replace world parameters with env variables

Issue: ZENKO-5182

Author: SylvainSenechal

.github/scripts/end2end/common.sh

@@ -2,7 +2,7 @@ get_token() {
     curl -k -H "Host: keycloak.zenko.local" \
         -d "client_id=${OIDC_CLIENT_ID}" \
         -d "username=${OIDC_USERNAME}" \
-        -d "password=${OIDC_PASSWORD}" \
+        -d "password=${KEYCLOAK_TEST_PASSWORD}" \
         -d "grant_type=password" \
         -d "scope=openid" \
         https://localhost/auth/realms/${OIDC_REALM}/protocol/openid-connect/token | \

.github/scripts/end2end/keycloak-helper.sh

@@ -39,7 +39,7 @@ case $COMMAND in
         ${KEYCLOAK_EXEC} /opt/jboss/keycloak/bin/kcadm.sh set-password \
             -r ${OIDC_REALM} \
             --username ${OIDC_USERNAME} \
-            --new-password ${OIDC_PASSWORD}
+            --new-password ${KEYCLOAK_TEST_PASSWORD}
 
         # attach StorageManager role to user
         ${KEYCLOAK_EXEC} /opt/jboss/keycloak/bin/kcadm.sh add-roles \

.github/scripts/end2end/load-config.sh

@@ -37,18 +37,16 @@ load_common() {
     ENV_VARS=()
 
     # From end2end.yaml
-    ENV_VARS+=("SUBDOMAIN=$(get_env_var SUBDOMAIN)")
     ENV_VARS+=("KEYCLOAK_TEST_REALM_NAME=$(get_env_var OIDC_REALM)")
     ENV_VARS+=("KEYCLOAK_TEST_CLIENT_ID=$(get_env_var OIDC_CLIENT_ID)")
     ENV_VARS+=("KEYCLOAK_TEST_USER=$(get_env_var OIDC_USERNAME)")
-    ENV_VARS+=("KEYCLOAK_TEST_PASSWORD=$(get_env_var OIDC_PASSWORD)")
+    ENV_VARS+=("KEYCLOAK_TEST_PASSWORD=$(get_env_var KEYCLOAK_TEST_PASSWORD)")
     ENV_VARS+=("KEYCLOAK_TEST_HOST=$(get_env_var OIDC_HOST)")
     ENV_VARS+=("KEYCLOAK_TEST_PORT=80")
     ENV_VARS+=("KEYCLOAK_TEST_GRANT_TYPE=password")
     ENV_VARS+=("AZURE_ACCOUNT_NAME=$(get_env_var AZURE_ACCOUNT_NAME)")
     ENV_VARS+=("AZURE_SECRET_KEY=$(get_env_var AZURE_SECRET_KEY)")
-    ENV_VARS+=("CLOUDSERVER_ENDPOINT=http://end2end-connector-s3api.default.svc.cluster.local:80")
-    ENV_VARS+=("VAULT_ENDPOINT=http://end2end-management-vault-iam-admin-api:80")
+    ENV_VARS+=("AZURE_BACKEND_ENDPOINT=$(get_env_var AZURE_BACKEND_ENDPOINT)")
 
     # From k8s: Zenko account credentials
     ENV_VARS+=("ZENKO_ACCESS_KEY=$(kubectl get secret end2end-account-zenko -o jsonpath='{.data.AccessKeyId}' | base64 -d)")
@@ -65,7 +63,11 @@ load_common() {
 load_ctst() {
     load_common
 
