From f5c12f13a4496746d0444b866e40499e35a0857b Mon Sep 17 00:00:00 2001 From: Ahmed AbouZaid <6760103+aabouzaid@users.noreply.github.com> Date: Mon, 24 Jun 2024 22:28:43 +0200 Subject: [PATCH] chore: split testsuites per chart version (#2041) venom `loops` and `skip` are super buggy so it's better to split the `testsuites` per chart version Signed-off-by: Ahmed AbouZaid <6760103+aabouzaid@users.noreply.github.com> --- .github/actions/workflow-vars/action.yml | 2 +- .../workflows/test-integration-template.yaml | 6 +- .github/workflows/test-regression.yaml | 1 - .../testsuites/vars/files/testsuite-core.yaml | 254 ++++++++++++++ .../vars/files/testsuite-preflight.yaml | 114 +++++++ .../vars/files/variables-default.yaml | 9 +- .../files/variables-ingress-combined.yaml | 13 +- .../testsuites/vars/kustomization.yaml | 7 + .../testsuites/vars/files/testsuite-core.yaml | 275 +++++++++++++++ .../vars/files/testsuite-preflight.yaml | 3 +- .../vars/files/variables-default.yaml | 7 +- .../files/variables-ingress-combined.yaml | 9 +- .../testsuites/vars/kustomization.yaml | 7 + .../testsuites/vars/files/testsuite-core.yaml | 301 +++++++++++++++++ .../vars/files/testsuite-preflight.yaml | 115 +++++++ .../vars/files/variables-default.yaml | 5 +- .../files/variables-ingress-combined.yaml | 7 +- .../testsuites/vars/kustomization.yaml | 7 + .../testsuites/vars/files/testsuite-core.yaml | 0 .../vars/files/testsuite-preflight.yaml | 114 +++++++ .../testsuites/vars/kustomization.yaml | 7 + .../testsuites/vars/files/testsuite-core.yaml | 316 ++++++++++++++++++ .../vars/files/testsuite-preflight.yaml | 114 +++++++ .../testsuites/vars/kustomization.yaml | 7 + .../lib/testsuite-deploy-taskfile.yaml | 11 +- test/integration/testsuites/base/job.yaml | 9 +- .../testsuites/base/kustomization.yaml | 2 +- .../testsuites/core/kustomization.yaml | 6 - .../testsuites/core/patches/job.yaml | 1 + .../testsuites/preflight/kustomization.yaml | 8 - 30 files changed, 1681 insertions(+), 56 deletions(-) create mode 100644 charts/camunda-platform-8.2/test/integration/testsuites/vars/files/testsuite-core.yaml create mode 100644 charts/camunda-platform-8.2/test/integration/testsuites/vars/files/testsuite-preflight.yaml create mode 100644 charts/camunda-platform-8.3/test/integration/testsuites/vars/files/testsuite-core.yaml rename test/integration/testsuites/preflight/testsuites/preflight.yaml => charts/camunda-platform-8.3/test/integration/testsuites/vars/files/testsuite-preflight.yaml (99%) create mode 100644 charts/camunda-platform-8.4/test/integration/testsuites/vars/files/testsuite-core.yaml create mode 100644 charts/camunda-platform-8.4/test/integration/testsuites/vars/files/testsuite-preflight.yaml rename test/integration/testsuites/core/testsuites/core.yaml => charts/camunda-platform-alpha/test/integration/testsuites/vars/files/testsuite-core.yaml (100%) create mode 100644 charts/camunda-platform-alpha/test/integration/testsuites/vars/files/testsuite-preflight.yaml create mode 100644 charts/camunda-platform-latest/test/integration/testsuites/vars/files/testsuite-core.yaml create mode 100644 charts/camunda-platform-latest/test/integration/testsuites/vars/files/testsuite-preflight.yaml diff --git a/.github/actions/workflow-vars/action.yml b/.github/actions/workflow-vars/action.yml index 5562210ac8..c283fbc8d9 100644 --- a/.github/actions/workflow-vars/action.yml +++ b/.github/actions/workflow-vars/action.yml @@ -70,7 +70,7 @@ runs: echo "Output vars:" # Deployment identifier. - TEST_IDENTIFIER="${{ inputs.platform }}-${{ inputs.identifier-base }}" + TEST_IDENTIFIER="$(echo ${{ inputs.platform }}-${{ inputs.identifier-base }} | sed 's/\./-/g')" if [[ "${{ inputs.setup-flow }}" == 'upgrade' ]]; then TEST_IDENTIFIER="${TEST_IDENTIFIER}-upgrade" fi diff --git a/.github/workflows/test-integration-template.yaml b/.github/workflows/test-integration-template.yaml index a549b93a93..424b820240 100644 --- a/.github/workflows/test-integration-template.yaml +++ b/.github/workflows/test-integration-template.yaml @@ -116,12 +116,15 @@ jobs: TEST_CLUSTER_TYPE: ${{ matrix.distro.type }} steps: + - name: Print workflow inputs + run: | + echo "Workflow inputs:" + echo "${{ toJSON(inputs) }}" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 with: # This is needed to load repo GH composite actions if the workflow triggered by workflow_call. repository: camunda/camunda-platform-helm ref: ${{ inputs.camunda-helm-git-ref }} - # When there is a vault-secret-mapping input given, use Vault instead of GitHub secrets # and populate environment variables from Vault - name: Import Vault secrets @@ -135,7 +138,6 @@ jobs: secretId: ${{ secrets.VAULT_SECRET_ID }} secrets: ${{ inputs.vault-secret-mapping }} exportEnv: true - # Used to create/delete GitHub environment. # NOTE: The GH app requires "administration:write" access to be able to delete the GH environment. - name: Generate GitHub token diff --git a/.github/workflows/test-regression.yaml b/.github/workflows/test-regression.yaml index d9976a7301..c045e415c7 100644 --- a/.github/workflows/test-regression.yaml +++ b/.github/workflows/test-regression.yaml @@ -82,6 +82,5 @@ jobs: deployment-ttl: "${{ contains(github.event.pull_request.labels.*.name, 'test-persistent') && '1w' || '' }}" platforms: "gke" flows: "install,upgrade" - test-enabled: false camunda-helm-dir: "camunda-platform-${{ matrix.version }}" camunda-helm-git-ref: "${{ github.event.pull_request.head.sha }}" diff --git a/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/testsuite-core.yaml b/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/testsuite-core.yaml new file mode 100644 index 0000000000..db73d2d8c8 --- /dev/null +++ b/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/testsuite-core.yaml @@ -0,0 +1,254 @@ +# NOTE: WebModeler has its own step because Venom doesn't support skip in loops yet. +# https://github.com/ovh/venom/issues/651 +name: Test core functionality of Camunda Platform + +# Vars without defaults are passed as a Venom var, e.g. "VENOM_VAR_TEST_CLIENT_SECRET". +vars: + releaseName: integration + venomClientID: '{{ .TEST_CLIENT_ID | default "venom" }}' + venomClientSecret: '{{ .TEST_CLIENT_SECRET }}' + skipTestIngress: '{{ .SKIP_TEST_INGRESS }}' + skipTestWebModeler: '{{ .SKIP_TEST_WEBMODELER }}' + +testcases: + +# https://docs.camunda.io/docs/self-managed/identity/user-guide/generating-m2m-tokens/ +- name: TEST - Generating machine-to-machine token + steps: + - name: "{{ .value.component }}" + type: http + range: + - component: Tasklist + clientID: tasklist + clientSecret: "{{ .TASKLIST_CLIENT_SECRET }}" + - component: Operate + clientID: operate + clientSecret: "{{ .OPERATE_CLIENT_SECRET }}" + - component: Optimize + clientID: optimize + clientSecret: "{{ .OPTIMIZE_CLIENT_SECRET }}" + - component: Connectors + clientID: connectors + clientSecret: "{{ .CONNECTORS_CLIENT_SECRET }}" + method: POST + url: "{{ .coreVars.authURL }}" + headers: + Content-Type: application/x-www-form-urlencoded + body: |- + client_id={{ .value.clientID }}&client_secret={{ .value.clientSecret }}&grant_type=client_credentials + # info: | + # Component: {{ .value.component }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# Helper to get access token for Venom Identity client which's seeded during Helm deployment. +- name: helperVenomToken + steps: + - name: Get Venom token + type: http + method: POST + url: "{{ .coreVars.authURL }}" + headers: + Content-Type: application/x-www-form-urlencoded + body: "client_id={{ .venomClientID }}&client_secret={{ .venomClientSecret }}&grant_type=client_credentials" + # info: | + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + vars: + jwt: + from: result.bodyjson.access_token + +# TODO: Use Venom "web" module to test actual login. It's easy but requires "PhantomJS" +# which is not available on Alpine, so it needs to be installed first. +- name: TEST - Interacting with Camunda login page + steps: + - name: "{{ .value.component }}" + skip: + - skiptestingress ShouldBeFalse + type: http + range: + - component: Keycloak + url: "{{ .coreVars.baseURLs.keycloak }}" + - component: Identity + url: "{{ .coreVars.baseURLs.identity }}" + - component: Operate + url: "{{ .coreVars.baseURLs.operate }}" + - component: Optimize + url: "{{ .coreVars.baseURLs.optimize }}" + - component: Tasklist + url: "{{ .coreVars.baseURLs.tasklist }}" + - component: Connectors + url: "{{ .coreVars.baseURLs.connectors }}" + - component: WebModeler + url: "{{ .coreVars.baseURLs.webModeler }}" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 15 + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.body ShouldNotContainSubstring error + +# TODO: Add Optimize. +- name: TEST - Interacting with Camunda web API + steps: + - name: "{{ .value.component }}" + type: http + range: + - component: Identity + url: "{{ .coreVars.baseURLs.identity }}/api/users" + method: GET + body: '' + - component: Operate + docs: https://docs.camunda.io/docs/self-managed/operate-deployment/operate-authentication/ + url: "{{ .coreVars.baseURLs.operate }}/v1/process-definitions/search" + method: POST + body: '{}' + - component: Tasklist + docs: https://docs.camunda.io/docs/self-managed/tasklist-deployment/tasklist-authentication/ + url: "{{ .coreVars.baseURLs.tasklist }}/graphql" + method: POST + body: '{"query": "{tasks(query:{}){id name}}"}' + method: "{{ .value.method }}" + url: "{{ .value.url }}" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: "{{ .value.body }}" + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# Unlike other apps, WebModeler by default expects the JWT token to be acquired from external Keycloak URL. +# Hence, this test is added in the extra tests when Ingress is enabled. +- name: TEST - Interacting with WebModeler + steps: + - name: Check WebModeler internal API + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + method: GET + url: "{{ .coreVars.baseURLs.webModelerRestapi }}/api/beta/info" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.bodyjson.version ShouldNotBeEmpty + - name: Check WebModeler login page + skip: + - skiptestingress ShouldBeFalse + - skiptestwebmodeler ShouldBeFalse + type: http + method: GET + url: "{{ .coreVars.baseURLs.webModeler }}" + retry: 3 + delay: 15 + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.body ShouldNotContainSubstring error + +- name: TEST - Interacting with Zeebe Gateway + steps: + - name: Check Zeebe Gateway status + type: exec + script: | + zbctl --clientCache=/tmp/zeebe \ + --clientId {{ .venomClientID }} --clientSecret {{ .venomClientSecret }} \ + --authzUrl "{{ .coreVars.authURL }}" --address "{{ .coreVars.baseURLs.zeebeGateway }}" \ + {{ .coreVars.zbctl.extraArgs }} \ + status + retry: 2 + delay: 10 + # info: | + # = systemerr: {{ .result.systemerr }} + # = err: {{ .result.err }} + assertions: + - result.code ShouldEqual 0 + - result.systemout ShouldContainSubstring "Leader, Healthy" + - result.systemout ShouldNotContainSubstring Unhealthy + - result.timeseconds ShouldBeLessThan 1 + +- name: TEST - Deploying BPMN process + steps: + - name: Deploy BPMN process to Zeebe - {{ .value.name }} + type: exec + range: + - name: Basic + file: test-process.bpmn + - name: Inbound Connector + file: test-inbound-process.bpmn + script: | + zbctl --clientCache=/tmp/zeebe \ + --clientId {{ .venomClientID }} --clientSecret {{ .venomClientSecret }} \ + --authzUrl "{{ .coreVars.authURL }}" --address "{{ .coreVars.baseURLs.zeebeGateway }}" \ + {{ .coreVars.zbctl.extraArgs }} \ + deploy /mnt/fixtures/{{ .value.file }} + # info: | + # = systemerr: {{ .result.systemerr }} + # = err: {{ .result.err }} + assertions: + - result.code ShouldEqual 0 + +- name: TEST - Check deployed BPMN process + steps: + - name: Check deployed BPMN process in Operate - {{ .value.name }} + type: http + range: + - name: Basic + id: it-test-process + - name: Inbound Connector + id: test-inbound-process + method: POST + url: "{{ .coreVars.baseURLs.operate }}/v1/process-definitions/search" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: '{}' + retry: 3 + delay: 15 + # TODO: Remove it after debugging Operate issue. + info: | + = Request Body: {{ .result.request.body }} + = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + # NOTE: JSON keys are lowercased automatically, the original key is "bpmnProcessId". + - result.bodyjson.items.items{{ .index }}.bpmnprocessid ShouldEqual {{ .value.id }} + +- name: TEST - Check Connectors webhook + steps: + - name: Check deployed BPMN webhook + type: http + method: POST + url: "{{ .coreVars.baseURLs.connectors }}/test-mywebhook" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: '{"webhookDataKey":"webhookDataValue"}' + retry: 4 + delay: 15 + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 diff --git a/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/testsuite-preflight.yaml b/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/testsuite-preflight.yaml new file mode 100644 index 0000000000..354d3b58bd --- /dev/null +++ b/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/testsuite-preflight.yaml @@ -0,0 +1,114 @@ +# NOTE: WebModeler has its own step because Venom doesn't support skip in loops yet. +# https://github.com/ovh/venom/issues/651 +name: Run preflight checks for Camunda Platform + +# Vars without defaults are passed as a Venom var, e.g. "VENOM_VAR_TEST_CLIENT_SECRET". +vars: + releaseName: integration + skipTestWebModeler: '{{ .SKIP_TEST_WEBMODELER }}' + +testcases: + +- name: TEST - Readiness + steps: + - name: "{{ .value.component }}" + type: http + range: + # Dependencies. + - component: Elasticsearch + url: "{{ .preflightVars.baseURLs.elasticsearch }}/_cluster/health?&timeout=1s" + - component: Keycloak + url: "{{ .preflightVars.baseURLs.keycloak }}/auth/realms/master" + # Camunda. + - component: Identity + url: "{{ .preflightVars.baseURLs.identity }}/actuator/health" + - component: Optimize + url: "{{ .preflightVars.baseURLs.optimize }}/api/readyz" + - component: Operate + url: "{{ .preflightVars.baseURLs.operate }}/actuator/health/readiness" + - component: Tasklist + url: "{{ .preflightVars.baseURLs.tasklist }}/actuator/health/readiness" + - component: Connectors + url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/readiness" + - component: ZeebeGateway + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/health" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - name: "WebModeler - {{ .value.component }}" + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + range: + - component: RESTAPI + url: "{{ .preflightVars.baseURLs.webModelerRestapi }}/health/readiness" + - component: WebApp + url: "{{ .preflightVars.baseURLs.webModelerWebapp }}/health/readiness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +- name: TEST - Liveness + steps: + - name: "{{ .value.component }}" + type: http + range: + # Dependencies. + - component: Elasticsearch + url: "{{ .preflightVars.baseURLs.elasticsearch }}/_cluster/health?wait_for_status=green&timeout=1s" + - component: Keycloak + url: "{{ .preflightVars.baseURLs.keycloak }}/auth/realms/camunda-platform" + # Camunda. + - component: Identity + url: "{{ .preflightVars.baseURLs.identity }}/actuator/health" + - component: Optimize + url: "{{ .preflightVars.baseURLs.optimize }}/api/readyz" + - component: Operate + url: "{{ .preflightVars.baseURLs.operate }}/actuator/health/liveness" + - component: Tasklist + url: "{{ .preflightVars.baseURLs.tasklist }}/actuator/health/liveness" + - component: Connectors + url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/liveness" + - component: ZeebeGateway + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health/liveness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - name: "WebModeler - {{ .value.component }}" + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + range: + - component: RESTAPI + url: "{{ .preflightVars.baseURLs.webModelerRestapi }}/health/liveness" + - component: WebApp + url: "{{ .preflightVars.baseURLs.webModelerWebapp }}/health/liveness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# TODO: Check seed config like ES indexes. diff --git a/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/variables-default.yaml b/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/variables-default.yaml index bfe3750509..825204152d 100644 --- a/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/variables-default.yaml +++ b/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/variables-default.yaml @@ -1,21 +1,19 @@ preflightVars: baseURLs: - elasticsearch: http://integration-elasticsearch:9200 - console: http://integration-console:9100 + elasticsearch: http://elasticsearch-master:9200 keycloak: http://integration-keycloak identity: http://integration-identity:82 optimize: http://integration-optimize operate: http://integration-operate tasklist: http://integration-tasklist connectors: http://integration-connectors:8080 + zeebeGateway: http://integration-zeebe-gateway:9600 webModelerRestapi: http://integration-web-modeler-restapi:8091 webModelerWebapp: http://integration-web-modeler-webapp:8071 - zeebeGateway: http://integration-zeebe-gateway:9600 coreVars: authURL: "http://integration-keycloak/auth/realms/camunda-platform/protocol/openid-connect/token" baseURLs: - console: http://integration-console keycloak: http://integration-keycloak identity: http://integration-identity optimize: http://integration-optimize @@ -23,7 +21,6 @@ coreVars: tasklist: http://integration-tasklist connectors: http://integration-connectors:8080/inbound webModelerRestapi: http://integration-web-modeler-restapi - zeebeGatewayGRPC: http://integration-zeebe-gateway:9600 - zeebeGatewayREST: http://integration-zeebe-gateway:8080 + zeebeGateway: integration-zeebe-gateway:26500 zbctl: extraArgs: "--insecure" diff --git a/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/variables-ingress-combined.yaml b/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/variables-ingress-combined.yaml index 1746027b84..5db776cc4a 100644 --- a/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/variables-ingress-combined.yaml +++ b/charts/camunda-platform-8.2/test/integration/testsuites/vars/files/variables-ingress-combined.yaml @@ -1,23 +1,20 @@ preflightVars: baseURLs: - elasticsearch: http://integration-elasticsearch:9200 - console: http://integration-console:9100 + elasticsearch: http://elasticsearch-master:9200 keycloak: http://integration-keycloak identity: http://integration-identity:82 optimize: http://integration-optimize/optimize operate: http://integration-operate/operate tasklist: http://integration-tasklist/tasklist connectors: http://integration-connectors:8080/connectors + zeebeGateway: http://integration-zeebe-gateway:9600 webModelerRestapi: http://integration-web-modeler-restapi:8091 webModelerWebapp: http://integration-web-modeler-webapp:8071 - zeebeGateway: http://integration-zeebe-gateway:9600/zeebe coreVars: authURL: "https://{{ .TEST_INGRESS_HOST }}/auth/realms/camunda-platform/protocol/openid-connect/token" - testNamespace: "{{ .K8S_NAMESPACE }}" baseURLs: - console: "https://{{ .TEST_INGRESS_HOST }}" - keycloak: "https://{{ .TEST_INGRESS_HOST }}/auth/" + keycloak: "https://{{ .TEST_INGRESS_HOST }}/auth" identity: "https://{{ .TEST_INGRESS_HOST }}/identity" operate: "https://{{ .TEST_INGRESS_HOST }}/operate" optimize: "https://{{ .TEST_INGRESS_HOST }}/optimize" @@ -25,8 +22,6 @@ coreVars: connectors: "https://{{ .TEST_INGRESS_HOST }}/connectors/inbound" webModeler: "https://{{ .TEST_INGRESS_HOST }}/modeler" webModelerRestapi: http://integration-web-modeler-restapi - zeebeGatewayGRPC: "zeebe-{{ .TEST_INGRESS_HOST }}:443" - zeebeGatewayREST: "https://{{ .TEST_INGRESS_HOST }}/zeebe" - prometheus: "prometheus-operated.kube-prometheus-stack.svc.cluster.local:9090" + zeebeGateway: "zeebe-{{ .TEST_INGRESS_HOST }}:443" zbctl: extraArgs: "" diff --git a/charts/camunda-platform-8.2/test/integration/testsuites/vars/kustomization.yaml b/charts/camunda-platform-8.2/test/integration/testsuites/vars/kustomization.yaml index ced36288a4..412b1b9334 100644 --- a/charts/camunda-platform-8.2/test/integration/testsuites/vars/kustomization.yaml +++ b/charts/camunda-platform-8.2/test/integration/testsuites/vars/kustomization.yaml @@ -2,6 +2,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization configMapGenerator: +# This will be added in the CI. +# - name: venom-tests +# options: +# disableNameSuffixHash: true +# files: +# - files/testsuite-preflight.yaml +# - files/testsuite-core.yaml - name: venom-vars options: disableNameSuffixHash: true diff --git a/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/testsuite-core.yaml b/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/testsuite-core.yaml new file mode 100644 index 0000000000..9f5e232690 --- /dev/null +++ b/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/testsuite-core.yaml @@ -0,0 +1,275 @@ +# NOTE: WebModeler has its own step because Venom doesn't support skip in loops yet. +# https://github.com/ovh/venom/issues/651 +name: Test core functionality of Camunda + +# Vars without defaults are passed as a Venom var, e.g. "VENOM_VAR_TEST_CLIENT_SECRET". +vars: + releaseName: integration + venomClientID: '{{ .TEST_CLIENT_ID | default "venom" }}' + venomClientSecret: '{{ .TEST_CLIENT_SECRET }}' + skipTestIngress: '{{ .SKIP_TEST_INGRESS }}' + skipTestWebModeler: '{{ .SKIP_TEST_WEBMODELER }}' + +testcases: + +# https://docs.camunda.io/docs/self-managed/identity/user-guide/generating-m2m-tokens/ +- name: TEST - Generating machine-to-machine token + steps: + - name: "{{ .value.component }}" + type: http + range: + - component: Tasklist + clientID: tasklist + clientSecret: "{{ .TASKLIST_CLIENT_SECRET }}" + - component: Operate + clientID: operate + clientSecret: "{{ .OPERATE_CLIENT_SECRET }}" + - component: Optimize + clientID: optimize + clientSecret: "{{ .OPTIMIZE_CLIENT_SECRET }}" + - component: Connectors + clientID: connectors + clientSecret: "{{ .CONNECTORS_CLIENT_SECRET }}" + method: POST + url: "{{ .coreVars.authURL }}" + headers: + Content-Type: application/x-www-form-urlencoded + body: |- + client_id={{ .value.clientID }}&client_secret={{ .value.clientSecret }}&grant_type=client_credentials + # info: | + # Component: {{ .value.component }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# Helper to get access token for Venom Identity client which's seeded during Helm deployment. +- name: helperVenomToken + steps: + - name: Get Venom token + type: http + method: POST + url: "{{ .coreVars.authURL }}" + headers: + Content-Type: application/x-www-form-urlencoded + body: "client_id={{ .venomClientID }}&client_secret={{ .venomClientSecret }}&grant_type=client_credentials" + # info: | + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + vars: + jwt: + from: result.bodyjson.access_token + +# TODO: Use Venom "web" module to test actual login. It's easy but requires "PhantomJS" +# which is not available on Alpine, so it needs to be installed first. +- name: TEST - Interacting with Camunda login page + steps: + - name: "{{ .value.component }}" + skip: + - skiptestingress ShouldBeFalse + type: http + range: + - component: Keycloak + url: "{{ .coreVars.baseURLs.keycloak }}" + - component: Identity + url: "{{ .coreVars.baseURLs.identity }}" + - component: Operate + url: "{{ .coreVars.baseURLs.operate }}" + - component: Optimize + url: "{{ .coreVars.baseURLs.optimize }}" + - component: Tasklist + url: "{{ .coreVars.baseURLs.tasklist }}" + - component: Connectors + url: "{{ .coreVars.baseURLs.connectors }}" + - component: WebModeler + url: "{{ .coreVars.baseURLs.webModeler }}" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 15 + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.body ShouldNotContainSubstring error + +# TODO: Add Optimize. +- name: TEST - Interacting with Camunda web API + steps: + - name: "{{ .value.component }}" + type: http + range: + - component: Identity + url: "{{ .coreVars.baseURLs.identity }}/api/users" + method: GET + body: '' + - component: Operate + docs: https://docs.camunda.io/docs/self-managed/operate-deployment/operate-authentication/ + url: "{{ .coreVars.baseURLs.operate }}/v1/process-definitions/search" + method: POST + body: '{}' + - component: Tasklist + docs: https://docs.camunda.io/docs/self-managed/tasklist-deployment/tasklist-authentication/ + url: "{{ .coreVars.baseURLs.tasklist }}/graphql" + method: POST + body: '{"query": "{tasks(query:{}){id name}}"}' + method: "{{ .value.method }}" + url: "{{ .value.url }}" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: "{{ .value.body }}" + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# Unlike other apps, WebModeler by default expects the JWT token to be acquired from external Keycloak URL. +# Hence, this test is added in the extra tests when Ingress is enabled. +- name: TEST - Interacting with WebModeler + steps: + # TODO: Check why WM 8.3.0 cannot be accessed internally. + # - name: Check WebModeler internal API + # skip: + # - skiptestwebmodeler ShouldBeFalse + # type: http + # method: GET + # url: "{{ .coreVars.baseURLs.webModelerRestapi }}/api/v1/info" + # headers: + # Content-Type: application/json + # Authorization: "Bearer {{ .helperVenomToken.jwt }}" + # # info: | + # # = Request Body: {{ .result.request.body }} + # # = Response Body: {{ .result.body }} + # assertions: + # - result.statuscode ShouldEqual 200 + # - result.bodyjson.version ShouldNotBeEmpty + - name: Check WebModeler login page + skip: + - skiptestingress ShouldBeFalse + - skiptestwebmodeler ShouldBeFalse + type: http + method: GET + url: "{{ .coreVars.baseURLs.webModeler }}" + retry: 3 + delay: 15 + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.body ShouldNotContainSubstring error + +- name: TEST - Interacting with Zeebe Gateway + steps: + - name: Check Zeebe Gateway status + type: exec + script: | + zbctl --clientCache=/tmp/zeebe \ + --clientId {{ .venomClientID }} --clientSecret {{ .venomClientSecret }} \ + --authzUrl "{{ .coreVars.authURL }}" --address "{{ .coreVars.baseURLs.zeebeGateway }}" \ + {{ .coreVars.zbctl.extraArgs }} \ + status + retry: 2 + delay: 10 + # info: | + # = systemerr: {{ .result.systemerr }} + # = err: {{ .result.err }} + assertions: + - result.code ShouldEqual 0 + - result.systemout ShouldContainSubstring "Leader, Healthy" + - result.systemout ShouldNotContainSubstring Unhealthy + - result.timeseconds ShouldBeLessThan 1 + +- name: TEST - Deploying BPMN process + steps: + - name: Deploy BPMN process to Zeebe - {{ .value.name }} + type: exec + range: + - name: Basic + file: test-process.bpmn + - name: Inbound Connector + file: test-inbound-process.bpmn + script: | + zbctl --clientCache=/tmp/zeebe \ + --clientId {{ .venomClientID }} --clientSecret {{ .venomClientSecret }} \ + --authzUrl "{{ .coreVars.authURL }}" --address "{{ .coreVars.baseURLs.zeebeGateway }}" \ + {{ .coreVars.zbctl.extraArgs }} \ + deploy /mnt/fixtures/{{ .value.file }} + # info: | + # = systemerr: {{ .result.systemerr }} + # = err: {{ .result.err }} + assertions: + - result.code ShouldEqual 0 + +- name: TEST - Check deployed BPMN process + steps: + - name: Check deployed BPMN process in Operate - {{ .value.name }} + type: http + range: + - name: Basic + id: it-test-process + - name: Inbound Connector + id: test-inbound-process + method: POST + url: "{{ .coreVars.baseURLs.operate }}/v1/process-definitions/search" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: '{}' + retry: 3 + delay: 15 + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + # NOTE: JSON keys are lowercased automatically, the original key is "bpmnProcessId". + - result.bodyjson.items.items{{ .index }}.bpmnprocessid ShouldEqual {{ .value.id }} + +- name: TEST - Check Connectors webhook + steps: + - name: Check deployed BPMN webhook + type: http + method: POST + url: "{{ .coreVars.baseURLs.connectors }}/test-mywebhook" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: '{"webhookDataKey":"webhookDataValue"}' + retry: 4 + delay: 15 + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +- name: TEST - Check ServiceMonitor + steps: + - name: Check prometheus could query containers + type: http + method: GET + url: "http://{{ .coreVars.baseURLs.prometheus }}/api/v1/query?query=system_cpu_count%7Bnamespace%3D%22{{ .coreVars.testNamespace }}%22%7D" + retry: 4 + delay: 15 + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.body ShouldContainSubstring connectors + - result.body ShouldContainSubstring identity + - result.body ShouldContainSubstring operate + - result.body ShouldContainSubstring optimize + - result.body ShouldContainSubstring tasklist + - result.body ShouldContainSubstring web-modeler-restapi + - result.body ShouldContainSubstring zeebe + - result.body ShouldContainSubstring zeebe-gateway diff --git a/test/integration/testsuites/preflight/testsuites/preflight.yaml b/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/testsuite-preflight.yaml similarity index 99% rename from test/integration/testsuites/preflight/testsuites/preflight.yaml rename to charts/camunda-platform-8.3/test/integration/testsuites/vars/files/testsuite-preflight.yaml index fba4d53c84..b069ada591 100644 --- a/test/integration/testsuites/preflight/testsuites/preflight.yaml +++ b/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/testsuite-preflight.yaml @@ -31,7 +31,7 @@ testcases: - component: Connectors url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/readiness" - component: ZeebeGateway - url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health/readiness" + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health" method: GET url: "{{ .value.url }}" retry: 3 @@ -41,6 +41,7 @@ testcases: # Response Body: {{ .result.body }} assertions: - result.statuscode ShouldEqual 200 + - name: "WebModeler - {{ .value.component }}" skip: - skiptestwebmodeler ShouldBeFalse diff --git a/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/variables-default.yaml b/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/variables-default.yaml index bfe3750509..7e132710b3 100644 --- a/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/variables-default.yaml +++ b/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/variables-default.yaml @@ -1,21 +1,19 @@ preflightVars: baseURLs: elasticsearch: http://integration-elasticsearch:9200 - console: http://integration-console:9100 keycloak: http://integration-keycloak identity: http://integration-identity:82 optimize: http://integration-optimize operate: http://integration-operate tasklist: http://integration-tasklist connectors: http://integration-connectors:8080 + zeebeGateway: http://integration-zeebe-gateway:9600 webModelerRestapi: http://integration-web-modeler-restapi:8091 webModelerWebapp: http://integration-web-modeler-webapp:8071 - zeebeGateway: http://integration-zeebe-gateway:9600 coreVars: authURL: "http://integration-keycloak/auth/realms/camunda-platform/protocol/openid-connect/token" baseURLs: - console: http://integration-console keycloak: http://integration-keycloak identity: http://integration-identity optimize: http://integration-optimize @@ -23,7 +21,6 @@ coreVars: tasklist: http://integration-tasklist connectors: http://integration-connectors:8080/inbound webModelerRestapi: http://integration-web-modeler-restapi - zeebeGatewayGRPC: http://integration-zeebe-gateway:9600 - zeebeGatewayREST: http://integration-zeebe-gateway:8080 + zeebeGateway: integration-zeebe-gateway:26500 zbctl: extraArgs: "--insecure" diff --git a/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/variables-ingress-combined.yaml b/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/variables-ingress-combined.yaml index 1746027b84..190283d560 100644 --- a/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/variables-ingress-combined.yaml +++ b/charts/camunda-platform-8.3/test/integration/testsuites/vars/files/variables-ingress-combined.yaml @@ -1,23 +1,21 @@ preflightVars: baseURLs: elasticsearch: http://integration-elasticsearch:9200 - console: http://integration-console:9100 keycloak: http://integration-keycloak identity: http://integration-identity:82 optimize: http://integration-optimize/optimize operate: http://integration-operate/operate tasklist: http://integration-tasklist/tasklist connectors: http://integration-connectors:8080/connectors + zeebeGateway: http://integration-zeebe-gateway:9600 webModelerRestapi: http://integration-web-modeler-restapi:8091 webModelerWebapp: http://integration-web-modeler-webapp:8071 - zeebeGateway: http://integration-zeebe-gateway:9600/zeebe coreVars: authURL: "https://{{ .TEST_INGRESS_HOST }}/auth/realms/camunda-platform/protocol/openid-connect/token" testNamespace: "{{ .K8S_NAMESPACE }}" baseURLs: - console: "https://{{ .TEST_INGRESS_HOST }}" - keycloak: "https://{{ .TEST_INGRESS_HOST }}/auth/" + keycloak: "https://{{ .TEST_INGRESS_HOST }}/auth" identity: "https://{{ .TEST_INGRESS_HOST }}/identity" operate: "https://{{ .TEST_INGRESS_HOST }}/operate" optimize: "https://{{ .TEST_INGRESS_HOST }}/optimize" @@ -25,8 +23,7 @@ coreVars: connectors: "https://{{ .TEST_INGRESS_HOST }}/connectors/inbound" webModeler: "https://{{ .TEST_INGRESS_HOST }}/modeler" webModelerRestapi: http://integration-web-modeler-restapi - zeebeGatewayGRPC: "zeebe-{{ .TEST_INGRESS_HOST }}:443" - zeebeGatewayREST: "https://{{ .TEST_INGRESS_HOST }}/zeebe" + zeebeGateway: "zeebe-{{ .TEST_INGRESS_HOST }}:443" prometheus: "prometheus-operated.kube-prometheus-stack.svc.cluster.local:9090" zbctl: extraArgs: "" diff --git a/charts/camunda-platform-8.3/test/integration/testsuites/vars/kustomization.yaml b/charts/camunda-platform-8.3/test/integration/testsuites/vars/kustomization.yaml index ced36288a4..412b1b9334 100644 --- a/charts/camunda-platform-8.3/test/integration/testsuites/vars/kustomization.yaml +++ b/charts/camunda-platform-8.3/test/integration/testsuites/vars/kustomization.yaml @@ -2,6 +2,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization configMapGenerator: +# This will be added in the CI. +# - name: venom-tests +# options: +# disableNameSuffixHash: true +# files: +# - files/testsuite-preflight.yaml +# - files/testsuite-core.yaml - name: venom-vars options: disableNameSuffixHash: true diff --git a/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/testsuite-core.yaml b/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/testsuite-core.yaml new file mode 100644 index 0000000000..5d18a524ee --- /dev/null +++ b/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/testsuite-core.yaml @@ -0,0 +1,301 @@ +# NOTE: WebModeler has its own step because Venom doesn't support skip in loops yet. +# https://github.com/ovh/venom/issues/651 +name: Test core functionality of Camunda + +# Vars without defaults are passed as a Venom var, e.g. "VENOM_VAR_TEST_CLIENT_SECRET". +vars: + releaseName: integration + venomClientID: '{{ .TEST_CLIENT_ID | default "venom" }}' + venomClientSecret: '{{ .TEST_CLIENT_SECRET }}' + skipTestIngress: '{{ .SKIP_TEST_INGRESS }}' + skipTestWebModeler: '{{ .SKIP_TEST_WEBMODELER }}' + +testcases: + +# https://docs.camunda.io/docs/self-managed/identity/user-guide/generating-m2m-tokens/ +- name: TEST - Generating machine-to-machine token + description: | + Test generating tokens from Keycloak for components that use client type "CONFIDENTIAL". + This test will not work with type "PUBLIC" because "Public client not allowed to retrieve service account". + https://datatracker.ietf.org/doc/html/rfc6749#section-2.1 + steps: + - name: "{{ .value.component }}" + type: http + range: + - component: Tasklist + clientID: tasklist + clientSecret: "{{ .TASKLIST_CLIENT_SECRET }}" + - component: Operate + clientID: operate + clientSecret: "{{ .OPERATE_CLIENT_SECRET }}" + - component: Optimize + clientID: optimize + clientSecret: "{{ .OPTIMIZE_CLIENT_SECRET }}" + - component: Connectors + clientID: connectors + clientSecret: "{{ .CONNECTORS_CLIENT_SECRET }}" + method: POST + url: "{{ .coreVars.authURL }}" + headers: + Content-Type: application/x-www-form-urlencoded + body: |- + client_id={{ .value.clientID }}&client_secret={{ .value.clientSecret }}&grant_type=client_credentials + # info: | + # Component: {{ .value.component }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# Helper to get access token for Venom Identity client