test

hack/e2e.sh

@@ -20,7 +20,7 @@ fi
 set -x
 set -e
 
-kill `cat srv1/qemu.pid srv2/qemu.pid srv3/qemu.pid` || true
+kill `cat srv1/qemu.pid srv2/qemu.pid srv3/qemu.pid cat srv4/qemu.pid` || true
 
 ip link del cozy-br0 || true
 ip link add cozy-br0 type bridge
@@ -31,8 +31,8 @@ ip addr add 192.168.123.1/24 dev cozy-br0
 iptables -t nat -D POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123.0/24 -j MASQUERADE 2>/dev/null || true
 iptables -t nat -A POSTROUTING -s 192.168.123.0/24 ! -d 192.168.123.0/24 -j MASQUERADE
 
-rm -rf srv1 srv2 srv3
-mkdir -p srv1 srv2 srv3
+rm -rf srv1 srv2 srv3 srv4
+mkdir -p srv1 srv2 srv3 srv4
 
 # Prepare cloud-init
 for i in 1 2 3; do
@@ -58,6 +58,38 @@ EOT
   )
 done
 
+  cat > "srv4/meta-data" <<EOT
+hostname: srv4
+instance-id: srv4
+local-hostname: srv4
+EOT
+
+  cat > "srv4/user-data" <<EOT
+#cloud-config
+password: mysecret
+chpasswd: { expire: False }
+ssh_pwauth: True
+EOT
+
+  cat > "srv4/network-config" <<EOT
+version: 2
+ethernets:
+  eth0:
+    dhcp4: false
+    addresses:
+      - "192.168.123.14/26"
+    gateway4: "192.168.123.1"
+    nameservers:
+      search: [cluster.local]
+      addresses: [8.8.8.8]
+EOT
+
+cd srv4 && genisoimage \
+      -output seed.img \
+      -volid cidata -rational-rock -joliet \
+      user-data meta-data network-config
+cd ..
+
 # Prepare system drive
 if [ ! -f nocloud-amd64.raw ]; then
   wget https://github.com/cozystack/cozystack/releases/latest/download/nocloud-amd64.raw.xz \
@@ -65,18 +97,26 @@ if [ ! -f nocloud-amd64.raw ]; then
   rm -f nocloud-amd64.raw
   xz --decompress nocloud-amd64.raw.xz
 fi
+
+ls -ld srv1 srv2 srv3 srv4
+
 for i in 1 2 3; do
   cp nocloud-amd64.raw srv$i/system.img
   qemu-img resize srv$i/system.img 20G
 done
 
+wget https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img -O ubuntu.img
+qemu-img convert -f qcow2 -O raw ubuntu.img srv4/system.img
+qemu-img resize srv4/system.img 20G
+
 # Prepare data drives
 for i in 1 2 3; do
   qemu-img create srv$i/data.img 100G
 done
+qemu-img create srv4/data.img 100G
 
 # Prepare networking
-for i in 1 2 3; do
+for i in 1 2 3 4; do
   ip link del cozy-srv$i || true
   ip tuntap add dev cozy-srv$i mode tap
   ip link set cozy-srv$i up
@@ -84,7 +124,7 @@ for i in 1 2 3; do
 done
 
 # Start VMs
-for i in 1 2 3; do
+for i in 1 2 3 4; do
   qemu-system-x86_64 -machine type=pc,accel=kvm -cpu host -smp 8 -m 16384 \
     -device virtio-net,netdev=net0,mac=52:54:00:12:34:5$i \
     -netdev tap,id=net0,ifname=cozy-srv$i,script=no,downscript=no \
@@ -92,8 +132,13 @@ for i in 1 2 3; do
     -drive file=srv$i/seed.img,if=virtio,format=raw \
     -drive file=srv$i/data.img,if=virtio,format=raw \
     -display none -daemonize -pidfile srv$i/qemu.pid
+
+
+
 done
 
+exit 0
+
 sleep 5
 
 # Wait for VM to start up

packages/core/testing/Makefile

@@ -2,7 +2,7 @@ NAMESPACE=cozy-e2e-tests
 NAME := sandbox
 CLEAN := 1
 TESTING_APPS := $(shell find ../../apps -maxdepth 1 -mindepth 1 -type d | awk -F/ '{print $$NF}')
-SANDBOX_NAME := cozy-e2e-sandbox-$(shell echo "$$(hostname):$$(pwd)" | sha256sum | cut -c -6)
+SANDBOX_NAME := cozy-e2e-sandbox-airgapped
 