+    # From end2end.yaml
+    ENV_VARS+=("SUBDOMAIN=$(get_env_var SUBDOMAIN)")
+
     # Hardcoded CTST values
+    ENV_VARS+=("SSL=false")
     ENV_VARS+=("ZENKO_ACCOUNT_NAME=zenko-ctst")
     ENV_VARS+=("STORAGE_MANAGER_USER_NAME=ctst_storage_manager")
     ENV_VARS+=("STORAGE_ACCOUNT_OWNER_USER_NAME=ctst_storage_account_owner")
@@ -79,7 +81,6 @@ load_ctst() {
     # From end2end.yaml
     ENV_VARS+=("DR_SUBDOMAIN=$(get_env_var DR_SUBDOMAIN)")
     ENV_VARS+=("PROMETHEUS_NAME=$(get_env_var PROMETHEUS_NAME)")
-    ENV_VARS+=("AZURE_BACKEND_ENDPOINT=$(get_env_var AZURE_BACKEND_ENDPOINT)")
     ENV_VARS+=("AZURE_BACKEND_QUEUE_ENDPOINT=$(get_env_var AZURE_BACKEND_QUEUE_ENDPOINT)")
     ENV_VARS+=("AZURE_ARCHIVE_BUCKET_NAME=$(get_env_var AZURE_ARCHIVE_BUCKET_NAME)")
     ENV_VARS+=("AZURE_ARCHIVE_BUCKET_NAME_2=$(get_env_var AZURE_ARCHIVE_BUCKET_NAME_2)")
@@ -127,13 +128,19 @@ load_ctst() {
     ENV_VARS+=("BACKBEAT_API_HOST=$(echo "${cloudserver_config}" | jq -r '.backbeat.host')")
     ENV_VARS+=("BACKBEAT_API_PORT=$(echo "${cloudserver_config}" | jq -r '.backbeat.port')")
 
-    # From k8s: Service users credentials (individual components)
-    ENV_VARS+=("BACKBEAT_LCBP_1_CREDS=$(kubectl get secret -l app.kubernetes.io/name=backbeat-lcbp-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-lifecycle-bp-1\.json}' | base64 -d)")
-    ENV_VARS+=("BACKBEAT_LCC_1_CREDS=$(kubectl get secret -l app.kubernetes.io/name=backbeat-lcc-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-lifecycle-conductor-1\.json}' | base64 -d)")
-    ENV_VARS+=("BACKBEAT_LCOP_1_CREDS=$(kubectl get secret -l app.kubernetes.io/name=backbeat-lcop-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-lifecycle-op-1\.json}' | base64 -d)")
-    ENV_VARS+=("BACKBEAT_QP_1_CREDS=$(kubectl get secret -l app.kubernetes.io/name=backbeat-qp-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-qp-1\.json}' | base64 -d)")
-    ENV_VARS+=("SORBET_FWD_2_ACCESSKEY=$(kubectl get secret -l app.kubernetes.io/name=sorbet-fwd-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.accessKey}' | base64 -d)")
-    ENV_VARS+=("SORBET_FWD_2_SECRETKEY=$(kubectl get secret -l app.kubernetes.io/name=sorbet-fwd-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.secretKey}' | base64 -d)")
+    # From k8s: Service users credentials
+    local lcbp_creds lcc_creds lcop_creds qp_creds sorbet_ak sorbet_sk
+    lcbp_creds=$(kubectl get secret -l app.kubernetes.io/name=backbeat-lcbp-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-lifecycle-bp-1\.json}' | base64 -d)
+    lcc_creds=$(kubectl get secret -l app.kubernetes.io/name=backbeat-lcc-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-lifecycle-conductor-1\.json}' | base64 -d)
+    lcop_creds=$(kubectl get secret -l app.kubernetes.io/name=backbeat-lcop-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-lifecycle-op-1\.json}' | base64 -d)
+    qp_creds=$(kubectl get secret -l app.kubernetes.io/name=backbeat-qp-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-qp-1\.json}' | base64 -d)
+    sorbet_ak=$(kubectl get secret -l app.kubernetes.io/name=sorbet-fwd-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.accessKey}' | base64 -d)
+    sorbet_sk=$(kubectl get secret -l app.kubernetes.io/name=sorbet-fwd-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.secretKey}' | base64 -d)
+
+    # Build SERVICE_USERS_CREDENTIALS JSON (same format as run-e2e-ctst.sh)
+    local service_users_creds
+    service_users_creds=$(echo '{"backbeat-lifecycle-bp-1":'"${lcbp_creds}"',"backbeat-lifecycle-conductor-1":'"${lcc_creds}"',"backbeat-lifecycle-op-1":'"${lcop_creds}"',"backbeat-qp-1":'"${qp_creds}"',"sorbet-fwd-2":{"accessKey":"'"${sorbet_ak}"'","secretKey":"'"${sorbet_sk}"'"}}')
+    ENV_VARS+=("SERVICE_USERS_CREDENTIALS=${service_users_creds}")
 }
 
