Skip to content

Update e2e tests to be partitional #429

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Nov 5, 2025
Merged

Update e2e tests to be partitional #429

merged 4 commits into from
Nov 5, 2025

Conversation

@ARichman555
Copy link
Contributor

@ARichman555 ARichman555 commented Nov 3, 2025
edited
Loading

Issue # (if applicable)

N/A

Reason for this change

Currently, the end-to-end tests only work in the AWS partition. This PR updates them to work in others as well

Description of changes

  • Updated AWS SDK versions
  • Added getPartition function which will determine the partition from the calling user's role ARN
  • Updated e2e tests to use getPartition where ever a partition was hardcoded
  • Updated blog test to dynamically determine ARN and accept AWS_REGION to specify which region the tests are running in
  • Updated IAMRA to accept AWS_REGION to specify which region the tests are running in

Describe any new or updated permissions being added

  • None

Description of how you validated changes

  • Run e2e tests locally

@ARichman555
Update aws sdk versions
9c057ee 
Signed-off-by: Alex Richman <[email protected]>
divyansh-gupta
divyansh-gupta reviewed Nov 3, 2025
View reviewed changes
e2e/aws_helpers.go
}

func getPartition(ctx context.Context, cfg aws.Config) string {
stsClient := sts.NewFromConfig(cfg)
Copy link
Contributor

@divyansh-gupta divyansh-gupta Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of making a call to STS to obtain an ARN to parse, you can just parse the CA Arn, since you have that already at this point

Copy link
Contributor Author

@ARichman555 ARichman555 Nov 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yea, I was initially going to do that since that's what we do in the issuer. But, it felt weird to determine the partition from test resources that could change in the future. So this was my way of removing that overhead. I do think we should probably just do this once at the beginning tho and store it in the test context

bmsiegel
bmsiegel reviewed Nov 4, 2025
View reviewed changes
go.mod
github.com/aws/aws-sdk-go-v2/service/iam v1.41.1
github.com/aws/aws-sdk-go-v2/service/ram v1.30.3
github.com/aws/aws-sdk-go-v2/service/sts v1.33.19
github.com/aws/aws-sdk-go-v2 v1.39.3
Copy link
Contributor

@bmsiegel bmsiegel Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's this update get us?

Copy link
Contributor Author

@ARichman555 ARichman555 Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

adds new region endpoints

Hamidhasan
Hamidhasan reviewed Nov 4, 2025
View reviewed changes
Copy link
Contributor

@Hamidhasan Hamidhasan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good, just minor comments

e2e/aws_helpers.go Outdated
}

func createCertificateAuthority(ctx context.Context, cfg aws.Config, isRSA bool) string {
func (testCtx *TestContext) createCertificateAuthority(ctx context.Context, cfg aws.Config, name string, signingAlgorithm types.SigningAlgorithm) {
Copy link
Contributor

@Hamidhasan Hamidhasan Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do you want to update the commit message with the changes here too? thanks for updating this method

Copy link
Contributor Author

@ARichman555 ARichman555 Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will update

Copy link
Contributor Author

@ARichman555 ARichman555 Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually removed these changes and will add them in a future PR

@cert-manager-prow
Copy link
Contributor

cert-manager-prow bot commented Nov 5, 2025

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@cert-manager-prow cert-manager-prow bot merged commit 8d4d108 into cert-manager:main Nov 5, 2025
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Hamidhasan Hamidhasan Hamidhasan left review comments

@divyansh-gupta divyansh-gupta divyansh-gupta left review comments

@bmsiegel bmsiegel bmsiegel left review comments

Assignees

No one assigned

Labels

approved dco-signoff: yes lgtm size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ARichman555 @Hamidhasan @divyansh-gupta @bmsiegel