From 8e1902c9130cebc34c257a7edf83b6f5a10db040 Mon Sep 17 00:00:00 2001
From: Bill Nickless <59262407+wknickless@users.noreply.github.com>
Date: Mon, 13 Jun 2022 04:51:16 -0700
Subject: [PATCH] Test OIDC without a Kubernetes job (#245)

Test OIDC without a k8s job
* No longer need job yaml
* Bump chart version
* Wait for statefulset rollout before watching pods
---
 .github/workflows/test-ldap.yml        |  4 +++-
 .github/workflows/test-oidc.yml        | 21 ++++++++++++--------
 .github/workflows/test-persistence.yml |  4 +++-
 .github/workflows/test-safetyvalve.yml |  4 +++-
 .github/workflows/test-singleuser.yml  |  4 +++-
 .github/workflows/test.yml             |  4 +++-
 tests/04-oidc-login-test.js            |  2 +-
 tests/04-oidc-mocha-job.yaml           | 27 --------------------------
 8 files changed, 29 insertions(+), 41 deletions(-)
 delete mode 100644 tests/04-oidc-mocha-job.yaml

diff --git a/.github/workflows/test-ldap.yml b/.github/workflows/test-ldap.yml
index de270350..ff8e5846 100644
--- a/.github/workflows/test-ldap.yml
+++ b/.github/workflows/test-ldap.yml
@@ -32,7 +32,9 @@ jobs:
       - name: Install Nifi
         run: helm install nifi . -f tests/03-ldap-values.yaml
       - name: Check deployment status
-        run: kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
+        run: |
+          kubectl rollout status --timeout=5m --watch statefulset/nifi
+          kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
       - name: Wait for NiFi web server to start
         run: |
           for n in [ 0 1 2 3 4 5 6 7 8 9 ]
diff --git a/.github/workflows/test-oidc.yml b/.github/workflows/test-oidc.yml
index b02e326f..3d69bc76 100644
--- a/.github/workflows/test-oidc.yml
+++ b/.github/workflows/test-oidc.yml
@@ -20,7 +20,12 @@ jobs:
         uses: actions/checkout@v1
       - name: Install dependencies
         run: |
-          sudo apt-get install -y jq
+          curl -sL https://deb.nodesource.com/setup_16.x -o nodesource_setup.sh
+          sudo bash nodesource_setup.sh
+          sudo apt-get install -y jq yarn
+          yarn add puppeteer-core --cwd $HOME
+          yarn add chai --cwd $HOME
+          yarn add mocha --cwd $HOME
           helm repo add bitnami https://charts.bitnami.com/bitnami
           helm repo add dysnix https://dysnix.github.io/charts/
           helm repo update
@@ -36,7 +41,9 @@ jobs:
       - name: Install Nifi
         run: helm install nifi . -f tests/04-oidc-values.yaml
       - name: Check deployment status
-        run: kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
+        run: |
+          kubectl rollout status --timeout=5m --watch statefulset/nifi
+          kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
       - name: Wait for NiFi web server to start
         run: |
           for n in [ 0 1 2 3 4 5 6 7 8 9 ]
@@ -51,9 +58,7 @@ jobs:
           exit 1
       - name: Check that OIDC login works
         run: |
-          kubectl apply -f tests/04-oidc-mocha-job.yaml
-          while ! kubectl logs -f job/oidc-mocha
-          do
-            sleep 5
-          done
-          kubectl get job/oidc-mocha -o json | jq -e -r '.status.succeeded == 1'
\ No newline at end of file
+          export K8SNODEIP=$(kubectl get node -o json | jq -r '.items[0].status.addresses[0].address')
+          export K8SPORT=$(kubectl get svc browserless -o json | jq -r '.spec.ports[0].nodePort')
+          cd $HOME
+          node_modules/mocha/bin/mocha $GITHUB_WORKSPACE/tests/04-oidc-login-test.js --timeout 30000
\ No newline at end of file
diff --git a/.github/workflows/test-persistence.yml b/.github/workflows/test-persistence.yml
index 971018f4..07f20fe4 100644
--- a/.github/workflows/test-persistence.yml
+++ b/.github/workflows/test-persistence.yml
