NODE-5888 use user token with group name

.github/workflows/ci.yaml

@@ -187,7 +187,7 @@ jobs:
           SKIP_IMAGE_CREATION: true
           DOCKERHUB_USER: ${{ steps.secrets.outputs.user }}
           DOCKERHUB_PASSWORD: ${{ steps.secrets.outputs.password }}
-          WALLARM_API_TOKEN: ${{ steps.secrets.outputs.api_token }}
+          WALLARM_API_TOKEN: ${{ steps.secrets.outputs.user_token }}
           WALLARM_API_HOST: ${{ steps.secrets.outputs.api_host }}
           WALLARM_API_PRESET: ${{ steps.secrets.outputs.api_preset }}
           USER_TOKEN: ${{ steps.secrets.outputs.user_token }}
@@ -261,7 +261,7 @@ jobs:
           KIND_CLUSTER_NAME: kind
           SKIP_CLUSTER_CREATION: true
           SKIP_IMAGE_CREATION: true
-          WALLARM_API_TOKEN: ${{ steps.secrets.outputs.api_token }}
+          WALLARM_API_TOKEN: ${{ steps.secrets.outputs.user_token }}
           CT_MODE: ${{ matrix.method }}
           DOCKERHUB_USER: ${{ steps.secrets.outputs.DOCKERHUB_USER }}
           DOCKERHUB_PASSWORD: ${{ steps.secrets.outputs.DOCKERHUB_PASSWORD }}
@@ -357,6 +357,7 @@ jobs:
           secrets: |
             kv-gitlab-ci/data/github/ingress api_token ;
             kv-gitlab-ci/data/github/ingress api_host ;
+            kv-gitlab-ci/data/github/ingress user_token ;
             kv-gitlab-ci/data/github/shared/dockerhub-creds user | DOCKERHUB_USER ;
             kv-gitlab-ci/data/github/shared/dockerhub-creds password | DOCKERHUB_PASSWORD ;
 
@@ -387,7 +388,7 @@ jobs:
           SKIP_INGRESS_IMAGE_CREATION: true
           SKIP_E2E_IMAGE_CREATION: true
           WALLARM_ENABLED: true
-          WALLARM_API_TOKEN: ${{ steps.secrets.outputs.api_token }}
+          WALLARM_API_TOKEN: ${{ steps.secrets.outputs.user_token }}
           WALLARM_API_HOST: ${{ steps.secrets.outputs.api_host }}
           DOCKERHUB_USER: ${{ steps.secrets.outputs.DOCKERHUB_USER }}
           DOCKERHUB_PASSWORD: ${{ steps.secrets.outputs.DOCKERHUB_PASSWORD }}

test/e2e/run-chart-test.sh

@@ -16,6 +16,9 @@
 
 KIND_LOG_LEVEL="1"
 
+# generate unique group name
+export NODE_GROUP_NAME="github-ingress-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 12; echo)"
+
 if [ -n "${DEBUG}" ]; then
   set -x
   KIND_LOG_LEVEL="6"
@@ -64,6 +67,7 @@ DOCKERHUB_PASSWORD="${DOCKERHUB_PASSWORD:-fake_password}"
 HELM_EXTRA_ARGS="--timeout 240s"
 HELM_EXTRA_SET_ARGS="\
  --set controller.wallarm.token=${WALLARM_API_TOKEN} \
+ --set controller.wallarm.nodeGroup=${NODE_GROUP_NAME} \
  --set controller.wallarm.enabled=true \
  --set controller.image.repository=wallarm/ingress-controller \
  --set controller.image.tag=1.0.0-dev \

test/e2e/run-e2e-suite.sh

@@ -28,6 +28,9 @@ set -o errexit
 set -o nounset
 set -o pipefail
 
+# generate unique group name
+export NODE_GROUP_NAME="github-ingress-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 12; echo)"
+
 RED='\e[35m'
 NC='\e[0m'
 BGREEN='\e[32m'
@@ -105,6 +108,7 @@ kubectl run --rm \
   --env="WALLARM_ENABLED=${WALLARM_ENABLED:-false}" \
   --env="WALLARM_API_TOKEN=${WALLARM_API_TOKEN:-}" \
   --env="WALLARM_API_HOST=${WALLARM_API_HOST:-}" \
+  --env="NODE_GROUP_NAME=${NODE_GROUP_NAME:-}" \
   --env="HTTPBUN_IMAGE=${HTTPBUN_IMAGE}" \
   --overrides='{ "apiVersion": "v1", "spec":{"serviceAccountName": "ingress-nginx-e2e","imagePullSecrets":[{"name":"dockerhub-secret"}]}}' \
   e2e --image=nginx-ingress-controller:e2e

