From 0bcb58f7b702cb5876747828467023bacca5b52b Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Thu, 2 Oct 2025 13:50:42 +0100 Subject: [PATCH] fix(deps): update DA dependencies --- ibm_catalog.json | 18 ++++----- tests/go.mod | 5 +-- tests/go.sum | 14 +------ tests/other_test.go | 2 + tests/pr_test.go | 95 ++++++++++++++++++++------------------------- 5 files changed, 57 insertions(+), 77 deletions(-) diff --git a/ibm_catalog.json b/ibm_catalog.json index e8be817a..15541348 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -957,7 +957,7 @@ "name": "deploy-arch-ibm-slz-vpc", "description": "Configure the VPC and subnets required to deploy your OpenShift cluster.", "id": "9fc0fa64-27af-4fed-9dce-47b3640ba739-global", - "version": "v8.2.1", + "version": "v8.5.0", "flavors": [ "fully-configurable" ], @@ -1014,13 +1014,13 @@ ], "optional": true, "on_by_default": false, - "version": "v3.0.7" + "version": "v3.0.23" }, { "name": "deploy-arch-ibm-kms", "description": "Integrate IBM Key Protect to manage encryption keys for your cluster, securing persistent volumes and supporting compliance. If unselected, encryption is still applied using IBM-managed keys.", "id": "2cad4789-fa90-4886-9c9e-857081c273ee-global", - "version": "v5.1.19", + "version": "v5.1.27", "flavors": [ "fully-configurable" ], @@ -1052,7 +1052,7 @@ "name": "deploy-arch-ibm-cos", "description": "Set up a Cloud Object Storage (COS) instance and bucket to serve as internal registry storage for your OpenShift cluster.", "id": "68921490-2778-4930-ac6d-bae7be6cd958-global", - "version": "v10.2.1", + "version": "v10.2.21", "flavors": [ "instance" ], @@ -1079,7 +1079,7 @@ "fully-configurable" ], "id": "63d8ae58-fbf3-41ce-b844-0fb5b85882ab-global", - "version": "v1.6.11", + "version": "v1.6.28", "optional": true, "on_by_default": true, "input_mapping": [ @@ -1114,7 +1114,7 @@ "name": "deploy-arch-ibm-cloud-monitoring", "description": "Set up a Cloud Monitoring instance to collect platform metrics.", "id": "73debdbf-894f-4c14-81c7-5ece3a70b67d-global", - "version": "v1.6.4", + "version": "v1.7.2", "flavors": [ "fully-configurable" ], @@ -1153,7 +1153,7 @@ "name": "deploy-arch-ibm-activity-tracker", "description": "Configure Activity Tracker Event Routing to direct auditing events appropriately.", "id": "918453c3-4f97-4583-8c4a-83ef12fc7916-global", - "version": "v1.2.25", + "version": "v1.2.34", "flavors": [ "fully-configurable" ], @@ -1187,7 +1187,7 @@ "name": "deploy-arch-ibm-secrets-manager", "description": "Provision a Secrets Manager instance to securely store and manage sensitive credentials—such as certificates—used by services integrated with your cluster.", "id": "6d6ebc76-7bbd-42f5-8bc7-78f4fabd5944-global", - "version": "v2.8.6", + "version": "v2.10.0", "flavors": [ "fully-configurable" ], @@ -1229,7 +1229,7 @@ "name": "deploy-arch-ibm-scc-workload-protection", "description": "Integrate with Workload Protection to monitor and manage your cluster’s security posture, helping detect misconfigurations and enforce compliance.", "id": "4322cf44-2289-49aa-a719-dd79e39b14dc-global", - "version": "v1.11.4", + "version": "v1.12.3", "flavors": [ "fully-configurable" ], diff --git a/tests/go.mod b/tests/go.mod index bb8b75cb..e7846d4c 100644 --- a/tests/go.mod +++ b/tests/go.mod @@ -5,10 +5,9 @@ go 1.24.0 toolchain go1.25.1 require ( - github.com/IBM/go-sdk-core v1.1.0 github.com/gruntwork-io/terratest v0.50.0 github.com/stretchr/testify v1.11.1 - github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.6 + github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.9 ) require ( @@ -30,7 +29,6 @@ require ( github.com/cloudflare/circl v1.6.1 // indirect github.com/cyphar/filepath-securejoin v0.4.