which's seeded during Helm deployment. +- name: helperVenomToken + steps: + - name: Get Venom token + type: http + method: POST + url: "{{ .coreVars.authURL }}" + headers: + Content-Type: application/x-www-form-urlencoded + body: "client_id={{ .venomClientID }}&client_secret={{ .venomClientSecret }}&grant_type=client_credentials" + # info: | + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + vars: + jwt: + from: result.bodyjson.access_token + +- name: TEST - Interacting with Camunda login page + steps: + - name: "{{ .value.component }}" + skip: + - skiptestingress ShouldBeFalse + type: http + range: + - component: Console + url: "{{ .coreVars.baseURLs.console }}" + - component: Keycloak + url: "{{ .coreVars.baseURLs.keycloak }}" + - component: Identity + url: "{{ .coreVars.baseURLs.identity }}" + - component: Operate + url: "{{ .coreVars.baseURLs.operate }}" + - component: Optimize + url: "{{ .coreVars.baseURLs.optimize }}" + - component: Tasklist + url: "{{ .coreVars.baseURLs.tasklist }}" + - component: WebModeler + url: "{{ .coreVars.baseURLs.webModeler }}" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 15 + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.body ShouldNotContainSubstring error + +# Connectors Inbound doesn't have the same flow like the rest of the components. +# So it needs different check. +- name: TEST - Interacting with Camunda login page - Connectors + steps: + - name: "Check Inbound Connectors" + skip: + - skiptestingress ShouldBeFalse + type: http + method: GET + url: "{{ .coreVars.baseURLs.connectors }}" + retry: 3 + delay: 15 + info: | + = Request Method: {{ .value.method }} + = Request Body: {{ .result.request.body }} + = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + # - result.bodyjson.items.items0.health.status ShouldEqual UP + +# TODO: Add Optimize. +- name: TEST - Interacting with Camunda web API + steps: + - name: "{{ .value.component }}" + type: http + range: + - component: Console + url: "{{ .coreVars.baseURLs.console }}/api/clusters" + method: GET + body: '' + - component: Identity + url: "{{ .coreVars.baseURLs.identity }}/api/users" + method: GET + body: '' + - component: Operate + docs: https://docs.camunda.io/docs/self-managed/operate-deployment/operate-authentication/ + url: "{{ .coreVars.baseURLs.operate }}/v1/process-definitions/search" + method: POST + body: '{}' + - component: Tasklist + docs: https://docs.camunda.io/docs/self-managed/tasklist-deployment/tasklist-authentication/ + url: "{{ .coreVars.baseURLs.tasklist }}/graphql" + method: POST + body: '{"query": "{tasks(query:{}){id name}}"}' + method: "{{ .value.method }}" + url: "{{ .value.url }}" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: "{{ .value.body }}" + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# Unlike other apps, WebModeler by default expects the JWT token to be acquired from external Keycloak URL. +# Hence, this test is added in the extra tests when Ingress is enabled. +- name: TEST - Interacting with WebModeler + steps: + # TODO: Check why WM 8.3.0 cannot be accessed internally. + # - name: Check WebModeler internal API + # skip: + # - skiptestwebmodeler ShouldBeFalse + # type: http + # method: GET + # url: "{{ .coreVars.baseURLs.webModelerRestapi }}/api/v1/info" + # headers: + # Content-Type: application/json + # Authorization: "Bearer {{ .helperVenomToken.jwt }}" + # # info: | + # # = Request Body: {{ .result.request.body }} + # # = Response Body: {{ .result.body }} + # assertions: + # - result.statuscode ShouldEqual 200 + # - result.bodyjson.version ShouldNotBeEmpty + - name: Check WebModeler login page + skip: + - skiptestingress ShouldBeFalse + - skiptestwebmodeler ShouldBeFalse + type: http + method: GET + url: "{{ .coreVars.baseURLs.webModeler }}" + retry: 3 + delay: 15 + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.body ShouldNotContainSubstring error + +- name: TEST - Interacting with Zeebe Gateway + steps: + - name: Check Zeebe Gateway status + type: exec + script: | + zbctl --clientCache=/tmp/zeebe \ + --clientId {{ .venomClientID }} --clientSecret {{ .venomClientSecret }} \ + --authzUrl "{{ .coreVars.authURL }}" --address "{{ .coreVars.baseURLs.zeebeGateway }}" \ + {{ .coreVars.zbctl.extraArgs }} \ + status + retry: 2 + delay: 10 + # info: | + # = systemerr: {{ .result.systemerr }} + # = err: {{ .result.err }} + assertions: + - result.code ShouldEqual 0 + - result.systemout ShouldContainSubstring "Leader, Healthy" + - result.systemout ShouldNotContainSubstring Unhealthy + - result.timeseconds ShouldBeLessThan 1 + +- name: TEST - Deploying BPMN process + steps: + - name: Deploy BPMN process to Zeebe - {{ .value.name }} + type: exec + range: + - name: Basic + file: test-process.bpmn + - name: Inbound Connector + file: test-inbound-process.bpmn + script: | + zbctl --clientCache=/tmp/zeebe \ + --clientId {{ .venomClientID }} --clientSecret {{ .venomClientSecret }} \ + --authzUrl "{{ .coreVars.authURL }}" --address "{{ .coreVars.baseURLs.zeebeGateway }}" \ + {{ .coreVars.zbctl.extraArgs }} \ + deploy /mnt/fixtures/{{ .value.file }} + # info: | + # = systemerr: {{ .result.systemerr }} + # = err: {{ .result.err }} + assertions: + - result.code ShouldEqual 0 + +- name: TEST - Check deployed BPMN process + steps: + - name: Check deployed BPMN process in Operate - {{ .value.name }} + type: http + range: + - name: Basic + id: it-test-process + - name: Inbound Connector + id: test-inbound-process + method: POST + url: "{{ .coreVars.baseURLs.operate }}/v1/process-definitions/search" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: '{}' + retry: 3 + delay: 15 + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + # NOTE: JSON keys are lowercased automatically, the original key is "bpmnProcessId". + - result.bodyjson.items.items{{ .index }}.bpmnprocessid ShouldEqual {{ .value.id }} + +- name: TEST - Check Connectors webhook + steps: + - name: Check deployed BPMN webhook + type: http + method: POST + url: "{{ .coreVars.baseURLs.connectors }}/test-mywebhook" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: '{"webhookDataKey":"webhookDataValue"}' + retry: 4 + delay: 15 + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# - name: TEST - Check ServiceMonitor +# steps: +# - name: Check prometheus could query containers +# type: http +# method: GET +# url: "http://{{ .coreVars.baseURLs.prometheus }}/api/v1/query?query=system_cpu_count%7Bnamespace%3D%22{{ .coreVars.testNamespace }}%22%7D" +# retry: 4 +# delay: 15 +# # info: | +# # = Request Body: {{ .result.request.body }} +# # = Response Body: {{ .result.body }} +# assertions: +# - result.body ShouldContainSubstring connectors +# - result.body ShouldContainSubstring identity +# - result.body ShouldContainSubstring operate +# - result.body ShouldContainSubstring optimize +# - result.body ShouldContainSubstring tasklist +# - result.body ShouldContainSubstring web-modeler-restapi +# - result.body ShouldContainSubstring zeebe +# - result.body ShouldContainSubstring zeebe-gateway diff --git a/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/testsuite-preflight.yaml b/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/testsuite-preflight.yaml new file mode 100644 index 0000000000..b069ada591 --- /dev/null +++ b/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/testsuite-preflight.yaml @@ -0,0 +1,115 @@ +# NOTE: WebModeler has its own step because Venom doesn't support skip in loops yet. +# https://github.com/ovh/venom/issues/651 +name: Run preflight checks for Camunda + +# Vars without defaults are passed as a Venom var, e.g. "VENOM_VAR_TEST_CLIENT_SECRET". +vars: + releaseName: integration + skipTestWebModeler: '{{ .SKIP_TEST_WEBMODELER }}' + +testcases: + +- name: TEST - Readiness + steps: + - name: "{{ .value.component }}" + type: http + range: + # Dependencies. + - component: Elasticsearch + url: "{{ .preflightVars.baseURLs.elasticsearch }}/_cluster/health?