@@ -28,7 +28,9 @@ jobs:
       - name: Install Nifi
         run: helm install nifi . -f tests/02-persistence-enabled-values.yaml
       - name: Check deployment status
-        run: kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
+        run: |
+          kubectl rollout status --timeout=5m --watch statefulset/nifi
+          kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
       - name: Get First .processGroupFlow.uri
         id: first-pgfuri
         run: |
diff --git a/.github/workflows/test-safetyvalve.yml b/.github/workflows/test-safetyvalve.yml
index bcf999ed..a8500598 100644
--- a/.github/workflows/test-safetyvalve.yml
+++ b/.github/workflows/test-safetyvalve.yml
@@ -31,7 +31,9 @@ jobs:
       - name: Install Nifi
         run: helm install nifi . -f tests/01-safetyValve-values.yaml
       - name: Check deployment status
-        run: kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
+        run: |
+          kubectl rollout status --timeout=5m --watch statefulset/nifi
+          kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
       - name: Wait for NiFi web server to start
         run: |
           for n in [ 0 1 2 3 4 5 6 7 8 9 ]
diff --git a/.github/workflows/test-singleuser.yml b/.github/workflows/test-singleuser.yml
index 2bf5a341..0c8b3ed4 100644
--- a/.github/workflows/test-singleuser.yml
+++ b/.github/workflows/test-singleuser.yml
@@ -32,7 +32,9 @@ jobs:
       - name: Install Nifi
         run: helm install nifi .
       - name: Check deployment status
-        run: kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
+        run: |
+          kubectl rollout status --timeout=5m --watch statefulset/nifi
+          kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
       - name: Wait for NiFi web server to start
         run: |
           for n in [ 0 1 2 3 4 5 6 7 8 9 ]
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index e8f8fffb..b81a1a30 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -35,7 +35,9 @@ jobs:
       - name: Install Nifi
         run: helm install nifi .
       - name: Check deployment status
-        run: kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
+        run: |
+          kubectl rollout status --timeout=5m --watch statefulset/nifi
+          kubectl wait --for=condition=Ready pod/nifi-0 --timeout=20m
       - name: Wait for NiFi web server to start
         run: |
           for n in [ 0 1 2 3 4 5 6 7 8 9 ]
diff --git a/tests/04-oidc-login-test.js b/tests/04-oidc-login-test.js
index bf814f6f..65904947 100644
--- a/tests/04-oidc-login-test.js
+++ b/tests/04-oidc-login-test.js
@@ -7,7 +7,7 @@ describe('NiFi Login via OIDC', () => {
 
     before(async () => {
         browser = await puppeteer.connect({
-          browserWSEndpoint: 'ws://browserless.default.svc.cluster.local:3000',
+          browserWSEndpoint: 'ws://'+process.env.K8SNODEIP+':'+process.env.K8SPORT,
           ignoreHTTPSErrors: true
         })
         page = await browser.newPage()
diff --git a/tests/04-oidc-mocha-job.yaml b/tests/04-oidc-mocha-job.yaml
deleted file mode 100644
index 73529614..00000000
--- a/tests/04-oidc-mocha-job.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: oidc-mocha
-spec:
-  template:
-    spec:
-      containers:
-      - name: node
-        image: node
-        command:
-        - /bin/bash
-        - -x
-        - -c
-        - |
-          yarn add puppeteer-core
-          yarn add chai
-          yarn add mocha
-          node_modules/mocha/bin/mocha /tests/04-oidc-login-test.js --timeout 30000
-        volumeMounts:
-        - name: tests
-          mountPath: /tests
-      restartPolicy: Never
-      volumes:
-        - name: tests
-          configMap:
-            name: 04-oidc-login-test