diff --git a/.github/actions/e2e_test/action.yml b/.github/actions/e2e_test/action.yml index 44947a429..d3e770336 100644 --- a/.github/actions/e2e_test/action.yml +++ b/.github/actions/e2e_test/action.yml @@ -296,6 +296,7 @@ runs: with: cloudProvider: ${{ inputs.cloudProvider }} osImage: ${{ steps.constellation-create.outputs.osImageUsed }} + kubeconfig: ${{ steps.constellation-create.outputs.kubeconfig }} - name: Run recover test if: inputs.test == 'recover' diff --git a/.github/actions/e2e_verify/action.yml b/.github/actions/e2e_verify/action.yml index 05892d791..2afd878e7 100644 --- a/.github/actions/e2e_verify/action.yml +++ b/.github/actions/e2e_verify/action.yml @@ -8,6 +8,9 @@ inputs: cloudProvider: description: "The cloud provider used in the cluster." required: true + kubeconfig: + description: "The kubeconfig file for the cluster." + required: true runs: using: "composite" @@ -31,3 +34,32 @@ runs: - name: Constellation verify shell: bash run: constellation verify --cluster-id $(jq -r ".clusterID" constellation-id.json) --force + + - name: Verify all nodes + shell: bash + env: + KUBECONFIG: ${{ inputs.kubeconfig }} + run: | + nodes=$(kubectl get nodes -o json | jq -r ".items[].metadata.name") + + for node in $nodes ; do + verificationPod=$(kubectl get pods --field-selector spec.nodeName=${node} -n kube-system | grep "verification-service" | cut -d' ' -f1) + + mapfile -t verificationPod <<< "$verificationPod" + + if [[ ${#verificationPod[@]} -ne 1 ]]; then + echo "Expected 1 verification pod for node ${node}, found ${#verificationPodArray[@]}" + exit 1 + fi + + echo "Verifying pod ${pod} on node ${node}" + + kubectl wait -n kube-system "pod/${verificationPod}" --for=condition=ready --timeout=5m + kubectl port-forward -n kube-system "pods/${verificationPod}" 9090:9090 & + forwarderPID=$! + sleep 5 + + constellation verify --cluster-id $(jq -r ".clusterID" constellation-id.json) --force --node-endpoint localhost:9090 + + kill $forwarderPID + done