Introduce new resource `ImportedClusterSecrets` for importing an existing secrets bundle.
Add new field `imported` to `ClusterSpec` for utilizing resource `ImportedCreatedSecrets`.
Add new field `imported` to `ClusterSecrets` for pointing out source of the secrets bundle.
This is a feature-gated feature to allow using an existing secrets bundle (`talos gen secrets`) while creating a new Cluster. Cluster created with this method are marked as `tainted`. This feature is part of a story to facilitate importing existing talos clusters to omni.
Signed-off-by: Oguz Kilcan <oguz.kilcan@siderolabs.com>
This enables test coverage, builds Omni with race detector.
Also redone the COSI state creation flow: no more callbacks.
The state is now an Object, which has `Stop` method, that should be
called when the app stops.
All defers were moved into the `Stop` method basically.
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
Add many more services and test scenarios to the workload proxying feature:
- Use two clusters, a 1+1 and a 1+2.
- Use multiple nginx workloads.
- Each workload serving its name in its `index.html` and it being asserted (i.e., we assert that we hit the correct service).
- Multiple exposed services per workload.
- Multiple parallel requests per exposed service.
- Toggle the feature off and on, assert service accessibility.
- Toggle an exposed service off and on by removing/readding the k8s service annotation, assert accessibility.
- Test explicit prefixes.
Additionally:
- Fix two bugs in workload services:
- Check the cookies before returning 404 for a non-existing exposed service prefix.
- Add timeouts to `inmem` proxy transport, so requests do not potentially hang forever.
- Bring back the logic the saving of a support bundle when an integration test fails, and fix its save path.
Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
All test modules were moved under `integration` tag and are now in
`internal/integration` folder: no more `cmd/integration-test`
executable.
New Kres version is able to build the same executable from the tests
directory instead.
All Omni related flags were renamed, for example `--endpoint` ->
`--omni.endpoint`.
2 more functional changes:
- Enabled `--test.failfast` for all test runs.
- Removed finalizers, which were running if the test has failed.
Both of these changes should make it easier to understand the test
failure: Talos node logs won't be cluttered with the finalizer tearing
down the cluster.
Fixes: https://github.com/siderolabs/omni/issues/1171
Signed-off-by: Artem Chernyshev <artem.chernyshev@talos-systems.com>
