* initial draft of adding tests for OCI
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: initial draft of adding tests for OCI
Signed-off-by: May Zhang <may_zhang@intuit.com>
* bring up registry for tests
Signed-off-by: May Zhang <may_zhang@intuit.com>
* bring up registry for tests
Signed-off-by: May Zhang <may_zhang@intuit.com>
* bring up registry for tests
Signed-off-by: May Zhang <may_zhang@intuit.com>
* fix: just to test if PR is working
Signed-off-by: May Zhang <may_zhang@intuit.com>
* adding additional helm oci dependencies tests
Signed-off-by: May Zhang <may_zhang@intuit.com>
This commit fixes an error where the underlaying disk would get
filled up when running make test-tools-image and the user running
it are running with a big UID.
Adding --no-log-init or -l will prevent useradd from trying to make
sure that there are is room for the user in lastlog and faillog.
* Add "chown" to gpg/keys in "start-local" target that so that repo-server can access gpg keys.
* * Set -u uid:gid in the docker run commands so that test images are run under the current user.
* test Procfile processes will not need to perform "su" to default user (which has the current user's uid/gid)
* Remove chown in start-e2e-local
* clean up, remove "bash -c"
* Test containers are run as uid 0 which allows uid_entrypoint.sh to perform some user setup. uid_entrypoint.sh creates a non-root user (default) and enables passwordless sudo for that user. The container entry point command is run as the non-root user. "goreman start" does "sudo" to to the processes that need root permission including sshd, fcgiwrap, and nginix. The other processes are running as the non-root user.
* use /bin/bash
* change back to sh
* Docker image to create unpriveleged testuser and enable passwordless sudo for that user
* Add initial primitives and tests for GPG related operations
* More tests and test documentation
* Move gpg primitives to own module
* Add initial primitives for running git verify-commit and tests
* Improve and better comment test
* Implement VerifyCommitSignature() primitive for metrics wrapper
* More commentary
* Make reposerver verify gpg signatures when generating manifests
* Make signature validation optional
* Forbid use of local manifests when signature verification is enabled
* Introduce new signatureKeys field in project CRD
* Initial support for only syncing against signed revisions
* Updates to GnuPG primitives and more test cases
* Move signature verification to correct place and add tests
* Add signature verification result to revision metadata and display it in UI
* Add more primitives and move out some stuff to common module
* Add more testdata
* Add key management primitives to ArgoDB
* Move type GnuPGPublicKey to appsv1 package
* Add const ArgoCDGPGKeysConfigMapName
* Handle key operations with appsv1.GnuPGPublicKey
* Add initial API for managing GPG keys
* Remove deprecated code
* Add primitives for adding public keys to configuration
* Change semantics of ValidateGPGKeys to return more key information
* Add key import functionality to public key API
* Fix code quirks reported by linter
* More code quirks fixes
* Fix test
* Add primitives for deleting keys from configuration
* Add delete key operation to API and CLI
* Cosmetics
* Implement logic to sync configuration to keyring in repo-server
* Add IsGPGEnabled() primitive and also update trustdb on ownertrust changes
* Use gpg.IsGPGEnabled() instead of custom test
* Remove all keyring manipulating methods from DB
* Cosmetics/comments
* Require grpc methods from argoproj pkg
* Enable setting config path via ARGOCD_GPG_DATA_PATH
* Allow "no" and any cases in ARGOCD_GPG_ENABLED
* Enable GPG feature on start and start-e2e and set required environment
* Cosmetics/comments
* Cosmetics and commentary
* Update API documentation
* Fix comment
* Only run GPG related operations if GPG is enabled
* Allow setting ARGOCD_GPG_ENABLE from the environment
* Create GPG ConfigMap resource during installation
* Use function instead of constant to get the watcher path
* Re-watch source path in case it gets recreated. Also, error on finish
* Add End-to-End tests for GPG commit verification
* Introduce SignatureKey type for AppProject CRD
* Fix merge error from previous commit
* Adapt test for additional manifest (argocd-gpg-keys-cm.yaml)
* Fix linter issues
* Adapt CircleCI configuration to enable running tests
* Add wrapper scripts for git and gpg
* Sigh.
* Display gpg version in CircleCI
* Install gnupg2 and link it to gpg in CI
* Try to install gnupg2 in CircleCI image
* More CircleCI tweaks
* # This is a combination of 10 commits.
# This is the 1st commit message:
Containerize tests - test cycle
# This is the commit message #2:
adapt working directory
# This is the commit message #3:
Build before running tests (so we might have a cache)
# This is the commit message #4:
Test limiting parallelism
# This is the commit message #5:
Remove unbound variable
# This is the commit message #6:
Decrease parallelism to find out limit
# This is the commit message #7:
Use correct flag
# This is the commit message #8:
Update Docker image
# This is the commit message #9:
Remove build phase and increase parallelism
# This is the commit message #10:
Further increase parallelism
* Dockerize toolchain
* Add new targets to Makefile
* Codegen
* Properly handle permissions for E2E tests
* Remove gnupg2 installation from CircleCI configuration
* Limit parallelism of build
* Fix Yarn lint
* Retrigger CI for possible flaky test
* Codegen
* Remove duplicate target in Makefile
* Pull in pager from dep ensure -v
* Adapt to gitops-engine changes and codegen
* Use new health package for health status constants
* Add GPG methods to ArgoDB mock module
* Fix possible nil pointer dereference
* Fix linter issue in imports
* Introduce RBAC resource type 'gpgkeys' and adapt policies
* Use ARGOCD_GNUPGHOME instead of GNUPGHOME for subsystem configuration
Also remove some deprecated unit tests.
* Also register GPG keys API with gRPC-GW
* Update from codegen
* Update GPG key API
* Add web UI to manage GPG keys
* Lint updates
* Change wording
* Add some plausibility checks for supplied data on key creation
* Update from codegen
* Re-allow binary keys and move check for ASCII armoured to UI
* Make yarn lint happy
* Add editing signature keys for projects in UI
* Add ability to configure signature keys for project in CLI
* Change default value to use for GNUPGHOME
* Do not include data section in default gpg keys CM
* Adapt Docker image for GnuPG feature
* Add required configuration to installation manifests
* Add add-signature-key and remove-signature-key commands to project CLI
* Fix typo
* Add initial user documentation for GnuPG verification
* Fix role name - oops
* Mention required RBAC roles in docs
* Support GPG verification of git annotated tags as well
* Ensure CLI can build succesfully
* Better support verification on tags
* Print key type in upper case
* Update user documentation
* Correctly disable GnuPG verification if ARGOCD_GPG_ENABLE=false
* Clarify that this feature is only available with Git repositories
* codegen
* Move verification code to own function
* Remove deprecated check
* Make things more developer friendly when running locally
* Enable GPG feature by default, and don't require ARGOCD_GNUPGHOME to be set
* Revert changes to manifests to reflect default enable state
* Codegen