 # =============================================================================
@@ -163,7 +170,6 @@ load_e2e() {
     ENV_VARS+=("GCP_SECRET_KEY=$(get_env_var GCP_SECRET_KEY)")
     ENV_VARS+=("GCP_BACKEND_SERVICE_KEY=$(get_env_var GCP_BACKEND_SERVICE_KEY)")
     ENV_VARS+=("GCP_BACKEND_SERVICE_EMAIL=$(get_env_var GCP_BACKEND_SERVICE_EMAIL)")
-    ENV_VARS+=("AZURE_BACKEND_ENDPOINT=$(get_env_var AZURE_BACKEND_ENDPOINT)")
     ENV_VARS+=("AWS_ENDPOINT=$(get_env_var AWS_ENDPOINT)")
     ENV_VARS+=("AWS_ACCESS_KEY=$(get_env_var AWS_ACCESS_KEY)")
     ENV_VARS+=("AWS_SECRET_KEY=$(get_env_var AWS_SECRET_KEY)")
@@ -185,6 +191,8 @@ load_e2e() {
 
     # Derived endpoints
     ENV_VARS+=("CLOUDSERVER_HOST=end2end-connector-s3api.default.svc.cluster.local")
+    ENV_VARS+=("CLOUDSERVER_ENDPOINT=http://end2end-connector-s3api.default.svc.cluster.local:80")
+    ENV_VARS+=("VAULT_ENDPOINT=http://end2end-management-vault-iam-admin-api:80")
     ENV_VARS+=("VAULT_STS_ENDPOINT=http://end2end-connector-vault-sts-api:80")
     ENV_VARS+=("BACKBEAT_API_ENDPOINT=http://end2end-management-backbeat-api.default.svc.cluster.local:80")
 

.github/scripts/end2end/run-e2e-ctst.sh

@@ -20,18 +20,20 @@ VERSION=$(cat ../../../VERSION | grep -Po 'VERSION="\K[^"]*')
 
