporter-legacy + + wait_for_exporter } @test "can specify client config only using environment variables" { - kubectl -n default wait --for=condition=Online --for=condition=Registered \ - exporters.jumpstarter.dev/test-exporter-oidc + wait_for_exporter JMP_NAMEPSACE=default \ JMP_NAME=test-exporter-legacy \ @@ -98,8 +109,7 @@ EOF } @test "can operate on leases" { - kubectl -n default wait --for=condition=Online --for=condition=Registered \ - exporters.jumpstarter.dev/test-exporter-oidc + wait_for_exporter jmp config client use test-client-oidc @@ -110,16 +120,14 @@ EOF } @test "can lease and connect to exporters" { - kubectl -n default wait --for=condition=Online --for=condition=Registered \ - exporters.jumpstarter.dev/test-exporter-oidc - kubectl -n default wait --for=condition=Online --for=condition=Registered \ - exporters.jumpstarter.dev/test-exporter-sa - kubectl -n default wait --for=condition=Online --for=condition=Registered \ - exporters.jumpstarter.dev/test-exporter-legacy + wait_for_exporter jmp shell --client test-client-oidc --selector example.com/board=oidc j power on jmp shell --client test-client-sa --selector example.com/board=sa j power on jmp shell --client test-client-legacy --selector example.com/board=legacy j power on + + wait_for_exporter + jmp shell --client test-client-oidc-provisioning --selector example.com/board=oidc j power on } @test "can get crds with admin cli" { diff --git a/values.kind.yaml b/values.kind.yaml index baa65f2..95c45ce 100644 --- a/values.kind.yaml +++ b/values.kind.yaml @@ -7,6 +7,8 @@ jumpstarter-controller: grpc: mode: "ingress" config: + provisioning: + enabled: true authentication: jwt: - issuer: