diff --git a/README.md b/README.md index 78b78ac4..a3fb9c59 100644 --- a/README.md +++ b/README.md @@ -5,8 +5,9 @@ TestNG based Java test suite focused on e2e testing application services running ## Requirements * java jdk 11 -* maven >= 3.3.1 +* maven >= 3.8.1 * kcat (only to run Kcat tests) +* python 3 ## Build and check checkstyle @@ -50,37 +51,52 @@ required variables in the test sourcecode javadoc. Environment variables can also be configured in the [config.json](#config-file) file. -| Name | Description | Default value | -|------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------| -| `CONFIG_FILE` | relative or absolute path to the [config.json](#config-file) | $(pwd)/config.json | -| `LOG_DIR` | path where the test suite will store additional collected logs and artifacts | $(pwd)/target/logs | -| `PRIMARY_USERNAME` | ** https://sso.redhat.com username with quota to provision the tested service (See [Create test users](#create-test-users) if you don't have one) | | -| `PRIMARY_PASSWORD` | ** primary user password | | -| `SECONDARY_USERNAME` | ** https://sso.redhat.com username in the same organization as the primary user | | -| `SECONDARY_PASSWORD` | ** secondary user password | | -| `ALIEN_USERNAME` | ** https://sso.redhat.com username in a different organization respect the primary user with no quota | | -| `ALIEN_PASSWORD` | ** alien user password | | -| `DIFF_ORG_USERNAME` | ** https://sso.redhat.com username in a different organization respect the primary user and alien user with quota: 1 SKU | | -| `DIFF_ORG_PASSWORD` | ** diff_org user password | | -| `OPENSHIFT_API_URI` | the base URI for the application services mgmt APIs (See [Test Environments](#test-environments)) | `https://api.stage.openshift.com` | -| `REDHAT_SSO_URI` | users authentication endpoint for application services mgmt APIs | `https://sso.redhat.com` | -| `REDHAT_SSO_LOGIN_FORM_ID` | HTML `id` value of the login `
` the SSO application will present after redirect | `#rh-password-verification-form` | -| `OPENSHIFT_IDENTITY_URI` | users authentication endpoint for application services instances APIs (See [Test Environments](#test-environments)) | `https://identity.api.stage.openshift.com` | -| `OPENSHIFT_IDENTITY_LOGIN_FORM_ID` | HTML `id` value of the login `` the SSO application will present after redirect | `#rh-password-verification-form` | -| `DEV_CLUSTER_SERVER` | ** the API server URI of a OpenShift cluster with the binding operator installed | | -| `DEV_CLUSTER_TOKEN` | ** the cluster user or service account token | | -| `DEV_CLUSTER_NAMESPACE` | the namespace where to create test resources (See [Create test namespace on the dev cluster](#create-test-namespace-on-the-dev-cluster)) | `mk-e2e-tests` | -| `CLI_VERSION` | the CLI version to download from the app-services-cli repo | `latest` | -| `CLI_PLATFORM` | windows/macOS/linux | `auto-detect` | -| `CLI_ARCH` | the CLI arch and os to download from the app-services-cli repo | `amd64` | -| `CLI_EXCLUDE_VERSIONS` | a regex that if match will exclude the the CLI versions matching it while looking for the latest CLI release | `alpha` | -| `GITHUB_TOKEN` | the github token used to download the CLI if needed | | -| `LAUNCH_KEY` | A string key used to identify the current configuration and owner which is used to generate unique name and identify the launch | `change-me` | -| `SKIP_TEARDOWN` | Skip the whole test teardown in most tests, although some of them will need top re-enable it to succeed | `false` | -| `SKIP_KAFKA_TEARDOWN` | Skip only the Kafka instance cleanup teardown in the tests that don't require a new instance for each run to speed the local development | `false` | -| `DEFAULT_KAFKA_REGION` | Change the default region where kafka instances will be provisioned if the test suite doesn't decide otherwise | `us-east-1` | -| `KAFKA_INSECURE_TLS` | Boolean value to indicate whether the Kafka and Admin REST API TLS is insecure (for self-signed certificates) | `false` | -| `KAFKA_INSTANCE_API_TEMPLATE` | URL template for the Kafka Admin REST API. May be used to specify plain-text