Skip to content

Commit

Permalink
chore(deps): bump kyverno/chainsaw from 0.0.9 to 0.2.9 (#1057)
Browse files Browse the repository at this point in the history 
* chore(deps): bump kyverno/chainsaw from 0.0.9 to 0.2.9

Bumps [kyverno/chainsaw](https://github.com/kyverno/chainsaw) from 0.0.9 to 0.2.9.
- [Release notes](https://github.com/kyverno/chainsaw/releases)
- [Changelog](https://github.com/kyverno/chainsaw/blob/main/.goreleaser.yaml)
- [Commits](kyverno/chainsaw@v0.0.9...v0.2.9)

---
updated-dependencies:
- dependency-name: kyverno/chainsaw
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update ci.yaml

* update

* update

* update

* update

* update

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: yangw <[email protected]>
Co-authored-by: drivebyer <[email protected]>
  • Loading branch information
@dependabot @drivebyer
3 people authored Sep 16, 2024
1 parent 2b70f53 commit c0dc636
Show file tree
Hide file tree
Showing 17 changed files with 135 additions and 209 deletions.
6 changes: 4 additions & 2 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -226,10 +226,12 @@ jobs:
- name: Build Dockerfile
run: docker build . --file Dockerfile --tag redis-operator:e2e

- name: Install Cosign
uses: sigstore/[email protected]
- name: Install chainsaw
uses: kyverno/chainsaw/.github/actions/install@v0.0.9
uses: kyverno/action-install-chainsaw@v0.2.9
with:
release: v0.1.7
verify: true

- name: Check install
run: chainsaw version
Expand Down
28 changes: 5 additions & 23 deletions pkg/controllers/redis/redis_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,6 @@ import (
. "github.com/onsi/gomega"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"
)
Expand All @@ -38,32 +36,16 @@ var _ = Describe("Redis test", func() {

By("creating the resource when the cluster is created")
Eventually(func() error { return k8sClient.Get(context.TODO(), key, obj) }, timeout).Should(Succeed())

By("setting the owner reference")
ownerRefs := obj.GetOwnerReferences()
Expect(ownerRefs).To(HaveLen(1))
Expect(ownerRefs[0].Name).To(Equal(redisCRName))
},
Entry("reconciles the leader statefulset", "%s", &appsv1.StatefulSet{}),
Entry("reconciles the leader headless service", "%s-headless", &corev1.Service{}),
Entry("reconciles the leader additional service", "%s-additional", &corev1.Service{}),
)

Context("then deleting the redis CR", func() {
It("should delete the statefulset", func() {
redisCR := &redisv1beta2.Redis{
ObjectMeta: metav1.ObjectMeta{
Name: redisCRName,
Namespace: ns,
},
}
Expect(k8sClient.Delete(context.TODO(), redisCR)).To(BeNil())

Eventually(func() bool {
sts := &appsv1.StatefulSet{}
err := k8sClient.Get(context.TODO(), types.NamespacedName{
Name: redisCRName,
Namespace: ns,
}, sts)
return errors.IsNotFound(err)
}, timeout, interval).Should(BeTrue())
})
})
})

Describe("When creating a redis, ignore annotations", func() {
Expand Down
28 changes: 5 additions & 23 deletions pkg/controllers/rediscluster/rediscluster_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,6 @@ import (
. "github.com/onsi/gomega"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"
)
Expand All @@ -38,33 +36,17 @@ var _ = Describe("Redis cluster test", func() {

By("creating the resource when the cluster is created")
Eventually(func() error { return k8sClient.Get(context.TODO(), key, obj) }, timeout).Should(Succeed())

By("setting the owner reference")
ownerRefs := obj.GetOwnerReferences()
Expect(ownerRefs).To(HaveLen(1))
Expect(ownerRefs[0].Name).To(Equal(redisClusterCRName))
},
Entry("reconciles the leader statefulset", "%s-leader", &appsv1.StatefulSet{}),
Entry("reconciles the leader service", "%s-leader", &corev1.Service{}),
Entry("reconciles the leader headless service", "%s-leader-headless", &corev1.Service{}),
Entry("reconciles the leader additional service", "%s-leader-additional", &corev1.Service{}),
)

Context("then deleting the redis cluster CR", func() {
It("should delete the statefulset", func() {
redisClusterCR := &redisv1beta2.RedisCluster{
ObjectMeta: metav1.ObjectMeta{
Name: redisClusterCRName,
Namespace: ns,
},
}
Expect(k8sClient.Delete(context.TODO(), redisClusterCR)).To(BeNil())

Eventually(func() bool {
sts := &appsv1.StatefulSet{}
err := k8sClient.Get(context.TODO(), types.NamespacedName{
Name: redisClusterCRName + "-leader",
Namespace: ns,
}, sts)
return errors.IsNotFound(err)
}, timeout, interval).Should(BeTrue())
})
})
})