 # Zenko Environment
 ZENKO_ACCOUNT_NAME="zenko-ctst"
-ADMIN_ACCESS_KEY_ID=$(kubectl get secret end2end-management-vault-admin-creds.v1 -o jsonpath='{.data.accessKey}' | base64 -d)
-ADMIN_SECRET_ACCESS_KEY=$(kubectl get secret end2end-management-vault-admin-creds.v1  -o jsonpath='{.data.secretKey}' | base64 -d)
+# ADMIN_ACCESS_KEY_ID=$(kubectl get secret end2end-management-vault-admin-creds.v1 -o jsonpath='{.data.accessKey}' | base64 -d)
+# ADMIN_SECRET_ACCESS_KEY=$(kubectl get secret end2end-management-vault-admin-creds.v1  -o jsonpath='{.data.secretKey}' | base64 -d)
 ADMIN_PRA_ACCESS_KEY_ID=$(kubectl get secret end2end-pra-management-vault-admin-creds.v1 -o jsonpath='{.data.accessKey}' | base64 -d)
 ADMIN_PRA_SECRET_ACCESS_KEY=$(kubectl get secret end2end-pra-management-vault-admin-creds.v1  -o jsonpath='{.data.secretKey}' | base64 -d)
-STORAGE_MANAGER_USER_NAME="ctst_storage_manager"
-STORAGE_ACCOUNT_OWNER_USER_NAME="ctst_storage_account_owner"
-DATA_CONSUMER_USER_NAME="ctst_data_consumer"
-DATA_ACCESSOR_USER_NAME="ctst_data_accessor"
+
+# STORAGE_MANAGER_USER_NAME="ctst_storage_manager"
+# STORAGE_ACCOUNT_OWNER_USER_NAME="ctst_storage_account_owner"
+# DATA_CONSUMER_USER_NAME="ctst_data_consumer"
+# DATA_ACCESSOR_USER_NAME="ctst_data_accessor"
+
 VAULT_AUTH_HOST="${ZENKO_NAME}-connector-vault-auth-api.default.svc.cluster.local"
-ZENKO_PORT="80"
+# ZENKO_PORT="80"
 KEYCLOAK_TEST_USER=${OIDC_USERNAME}
-KEYCLOAK_TEST_PASSWORD=${OIDC_PASSWORD}
+# KEYCLOAK_TEST_PASSWORD=${OIDC_PASSWORD}
 KEYCLOAK_TEST_HOST=${OIDC_HOST}
 KEYCLOAK_TEST_PORT="80"
 KEYCLOAK_TEST_REALM_NAME=${OIDC_REALM}
@@ -45,7 +47,7 @@ BACKBEAT_LCOP_1_CREDS=$(kubectl get secret -l app.kubernetes.io/name=backbeat-lc
 BACKBEAT_QP_1_CREDS=$(kubectl get secret -l app.kubernetes.io/name=backbeat-qp-user-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.backbeat-qp-1\.json}' | base64 -d)
 SORBET_FWD_2_ACCESSKEY=$(kubectl get secret -l app.kubernetes.io/name=sorbet-fwd-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.accessKey}' | base64 -d)
 SORBET_FWD_2_SECRETKEY=$(kubectl get secret -l app.kubernetes.io/name=sorbet-fwd-creds,app.kubernetes.io/instance=end2end -o jsonpath='{.items[0].data.secretKey}' | base64 -d)
-SERVICE_USERS_CREDENTIALS=$(echo '{"backbeat-lifecycle-bp-1":'${BACKBEAT_LCBP_1_CREDS}',"backbeat-lifecycle-conductor-1":'${BACKBEAT_LCC_1_CREDS}',"backbeat-lifecycle-op-1":'${BACKBEAT_LCOP_1_CREDS}',"backbeat-qp-1":'${BACKBEAT_QP_1_CREDS}',"sorbet-fwd-2":{"accessKey":"'${SORBET_FWD_2_ACCESSKEY}'","secretKey":"'${SORBET_FWD_2_SECRETKEY}'"}}' | jq -R)
+# SERVICE_USERS_CREDENTIALS=$(echo '{"backbeat-lifecycle-bp-1":'${BACKBEAT_LCBP_1_CREDS}',"backbeat-lifecycle-conductor-1":'${BACKBEAT_LCC_1_CREDS}',"backbeat-lifecycle-op-1":'${BACKBEAT_LCOP_1_CREDS}',"backbeat-qp-1":'${BACKBEAT_QP_1_CREDS}',"sorbet-fwd-2":{"accessKey":"'${SORBET_FWD_2_ACCESSKEY}'","secretKey":"'${SORBET_FWD_2_SECRETKEY}'"}}' | jq -R)
 
 # Get KAFKA topics for sorbet
 KAFKA_DEAD_LETTER_TOPIC=$(kubectl get secret -l app.kubernetes.io/name=cold-sorbet-config-e2e-azure-archive,app.kubernetes.io/instance=end2end \
@@ -57,8 +59,8 @@ KAFKA_OBJECT_TASK_TOPIC=$(kubectl get secret -l app.kubernetes.io/name=cold-sorb
 KAFKA_GC_REQUEST_TOPIC=$(kubectl get secret -l app.kubernetes.io/name=cold-sorbet-config-e2e-azure-archive,app.kubernetes.io/instance=end2end \
     -o jsonpath='{.items[0].data.config\.json}' | base64 -di | jq '."kafka-gc-request-topic"' | cut -d "\"" -f 2)
 
-DR_ADMIN_ACCESS_KEY_ID=$(kubectl get secret end2end-pra-management-vault-admin-creds.v1 -o jsonpath='{.data.accessKey}' | base64 -d)
-DR_ADMIN_SECRET_ACCESS_KEY=$(kubectl get secret end2end-pra-management-vault-admin-creds.v1  -o jsonpath='{.data.secretKey}' | base64 -d)
+# DR_ADMIN_ACCESS_KEY_ID=$(kubectl get secret end2end-pra-management-vault-admin-creds.v1 -o jsonpath='{.data.accessKey}' | base64 -d)
+# DR_ADMIN_SECRET_ACCESS_KEY=$(kubectl get secret end2end-pra-management-vault-admin-creds.v1  -o jsonpath='{.data.secretKey}' | base64 -d)
 