&timeout=1s" + - component: Keycloak + url: "{{ .preflightVars.baseURLs.keycloak }}/auth/realms/master" + # Camunda. + - component: Identity + url: "{{ .preflightVars.baseURLs.identity }}/actuator/health" + - component: Optimize + url: "{{ .preflightVars.baseURLs.optimize }}/api/readyz" + - component: Operate + url: "{{ .preflightVars.baseURLs.operate }}/actuator/health/readiness" + - component: Tasklist + url: "{{ .preflightVars.baseURLs.tasklist }}/actuator/health/readiness" + - component: Connectors + url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/readiness" + - component: ZeebeGateway + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + + - name: "WebModeler - {{ .value.component }}" + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + range: + - component: RESTAPI + url: "{{ .preflightVars.baseURLs.webModelerRestapi }}/health/readiness" + - component: WebApp + url: "{{ .preflightVars.baseURLs.webModelerWebapp }}/health/readiness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +- name: TEST - Liveness + steps: + - name: "{{ .value.component }}" + type: http + range: + # Dependencies. + - component: Elasticsearch + url: "{{ .preflightVars.baseURLs.elasticsearch }}/_cluster/health?wait_for_status=green&timeout=1s" + - component: Keycloak + url: "{{ .preflightVars.baseURLs.keycloak }}/auth/realms/camunda-platform" + # Camunda. + - component: Identity + url: "{{ .preflightVars.baseURLs.identity }}/actuator/health" + - component: Optimize + url: "{{ .preflightVars.baseURLs.optimize }}/api/readyz" + - component: Operate + url: "{{ .preflightVars.baseURLs.operate }}/actuator/health/liveness" + - component: Tasklist + url: "{{ .preflightVars.baseURLs.tasklist }}/actuator/health/liveness" + - component: Connectors + url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/liveness" + - component: ZeebeGateway + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health/liveness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - name: "WebModeler - {{ .value.component }}" + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + range: + - component: RESTAPI + url: "{{ .preflightVars.baseURLs.webModelerRestapi }}/health/liveness" + - component: WebApp + url: "{{ .preflightVars.baseURLs.webModelerWebapp }}/health/liveness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# TODO: Check seed config like ES indexes. diff --git a/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/variables-default.yaml b/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/variables-default.yaml index bfe3750509..d109d84235 100644 --- a/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/variables-default.yaml +++ b/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/variables-default.yaml @@ -8,9 +8,9 @@ preflightVars: operate: http://integration-operate tasklist: http://integration-tasklist connectors: http://integration-connectors:8080 + zeebeGateway: http://integration-zeebe-gateway:9600 webModelerRestapi: http://integration-web-modeler-restapi:8091 webModelerWebapp: http://integration-web-modeler-webapp:8071 - zeebeGateway: http://integration-zeebe-gateway:9600 coreVars: authURL: "http://integration-keycloak/auth/realms/camunda-platform/protocol/openid-connect/token" @@ -23,7 +23,6 @@ coreVars: tasklist: http://integration-tasklist connectors: http://integration-connectors:8080/inbound webModelerRestapi: http://integration-web-modeler-restapi - zeebeGatewayGRPC: http://integration-zeebe-gateway:9600 - zeebeGatewayREST: http://integration-zeebe-gateway:8080 + zeebeGateway: integration-zeebe-gateway:26500 zbctl: extraArgs: "--insecure" diff --git a/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/variables-ingress-combined.yaml b/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/variables-ingress-combined.yaml index 1746027b84..11efb40924 100644 --- a/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/variables-ingress-combined.yaml +++ b/charts/camunda-platform-8.4/test/integration/testsuites/vars/files/variables-ingress-combined.yaml @@ -8,16 +8,16 @@ preflightVars: operate: http://integration-operate/operate tasklist: http://integration-tasklist/tasklist connectors: http://integration-connectors:8080/connectors + zeebeGateway: http://integration-zeebe-gateway:9600 webModelerRestapi: http://integration-web-modeler-restapi:8091 webModelerWebapp: http://integration-web-modeler-webapp:8071 - zeebeGateway: http://integration-zeebe-gateway:9600/zeebe coreVars: authURL: "https://{{ .TEST_INGRESS_HOST }}/auth/realms/camunda-platform/protocol/openid-connect/token" testNamespace: "{{ .K8S_NAMESPACE }}" baseURLs: console: "https://{{ .TEST_INGRESS_HOST }}" - keycloak: "https://{{ .TEST_INGRESS_HOST }}/auth/" + keycloak: "https://{{ .TEST_INGRESS_HOST }}/auth" identity: "https://{{ .TEST_INGRESS_HOST }}/identity" operate: "https://{{ .TEST_INGRESS_HOST }}/operate" optimize: "https://{{ .TEST_INGRESS_HOST }}/optimize" @@ -25,8 +25,7 @@ coreVars: connectors: "https://{{ .TEST_INGRESS_HOST }}/connectors/inbound" webModeler: "https://{{ .TEST_INGRESS_HOST }}/modeler" webModelerRestapi: http://integration-web-modeler-restapi - zeebeGatewayGRPC: "zeebe-{{ .TEST_INGRESS_HOST }}:443" - zeebeGatewayREST: "https://{{ .TEST_INGRESS_HOST }}/zeebe" + zeebeGateway: "zeebe-{{ .TEST_INGRESS_HOST }}:443" prometheus: "prometheus-operated.kube-prometheus-stack.svc.cluster.local:9090" zbctl: extraArgs: "" diff --git a/charts/camunda-platform-8.4/test/integration/testsuites/vars/kustomization.yaml b/charts/camunda-platform-8.4/test/integration/testsuites/vars/kustomization.yaml index ced36288a4..412b1b9334 100644 --- a/charts/camunda-platform-8.4/test/integration/testsuites/vars/kustomization.yaml +++ b/charts/camunda-platform-8.4/test/integration/testsuites/vars/kustomization.yaml @@ -2,6 +2,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization configMapGenerator: +# This will be added in the CI. +# - name: venom-tests +# options: +# disableNameSuffixHash: true +# files: +# - files/testsuite-preflight.yaml +# - files/testsuite-core.yaml - name: venom-vars options: disableNameSuffixHash: true diff --git a/test/integration/testsuites/core/testsuites/core.yaml b/charts/camunda-platform-alpha/test/integration/testsuites/vars/files/testsuite-core.yaml similarity index 100% rename from test/integration/testsuites/core/testsuites/core.yaml rename to charts/camunda-platform-alpha/test/integration/testsuites/vars/files/testsuite-core.yaml diff --git a/charts/camunda-platform-alpha/test/integration/testsuites/vars/files/testsuite-preflight.yaml b/charts/camunda-platform-alpha/test/integration/testsuites/vars/files/testsuite-preflight.yaml new file mode 100644 index 0000000000..f32e761a45 --- /dev/null +++ b/charts/camunda-platform-alpha/test/integration/testsuites/vars/files/testsuite-preflight.yaml @@ -0,0 +1,114 @@ +# NOTE: WebModeler has its own step because Venom doesn't support skip in loops yet. +# https://github.com/ovh/venom/issues/651 +name: Run preflight checks for Camunda + +# Vars without defaults are passed as a Venom var, e.g. "VENOM_VAR_TEST_CLIENT_SECRET". +vars: + releaseName: integration + skipTestWebModeler: '{{ .SKIP_TEST_WEBMODELER }}' + +testcases: + +- name: TEST - Readiness + steps: + - name: "{{ .value.component }}" + type: http + range: + # Dependencies. + - component: Elasticsearch + url: "{{ .preflightVars.baseURLs.elasticsearch }}/_cluster/health?&timeout=1s" + - component: Keycloak + url: "{{ .preflightVars.baseURLs.keycloak }}/auth/realms/master" + # Camunda. + - component: Identity + url: "{{ .preflightVars.baseURLs.identity }}/actuator/health" + - component: Optimize + url: "{{ .preflightVars.baseURLs.optimize }}/api/readyz" + - component: Operate + url: "{{ .preflightVars.baseURLs.operate }}/actuator/health/readiness" + - component: Tasklist + url: "{{ .preflightVars.baseURLs.tasklist }}/actuator/health/readiness" + - component: Connectors + url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/readiness" + - component: ZeebeGateway + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - name: "WebModeler - {{ .value.component }}" + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + range: + - component: RESTAPI + url: "{{ .preflightVars.baseURLs.webModelerRestapi }}/health/readiness" + - component: WebApp + url: "{{ .preflightVars.baseURLs.webModelerWebapp }}/health/readiness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +- name: TEST - Liveness + steps: + - name: "{{ .value.component }}" + type: http + range: + # Dependencies. + - component: Elasticsearch + url: "{{ .preflightVars.baseURLs.elasticsearch }}/_cluster/health?wait_for_status=green&timeout=1s" + - component: Keycloak + url: "{{ .preflightVars.baseURLs.keycloak }}/auth/realms/camunda-platform" + # Camunda. + - component: Identity + url: "{{ .preflightVars.baseURLs.identity }}/actuator/health" + - component: Optimize + url: "{{ .preflightVars.baseURLs.optimize }}/api/readyz" + - component: Operate + url: "{{ .preflightVars.baseURLs.operate }}/actuator/health/liveness" + - component: Tasklist + url: "{{ .preflightVars.baseURLs.tasklist }}/actuator/health/liveness" + - component: Connectors + url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/liveness" + - component: ZeebeGateway + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health/liveness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - name: "WebModeler - {{ .value.component }}" + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + range: + - component: RESTAPI + url: "{{ .preflightVars.baseURLs.webModelerRestapi }}/health/liveness" + - component: WebApp + url: "{{ .preflightVars.baseURLs.webModelerWebapp }}/health/liveness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# TODO: Check seed config like ES indexes. diff --git a/charts/camunda-platform-alpha/test/integration/testsuites/vars/kustomization.yaml b/charts/camunda-platform-alpha/test/integration/testsuites/vars/kustomization.yaml index ced36288a4..412b1b9334 100644 --- a/charts/camunda-platform-alpha/test/integration/testsuites/vars/kustomization.yaml +++ b/charts/camunda-platform-alpha/test/integration/testsuites/vars/kustomization.yaml @@ -2,6 +2,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization configMapGenerator: +# This will be added in the CI. +# - name: venom-tests +# options: +# disableNameSuffixHash: true +# files: +# - files/testsuite-preflight.yaml +# - files/testsuite-core.yaml - name: venom-vars options: disableNameSuffixHash: true diff --git a/charts/camunda-platform-latest/test/integration/testsuites/vars/files/testsuite-core.yaml b/charts/camunda-platform-latest/test/integration/testsuites/vars/files/testsuite-core.yaml new file mode 100644 index 0000000000..4884f29911 --- /dev/null +++ b/charts/camunda-platform-latest/test/integration/testsuites/vars/files/testsuite-core.yaml @@ -0,0 +1,316 @@ +# NOTE: WebModeler has its own step because Venom doesn't support skip in loops yet. +# https://github.com/ovh/venom/issues/651 +name: Test core functionality of Camunda + +# Vars without defaults are passed as a Venom var, e.g. "VENOM_VAR_TEST_CLIENT_SECRET". +vars: + releaseName: integration + venomClientID: '{{ .TEST_CLIENT_ID | default "venom" }}' + venomClientSecret: '{{ .TEST_CLIENT_SECRET }}' + skipTestIngress: '{{ .SKIP_TEST_INGRESS }}' + skipTestWebModeler: '{{ .SKIP_TEST_WEBMODELER }}' + +testcases: + +# https://docs.camunda.io/docs/self-managed/identity/user-guide/generating-m2m-tokens/ +- name: TEST - Generating machine-to-machine token + description: | + Test generating tokens from Keycloak for components that use client type "CONFIDENTIAL". + This test will not work with type "PUBLIC" because "Public client not allowed to retrieve service account". + https://datatracker.ietf.org/doc/html/rfc6749#section-2.1 + steps: + - name: "{{ .value.component }}" + type: http + range: + - component: Tasklist + clientID: tasklist + clientSecret: "{{ .TASKLIST_CLIENT_SECRET }}" + - component: Operate + clientID: operate + clientSecret: "{{ .OPERATE_CLIENT_SECRET }}" + - component: Optimize + clientID: optimize + clientSecret: "{{ .OPTIMIZE_CLIENT_SECRET }}" + - component: Connectors + clientID: connectors + clientSecret: "{{ .CONNECTORS_CLIENT_SECRET }}" + method: POST + url: "{{ .coreVars.authURL }}" + headers: + Content-Type: application/x-www-form-urlencoded + body: |- + client_id={{ .value.clientID }}&client_secret={{ .value.clientSecret }}&grant_type=client_credentials + # info: | + # Component: {{ .value.component }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# Helper to get access token for Venom Identity client which's seeded during Helm deployment. +- name: helperVenomToken + steps: + - name: Get Venom token + type: http + method: POST + url: "{{ .coreVars.authURL }}" + headers: + Content-Type: application/x-www-form-urlencoded + body: "client_id={{ .venomClientID }}&client_secret={{ .venomClientSecret }}&grant_type=client_credentials" + # info: | + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + vars: + jwt: + from: result.bodyjson.access_token + +- name: TEST - Interacting with Camunda login page + steps: + - name: "{{ .value.component }}" + skip: + - skiptestingress ShouldBeFalse + type: http + range: + - component: Console + url: "{{ .coreVars.baseURLs.console }}" + - component: Keycloak + url: "{{ .coreVars.baseURLs.keycloak }}" + - component: Identity + url: "{{ .coreVars.baseURLs.identity }}" + - component: Operate + url: "{{ .coreVars.baseURLs.operate }}" + - component: Optimize + url: "{{ .coreVars.baseURLs.optimize }}" + - component: Tasklist + url: "{{ .coreVars.baseURLs.tasklist }}" + - component: WebModeler + url: "{{ .coreVars.baseURLs.webModeler }}" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 15 + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.body ShouldNotContainSubstring error + +# Connectors Inbound doesn't have the same flow like the rest of the components. +# So it needs different check. +- name: TEST - Interacting with Camunda login page - Connectors + steps: + - name: "Check Inbound Connectors" + skip: + - skiptestingress ShouldBeFalse + type: http + method: GET + url: "{{ .coreVars.baseURLs.connectors }}" + retry: 3 + delay: 15 + info: | + = Request Method: {{ .value.method }} + = Request Body: {{ .result.request.body }} + = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + # - result.bodyjson.items.items0.health.status ShouldEqual UP + +# TODO: Add Optimize. +- name: TEST - Interacting with Camunda web API + steps: + - name: "{{ .value.component }}" + type: http + range: + - component: Console + url: "{{ .coreVars.baseURLs.console }}/api/clusters" + method: GET + body: '' + - component: Identity + url: "{{ .coreVars.baseURLs.identity }}/api/users" + method: GET + body: '' + - component: Operate + docs: https://docs.camunda.io/docs/self-managed/operate-deployment/operate-authentication/ + url: "{{ .coreVars.baseURLs.operate }}/v1/process-definitions/search" + method: POST + body: '{}' + - component: Tasklist + docs: https://docs.camunda.io/docs/self-managed/tasklist-deployment/tasklist-authentication/ + url: "{{ .coreVars.baseURLs.tasklist }}/graphql" + method: POST + body: '{"query": "{tasks(query:{}){id name}}"}' + method: "{{ .value.method }}" + url: "{{ .value.url }}" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: "{{ .value.body }}" + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# Unlike other apps, WebModeler by default expects the JWT token to be acquired from external Keycloak URL. +# Hence, this test is added in the extra tests when Ingress is enabled. +- name: TEST - Interacting with WebModeler + steps: + # TODO: Check why WM 8.3.0 cannot be accessed internally. + # - name: Check WebModeler internal API + # skip: + # - skiptestwebmodeler ShouldBeFalse + # type: http + # method: GET + # url: "{{ .coreVars.baseURLs.webModelerRestapi }}/api/v1/info" + # headers: + # Content-Type: application/json + # Authorization: "Bearer {{ .helperVenomToken.jwt }}" + # # info: | + # # = Request Body: {{ .result.request.body }} + # # = Response Body: {{ .result.body }} + # assertions: + # - result.statuscode ShouldEqual 200 + # - result.bodyjson.version ShouldNotBeEmpty + - name: Check WebModeler login page + skip: + - skiptestingress ShouldBeFalse + - skiptestwebmodeler ShouldBeFalse + type: http + method: GET + url: "{{ .coreVars.baseURLs.webModeler }}" + retry: 3 + delay: 15 + # info: | + # Component: {{ .value.component }} + # = Request Method: {{ .value.method }} + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.body ShouldNotContainSubstring error + +- name: TEST - Interacting with Zeebe Gateway + steps: + - name: Check Zeebe Gateway status - gRPC + type: exec + script: | + zbctl --clientCache=/tmp/zeebe \ + --clientId {{ .venomClientID }} --clientSecret {{ .venomClientSecret }} \ + --authzUrl "{{ .coreVars.authURL }}" --address "{{ .coreVars.baseURLs.zeebeGatewayGRPC }}" \ + {{ .coreVars.zbctl.extraArgs }} \ + status + retry: 2 + delay: 10 + # info: | + # = systemerr: {{ .result.systemerr }} + # = err: {{ .result.err }} + assertions: + - result.code ShouldEqual 0 + - result.systemout ShouldContainSubstring "Leader, Healthy" + - result.systemout ShouldNotContainSubstring Unhealthy + - result.timeseconds ShouldBeLessThan 1 + - name: Check Zeebe Gateway status - REST + type: http + method: GET + url: "{{ .coreVars.baseURLs.zeebeGatewayREST }}/v1/topology" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + retry: 2 + delay: 10 + info: | + = Request Body: {{ .result.request.body }} + = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - result.bodyjson ShouldContainKey brokers + +- name: TEST - Deploying BPMN process + steps: + - name: Deploy BPMN process to Zeebe - {{ .value.name }} + type: exec + range: + - name: Basic + file: test-process.bpmn + - name: Inbound Connector + file: test-inbound-process.bpmn + script: | + zbctl --clientCache=/tmp/zeebe \ + --clientId {{ .venomClientID }} --clientSecret {{ .venomClientSecret }} \ + --authzUrl "{{ .coreVars.authURL }}" --address "{{ .coreVars.baseURLs.zeebeGatewayGRPC }}" \ + {{ .coreVars.zbctl.extraArgs }} \ + deploy /mnt/fixtures/{{ .value.file }} + # info: | + # = systemerr: {{ .result.systemerr }} + # = err: {{ .result.err }} + assertions: + - result.code ShouldEqual 0 + +- name: TEST - Check deployed BPMN process + steps: + - name: Check deployed BPMN process in Operate - {{ .value.name }} + type: http + range: + - name: Basic + id: it-test-process + - name: Inbound Connector + id: test-inbound-process + method: POST + url: "{{ .coreVars.baseURLs.operate }}/v1/process-definitions/search" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: '{}' + retry: 3 + delay: 15 + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + # NOTE: JSON keys are lowercased automatically, the original key is "bpmnProcessId". + - result.bodyjson.items.items{{ .index }}.bpmnprocessid ShouldEqual {{ .value.id }} + +- name: TEST - Check Connectors webhook + steps: + - name: Check deployed BPMN webhook + type: http + method: POST + url: "{{ .coreVars.baseURLs.connectors }}/test-mywebhook" + headers: + Content-Type: application/json + Authorization: "Bearer {{ .helperVenomToken.jwt }}" + body: '{"webhookDataKey":"webhookDataValue"}' + retry: 4 + delay: 15 + # info: | + # = Request