Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 8e9c7e9aba | |||
| e6165487ad |
@@ -1,12 +0,0 @@
|
|||||||
---
|
|
||||||
# RBAC for the GitHub Actions CI runner to manage E2E Headlamp instances.
|
|
||||||
# CI-only test fixture — NOT for production use.
|
|
||||||
#
|
|
||||||
# This file is a REFERENCE ONLY. The canonical manifest lives in:
|
|
||||||
# privilegedescalation/infra/base/rbac/e2e-ci-runner-headlamp-rbac.yaml
|
|
||||||
#
|
|
||||||
# The infra repo is managed by Flux GitOps and is the source of truth.
|
|
||||||
# Do not apply this file directly — it is kept here for developer reference only.
|
|
||||||
#
|
|
||||||
# E2E resources run in `privilegedescalation-dev` — nothing persists beyond a test run.
|
|
||||||
# RBAC is managed via Flux from privilegedescalation/infra — do not apply manually.
|
|
||||||
Generated
+826
-1277
File diff suppressed because it is too large
Load Diff
@@ -5,18 +5,16 @@
|
|||||||
# a ConfigMap volume mount. No custom Docker images — the plugin is built
|
# a ConfigMap volume mount. No custom Docker images — the plugin is built
|
||||||
# in CI and injected as a ConfigMap.
|
# in CI and injected as a ConfigMap.
|
||||||
#
|
#
|
||||||
# E2E resources are deployed to the `headlamp-plugins-e2e` namespace. Nothing
|
# E2E resources are deployed to the `privilegedescalation-dev` namespace. Nothing
|
||||||
# persists beyond the test run — teardown cleans up all created resources.
|
# persists beyond the test run — teardown cleans up all created resources.
|
||||||
#
|
#
|
||||||
# Prerequisites:
|
# Prerequisites:
|
||||||
# - Plugin built (dist/ exists with plugin-main.js + package.json)
|
# - Plugin built (dist/ exists with plugin-main.js + package.json)
|
||||||
# - kubectl configured with cluster access
|
# - kubectl configured with cluster access
|
||||||
# RBAC is managed via Flux from privilegedescalation/infra/base/rbac/e2e-ci-runner-headlamp-rbac.yaml.
|
# - RBAC applied: kubectl apply -f deployment/e2e-ci-runner-rbac.yaml
|
||||||
# The infra repo is the source of truth — do not apply this file directly.
|
|
||||||
# Apply RBAC first: kubectl apply -f privilegedescalation/infra/base/rbac/e2e-ci-runner-headlamp-rbac.yaml
|
|
||||||
#
|
#
|
||||||
# Environment:
|
# Environment:
|
||||||
# E2E_NAMESPACE — namespace for E2E Headlamp (default: headlamp-plugins-e2e)
|
# E2E_NAMESPACE — namespace for E2E Headlamp (default: privilegedescalation-dev)
|
||||||
# E2E_RELEASE — release/resource name prefix (default: headlamp-e2e)
|
# E2E_RELEASE — release/resource name prefix (default: headlamp-e2e)
|
||||||
# HEADLAMP_VERSION — Headlamp image tag (default: latest)
|
# HEADLAMP_VERSION — Headlamp image tag (default: latest)
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
@@ -24,7 +22,7 @@ set -euo pipefail
|
|||||||
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
||||||
DIST_DIR="$REPO_ROOT/dist"
|
DIST_DIR="$REPO_ROOT/dist"
|
||||||
|
|
||||||
E2E_NAMESPACE="${E2E_NAMESPACE:-headlamp-plugins-e2e}"
|
E2E_NAMESPACE="${E2E_NAMESPACE:-privilegedescalation-dev}"
|
||||||
E2E_RELEASE="${E2E_RELEASE:-headlamp-e2e}"
|
E2E_RELEASE="${E2E_RELEASE:-headlamp-e2e}"
|
||||||
HEADLAMP_VERSION="${HEADLAMP_VERSION:-latest}"
|
HEADLAMP_VERSION="${HEADLAMP_VERSION:-latest}"
|
||||||
|
|
||||||
@@ -37,7 +35,7 @@ fi
|
|||||||
echo "Checking RBAC permissions in namespace '${E2E_NAMESPACE}'..."
|
echo "Checking RBAC permissions in namespace '${E2E_NAMESPACE}'..."
|
||||||
if ! kubectl auth can-i delete configmaps -n "$E2E_NAMESPACE" --quiet 2>/dev/null; then
|
if ! kubectl auth can-i delete configmaps -n "$E2E_NAMESPACE" --quiet 2>/dev/null; then
|
||||||
echo "ERROR: Missing RBAC — cannot delete configmaps in namespace '${E2E_NAMESPACE}'." >&2
|
echo "ERROR: Missing RBAC — cannot delete configmaps in namespace '${E2E_NAMESPACE}'." >&2
|
||||||
echo " Apply RBAC first: kubectl apply -f privilegedescalation/infra/base/rbac/e2e-ci-runner-headlamp-rbac.yaml" >&2
|
echo " Apply RBAC first: kubectl apply -f deployment/e2e-ci-runner-rbac.yaml" >&2
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
@@ -3,17 +3,14 @@
|
|||||||
#
|
#
|
||||||
# Tears down the dedicated E2E Headlamp instance deployed by deploy-e2e-headlamp.sh.
|
# Tears down the dedicated E2E Headlamp instance deployed by deploy-e2e-headlamp.sh.
|
||||||
#
|
#
|
||||||
# RBAC is managed via Flux from privilegedescalation/infra/base/rbac/e2e-ci-runner-headlamp-rbac.yaml.
|
|
||||||
# The infra repo is the source of truth — do not apply this file directly.
|
|
||||||
#
|
|
||||||
# Environment:
|
# Environment:
|
||||||
# E2E_NAMESPACE — namespace to clean up (default: headlamp-plugins-e2e)
|
# E2E_NAMESPACE — namespace to clean up (default: privilegedescalation-dev)
|
||||||
# E2E_RELEASE — release/resource name prefix (default: headlamp-e2e)
|
# E2E_RELEASE — release/resource name prefix (default: headlamp-e2e)
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
|
|
||||||
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
REPO_ROOT="$(cd "$(dirname "$0")/.." && pwd)"
|
||||||
|
|
||||||
E2E_NAMESPACE="${E2E_NAMESPACE:-headlamp-plugins-e2e}"
|
E2E_NAMESPACE="${E2E_NAMESPACE:-privilegedescalation-dev}"
|
||||||
E2E_RELEASE="${E2E_RELEASE:-headlamp-e2e}"
|
E2E_RELEASE="${E2E_RELEASE:-headlamp-e2e}"
|
||||||
|
|
||||||
echo "=== E2E Headlamp Teardown ==="
|
echo "=== E2E Headlamp Teardown ==="
|
||||||
|
|||||||
Reference in New Issue
Block a user