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/dgrijalva/jwt-go v3.2.0+incompatible // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/gabriel-vasile/mimetype v1.4.9 // indirect github.com/ghodss/yaml v1.0.0 // indirect @@ -99,7 +97,6 @@ require ( golang.org/x/sys v0.35.0 // indirect golang.org/x/text v0.28.0 // indirect golang.org/x/tools v0.35.0 // indirect - gopkg.in/go-playground/validator.v9 v9.31.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/tests/go.sum b/tests/go.sum index ddcca396..38ef9adc 100644 --- a/tests/go.sum +++ b/tests/go.sum @@ -6,8 +6,6 @@ github.com/IBM-Cloud/power-go-client v1.12.0 h1:tF9Mq5GLYHebpzQT6IYB89lIxEST1E9t github.com/IBM-Cloud/power-go-client v1.12.0/go.mod h1:SpTK1ttW8bfMNUVQS8qOEuWn2KOkzaCLyzfze8MG1JE= github.com/IBM/cloud-databases-go-sdk v0.8.0 h1:uMFqhnc/roVTzfCaUsJ23eaHKjChhGpM1F7Mpxik0bo= github.com/IBM/cloud-databases-go-sdk v0.8.0/go.mod h1:JYucI1PdwqbAd8XGdDAchxzxRP7bxOh1zUnseovHKsc= -github.com/IBM/go-sdk-core v1.1.0 h1:pV73lZqr9r1xKb3h08c1uNG3AphwoV5KzUzhS+pfEqY= -github.com/IBM/go-sdk-core v1.1.0/go.mod h1:2pcx9YWsIsZ3I7kH+1amiAkXvLTZtAq9kbxsfXilSoY= github.com/IBM/go-sdk-core/v5 v5.9.2/go.mod h1:YlOwV9LeuclmT/qi/LAK2AsobbAP42veV0j68/rlZsE= github.com/IBM/go-sdk-core/v5 v5.21.0 h1:DUnYhvC4SoC8T84rx5omnhY3+xcQg/Whyoa3mDPIMkk= github.com/IBM/go-sdk-core/v5 v5.21.0/go.mod h1:Q3BYO6iDA2zweQPDGbNTtqft5tDcEpm6RTuqMlPcvbw= @@ -50,8 +48,6 @@ github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGL github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/elazarl/goproxy v1.7.2 h1:Y2o6urb7Eule09PjlhQRGNsqRfPmYI3KKQLFpCAV3+o= github.com/elazarl/goproxy v1.7.2/go.mod h1:82vkLNir0ALaW14Rc399OTTjyNREgmdL2cVoIbS6XaE= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= @@ -110,11 +106,9 @@ github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3Bum github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ= github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= -github.com/go-playground/locales v0.12.1/go.mod h1:IUMDtCfWo/w/mtMfIE/IG2K+Ey3ygWanZIBtBW0W2TM= github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs= github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= -github.com/go-playground/universal-translator v0.16.0/go.mod h1:1AnU7NaIRDWWzGEKwgtJRd2xk99HeFyHw3yid4rvQIY= github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA= github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= @@ -199,7 +193,6 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= @@ -302,8 +295,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.6 h1:Tr7AlrQ+s1Nc9VOwB+It8sItnDOXhfXTxKqI2KtdyFA= -github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.6/go.mod h1:YBrRYc+5y5Pr9CXmY35lOqTQdlIjA4x4+3iVObXGOCE= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.9 h1:ntigNnXy4Ut6eVMfBUjQ5yoIZR5Rt419+pwfle4MO5c= +github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.9/go.mod h1:YBrRYc+5y5Pr9CXmY35lOqTQdlIjA4x4+3iVObXGOCE= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmccombs/hcl2json v0.6.4 h1:/FWnzS9JCuyZ4MNwrG4vMrFrzRgsWEOVi+1AyYUVLGw= github.com/tmccombs/hcl2json v0.6.4/go.mod h1:+ppKlIW3H5nsAsZddXPy2iMyvld3SHxyjswOZhavRDk= @@ -516,10 +509,7 @@ gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/go-playground/assert.v1 v1.2.1 h1:xoYuJVE7KT85PYWrN730RguIQO0ePzVRfFMXadIrXTM= gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE= -gopkg.in/go-playground/validator.v9 v9.30.0/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ= -gopkg.in/go-playground/validator.v9 v9.31.0 h1:bmXmP2RSNtFES+bn4uYuHT7iJFJv7Vj+an+ZQdDaD1M= gopkg.in/go-playground/validator.v9 v9.31.0/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= diff --git a/tests/other_test.go b/tests/other_test.go index 7431e22f..1e62fef2 100644 --- a/tests/other_test.go +++ b/tests/other_test.go @@ -32,6 +32,7 @@ func setupOptions(t *testing.T, prefix string, terraformDir