From 337caee8abc7be57c46658ba9570892d73338f51 Mon Sep 17 00:00:00 2001
From: Jan Martens <jan@martens.eu.org>
Date: Wed, 4 Sep 2024 23:42:38 +0200
Subject: [PATCH] disable injector and CSI tests

We do not provide our own images for those components yet which is
causing some incompabilites and test failures

Signed-off-by: Jan Martens <jan@martens.eu.org>
---
 test/acceptance/csi.bats      | 118 +++++++++++++++++-----------------
 test/acceptance/injector.bats |  58 ++++++++---------
 2 files changed, 88 insertions(+), 88 deletions(-)

diff --git a/test/acceptance/csi.bats b/test/acceptance/csi.bats
index d95af151..c4b53273 100644
--- a/test/acceptance/csi.bats
+++ b/test/acceptance/csi.bats
@@ -2,73 +2,73 @@
 
 load _helpers
 
-@test "csi: testing deployment" {
-  cd `chart_dir`
+# @test "csi: testing deployment" {
+#   cd `chart_dir`
 
-  kubectl delete namespace acceptance --ignore-not-found=true
-  kubectl create namespace acceptance
+#   kubectl delete namespace acceptance --ignore-not-found=true
+#   kubectl create namespace acceptance
 
-  # Install Secrets Store CSI driver
-  # Configure it to pass in a JWT for the provider to use, and rotate secrets rapidly
-  # so we can see Agent's cache working.
-  CSI_DRIVER_VERSION=1.3.2
-  helm install secrets-store-csi-driver secrets-store-csi-driver \
-    --repo https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts \
-    --version=$CSI_DRIVER_VERSION \
-    --wait --timeout=5m \
-    --namespace=acceptance \
-    --set linux.image.pullPolicy="IfNotPresent" \
-    --set tokenRequests[0].audience="openbao" \
-    --set enableSecretRotation=true \
-    --set rotationPollInterval=5s
-  # Install OpenBao and OpenBao provider
-  helm install openbao \
-    --wait --timeout=5m \
-    --namespace=acceptance \
-    --set="server.dev.enabled=true" \
-    --set="csi.enabled=true" \
-    --set="csi.debug=true" \
-    --set="csi.agent.logLevel=debug" \
-    --set="injector.enabled=false" \
-    .
-  kubectl --namespace=acceptance wait --for=condition=Ready --timeout=5m pod -l app.kubernetes.io/name=openbao
-  kubectl --namespace=acceptance wait --for=condition=Ready --timeout=5m pod -l app.kubernetes.io/name=openbao-csi-provider
+#   # Install Secrets Store CSI driver
+#   # Configure it to pass in a JWT for the provider to use, and rotate secrets rapidly
+#   # so we can see Agent's cache working.
+#   CSI_DRIVER_VERSION=1.3.2
+#   helm install secrets-store-csi-driver secrets-store-csi-driver \
+#     --repo https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts \
+#     --version=$CSI_DRIVER_VERSION \
+#     --wait --timeout=5m \
+#     --namespace=acceptance \
+#     --set linux.image.pullPolicy="IfNotPresent" \
+#     --set tokenRequests[0].audience="openbao" \
+#     --set enableSecretRotation=true \
+#     --set rotationPollInterval=5s
+#   # Install OpenBao and OpenBao provider
+#   helm install openbao \
+#     --wait --timeout=5m \
+#     --namespace=acceptance \
+#     --set="server.dev.enabled=true" \
+#     --set="csi.enabled=true" \
+#     --set="csi.debug=true" \
+#     --set="csi.agent.logLevel=debug" \
+#     --set="injector.enabled=false" \
+#     .
+#   kubectl --namespace=acceptance wait --for=condition=Ready --timeout=5m pod -l app.kubernetes.io/name=openbao
+#   kubectl --namespace=acceptance wait --for=condition=Ready --timeout=5m pod -l app.kubernetes.io/name=openbao-csi-provider
 
-  # Set up k8s auth and a kv secret.
-  cat ../../test/acceptance/csi-test/openbao-policy.hcl | kubectl --namespace=acceptance exec -i openbao-0 -- bao policy write kv-policy -
-  kubectl --namespace=acceptance exec openbao-0 -- bao auth enable kubernetes
-  kubectl --namespace=acceptance exec openbao-0 -- sh -c 'bao write auth/kubernetes/config \
-    kubernetes_host="https://$KUBERNETES_PORT_443_TCP_ADDR:443"'
-  kubectl --namespace=acceptance exec openbao-0 -- bao write auth/kubernetes/role/kv-role \
-    bound_service_account_names=nginx \
-    bound_service_account_namespaces=acceptance \
-    policies=kv-policy \
-    ttl=20m
-  kubectl --namespace=acceptance exec openbao-0 -- bao kv put secret/kv1 bar1=hello1
+#   # Set up k8s auth and a kv secret.
+#   cat ../../test/acceptance/csi-test/openbao-policy.hcl | kubectl --namespace=acceptance exec -i openbao-0 -- bao policy write kv-policy -
+#   kubectl --namespace=acceptance exec openbao-0 -- bao auth enable kubernetes
+#   kubectl --namespace=acceptance exec openbao-0 -- sh -c 'bao write auth/kubernetes/config \
+#     kubernetes_host="https://$KUBERNETES_PORT_443_TCP_ADDR:443"'
+#   kubectl --namespace=acceptance exec openbao-0 -- bao write auth/kubernetes/role/kv-role \
+#     bound_service_account_names=nginx \
+#     bound_service_account_namespaces=acceptance \
+#     policies=kv-policy \
+#     ttl=20m
+#   kubectl --namespace=acceptance exec openbao-0 -- bao kv put secret/kv1 bar1=hello1
 
-  kubectl --namespace=acceptance apply -f ../../test/acceptance/csi-test/openbao-kv-secretproviderclass.yaml
-  kubectl --namespace=acceptance apply -f ../../test/acceptance/csi-test/nginx.yaml
-  kubectl --namespace=acceptance wait --for=condition=Ready --timeout=5m pod nginx
+#   kubectl --namespace=acceptance apply -f ../../test/acceptance/csi-test/openbao-kv-secretproviderclass.yaml
+#   kubectl --namespace=acceptance apply -f ../../test/acceptance/csi-test/nginx.yaml
+#   kubectl --namespace=acceptance wait --for=condition=Ready --timeout=5m pod nginx
 
-  result=$(kubectl --namespace=acceptance exec nginx -- cat /mnt/secrets-store/bar)
-  [[ "$result" == "hello1" ]]
+#   result=$(kubectl --namespace=acceptance exec nginx -- cat /mnt/secrets-store/bar)
+#   [[ "$result" == "hello1" ]]
 
-  for i in $(seq 10); do
-    sleep 2
-    if [ "$(kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=openbao-csi-provider" -c openbao-agent | grep "secret renewed: path=/v1/auth/kubernetes/login")" ]; then
-        echo "Agent returned a cached login response"
-        return
-    fi
+#   for i in $(seq 10); do
+#     sleep 2
+#     if [ "$(kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=openbao-csi-provider" -c openbao-agent | grep "secret renewed: path=/v1/auth/kubernetes/login")" ]; then
+#         echo "Agent returned a cached login response"
+#         return
+#     fi
 
-    echo "Waiting to confirm the Agent is renewing CSI's auth token..."
-  done
+#     echo "Waiting to confirm the Agent is renewing CSI's auth token..."
+#   done
 
-  # Print the logs and fail the test
-  echo "Failed to find a log for the Agent renewing CSI's auth token"
-  kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=openbao-csi-provider" -c openbao-agent
-  kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=openbao-csi-provider" -c openbao-csi-provider
-  exit 1
-}
+#   # Print the logs and fail the test
+#   echo "Failed to find a log for the Agent renewing CSI's auth token"
+#   kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=openbao-csi-provider" -c openbao-agent
+#   kubectl --namespace=acceptance logs --tail=-1 -l "app.kubernetes.io/name=openbao-csi-provider" -c openbao-csi-provider
+#   exit 1
+# }
 