 ROOT_DIR = $(dir $(abspath $(firstword $(MAKEFILE_LIST))/../../..))
 

packages/extra/ingress/Chart.yaml

@@ -3,4 +3,4 @@ name: ingress
 description: NGINX Ingress Controller
 icon: /logos/ingress-nginx.svg
 type: application
-version: 1.6.0
+version: 1.5.1

packages/extra/ingress/README.md

@@ -13,5 +13,4 @@
 | `dashboard`       | Should ingress serve Cozystack service dashboard                  | `false` |
 | `cdiUploadProxy`  | Should ingress serve CDI upload proxy                             | `false` |
 | `virtExportProxy` | Should ingress serve KubeVirt export proxy                        | `false` |
-| `api`             | Should ingress serve Cozystack API                                | `true`  |
 

packages/extra/ingress/templates/api.yaml

@@ -1,29 +0,0 @@
-{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }}
-{{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }}
-
-{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }}
-{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }}
-
-{{- if .Values.api }}
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  annotations:
-    nginx.ingress.kubernetes.io/backend-protocol: HTTPS
-    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
-  name: api-{{ .Release.Namespace }}
-  namespace: default
-spec:
-  ingressClassName: {{ .Release.Namespace }}
-  rules:
-  - host: api.{{ $host }}
-    http:
-      paths:
-      - backend:
-          service:
-            name: kubernetes
-            port:
-              number: 443
-        path: /
-        pathType: Prefix
-{{- end }}

packages/extra/ingress/templates/cdi-uploadproxy.yaml

@@ -10,7 +10,11 @@ kind: Ingress
 metadata:
   annotations:
     nginx.ingress.kubernetes.io/backend-protocol: HTTPS
-    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    {{- if eq $issuerType "cloudflare" }} 
+    {{- else }}
+    acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }}
+    {{- end }}
   name: cdi-uploadproxy-{{ .Release.Namespace }}
   namespace: cozy-kubevirt-cdi
 spec:
@@ -26,4 +30,8 @@ spec:
               number: 443
         path: /
         pathType: Prefix
+  tls:
+  - hosts:
+    - cdi-uploadproxy.{{ $host }}
+    secretName: cdi-uploadproxy-{{ .Release.Namespace }}-tls
 {{- end }}

packages/extra/ingress/values.schema.json

@@ -40,11 +40,6 @@
             "type": "boolean",
             "description": "Should ingress serve KubeVirt export proxy",
             "default": false
-        },
-        "api": {
-            "type": "boolean",
-            "description": "Should ingress serve Cozystack API",
-            "default": true
         }
     }
 }

packages/extra/ingress/values.yaml

@@ -33,6 +33,3 @@ cdiUploadProxy: false
 
 ## @param virtExportProxy Should ingress serve KubeVirt export proxy
 virtExportProxy: false
-
-## @param api Should ingress serve Cozystack API
-api: true

packages/extra/ingress/vm-exportproxy.yaml

@@ -10,7 +10,11 @@ kind: Ingress
 metadata:
   annotations:
     nginx.ingress.kubernetes.io/backend-protocol: HTTPS
-    nginx.ingress.kubernetes.io/ssl-passthrough: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    {{- if eq $issuerType "cloudflare" }} 
+    {{- else }}
+    acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }}
+    {{- end }}
   name: virt-exportproxy-{{ .Release.Namespace }}
   namespace: cozy-kubevirt
 spec:
@@ -26,4 +30,8 @@ spec:
               number: 443
         path: /
         pathType: ImplementationSpecific
+  tls:
+  - hosts:
+    virt-exportproxy.{{ $host }}
+    secretName: virt-exportproxy-{{ .Release.Namespace }}-tls
 {{- end }}

packages/extra/versions_map

@@ -19,7 +19,7 @@ ingress 1.2.0 28fca4ef
 ingress 1.3.0 fde4bcfa
 ingress 1.4.0 fd240701
 ingress 1.5.0 93bdf411
-ingress 1.6.0 HEAD
+ingress 1.5.1 HEAD
 monitoring 1.0.0 d7cfa53c
 monitoring 1.1.0 25221fdc
 monitoring 1.2.0 f81be075