Skip to content

fix: add pr-preview for testing env #350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
fegmorte wants to merge 106 commits into
base: main
Choose a base branch
from
Draft

fix: add pr-preview for testing env #350

fegmorte wants to merge 106 commits into from
+1,802 −248

Conversation

@fegmorte
Copy link
Contributor

@fegmorte fegmorte commented Dec 23, 2025

Description of changes

Issue ticket number and link

PR Checklist

I attest that all checked items are satisfied. Any deviation is clearly justified above.

  • Title follows conventional commits (e.g. chore: ...).
  • Tests added for every new pub item and test coverage has not decreased.
  • Public APIs and non-obvious logic documented; unfinished work marked as TODO(#issue).
  • unwrap/expect/panic only in tests or for invariant bugs (documented if present).
  • No dependency version changes OR (if changed) only minimal required fixes.
  • No architectural protocol changes OR linked spec PR/issue provided.
  • No breaking deployment config changes OR devops label + infra notified + infra-team reviewer assigned.
  • No breaking gRPC / serialized data changes OR commit marked with ! and affected teams notified.
  • No modifications to existing versionized structs OR backward compatibility tests updated.
  • No critical business logic / crypto changes OR ≥2 reviewers assigned.
  • No new sensitive data fields added OR Zeroize + ZeroizeOnDrop implemented.
  • No new public storage data OR data is verifiable (signature / digest).
  • No unsafe; if unavoidable: minimal, justified, documented, and test/fuzz covered.
  • Strongly typed boundaries: typed inputs validated at the edge; no untyped values or errors cross modules.
  • Self-review completed.

Dependency Update Questionnaire (only if deps changed or added)

Answer in the Cargo.toml next to the dependency (or here if updating):

  1. Ownership changes or suspicious concentration?
  2. Low popularity?
  3. Unusual version jump?
  4. Lacking documentation?
  5. Missing CI?
  6. No security / disclosure policy?
  7. Significant size increase?

More details and explanations for the checklist and dependency updates can be found in CONTRIBUTING.md

@cla-bot cla-bot bot added the cla-signed The CLA has been signed. label Dec 23, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 23, 2025
View reviewed changes
@github-actions
Copy link

github-actions bot commented Dec 23, 2025
edited
Loading

Vulnerability Scan Results

Details 

Report Summary

┌───────────────────────────────────┬────────────┬─────────────────┬─────────┐
│              Target               │    Type    │ Vulnerabilities │ Secrets │
├───────────────────────────────────┼────────────┼─────────────────┼─────────┤
│ base:latest (chainguard 20230214) │ chainguard │        0        │    -    │
├───────────────────────────────────┼────────────┼─────────────────┼─────────┤
│ usr/bin/yq                        │  gobinary  │        0        │    -    │
└───────────────────────────────────┴────────────┴─────────────────┴─────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)

github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 24, 2025
View reviewed changes
@fegmorte fegmorte changed the title fix: add vcluster for pr-preview fix: add pr-preview for testing env Dec 24, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 24, 2025
View reviewed changes
@github-actions
Copy link

github-actions bot commented Jan 7, 2026

🚀 PR preview environment is deployed in "threshold" mode

You can now port-forward the kms-core to run your tests locally against the preview environment.

tailscale configure kubeconfig tailscale-operator-zws-dev.diplodocus-boa.ts.net
kubectl port-forward svc/kms-core-1-core-1 -n "kms-ci-fegmorte-350" 50100:50100 & \
kubectl port-forward svc/kms-core-2-core-2 -n "kms-ci-fegmorte-350" 50200:50100 & \
kubectl port-forward svc/kms-core-3-core-3 -n "kms-ci-fegmorte-350" 50300:50100 & \
kubectl port-forward svc/kms-core-4-core-4 -n "kms-ci-fegmorte-350" 50400:50100 &

And launch your tests:

cargo nextest run --test <your-test-name>

You can connect to the core-client with:

kubectl exec kms-core-client -n "kms-ci-fegmorte-350" -it -- /bin/bash

@github-actions
Copy link

github-actions bot commented Jan 7, 2026

🚀 PR preview environment is deployed in "thresholdWithEnclave" mode

You can now port-forward the kms-core to run your tests locally against the preview environment.

