Encryption at rest testing manifests

This directory contains manifests for testing encryption at rest with a mock KMS provider. The mock KMS provider is a fake KMS provider that does not communicate with any external KMS. It is used for testing purposes only.

run-e2e.sh

The run-e2e.sh script does the following:

Installs required prerequisites: kind and kubetest2.
Builds the e2e.test, ginkgo and kubectl binaries.
Creates local registry if not already present. This registry is used to push the kms mock plugin image.
Build and push the kms mock plugin image to the local registry.
Connect local registry to kind network so that kind cluster created using kubetest2 in prow CI job can pull the kms mock plugin image.
Create kind cluster using kubetest2 and run e2e tests.
Collect logs and metrics from kind cluster.
Delete kind cluster.

The script extracts runtime configurations through environment variables. The following environment variables are supported:

Variable	Description	Default
`SKIP_DELETE_CLUSTER`	If set to `true`, the kind cluster will not be deleted after the tests are run.	`false`
`SKIP_RUN_TESTS`	If set to `true`, the tests will not be run.	`false`
`SKIP_COLLECT_LOGS`	If set to `true`, the logs and metrics will not be collected.	`false`

Running the script locally

Run the script locally with the following command:

test/e2e/testing-manifests/auth/encrypt/run-e2e.sh

Create a local cluster with mock KMS provider

The run-e2e.sh script can be used to create a local cluster with mock KMS provider. The following command creates a local cluster with mock KMS provider:

SKIP_RUN_TESTS=true SKIP_DELETE_CLUSTER=true SKIP_COLLECT_LOGS=true test/e2e/testing-manifests/auth/encrypt/run-e2e.sh

Delete the cluster after use:

kind delete cluster --name=kms