Describe("When creating a redis cluster with DisablePersistence", func() {
Expand Down
28 changes: 5 additions & 23 deletions pkg/controllers/redisreplication/redisreplication_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,6 @@ import (
. "github.com/onsi/gomega"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"
)
Expand All @@ -38,32 +36,16 @@ var _ = Describe("Redis test", func() {

By("creating the resource when the cluster is created")
Eventually(func() error { return k8sClient.Get(context.TODO(), key, obj) }, timeout).Should(Succeed())

By("setting the owner reference")
ownerRefs := obj.GetOwnerReferences()
Expect(ownerRefs).To(HaveLen(1))
Expect(ownerRefs[0].Name).To(Equal(crName))
},
Entry("reconciles the leader statefulset", "%s", &appsv1.StatefulSet{}),
Entry("reconciles the leader headless service", "%s-headless", &corev1.Service{}),
Entry("reconciles the leader additional service", "%s-additional", &corev1.Service{}),
)

Context("then deleting the redis CR", func() {
It("should delete the statefulset", func() {
cr := &redisv1beta2.RedisReplication{
ObjectMeta: metav1.ObjectMeta{
Name: crName,
Namespace: ns,
},
}
Expect(k8sClient.Delete(context.TODO(), cr)).To(BeNil())

Eventually(func() bool {
sts := &appsv1.StatefulSet{}
err := k8sClient.Get(context.TODO(), types.NamespacedName{
Name: crName,
Namespace: ns,
}, sts)
return errors.IsNotFound(err)
}, timeout, interval).Should(BeTrue())
})
})
})

Describe("When creating a redis, ignore annotations", func() {
Expand Down
22 changes: 0 additions & 22 deletions pkg/controllers/redissentinel/redissentinel_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import (
. "github.com/onsi/gomega"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
)
Expand Down Expand Up @@ -95,26 +94,5 @@ var _ = Describe("Redis sentinel test", func() {
"role": "sentinel",
}))
})

Context("then deleting the redis sentinel CR", func() {
It("should delete the statefulset", func() {
redisSentinelCR := &redisv1beta2.RedisSentinel{
ObjectMeta: metav1.ObjectMeta{
Name: redisSentinelCRName,
Namespace: ns,
},
}
Expect(k8sClient.Delete(context.TODO(), redisSentinelCR)).To(BeNil())