tailscale configure kubeconfig tailscale-operator-zws-dev.diplodocus-boa.ts.net
kubectl port-forward svc/kms-core-1-core-1 -n "kms-ci-fegmorte-350" 50100:50100 & \
kubectl port-forward svc/kms-core-2-core-2 -n "kms-ci-fegmorte-350" 50200:50100 & \
kubectl port-forward svc/kms-core-3-core-3 -n "kms-ci-fegmorte-350" 50300:50100 & \
kubectl port-forward svc/kms-core-4-core-4 -n "kms-ci-fegmorte-350" 50400:50100 &

And launch your tests:

cargo nextest run --test <your-test-name>

You can connect to the core-client with:

kubectl exec kms-core-client -n "kms-ci-fegmorte-350" -it -- /bin/bash

@github-actions
Copy link

github-actions bot commented Jan 7, 2026

🚀 PR preview environment is deployed in "threshold" mode

You can now port-forward the kms-core to run your tests locally against the preview environment.

tailscale configure kubeconfig tailscale-operator-zws-dev.diplodocus-boa.ts.net
kubectl port-forward svc/kms-core-1-core-1 -n "kms-ci-fegmorte-350" 50100:50100 & \
kubectl port-forward svc/kms-core-2-core-2 -n "kms-ci-fegmorte-350" 50200:50100 & \
kubectl port-forward svc/kms-core-3-core-3 -n "kms-ci-fegmorte-350" 50300:50100 & \
kubectl port-forward svc/kms-core-4-core-4 -n "kms-ci-fegmorte-350" 50400:50100 &

And launch your tests:

cargo nextest run --test <your-test-name>

You can connect to the core-client with:

kubectl exec kms-core-client -n "kms-ci-fegmorte-350" -it -- /bin/bash

@github-actions
Copy link

github-actions bot commented Jan 7, 2026

🚀 PR preview environment is deployed in "thresholdWithEnclave" mode

You can now port-forward the kms-core to run your tests locally against the preview environment.

tailscale configure kubeconfig tailscale-operator-zws-dev.diplodocus-boa.ts.net
kubectl port-forward svc/kms-core-1-core-1 -n "kms-ci-fegmorte-350" 50100:50100 & \
kubectl port-forward svc/kms-core-2-core-2 -n "kms-ci-fegmorte-350" 50200:50100 & \
kubectl port-forward svc/kms-core-3-core-3 -n "kms-ci-fegmorte-350" 50300:50100 & \
kubectl port-forward svc/kms-core-4-core-4 -n "kms-ci-fegmorte-350" 50400:50100 &

And launch your tests:

cargo nextest run --test <your-test-name>

You can connect to the core-client with:

kubectl exec kms-core-client -n "kms-ci-fegmorte-350" -it -- /bin/bash

@github-actions
Copy link

github-actions bot commented Jan 8, 2026

🚀 PR preview environment is deployed in "threshold" mode

You can now port-forward the kms-core to run your tests locally against the preview environment.

tailscale configure kubeconfig tailscale-operator-zws-dev.diplodocus-boa.ts.net
"kubectl port-forward svc/kms-core-1-core-1 -n "kms-ci-fegmorte-350" 50100:50100 & \
kubectl port-forward svc/kms-core-2-core-2 -n "kms-ci-fegmorte-350" 50200:50100 & \
kubectl port-forward svc/kms-core-3-core-3 -n "kms-ci-fegmorte-350" 50300:50100 & \
kubectl port-forward svc/kms-core-4-core-4 -n "kms-ci-fegmorte-350" 50400:50100 &"

Copy config.toml from core-client to ./core-client/config/"client_local_threshold.toml"

kubectl cp "kms-ci-fegmorte-350"/kms-core-client-0:/app/kms-core-client/config.toml ./core-client/config/"client_local_threshold.toml"

And launch your tests:

cargo nextest run --test "kubernetes_test_threshold" --profile ci --no-fail-fast

You can connect to the core-client with:

kubectl exec kms-core-client -n "kms-ci-fegmorte-350" -it -- /bin/bash

Close your port-forwarding with:

pgrep -f "kubectl port-forward" | xargs -n 1 kill

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aquint-zama aquint-zama Awaiting requested review from aquint-zama

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

cla-signed The CLA has been signed. pr-preview-thresholdWithEnclave

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fegmorte