diff --git a/.github/workflows/e2e-test-release.yml b/.github/workflows/e2e-test-release.yml index 39b308b00a..bc0200910f 100644 --- a/.github/workflows/e2e-test-release.yml +++ b/.github/workflows/e2e-test-release.yml @@ -176,6 +176,26 @@ jobs: kubernetes-version: "v1.28" runner: "ubuntu-22.04" + # internal-lb tests (at least one test on each supported provider) + - test: "sonobuoy quick" + refStream: "ref/main/stream/debug/?" + provider: "gcp" + kubernetes-version: "v1.28" + runner: "ubuntu-22.04" + internal-lb: "true" + - test: "lb" + refStream: "ref/main/stream/debug/?" + provider: "azure" + kubernetes-version: "v1.28" + runner: "ubuntu-22.04" + internal-lb: "true" + - test: "recover" + refStream: "ref/main/stream/debug/?" + provider: "aws" + kubernetes-version: "v1.28" + runner: "ubuntu-22.04" + internal-lb: "true" + # # Tests on macOS runner # @@ -231,7 +251,7 @@ jobs: gcpIAMCreateServiceAccount: "iam-e2e@constellation-e2e.iam.gserviceaccount.com" test: ${{ matrix.test }} buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }} - azureClusterCreateCredentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} + azureClusterCreateCredentials: ${{ matrix.internal-lb == 'true' && secrets.AZURE_E2E_INTERNAL_LB_CREDENTIALS || secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} azureIAMCreateCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }} registry: ghcr.io cosignPassword: ${{ secrets.COSIGN_PASSWORD }} @@ -240,6 +260,7 @@ jobs: selfManagedInfra: ${{ matrix.selfManagedInfra == 'true' }} s3AccessKey: ${{ secrets.AWS_ACCESS_KEY_ID_S3PROXY }} s3SecretKey: ${{ secrets.AWS_SECRET_ACCESS_KEY_S3PROXY }} + internalLoadBalancer: ${{ matrix.internal-lb == 'true' }} - name: Always terminate cluster if: always() diff --git a/.github/workflows/e2e-test-weekly.yml b/.github/workflows/e2e-test-weekly.yml index 9cdbb29ef9..732413f63b 100644 --- a/.github/workflows/e2e-test-weekly.yml +++ b/.github/workflows/e2e-test-weekly.yml @@ -195,6 +195,26 @@ jobs: refStream: "ref/main/stream/debug/?" provider: "gcp" kubernetes-version: "v1.28" + internal-lb: false + + # internal-lb tests (at least one test on each supported provider) + - test: "sonobuoy quick" + refStream: "ref/main/stream/debug/?" + provider: "gcp" + kubernetes-version: "v1.28" + internal-lb: "true" + - test: "lb" + refStream: "ref/main/stream/debug/?" + provider: "azure" + kubernetes-version: "v1.28" + internal-lb: "true" + - test: "recover" + refStream: "ref/main/stream/debug/?" + provider: "aws" + kubernetes-version: "v1.28" + internal-lb: "true" + + # # Tests on release-stable refStream @@ -205,14 +225,17 @@ jobs: refStream: "ref/release/stream/stable/?" provider: "gcp" kubernetes-version: "v1.27" + internal-lb: false - test: "verify" refStream: "ref/release/stream/stable/?" provider: "azure" kubernetes-version: "v1.27" + internal-lb: false - test: "verify" refStream: "ref/release/stream/stable/?" provider: "aws" kubernetes-version: "v1.27" + internal-lb: false runs-on: ubuntu-22.04 permissions: @@ -248,7 +271,7 @@ jobs: gcpIAMCreateServiceAccount: "iam-e2e@constellation-e2e.iam.gserviceaccount.com" test: ${{ matrix.test }} buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }} - azureClusterCreateCredentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} + azureClusterCreateCredentials: ${{ matrix.internal-lb == 'true' && secrets.AZURE_E2E_INTERNAL_LB_CREDENTIALS || secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} azureIAMCreateCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }} registry: ghcr.io githubToken: ${{ secrets.GITHUB_TOKEN }} @@ -259,6 +282,7 @@ jobs: selfManagedInfra: ${{ matrix.selfManagedInfra == 'true' }} s3AccessKey: ${{ secrets.AWS_ACCESS_KEY_ID_S3PROXY }} s3SecretKey: ${{ secrets.AWS_SECRET_ACCESS_KEY_S3PROXY }} + internalLoadBalancer: ${{ matrix.internal-lb == 'true' }} - name: Always terminate cluster if: always() diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index 6e1a2cecc1..e20e011e9f 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -227,7 +227,7 @@ jobs: cliVersion: ${{ inputs.cliVersion }} isDebugImage: ${{ needs.find-latest-image.outputs.isDebugImage }} buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }} - azureClusterCreateCredentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} + azureClusterCreateCredentials: ${{ inputs.internalLoadBalancer && secrets.AZURE_E2E_INTERNAL_LB_CREDENTIALS || secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} azureIAMCreateCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }} registry: ghcr.io githubToken: ${{ secrets.GITHUB_TOKEN }} diff --git a/internal/config/config.go b/internal/config/config.go index 96af3578d3..ad253cb854 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -840,8 +840,8 @@ func (c *Config) Validate(force bool) error { } if c.InternalLoadBalancer { - if c.GetProvider() != cloudprovider.AWS && c.GetProvider() != cloudprovider.GCP { - return &ValidationError{validationErrMsgs: []string{"internalLoadBalancer is only supported for AWS and GCP"}} + if c.GetProvider() != cloudprovider.Azure && c.GetProvider() != cloudprovider.AWS && c.GetProvider() != cloudprovider.GCP { + return &ValidationError{validationErrMsgs: []string{"internalLoadBalancer is only supported for AWS, Azure, and GCP"}} } }