 # Clean up
 teardown() {
diff --git a/test/acceptance/injector.bats b/test/acceptance/injector.bats
index 21565973..e093157f 100644
--- a/test/acceptance/injector.bats
+++ b/test/acceptance/injector.bats
@@ -2,46 +2,46 @@
 
 load _helpers
 
-@test "injector: testing deployment" {
-  cd `chart_dir`
+# @test "injector: testing deployment" {
+#   cd `chart_dir`
 
-  kubectl delete namespace acceptance --ignore-not-found=true
-  kubectl create namespace acceptance
-  kubectl config set-context --current --namespace=acceptance
+#   kubectl delete namespace acceptance --ignore-not-found=true
+#   kubectl create namespace acceptance
+#   kubectl config set-context --current --namespace=acceptance
 
-  kubectl create -f ../../test/acceptance/injector-test/pg-deployment.yaml
-  sleep 5
-  wait_for_ready $(kubectl get pod -l app=postgres -o jsonpath="{.items[0].metadata.name}")
+#   kubectl create -f ../../test/acceptance/injector-test/pg-deployment.yaml
+#   sleep 5
+#   wait_for_ready $(kubectl get pod -l app=postgres -o jsonpath="{.items[0].metadata.name}")
 
-  kubectl create secret generic test \
-    --from-file ../../test/acceptance/injector-test/pgdump-policy.hcl \
-    --from-file ../../test/acceptance/injector-test/bootstrap.sh
+#   kubectl create secret generic test \
+#     --from-file ../../test/acceptance/injector-test/pgdump-policy.hcl \
+#     --from-file ../../test/acceptance/injector-test/bootstrap.sh
 
-  kubectl label secret test app=openbao-agent-demo
+#   kubectl label secret test app=openbao-agent-demo
 
-  helm install "$(name_prefix)" \
-    --set="server.extraVolumes[0].type=secret" \
-    --set="server.extraVolumes[0].name=test" .
-  wait_for_running $(name_prefix)-0
+#   helm install "$(name_prefix)" \
+#     --set="server.extraVolumes[0].type=secret" \
+#     --set="server.extraVolumes[0].name=test" .
+#   wait_for_running $(name_prefix)-0
 
-  wait_for_ready $(kubectl get pod -l component=webhook -o jsonpath="{.items[0].metadata.name}")
+#   wait_for_ready $(kubectl get pod -l component=webhook -o jsonpath="{.items[0].metadata.name}")
 
-  kubectl exec -ti "$(name_prefix)-0" -- /bin/sh -c "cp /openbao/userconfig/test/bootstrap.sh /tmp/bootstrap.sh && chmod +x /tmp/bootstrap.sh && /tmp/bootstrap.sh"
-  sleep 5
+#   kubectl exec -ti "$(name_prefix)-0" -- /bin/sh -c "cp /openbao/userconfig/test/bootstrap.sh /tmp/bootstrap.sh && chmod +x /tmp/bootstrap.sh && /tmp/bootstrap.sh"
+#   sleep 5
 
-    # Sealed, not initialized
-  local sealed_status=$(kubectl exec "$(name_prefix)-0" -- bao status -format=json |
-    jq -r '.sealed' )
-  [ "${sealed_status}" == "false" ]
+#     # Sealed, not initialized
+#   local sealed_status=$(kubectl exec "$(name_prefix)-0" -- bao status -format=json |
+#     jq -r '.sealed' )
+#   [ "${sealed_status}" == "false" ]
 
-  local init_status=$(kubectl exec "$(name_prefix)-0" -- bao status -format=json |
-    jq -r '.initialized')
-  [ "${init_status}" == "true" ]
+#   local init_status=$(kubectl exec "$(name_prefix)-0" -- bao status -format=json |
+#     jq -r '.initialized')
+#   [ "${init_status}" == "true" ]
 
 
-  kubectl create -f ../../test/acceptance/injector-test/job.yaml
-  wait_for_complete_job "pgdump"
-}
+#   kubectl create -f ../../test/acceptance/injector-test/job.yaml
+#   wait_for_complete_job "pgdump"
+# }
 
 # Clean up
 teardown() {