Body: {{ .result.request.body }} + # = Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# - name: TEST - Check ServiceMonitor +# steps: +# - name: Check prometheus could query containers +# type: http +# method: GET +# url: "http://{{ .coreVars.baseURLs.prometheus }}/api/v1/query?query=system_cpu_count%7Bnamespace%3D%22{{ .coreVars.testNamespace }}%22%7D" +# retry: 4 +# delay: 15 +# # info: | +# # = Request Body: {{ .result.request.body }} +# # = Response Body: {{ .result.body }} +# assertions: +# - result.body ShouldContainSubstring connectors +# - result.body ShouldContainSubstring identity +# - result.body ShouldContainSubstring operate +# - result.body ShouldContainSubstring optimize +# - result.body ShouldContainSubstring tasklist +# - result.body ShouldContainSubstring web-modeler-restapi +# - result.body ShouldContainSubstring zeebe +# - result.body ShouldContainSubstring zeebe-gateway diff --git a/charts/camunda-platform-latest/test/integration/testsuites/vars/files/testsuite-preflight.yaml b/charts/camunda-platform-latest/test/integration/testsuites/vars/files/testsuite-preflight.yaml new file mode 100644 index 0000000000..f32e761a45 --- /dev/null +++ b/charts/camunda-platform-latest/test/integration/testsuites/vars/files/testsuite-preflight.yaml @@ -0,0 +1,114 @@ +# NOTE: WebModeler has its own step because Venom doesn't support skip in loops yet. +# https://github.com/ovh/venom/issues/651 +name: Run preflight checks for Camunda + +# Vars without defaults are passed as a Venom var, e.g. "VENOM_VAR_TEST_CLIENT_SECRET". +vars: + releaseName: integration + skipTestWebModeler: '{{ .SKIP_TEST_WEBMODELER }}' + +testcases: + +- name: TEST - Readiness + steps: + - name: "{{ .value.component }}" + type: http + range: + # Dependencies. + - component: Elasticsearch + url: "{{ .preflightVars.baseURLs.elasticsearch }}/_cluster/health?&timeout=1s" + - component: Keycloak + url: "{{ .preflightVars.baseURLs.keycloak }}/auth/realms/master" + # Camunda. + - component: Identity + url: "{{ .preflightVars.baseURLs.identity }}/actuator/health" + - component: Optimize + url: "{{ .preflightVars.baseURLs.optimize }}/api/readyz" + - component: Operate + url: "{{ .preflightVars.baseURLs.operate }}/actuator/health/readiness" + - component: Tasklist + url: "{{ .preflightVars.baseURLs.tasklist }}/actuator/health/readiness" + - component: Connectors + url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/readiness" + - component: ZeebeGateway + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - name: "WebModeler - {{ .value.component }}" + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + range: + - component: RESTAPI + url: "{{ .preflightVars.baseURLs.webModelerRestapi }}/health/readiness" + - component: WebApp + url: "{{ .preflightVars.baseURLs.webModelerWebapp }}/health/readiness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +- name: TEST - Liveness + steps: + - name: "{{ .value.component }}" + type: http + range: + # Dependencies. + - component: Elasticsearch + url: "{{ .preflightVars.baseURLs.elasticsearch }}/_cluster/health?wait_for_status=green&timeout=1s" + - component: Keycloak + url: "{{ .preflightVars.baseURLs.keycloak }}/auth/realms/camunda-platform" + # Camunda. + - component: Identity + url: "{{ .preflightVars.baseURLs.identity }}/actuator/health" + - component: Optimize + url: "{{ .preflightVars.baseURLs.optimize }}/api/readyz" + - component: Operate + url: "{{ .preflightVars.baseURLs.operate }}/actuator/health/liveness" + - component: Tasklist + url: "{{ .preflightVars.baseURLs.tasklist }}/actuator/health/liveness" + - component: Connectors + url: "{{ .preflightVars.baseURLs.connectors }}/actuator/health/liveness" + - component: ZeebeGateway + url: "{{ .preflightVars.baseURLs.zeebeGateway }}/actuator/health/liveness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + - name: "WebModeler - {{ .value.component }}" + skip: + - skiptestwebmodeler ShouldBeFalse + type: http + range: + - component: RESTAPI + url: "{{ .preflightVars.baseURLs.webModelerRestapi }}/health/liveness" + - component: WebApp + url: "{{ .preflightVars.baseURLs.webModelerWebapp }}/health/liveness" + method: GET + url: "{{ .value.url }}" + retry: 3 + delay: 10 + # info: | + # {{ .value.component }} URL: {{ .value.url }} + # Response Body: {{ .result.body }} + assertions: + - result.statuscode ShouldEqual 200 + +# TODO: Check seed config like ES indexes. diff --git a/charts/camunda-platform-latest/test/integration/testsuites/vars/kustomization.yaml b/charts/camunda-platform-latest/test/integration/testsuites/vars/kustomization.yaml index ced36288a4..412b1b9334 100644 --- a/charts/camunda-platform-latest/test/integration/testsuites/vars/kustomization.yaml +++ b/charts/camunda-platform-latest/test/integration/testsuites/vars/kustomization.yaml @@ -2,6 +2,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization configMapGenerator: +# This will be added in the CI. +# - name: venom-tests +# options: +# disableNameSuffixHash: true +# files: +# - files/testsuite-preflight.yaml +# - files/testsuite-core.yaml - name: venom-vars options: disableNameSuffixHash: true diff --git a/test/integration/scenarios/lib/testsuite-deploy-taskfile.yaml b/test/integration/scenarios/lib/testsuite-deploy-taskfile.yaml index 950bc1c453..76df45913d 100644 --- a/test/integration/scenarios/lib/testsuite-deploy-taskfile.yaml +++ b/test/integration/scenarios/lib/testsuite-deploy-taskfile.yaml @@ -17,7 +17,16 @@ tasks: default: cmds: # Add testsuites vars. - - kubectl kustomize {{ .chartDir }}/test/integration/testsuites/vars | kubectl apply -n $TEST_NAMESPACE -f - + - | + # Kustomize doesn't support dir with edit/patch. + # https://github.com/kubernetes-sigs/kustomize/issues/2803 + ( + cd {{ .chartDir }}/test/integration/testsuites/vars && + kustomize edit add configmap venom-tests --disableNameSuffixHash \ + --from-file=files/testsuite-{{ .testID }}.yaml + ) + - | + kubectl kustomize {{ .chartDir }}/test/integration/testsuites/vars | kubectl apply -n $TEST_NAMESPACE -f - # Add imagePullSecrets if needed. - cmd: | if [[ -n "${TEST_CREATE_DOCKER_LOGIN_SECRET}" ]]; then diff --git a/test/integration/testsuites/base/job.yaml b/test/integration/testsuites/base/job.yaml index 23f773ec9d..d624d5f19d 100644 --- a/test/integration/testsuites/base/job.yaml +++ b/test/integration/testsuites/base/job.yaml @@ -43,7 +43,7 @@ spec: until [ ${try} -ge ${limit} ]; do try=$((try + 1)) echo "[INFO] Venom exec no. ${try}..." - /usr/local/venom run ./tests/${VENOM_TESTSUITE_FILES:-*.yaml} \ + /usr/local/venom run ./tests/*/${VENOM_TESTSUITE_FILES:-*.yaml} \ ${VENOM_EXTRA_ARGS:- --var-from-file=./vars/variables-default.yaml} exit_code=$? test ${exit_code} == 0 && break @@ -76,8 +76,10 @@ spec: - mountPath: /usr/local/bin/zbctl name: tools subPath: zbctl + - name: venom-tests-common + mountPath: /workdir/tests/common - name: venom-tests - mountPath: /workdir/tests + mountPath: /workdir/tests/overlay - name: venom-vars mountPath: /workdir/vars - name: venom-fixtures @@ -85,6 +87,9 @@ spec: volumes: - name: tools emptyDir: {} + - name: venom-tests-common + configMap: + name: venom-tests-common - name: venom-tests configMap: name: venom-tests diff --git a/test/integration/testsuites/base/kustomization.yaml b/test/integration/testsuites/base/kustomization.yaml index 913cee11ea..385d778812 100644 --- a/test/integration/testsuites/base/kustomization.yaml +++ b/test/integration/testsuites/base/kustomization.yaml @@ -5,7 +5,7 @@ resources: - job.yaml configMapGenerator: -- name: venom-tests +- name: venom-tests-common options: disableNameSuffixHash: true files: diff --git a/test/integration/testsuites/core/kustomization.yaml b/test/integration/testsuites/core/kustomization.yaml index 0be8d0d650..e5c6dad1e8 100644 --- a/test/integration/testsuites/core/kustomization.yaml +++ b/test/integration/testsuites/core/kustomization.yaml @@ -7,12 +7,6 @@ resources: - ../base configMapGenerator: -- name: venom-tests - options: - disableNameSuffixHash: true - behavior: merge - files: - - testsuites/core.yaml - name: venom-fixtures options: disableNameSuffixHash: true diff --git a/test/integration/testsuites/core/patches/job.yaml b/test/integration/testsuites/core/patches/job.yaml index 90e3825c70..c85786317b 100644 --- a/test/integration/testsuites/core/patches/job.yaml +++ b/test/integration/testsuites/core/patches/job.yaml @@ -14,6 +14,7 @@ spec: secretKeyRef: name: integration-console-identity-secret key: console-secret + optional: true - name: VENOM_VAR_TASKLIST_CLIENT_SECRET valueFrom: secretKeyRef: diff --git a/test/integration/testsuites/preflight/kustomization.yaml b/test/integration/testsuites/preflight/kustomization.yaml index 8bdca90f5a..7b009b4bba 100644 --- a/test/integration/testsuites/preflight/kustomization.yaml +++ b/test/integration/testsuites/preflight/kustomization.yaml @@ -5,11 +5,3 @@ nameSuffix: -preflight resources: - ../base - -configMapGenerator: -- name: venom-tests - options: - disableNameSuffixHash: true - behavior: merge - files: - - testsuites/preflight.yaml