 # Extracting kafka host from bacbeat's config
 KAFKA_HOST_PORT=$(kubectl get secret -l app.kubernetes.io/name=backbeat-config,app.kubernetes.io/instance=end2end \
@@ -90,13 +92,6 @@ UTILIZATION_SERVICE_PORT="80"
 # Setting CTST world params
 WORLD_PARAMETERS="$(jq -c <<EOF
 {
-  "subdomain":"${SUBDOMAIN}",
-  "DRSubdomain":"${DR_SUBDOMAIN}",
-  "ssl":false,
-  "port":"${ZENKO_PORT}",
-  "AccountName":"${ZENKO_ACCOUNT_NAME}",
-  "AdminAccessKey":"${ADMIN_ACCESS_KEY_ID}",
-  "AdminSecretKey":"${ADMIN_SECRET_ACCESS_KEY}",
   "VaultAuthHost":"${VAULT_AUTH_HOST}",
   "NotificationDestination":"${NOTIF_DEST_NAME}",
   "NotificationDestinationTopic":"${NOTIF_DEST_TOPIC}",
@@ -111,17 +106,15 @@ WORLD_PARAMETERS="$(jq -c <<EOF
   "KafkaHosts":"${KAFKA_HOST_PORT}",
   "KafkaAuthHosts":"${KAFKA_AUTH_HOST_PORT}",
   "KeycloakUsername":"${KEYCLOAK_TEST_USER}",
-  "KeycloakPassword":"${KEYCLOAK_TEST_PASSWORD}",
   "KeycloakHost":"${KEYCLOAK_TEST_HOST}",
   "KeycloakPort":"${KEYCLOAK_TEST_PORT}",
-  "keycloakRealm":"${KEYCLOAK_TEST_REALM_NAME}",
-  "keycloakClientId":"${KEYCLOAK_TEST_CLIENT_ID}",
-  "keycloakGrantType":"${KEYCLOAK_TEST_GRANT_TYPE}",
-  "StorageManagerUsername":"${STORAGE_MANAGER_USER_NAME}",
-  "StorageAccountOwnerUsername":"${STORAGE_ACCOUNT_OWNER_USER_NAME}",
-  "DataConsumerUsername":"${DATA_CONSUMER_USER_NAME}",
-  "DataAccessorUsername":"${DATA_ACCESSOR_USER_NAME}",
-  "ServiceUsersCredentials":${SERVICE_USERS_CREDENTIALS},
+  "KeycloakRealm":"${KEYCLOAK_TEST_REALM_NAME}",
+  "KeycloakClientId":"${KEYCLOAK_TEST_CLIENT_ID}",
+  "KeycloakGrantType":"${KEYCLOAK_TEST_GRANT_TYPE}",
+  "StorageManagerUsername":"ctst_storage_manager",
+  "StorageAccountOwnerUsername":"ctst_storage_account_owner",
+  "DataConsumerUsername":"ctst_data_consumer",
+  "DataAccessorUsername":"ctst_data_accessor",
   "AzureAccountName":"${AZURE_ACCOUNT_NAME}",
   "AzureAccountKey":"${AZURE_SECRET_KEY}",
   "AzureArchiveContainer":"${AZURE_ARCHIVE_BUCKET_NAME}",
@@ -139,8 +132,6 @@ WORLD_PARAMETERS="$(jq -c <<EOF
   "KafkaCleanerInterval":"${KAFKA_CLEANER_INTERVAL}",
   "SorbetdRestoreTimeout":"${SORBETD_RESTORE_TIMEOUT}",
   "TimeProgressionFactor":"${TIME_PROGRESSION_FACTOR}",
-  "DRAdminAccessKey":"${DR_ADMIN_ACCESS_KEY_ID}",
-  "DRAdminSecretKey":"${DR_ADMIN_SECRET_ACCESS_KEY}",
   "UtilizationServiceHost":"${UTILIZATION_SERVICE_HOST}",
   "UtilizationServicePort":"${UTILIZATION_SERVICE_PORT}"
 }
@@ -160,7 +151,7 @@ docker run \
     --rm \
     --network=host \
     "${E2E_IMAGE}" /bin/bash \
-    -c "SUBDOMAIN=${SUBDOMAIN} CONTROL_PLANE_INGRESS_ENDPOINT=${OIDC_ENDPOINT} ACCOUNT=${ZENKO_ACCOUNT_NAME} KEYCLOAK_REALM=${KEYCLOAK_TEST_REALM_NAME} STORAGE_MANAGER=${STORAGE_MANAGER_USER_NAME} STORAGE_ACCOUNT_OWNER=${STORAGE_ACCOUNT_OWNER_USER_NAME} DATA_CONSUMER=${DATA_CONSUMER_USER_NAME} DATA_ACCESSOR=${DATA_ACCESSOR_USER_NAME} /ctst/node_modules/cli-testing/bin/seedKeycloak.sh"; [[ $? -eq 1 ]] && exit 1 || echo 'Keycloak Configured!'
+    -c "SUBDOMAIN=${SUBDOMAIN} CONTROL_PLANE_INGRESS_ENDPOINT=${OIDC_ENDPOINT} ACCOUNT=${ZENKO_ACCOUNT_NAME} KEYCLOAK_REALM=${KEYCLOAK_TEST_REALM_NAME} STORAGE_MANAGER=ctst_storage_manager STORAGE_ACCOUNT_OWNER=ctst_storage_account_owner DATA_CONSUMER=ctst_data_consumer DATA_ACCESSOR=ctst_data_accessor /ctst/node_modules/cli-testing/bin/seedKeycloak.sh"; [[ $? -eq 1 ]] && exit 1 || echo 'Keycloak Configured!'
 
 # Grant access to Kube API (insecure, only for testing)
 kubectl create clusterrolebinding serviceaccounts-cluster-admin \

.github/scripts/end2end/run-e2e-test.sh

@@ -52,7 +52,6 @@ DESTINATION_ACCOUNT_ID=$(kubectl get secret "end2end-account-${CRR_DESTINATION_A
 CRR_DESTINATION_INFO="{\"AccessKeyId\":\"${DESTINATION_ACCESS_KEY}\",\"SecretAccessKey\":\"${DESTINATION_SECRET_KEY}\",\"SessionToken\":\"${DESTINATION_SESSION_TOKEN}\",\"AccountId\":\"${DESTINATION_ACCOUNT_ID}\"}"
 OIDC_FULLNAME="${OIDC_FIRST_NAME} ${OIDC_LAST_NAME}"
 KEYCLOAK_TEST_USER="${OIDC_USERNAME}-norights"
-KEYCLOAK_TEST_PASSWORD=${OIDC_PASSWORD}
 KEYCLOAK_TEST_HOST=${OIDC_ENDPOINT}
 KEYCLOAK_TEST_PORT="80"
 KEYCLOAK_TEST_REALM_NAME=${OIDC_REALM}
@@ -83,7 +82,7 @@ run_e2e_test() {
         --env=STAGE=${STAGE} \
         --env=CYPRESS_KEYCLOAK_USER_FULLNAME="${OIDC_FULLNAME}" \
         --env=CYPRESS_KEYCLOAK_USERNAME=${OIDC_USERNAME} \
-        --env=CYPRESS_KEYCLOAK_PASSWORD=${OIDC_PASSWORD} \
+        --env=CYPRESS_KEYCLOAK_PASSWORD=${KEYCLOAK_TEST_PASSWORD} \
         --env=CYPRESS_KEYCLOAK_ROOT=${OIDC_ENDPOINT} \
         --env=CYPRESS_KEYCLOAK_CLIENT_ID=${OIDC_CLIENT_ID} \
         --env=CYPRESS_KEYCLOAK_REALM=${OIDC_REALM} \

.github/workflows/end2end.yaml

@@ -21,7 +21,7 @@ env:
   OIDC_REALM: "zenko"
   OIDC_CLIENT_ID: "zenko-ui"
   OIDC_USERNAME: 'storage_manager'
-  OIDC_PASSWORD: '123'
+  KEYCLOAK_TEST_PASSWORD: '123'
   OIDC_FIRST_NAME: 'hello'
   OIDC_LAST_NAME: 'world'
   HTTP_PROXY: ""

tests/ctst/common/common.ts

@@ -40,7 +40,7 @@ export async function cleanS3Bucket(
         return;
     }
     Identity.useIdentity(IdentityEnum.ACCOUNT, world.getSaved<string>('accountName') ||
-        world.parameters.AccountName);
+        process.env.ZENKO_ACCOUNT_NAME);
     world.resetCommand();
     world.addCommandParameter({ bucket: bucketName });
     const createdObjects = world.getCreatedObjects();
@@ -125,14 +125,14 @@ async function createBucket(world: Zenko, versioning: string, bucketName: string
 
 Given('a {string} bucket with dot', async function (this: Zenko, versioning: string) {
     const preName = this.getSaved<string>('accountName') ||
-        this.parameters.AccountName || Constants.ACCOUNT_NAME;
+        process.env.ZENKO_ACCOUNT_NAME || Constants.ACCOUNT_NAME;
     await createBucket(this, versioning,
         `${preName}.${Constants.BUCKET_NAME_TEST}${Utils.randomString()}`.toLocaleLowerCase());
 });
 
 Given('a {string} bucket', async function (this: Zenko, versioning: string) {
     const preName = this.getSaved<string>('accountName') ||
-        this.parameters.AccountName || Constants.ACCOUNT_NAME;
+        process.env.ZENKO_ACCOUNT_NAME || Constants.ACCOUNT_NAME;
     await createBucket(this, versioning,
         `${preName}${Constants.BUCKET_NAME_TEST}${Utils.randomString()}`.toLocaleLowerCase());
 });

tests/ctst/common/hooks.ts

@@ -62,8 +62,8 @@ Before({ tags: '@UtilizationAPI', timeout: 1200000 }, async function (scenarioOp
 
 After(async function (this: Zenko, results) {
     // Reset any configuration set on the endpoint (ssl, port)
-    CacheHelper.parameters.ssl = this.parameters.ssl;
-    CacheHelper.parameters.port = this.parameters.port;
+    CacheHelper.parameters.ssl = process.env.SSL === 'true';
+    CacheHelper.parameters.port = process.env.ZENKO_PORT;
     if (results.result?.status === 'FAILED') {
         this.logger.warn('bucket was not cleaned for test', {
             bucket: this.getSaved<string>('bucketName'),

tests/ctst/steps/cloudserverAuth.ts

@@ -36,7 +36,7 @@ When('the user tries to perform CreateBucket', async function (this: Zenko) {
     this.resetCommand();
     this.useSavedIdentity();
     const preName = this.getSaved<string>('accountName') ||
-        this.parameters.AccountName || Constants.ACCOUNT_NAME;
+        process.env.ZENKO_ACCOUNT_NAME || Constants.ACCOUNT_NAME;
     const usedBucketName = `${preName}${Constants.BUCKET_NAME_TEST}${Utils.randomString()}`.toLocaleLowerCase();
     this.addToSaved('bucketName', usedBucketName);
     this.addCommandParameter({ bucket: usedBucketName });

tests/ctst/steps/iam-policies/common.ts

@@ -29,13 +29,13 @@ When('the user tries to perform vault auth {string}', async function (this: Zenk
         SecretKey: userCredentials.secretAccessKey,
         SessionToken: userCredentials.sessionToken,
         ip: this.parameters.VaultAuthHost,
-        ssl: CacheHelper.parameters ? CacheHelper.parameters.ssl as boolean : undefined,
+        ssl: CacheHelper.parameters.ssl,
     };
 
     switch (action) {
     case 'GetAccountInfo':
         this.setResult(await VaultAuth.getAccounts([
-            this.getSaved<string>('accountNameForScenario') || this.parameters.AccountName,
+            this.getSaved<string>('accountNameForScenario') || process.env.ZENKO_ACCOUNT_NAME,
         ], null, null, {
             // @ts-expect-error accountNames is not generated by CTST yet
             accountNames: true,