string, ocpVersion s "access_tags": permanentResources["accessTags"], "ocp_entitlement": "cloud_pak", }, + CheckApplyResultForUpgrade: true, }) return options @@ -167,6 +168,7 @@ func TestFSCloudInSchematic(t *testing.T) { Tags: []string{"test-schematic"}, DeleteWorkspaceOnFail: false, WaitJobCompleteMinutes: 240, + TerraformVersion: terraformVersion, }) // If "jp-osa" was the best region selected, default to us-south instead. diff --git a/tests/pr_test.go b/tests/pr_test.go index 0a4ae415..d8fa9928 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -8,7 +8,6 @@ import ( "strings" "testing" - "github.com/IBM/go-sdk-core/core" "github.com/gruntwork-io/terratest/modules/files" "github.com/gruntwork-io/terratest/modules/logger" "github.com/gruntwork-io/terratest/modules/random" @@ -32,10 +31,11 @@ const resourceGroup = "geretain-test-base-ocp-vpc" const yamlLocation = "../common-dev-assets/common-go-assets/common-permanent-resources.yaml" // Ensure there is one test per supported OCP version -const ocpVersion1 = "4.18" // used by TestRunFullyConfigurable, TestRunUpgradeFullyConfigurable, TestFSCloudInSchematic and TestRunMultiClusterExample -const ocpVersion2 = "4.17" // used by TestCustomSGExample and TestRunCustomsgExample -const ocpVersion3 = "4.16" // used by TestRunAdvancedExample and TestCrossKmsSupportExample -const ocpVersion4 = "4.15" // used by TestRunAddRulesToSGExample and TestRunBasicExample +const ocpVersion1 = "4.18" // used by TestRunFullyConfigurable, TestRunUpgradeFullyConfigurable, TestFSCloudInSchematic and TestRunMultiClusterExample +const ocpVersion2 = "4.17" // used by TestCustomSGExample and TestRunCustomsgExample +const ocpVersion3 = "4.16" // used by TestRunAdvancedExample and TestCrossKmsSupportExample +const ocpVersion4 = "4.15" // used by TestRunAddRulesToSGExample and TestRunBasicExample +const terraformVersion = "terraform_v1.10" // This should match the version in the ibm_catalog.json var ( sharedInfoSvc *cloudinfo.CloudInfoService @@ -100,10 +100,12 @@ func setupQuickstartOptions(t *testing.T, prefix string) *testschematic.TestSche "*.tf", quickStartTerraformDir + "/*.tf", "scripts/*.sh", "kubeconfig/README.md", }, - TemplateFolder: quickStartTerraformDir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, - WaitJobCompleteMinutes: 360, + TemplateFolder: quickStartTerraformDir, + Tags: []string{"test-schematic"}, + DeleteWorkspaceOnFail: false, + WaitJobCompleteMinutes: 360, + TerraformVersion: terraformVersion, + CheckApplyResultForUpgrade: true, }) options.TerraformVars = []testschematic.TestSchematicTerraformVar{ {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, @@ -141,6 +143,7 @@ func TestRunFullyConfigurableInSchematics(t *testing.T) { TemplateFolder: fullyConfigurableTerraformDir, Tags: []string{"test-schematic"}, DeleteWorkspaceOnFail: false, + TerraformVersion: terraformVersion, }) options.TerraformVars = []testschematic.TestSchematicTerraformVar{ @@ -171,12 +174,14 @@ func TestRunUpgradeFullyConfigurable(t *testing.T) { existingTerraformOptions := setupTerraform(t, prefix, "./existing-resources") options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ - Testing: t, - Prefix: "fc-upg", - TarIncludePatterns: []string{"*.tf", fullyConfigurableTerraformDir + "/*.*", fullyConfigurableTerraformDir + "/scripts/*.*", "scripts/*.sh", "kubeconfig/README.md", "modules/kube-audit/*.*", "modules/kube-audit/kubeconfig/README.md", "modules/kube-audit/scripts/*.sh", fullyConfigurableTerraformDir + "/kubeconfig/README.md", "modules/kube-audit/helm-charts/kube-audit/*.*", "modules/kube-audit/helm-charts/kube-audit/templates/*.*"}, - TemplateFolder: fullyConfigurableTerraformDir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, + Testing: t, + Prefix: "fc-upg", + TarIncludePatterns: []string{"*.tf", fullyConfigurableTerraformDir + "/*.*", fullyConfigurableTerraformDir + "/scripts/*.*", "scripts/*.sh", "kubeconfig/README.md", "modules/kube-audit/*.*", "modules/kube-audit/kubeconfig/README.md", "modules/kube-audit/scripts/*.sh", fullyConfigurableTerraformDir + "/kubeconfig/README.md", "modules/kube-audit/helm-charts/kube-audit/*.*", "modules/kube-audit/helm-charts/kube-audit/templates/*.*"}, + TemplateFolder: fullyConfigurableTerraformDir, + Tags: []string{"test-schematic"}, + DeleteWorkspaceOnFail: false, + TerraformVersion: terraformVersion, + CheckApplyResultForUpgrade: true, }) options.IgnoreUpdates = testhelper.Exemptions{List: []string{"module.kube_audit[0].helm_release.kube_audit"}} @@ -264,54 +269,40 @@ func TestRoksAddonDefaultConfiguration(t *testing.T) { "deploy-arch-ibm-slz-ocp", "fully-configurable", map[string]interface{}{ - "prefix": options.Prefix, - "region": "eu-de", - "secrets_manager_service_plan": "trial", + "prefix": options.Prefix, + "region": "eu-de", }, ) - /* - Secrets manager is manually disabled in this test because it deploys Event notification - and event notifications DA creates kms keys and during undeploy the order of key protect and event notifications - is not considered by projects as EN is not a direct dependency of OCP DA. So undeploy fails, because - key protect instance can't be deleted because of active keys created by EN. Hence for now, we don't want to deploy - EN so SM is being disabled. - Issue has been created for projects team. https://github.ibm.com/epx/projects/issues/4750 - Once that is fixed, we can remove the logic to disable SM - */ + // use existing secrets manager instance to help prevent hitting trial instance limit in account options.AddonConfig.Dependencies = []cloudinfo.AddonConfig{ { OfferingName: "deploy-arch-ibm-secrets-manager", OfferingFlavor: "fully-configurable", - Enabled: core.BoolPtr(false), // explicitly disabled + Inputs: map[string]interface{}{ + "existing_secrets_manager_crn": permanentResources["privateOnlySecMgrCRN"], + "service_plan": "__NULL__", // no plan value needed when using existing SM + "skip_secrets_manager_iam_auth_policy": true, // since using an existing Secrets Manager instance, attempting to re-create auth policy can cause conflicts if the policy already exists + "secret_groups": []string{}, // passing empty array for secret groups as default value is creating general group and it will cause conflicts as we are using an existing SM + }, }, - } - - err := options.RunAddonTest() - require.NoError(t, err) -} - -// TestDependencyPermutations runs dependency permutations for OCP and all its dependencies -func TestRoksDependencyPermutations(t *testing.T) { - - t.Skip("Skipping dependency permutations until the test is fixed") - t.Parallel() - - options := testaddons.TestAddonsOptionsDefault(&testaddons.TestAddonOptions{ - Testing: t, - Prefix: "ocp-per", - AddonConfig: cloudinfo.AddonConfig{ - OfferingName: "deploy-arch-ibm-slz-ocp", + // // Disable target / route creation to help prevent hitting quota in account + { + OfferingName: "deploy-arch-ibm-cloud-monitoring", OfferingFlavor: "fully-configurable", Inputs: map[string]interface{}{ - "prefix": "ocp-per", - "region": "eu-de", - "secrets_manager_service_plan": "trial", - "existing_cos_instance_crn": permanentResources["general_test_storage_cos_instance_crn"], + "enable_metrics_routing_to_cloud_monitoring": false, }, }, - }) + { + OfferingName: "deploy-arch-ibm-activity-tracker", + OfferingFlavor: "fully-configurable", + Inputs: map[string]interface{}{ + "enable_activity_tracker_event_routing_to_cloud_logs": false, + }, + }, + } - err := options.RunAddonPermutationTest() - assert.NoError(t, err, "Dependency permutation test should not fail") + err := options.RunAddonTest() + require.NoError(t, err) }