HTTP or an alternate port | `https://admin-server-%s/rest` | +| Name | Description | Default value | +|--------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------| +| `CONFIG_FILE` | relative or absolute path to the [config.json](#config-file) | $(pwd)/config.json | +| `LOG_DIR` | path where the test suite will store additional collected logs and artifacts | $(pwd)/target/logs | +| `PRIMARY_USERNAME` | ** https://sso.redhat.com username with quota to provision the tested service (See [Create test users](#create-test-users) if you don't have one) | | +| `PRIMARY_PASSWORD` | ** primary user password | | +| `_OFFLINE_TOKEN` | ** offline token used to authenticate and authorize user to perform operations against data, control plane. Example user: `PRIMARY_OFFLINE_TOKEN` | | +| `SECONDARY_USERNAME` | ** https://sso.redhat.com username in the same organization as the primary user | | +| `SECONDARY_PASSWORD` | ** secondary user password | | +| `ALIEN_USERNAME` | ** https://sso.redhat.com username in a different organization respect the primary user with no quota | | +| `ALIEN_PASSWORD` | ** alien user password | | +| `DIFF_ORG_USERNAME` | ** https://sso.redhat.com username in a different organization respect the primary user and alien user with quota: 1 SKU | | +| `DIFF_ORG_PASSWORD` | ** diff_org user password | | +| `OPENSHIFT_API_URI` | the base URI for the application services mgmt APIs (See [Test Environments](#test-environments)) | `https://api.stage.openshift.com` | +| `REDHAT_SSO_URI` | users authentication endpoint for application services mgmt APIs | `https://sso.redhat.com` | +| `REDHAT_SSO_LOGIN_FORM_ID` | HTML `id` value of the login `` the SSO application will present after redirect | `#rh-password-verification-form` | +| `OBSERVATORIUM_CLIENT_ID` | client id for Observatorium client (with token refreshing container running in locally) | | +| `OBSERVATORIUM_CLIENT_SECRET` | client secret for Obserevatorium client | | +| `OBSERVATORIUM_OIDC_ISSUER_URL` | sso issue url for observatorium client | | +| `OBSERVATORIUM_URL` | Observatorium's URL | | +| `OPENSHIFT_IDENTITY_URI` | users authentication endpoint for application services instances APIs (See [Test Environments](#test-environments)) | `https://identity.api.stage.openshift.com` | +| `OPENSHIFT_IDENTITY_LOGIN_FORM_ID` | HTML `id` value of the login `` the SSO application will present after redirect | `#rh-password-verification-form` | +| `DEV_CLUSTER_SERVER` | ** the API server URI of a OpenShift cluster with the binding operator installed | | +| `DEV_CLUSTER_TOKEN` | ** the cluster user or service account token | | +| `DEV_CLUSTER_NAMESPACE` | the namespace where to create test resources (See [Create test namespace on the dev cluster](#create-test-namespace-on-the-dev-cluster)) | `mk-e2e-tests` | +| `CLI_VERSION` | the CLI version to download from the app-services-cli repo | `latest` | +| `CLI_PLATFORM` | windows/macOS/linux | `auto-detect` | +| `CLI_ARCH` | the CLI arch and os to download from the app-services-cli repo | `amd64` | +| `CLI_EXCLUDE_VERSIONS` | a regex that if match will exclude the the CLI versions matching it while looking for the latest CLI release | `alpha` | +| `LAUNCH_KEY` | A string key used to identify the current configuration and owner which is used to generate unique name and identify the launch | `change-me` | +| `SKIP_TEARDOWN` | Skip the whole test teardown in most tests, although some of them will need top re-enable it to succeed | `false` | +| `SKIP_KAFKA_TEARDOWN` | Skip only the Kafka instance cleanup teardown in the tests that don't require a new instance for each run to speed the local development | `false` | +| `DEFAULT_KAFKA_REGION` | Change the default region where kafka instances will be provisioned if the test suite doesn't decide otherwise | `us-east-1` | +| `KAFKA_INSECURE_TLS` | Boolean value to indicate whether the Kafka and Admin REST API TLS is insecure (for self-signed certificates) | `false` | +| `KAFKA_INSTANCE_API_TEMPLATE` | URL template for the Kafka Admin REST API. May be used to specify plain-text