fix: allow insecure clusters #800
Conversation
Signed-off-by: Francesco Ilario <[email protected]>
|
Hi @filariow. Thanks for your PR. I'm waiting for a codeready-toolchain member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/ok-to-test |
|
OK. It failed :( |
testsupport/init.go
Outdated
| kubeconfig, err := clientcmd.NewDefaultClientConfig(*apiConfig, &clientcmd.ConfigOverrides{}).ClientConfig() | ||
| configOverrides := clientcmd.ConfigOverrides{ | ||
| ClusterDefaults: api.Cluster{ | ||
| InsecureSkipTLSVerify: true, |
There was a problem hiding this comment.
Do we want to make this an option we can pass make instead of hardcoding to true? What if we want to test security?
There was a problem hiding this comment.
+1
It seems that disabling the TLSVerify doesn't work on openshift CI at least. If this configuration works on your cluster then maybe we could introduce an env variable to optionally turn it off?
Something like:
make test-e2e DISABLE_KUBE_CLIENT_TLS_VERIFY=true
and keep the tls verification on by default, as it is now.
There was a problem hiding this comment.
thanks for the review. I implemented this in 96535fb. Do you have any suggestion on a better place where to fetch the env variable?
There was a problem hiding this comment.
Nice! Extracting the config logic builder into a function is what I was thinking as well! 👍
Should we add few lines to document this new variable, maybe adding a know issues/workarounds section here: https://github.com/codeready-toolchain/toolchain-e2e/blob/master/CRC.adoc
reporting the tls failure and the workaround of using this env variable ?
If it's not specific to CRC maybe we could add this new section in the main README.
WDYT?
There was a problem hiding this comment.
I like the idea, let me work on this! 👍🏾
It's not related to CRC, so I'll go for the README change
There was a problem hiding this comment.
@mfrancisc I've added a note in the README's Running End-to-End Tests. WDYT?
Signed-off-by: Francesco Ilario <[email protected]>
I was able to reproduce this error on CRC and pushed a new commit that worked on CRC so that we can see if it works also on Openshift CI |
Signed-off-by: Francesco Ilario <[email protected]>
|
/ok-to-test |
|
/retest infra |
There was a problem hiding this comment.
Looks good! But please update the README as @mfrancisc suggested.
Signed-off-by: Francesco Ilario <[email protected]>
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alexeykazakov, filariow, mfrancisc, rajivnathan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Francesco Ilario <[email protected]>
Thank you for your reviews. I pushed a new commit renaming the new function to a more coherent name. |
Co-authored-by: Baiju Muthukadan <[email protected]>
|
Kudos, SonarCloud Quality Gate passed!
|
|
/lgtm |
openshift-merge-robot
merged commit ff18cca
into
codeready-toolchain:master
No description provided.