Eventually(func() bool {
sts := &appsv1.StatefulSet{}
err := k8sClient.Get(context.TODO(), types.NamespacedName{
Name: redisSentinelCRName + "-sentinel",
Namespace: ns,
}, sts)
return errors.IsNotFound(err)
}, timeout, interval).Should(BeTrue())
})
})
})
})
36 changes: 18 additions & 18 deletions tests/e2e-chainsaw/v1beta2/acl-user/redis-cluster/chainsaw-test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,75 +43,75 @@ spec:
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-0 --
redis-cli -c -p 6379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-1 --
redis-cli -c -p 6379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-2 --
redis-cli -c -p 6379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-0 --
redis-cli -c -p 6379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-1 --
redis-cli -c -p 6379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-2 --
redis-cli -c -p 6379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- name: Check Cluster Slots Coverage
try:
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-0 --
redis-cli --cluster check 127.0.0.1:6379 | grep 'All 16384 slots covered.'
check:
($stdout=='[OK] All 16384 slots covered.'): true
(contains($stdout, '[OK] All 16384 slots covered')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-1 --
redis-cli --cluster check 127.0.0.1:6379 | grep 'All 16384 slots covered'
check:
($stdout=='[OK] All 16384 slots covered.'): true
(contains($stdout, '[OK] All 16384 slots covered')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-2 --
redis-cli --cluster check 127.0.0.1:6379 | grep 'All 16384 slots covered'
check:
($stdout=='[OK] All 16384 slots covered.'): true
(contains($stdout, '[OK] All 16384 slots covered')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-0 --
redis-cli --cluster check 127.0.0.1:6379 | grep 'All 16384 slots covered'
check:
($stdout=='[OK] All 16384 slots covered.'): true
(contains($stdout, '[OK] All 16384 slots covered')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-1 --
redis-cli --cluster check 127.0.0.1:6379 | grep 'All 16384 slots covered'
check:
($stdout=='[OK] All 16384 slots covered.'): true
(contains($stdout, '[OK] All 16384 slots covered')): true
- script:
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-2 --
redis-cli --cluster check 127.0.0.1:6379 | grep 'All 16384 slots covered'
check:
($stdout=='[OK] All 16384 slots covered.'): true
(contains($stdout, '[OK] All 16384 slots covered')): true
- name: Try saving a key With Password
try:
- script:
Expand All @@ -120,39 +120,39 @@ spec:
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-0 --
redis-cli -c -p 6379 --user opstree --pass abc@123 set foo-0 bar-0
check:
($stdout=='OK'): true
(contains($stdout, 'OK')): true
- script:
timeout: 30s
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-1 --
redis-cli -c -p 6379 --user opstree --pass abc@123 set foo-1 bar-1
check:
($stdout=='OK'): true
(contains($stdout, 'OK')): true
- script:
timeout: 30s
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-leader redis-cluster-v1beta2-leader-2 --
redis-cli -c -p 6379 --user opstree --pass abc@123 set foo-2 bar-2
check:
($stdout=='OK'): true
(contains($stdout, 'OK')): true
- script:
timeout: 30s
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-0 --
redis-cli -c -p 6379 --user opstree --pass abc@123 set foo-3 bar-3
check:
($stdout=='OK'): true
(contains($stdout, 'OK')): true
- script:
timeout: 30s
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-1 --
redis-cli -c -p 6379 --user opstree --pass abc@123 set foo-4 bar-4
check:
($stdout=='OK'): true
(contains($stdout, 'OK')): true
- script:
timeout: 30s
content: >
kubectl exec --namespace ${NAMESPACE} --container redis-cluster-v1beta2-follower redis-cluster-v1beta2-follower-2 --
redis-cli -c -p 6379 --user opstree --pass abc@123 set foo-5 bar-5
check:
($stdout=='OK'): true
(contains($stdout, 'OK')): true
4 changes: 2 additions & 2 deletions tests/e2e-chainsaw/v1beta2/ha-failover/chainsaw-test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ spec:
export MASTER_IP_FROM_LABEL=$(kubectl -n ${NAMESPACE} get pod -l app=redis-replication,redis-role=master,redis_setup_type=replication -o jsonpath='{.items[0].status.podIP}');
if [ "$MASTER_IP_FROM_SENTINEL" = "$MASTER_IP_FROM_LABEL" ]; then echo "OK"; else echo "FAIL"; fi
check:
($stdout=='OK'): true
(contains($stdout, 'OK')): true
catch:
- description: Redis Operator Logs
podLogs:
Expand Down Expand Up @@ -65,7 +65,7 @@ spec:
export MASTER_IP_FROM_LABEL=$(kubectl -n ${NAMESPACE} get pod -l app=redis-replication,redis-role=master,redis_setup_type=replication -o jsonpath='{.items[0].status.podIP}');
if [ $MASTER_IP_FROM_SENTINEL = $MASTER_IP_FROM_LABEL ]; then echo "OK"; else echo "FAIL"; fi
check:
($stdout=='OK'): true
(contains($stdout, 'OK')): true
catch:
- description: Redis Operator Logs
podLogs:
Expand Down
4 changes: 2 additions & 2 deletions ...ainsaw/v1beta2/ha-setup/secured/partially-secured/replication-password/chainsaw-test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,12 @@ spec:
content: |
kubectl exec --namespace ${NAMESPACE} redis -- redis-cli -h redis-replication.${NAMESPACE}.svc -p 6379 -a Opstree@1234 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- name: Ping Sentinel Service from Cli Pod
try:
- script:
timeout: 10s
content: |
kubectl exec --namespace ${NAMESPACE} redis -- redis-cli -h redis-sentinel-sentinel.${NAMESPACE}.svc -p 26379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
6 changes: 3 additions & 3 deletions ...-chainsaw/v1beta2/ha-setup/secured/partially-secured/sentinel-password/chainsaw-test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,20 +40,20 @@ spec:
content: |
kubectl exec --namespace ${NAMESPACE} redis -- redis-cli -h redis-replication.${NAMESPACE}.svc -p 6379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- name: Ping Sentinel Service from Cli Pod With password
try:
- script:
timeout: 10s
content: |
kubectl exec --namespace ${NAMESPACE} redis -- redis-cli -h redis-sentinel-sentinel.${NAMESPACE}.svc -p 26379 -a Opstree@1234 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- name: Ping Sentinel Service from Cli Pod Without password
try:
- script:
timeout: 10s
content: |
kubectl exec --namespace ${NAMESPACE} redis -- redis-cli -h redis-sentinel-sentinel.${NAMESPACE}.svc -p 26379 ping
check:
($stdout=='NOAUTH Authentication required.'): true
(contains($stdout, 'NOAUTH Authentication required')): true
4 changes: 2 additions & 2 deletions tests/e2e-chainsaw/v1beta2/ha-setup/unsecured/chainsaw-test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,12 +36,12 @@ spec:
content: |
kubectl exec --namespace ${NAMESPACE} redis -- redis-cli -h redis-replication.${NAMESPACE}.svc -p 6379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
- name: Ping Sentinel Service from Cli Pod
try:
- script:
timeout: 10s
content: |
kubectl exec --namespace ${NAMESPACE} redis -- redis-cli -h redis-sentinel-sentinel.${NAMESPACE}.svc -p 26379 ping
check:
($stdout=='PONG'): true
(contains($stdout, 'PONG')): true
Loading

0 comments on commit c0dc636

Please sign in to comment.