HTTP or an alternate port | `https://admin-server-%s/rest` | +| `AWS_DATA_PLANE_ACCESS_TOKEN` | Service account's token with permission t access and manipulate all necessary resources located in AWS data plane cluster | | +| `STRATOSPHERE_PASSWORD` | Password used for all of stratosphere users | | +| `STRATOSPHERE_SCENARIO_1_AWS_ACCOUNT_ID ` | aws cloud account' id linked to the org where stratospehere1 user resides | | +| `STRATOSPHERE_SCENARIO_1_USER` | stratosphere1: user in organization with 1 aws cloud account linked and without standard quota | | +| `STRATOSPHERE_SCENARIO_2_AWS_ACCOUNT_ID` | aws cloud account' id linked to the org where stratospehere2 user resides | | +| `STRATOSPHERE_SCENARIO_2_USER` | stratosphere2: user in organization with 1 aws cloud account linked and with standard quota | | +| `STRATOSPHERE_SCENARIO_3_AWS_ACCOUNT_ID` | aws cloud account' id linked to the org where stratospehere3 user resides | | +| `STRATOSPHERE_SCENARIO_3_RHM_ACCOUNT_ID` | rhm cloud account' id linked to the org where stratospehere3 user resides | | +| `STRATOSPHERE_SCENARIO_3_USER` | stratosphere3: user in organization with 1 aws cloud account linked and 1 rhm cloud account linked | | +| `STRATOSPHERE_SCENARIO_4_AWS_ACCOUNT_ID` | aws cloud account' id linked to the org where stratospehere4 user resides | | +| `STRATOSPHERE_SCENARIO_3_USER` | stratosphere4: user in organization with 2 aws cloud account linked | | ## Config File @@ -132,19 +148,14 @@ The default targeted environment is the application services stage env. | Name | Description | |-------------|------------------------------------------------------------------| | default | run kafka, registry, devexp and quickstarts test suites | +| integration | run test which are part of integration pipeline | +| kafka | run test related to testing managed kafka as such | +| pr-check | run test which are run to check each PR to this repository | +| registry | run test related to testing service registries | | sandbox | run the sandbox test suite to test the openshift sandbox cluster | +| smoke | run smoke tests, literally making sure basic functions work | | quickstarts | run the cucumber quickstarts test suite | -## Report to Prometheus - -Tests can report metrics to Prometheus to analyze or monitor behaviours, like the number and frequency of failed API -requests that are retried automatically. A push gateway is required to send the metrics to prometheus, and it is -configured with the following ENVs: - -| Name | Description | Default value | -|---------------------------|-----------------------------|-----------------------| -| `PROMETHEUS_PUSH_GATEWAY` | Prometheus Push Gateway URL | `https://example.com` | - ## Short guides ### Create test users @@ -231,6 +242,18 @@ https://github.com/redhat-developer/app-services-operator/tree/main/olm/olm-cata and update the property `rhoas-model.version` in `pom.xml`. +### start token refresher cotainer to access observatorium +Class `BillingMetricTest` queries Observatorium. To do so it needs to obtain token which is obtained from local container. +To start this process locally, you need a container runtime (Docker) and run following scripts with described environment variables: +- `OBSERVATORIUM_CLIENT_ID` +- `OBSERVATORIUM_CLIENT_SECRET` +- `OBSERVATORIUM_OIDC_ISSUER_URL` +- `OBSERVATORIUM_URL` + +```shell +./hack/run-token-refresher.sh +``` + ## Maintainers * David Kornel diff --git a/src/main/java/io/managed/services/test/Environment.java b/src/main/java/io/managed/services/test/Environment.java index f13bbf2b..c9189c72 100644 --- a/src/main/java/io/managed/services/test/Environment.java +++ b/src/main/java/io/managed/services/test/Environment.java @@ -95,8 +95,7 @@ public class Environment { private static final String STRATOSPHERE_SCENARIO_3_AWS_ACCOUNT_ID_ENV = "STRATOSPHERE_SCENARIO_3_AWS_ACCOUNT_ID"; private static final String STRATOSPHERE_SCENARIO_3_RHM_ACCOUNT_ID_ENV = "STRATOSPHERE_SCENARIO_3_RHM_ACCOUNT_ID"; private static final String STRATOSPHERE_SCENARIO_4_AWS_ACCOUNT_ID_ENV = "STRATOSPHERE_SCENARIO_4_AWS_ACCOUNT_ID"; - - private