test/e2e/run-kind-e2e.sh

@@ -60,6 +60,9 @@ SKIP_INGRESS_IMAGE_CREATION="${SKIP_INGRESS_IMAGE_CREATION:-false}"
 SKIP_E2E_IMAGE_CREATION="${SKIP_E2E_IMAGE_CREATION:=false}"
 SKIP_CLUSTER_CREATION="${SKIP_CLUSTER_CREATION:-false}"
 
+# generate unique group name
+export NODE_GROUP_NAME="github-ingress-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 12; echo)"
+
 if ! command -v kind --version &> /dev/null; then
   echo "kind is not installed. Use the package manager or visit the official site https://kind.sigs.k8s.io/"
   exit 1

test/smoke/functions.sh

@@ -18,6 +18,7 @@ function check_mandatory_vars() {
       WEBHOOK_UUID
       SMOKE_REGISTRY_TOKEN
       SMOKE_REGISTRY_SECRET
+      NODE_GROUP_NAME
     )
 
     env_list=""

test/smoke/run-smoke-suite.sh

@@ -8,7 +8,7 @@ set -o errexit
 set -o nounset
 set -o pipefail
 
-#import functions
+# import functions
 source "${PWD}/test/smoke/functions.sh"
 
 # check if all mandatory vars was defined
@@ -62,15 +62,6 @@ if ! kubectl get secret "${SMOKE_IMAGE_PULL_SECRET_NAME}" &> /dev/null; then
     [email protected]
 fi
 
-echo "Retrieving Wallarm Node UUID ..."
-POD=$(kubectl get pod -l "app.kubernetes.io/component=controller" -o=name | cut -d/ -f 2)
-NODE_UUID=$(kubectl exec "${POD}" -c controller -- cat /opt/wallarm/etc/wallarm/node.yaml | grep uuid | awk '{print $2}' | xargs)
-if [[ -z "${NODE_UUID}" ]]; then
-  echo "Failed to retrieve Wallarm Node UUID"
-  get_logs_and_fail
-fi
-echo "Node UUID: ${NODE_UUID}"
-
 RAND_NUM="${RANDOM}${RANDOM}${RANDOM}"
 RAND_NUM=${RAND_NUM:0:10}
 
@@ -90,7 +81,7 @@ spec:
   - command: [sleep, infinity]
     env:
     - {name: NODE_BASE_URL, value: "${NODE_BASE_URL}"}
-    - {name: NODE_UUID, value: "${NODE_UUID}"}
+    - {name: NODE_GROUP_NAME, value: "${NODE_GROUP_NAME}"}
     - {name: WALLARM_API_HOST, value: "${WALLARM_API_HOST}"}
     - {name: WALLARM_API_PRESET, value: "${WALLARM_API_PRESET}"}
     - {name: API_CA_VERIFY, value: "${WALLARM_API_CA_VERIFY}"}

test/smoke/run.sh

@@ -14,9 +14,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#import functions
+# import functions
 source "${PWD}/test/smoke/functions.sh"
 
+# generate unique group name
+export NODE_GROUP_NAME="github-ingress-$(tr -dc A-Za-z0-9 </dev/urandom | head -c 12; echo)"
+echo "[test-env] random node group name: ${NODE_GROUP_NAME}..."
+
 # check if all mandatory vars was defined
 check_mandatory_vars
 
@@ -135,6 +139,7 @@ controller:
     token: ${WALLARM_API_TOKEN}
     apiHost: ${WALLARM_API_HOST}
     apiCaVerify: ${WALLARM_API_CA_VERIFY}
+    nodeGroup: ${NODE_GROUP_NAME}
     fallback: "off"
     cron:
       commands: