add slsa tests and refactor how tests are run

since tests are run in parallel, cluster-scoped resources needed to be
created with a different name for each of the suites

Signed-off-by: Bohan Chen <[email protected]>

test/cosign_e2e_test.go

@@ -19,17 +19,21 @@ import (
 	corev1alpha1 "github.com/pivotal/kpack/pkg/apis/core/v1alpha1"
 )
 
+func TestSignBuilder(t *testing.T) {
+	spec.Run(t, "SignBuilder", testSignBuilder)
+}
+
 func testSignBuilder(t *testing.T, _ spec.G, it spec.S) {
 	const (
-		testNamespace        = "test"
+		testNamespace        = "test-cosign"
 		dockerSecret         = "docker-secret"
 		serviceAccountName   = "image-service-account"
-		clusterStoreName     = "store"
+		clusterStoreName     = "store-cosign"
 		buildpackName        = "buildpack"
-		clusterBuildpackName = "cluster-buildpack"
-		clusterStackName     = "stack"
+		clusterBuildpackName = "cluster-buildpack-cosign"
+		clusterStackName     = "stack-cosign"
 		builderName          = "custom-signed-builder"
-		clusterBuilderName   = "custom-signed-cluster-builder"
+		clusterBuilderName   = "custom-signed-cluster-builder-cosign"
 		cosignSecretName     = "cosign-creds"
 		secretRefFormat      = "k8s://%s/%s"
 	)
@@ -1022,7 +1026,7 @@ func testSignBuilder(t *testing.T, _ spec.G, it spec.S) {
 		cosignCredSecret := cosigntesting.GenerateFakeKeyPair(t, cosignSecretName, testNamespace, cosignKeyPassword, nil)
 		cosignCredSecret.Data[secret.CosignSecretPassword] = []byte(invalidPassword)
 
-		_, err = clients.k8sClient.CoreV1().Secrets(testNamespace).Create(ctx, &cosignCredSecret, metav1.CreateOptions{})
+		_, err := clients.k8sClient.CoreV1().Secrets(testNamespace).Create(ctx, &cosignCredSecret, metav1.CreateOptions{})
 		require.NoError(t, err)
 
 		serviceAccount, err := clients.k8sClient.CoreV1().ServiceAccounts(testNamespace).Get(ctx, serviceAccountName, metav1.GetOptions{})

test/e2e.go

@@ -23,11 +23,11 @@ var (
 	k8sClient     *kubernetes.Clientset
 	dynamicClient dynamic.Interface
 	clusterConfig *rest.Config
-	err           error
 )
 
 func newClients(t *testing.T) (*clients, error) {
 	setup.Do(func() {
+		var err error
 		kubeconfig := flag.String("kubeconfig", getKubeConfig(), "Path to a kubeconfig. Only required if out-of-cluster.")
 		masterURL := flag.String("master", "", "The address of the Kubernetes API server. Overrides any value in kubeconfig. Only required if out-of-cluster.")
 

test/execute_build_test.go

@@ -5,7 +5,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"math/rand"
 	"os"
 	"strings"
 	"testing"
@@ -36,10 +35,7 @@ import (
 )
 
 func TestKpackE2E(t *testing.T) {
-	rand.Seed(time.Now().Unix())
-
 	spec.Run(t, "CreateImage", testCreateImage)
-	spec.Run(t, "SignBuilder", testSignBuilder)
 }
 
 func testCreateImage(t *testing.T, _ spec.G, it spec.S) {
@@ -489,7 +485,7 @@ func testCreateImage(t *testing.T, _ spec.G, it spec.S) {
 
 		basicSecret, basicAuthRepo := cfg.makeGitBasicAuthSecret(gitBasicSecret, testNamespace)
 		if basicSecret != nil {
-			_, err = clients.k8sClient.CoreV1().Secrets(testNamespace).Create(ctx, basicSecret, metav1.CreateOptions{})
+			_, err := clients.k8sClient.CoreV1().Secrets(testNamespace).Create(ctx, basicSecret, metav1.CreateOptions{})
 			require.NoError(t, err)
 
 			sa.Secrets = append(sa.Secrets, corev1.ObjectReference{
@@ -499,7 +495,7 @@ func testCreateImage(t *testing.T, _ spec.G, it spec.S) {
 
 		sshSecret, sshAuthRepo := cfg.makeGitSSHAuthSecret(gitSSHSecret, testNamespace)
 		if sshSecret != nil {
-			_, err = clients.k8sClient.CoreV1().Secrets(testNamespace).Create(ctx, sshSecret, metav1.CreateOptions{})
+			_, err := clients.k8sClient.CoreV1().Secrets(testNamespace).Create(ctx, sshSecret, metav1.CreateOptions{})
 			require.NoError(t, err)
 
 			sa.Secrets = append(sa.Secrets, corev1.ObjectReference{
@@ -674,7 +670,7 @@ func waitUntilFailed(t *testing.T, ctx context.Context, clients *clients, condit
 			require.NoError(t, err)
 
 			condition := kResource.Status.GetCondition(apis.ConditionType(condition))
-			return condition.IsFalse() && "" != condition.Message && strings.Contains(condition.Message, expectedMessage)
+			return condition.IsFalse() && condition.Message != "" && strings.Contains(condition.Message, expectedMessage)
 		}, 1*time.Second, 8*time.Minute)
 	}
 }