static final String PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN_ENV = "PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN"; + private static final String AWS_DATA_PLANE_ACCESS_TOKEN_ENV = "AWS_DATA_PLANE_ACCESS_TOKEN"; private static final String PROMETHEUS_WEB_CLIENT_ROUTE_ENV = "PROMETHEUS_WEB_CLIENT_ROUTE"; private static final String STAGE_DATA_PLANE_ADMIN_CLIENT_ID_ENV = "STAGE_DATA_PLANE_ADMIN_CLIENT_ID"; @@ -194,7 +193,7 @@ public class Environment { public static final String STRATOSPHERE_SCENARIO_3_RHM_ACCOUNT_ID = getOrDefault(STRATOSPHERE_SCENARIO_3_RHM_ACCOUNT_ID_ENV, null); public static final String STRATOSPHERE_SCENARIO_4_AWS_ACCOUNT_ID = getOrDefault(STRATOSPHERE_SCENARIO_4_AWS_ACCOUNT_ID_ENV, null); - public static final String PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN = getOrDefault(PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN_ENV, null); + public static final String AWS_DATA_PLANE_ACCESS_TOKEN = getOrDefault(AWS_DATA_PLANE_ACCESS_TOKEN_ENV, null); public static final String PROMETHEUS_WEB_CLIENT_ROUTE = getOrDefault(PROMETHEUS_WEB_CLIENT_ROUTE_ENV, "https://obs-prometheus-managed-application-services-observability.apps.mk-stage-0622.bd59.p1.openshiftapps.com"); diff --git a/src/test/java/io/managed/services/test/billing/BillingMetricsTest.java b/src/test/java/io/managed/services/test/billing/BillingMetricsTest.java index 1b2c8ad1..75db9e5a 100644 --- a/src/test/java/io/managed/services/test/billing/BillingMetricsTest.java +++ b/src/test/java/io/managed/services/test/billing/BillingMetricsTest.java @@ -51,7 +51,7 @@ * Requires: *
    *
  • PRIMARY_OFFLINE_TOKEN - *
  • PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN + *
  • AWS_DATA_PLANE_ACCESS_TOKEN *
*/ @Log4j2 @@ -89,7 +89,7 @@ public class BillingMetricsTest extends TestBase { @SneakyThrows public void bootstrap() { assertNotNull(Environment.PRIMARY_OFFLINE_TOKEN, "the PRIMARY_OFFLINE_TOKEN env is null"); - assertNotNull(Environment.PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN, "the PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN env is null"); + assertNotNull(Environment.AWS_DATA_PLANE_ACCESS_TOKEN, "the AWS_DATA_PLANE_ACCESS_TOKEN env is null"); var apps = ApplicationServicesApi.applicationServicesApi(Environment.PRIMARY_OFFLINE_TOKEN); @@ -106,7 +106,7 @@ public void bootstrap() { this.prometheusWebClient = new PrometheusWebClientBuilder() .withBaseUrl(Environment.PROMETHEUS_WEB_CLIENT_ROUTE) .withUrlResourcePath("/api/v1/query") - .addHeaderEntry("Authorization", "Bearer " + Environment.PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN) + .addHeaderEntry("Authorization", "Bearer " + Environment.AWS_DATA_PLANE_ACCESS_TOKEN) .build(); // Create Kafka Instance diff --git a/src/test/java/io/managed/services/test/cluster/DataPlaneClusterTest.java b/src/test/java/io/managed/services/test/cluster/DataPlaneClusterTest.java index 48260fcb..2ccb6c77 100644 --- a/src/test/java/io/managed/services/test/cluster/DataPlaneClusterTest.java +++ b/src/test/java/io/managed/services/test/cluster/DataPlaneClusterTest.java @@ -50,7 +50,8 @@ *

* Requires: *

    - *
  • PRIMARY_OFFLINE_TOKEN + *
  • PRIMARY_OFFLINE_TOKEN + *
  • AWS_DATA_PLANE_ACCESS_TOKEN_ENV *
*/ @Log4j2 @@ -59,8 +60,6 @@ public class DataPlaneClusterTest extends TestBase { static final String KAFKA_INSTANCE_NAME = "cl-e2e-" + Environment.LAUNCH_SUFFIX; private OpenShiftClient oc; - - private static final String KAFKAS_MGMT_120_CODE = "KAFKAS-MGMT-120"; private static final String KAFKAS_MGMT_21_CODE = "KAFKAS-MGMT-21"; private static final String KAFKAS_MGMT_24_CODE = "KAFKAS-MGMT-24"; private static final String PLAN_STANDARD = "standard.x1"; @@ -74,7 +73,7 @@ public void bootstrap() { log.info("build config"); Config config = new ConfigBuilder() .withMasterUrl("https://api.mk-stage-0622.bd59.p1.openshiftapps.com:6443") - .withOauthToken(Environment.PROMETHEUS_WEB_CLIENT_ACCESS_TOKEN) + .withOauthToken(Environment.AWS_DATA_PLANE_ACCESS_TOKEN) .withTrustCerts(true) .build(); log.info("init openshift client");