integration: use postgres instead of redis for tests (#3390)

* integration: use postgres instead of redis for tests

* add missing environment variables for kubernetes

* fix certs

* use cert in generated files

* try new keys

* fix certs

integration/tpl/backends/httpdetails.libsonnet

@@ -78,10 +78,14 @@ function() {
   kubernetes: std.foldl(
     function(acc, variation)
       acc + [
-        utils.KubernetesDeployment(variation.name + '-' + suffix, image, Command(variation), [
-          { name: 'http', containerPort: 8080 },
-          { name: 'https', containerPort: 8443 },
-        ]),
+        utils.KubernetesDeployment(variation.name + '-' + suffix, {
+          image: image,
+          args: Command(variation),
+          ports: [
+            { name: 'http', containerPort: 8080 },
+            { name: 'https', containerPort: 8443 },
+          ],
+        }),
         utils.KubernetesService(variation.name + '-' + suffix, [
           { name: 'http', port: 8080, targetPort: 'http' },
           { name: 'https', port: 8443, targetPort: 'https' },

integration/tpl/backends/k3s.libsonnet

@@ -7,7 +7,7 @@ local Command() =
     |||
       set -x
       # the dev image is only available locally, so load it first
-      if [ "${POMERIUM_TAG:-master}" = "dev" ]; then
+      if [ "${POMERIUM_TAG:-main}" = "dev" ]; then
         sh -c '
           while true ; do
             ctr --connect-timeout=1s --timeout=60s images import /k3s-tmp/pomerium-dev.tar && break

integration/tpl/backends/mock-idp.libsonnet

@@ -33,9 +33,13 @@ function(idp) {
     volumes: {},
   },
   kubernetes: [
-    utils.KubernetesDeployment(name, image, command, [
-      { name: 'http', containerPort: 8024 },
-    ]),
+    utils.KubernetesDeployment(name, {
+      image: image,
+      args: command,
+      ports: [
+        { name: 'http', containerPort: 8024 },
+      ],
+    }),
     utils.KubernetesService(name, [
       { name: 'http', port: 8024, targetPort: 'http' },
     ]),

integration/tpl/backends/pomerium.libsonnet

@@ -81,8 +81,8 @@ local Environment(mode, idp, dns_suffix) =
     CERTIFICATE_KEY: std.base64(importstr '../files/trusted-key.pem'),
     CERTIFICATE_AUTHORITY: std.base64(importstr '../files/ca.pem'),
     COOKIE_SECRET: 'UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=',
-    DATABROKER_STORAGE_TYPE: 'redis',
-    DATABROKER_STORAGE_CONNECTION_STRING: 'redis://redis:6379',
+    DATABROKER_STORAGE_TYPE: 'postgres',
+    DATABROKER_STORAGE_CONNECTION_STRING: 'postgres://pomerium:password@postgres:5432/test',
     ENVOY_ADMIN_ADDRESS: '0.0.0.0:9901',
     GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: std.base64(std.manifestJsonEx(
       GoogleCloudServerlessAuthenticationServiceAccount(dns_suffix), ''
@@ -120,7 +120,7 @@ local ComposeService(name, definition, additionalAliases=[]) =
       for name in [
         'fortio',
         'mock-idp',
-        'redis',
+        'postgres',
         'trusted-httpdetails',
         'trusted-1-httpdetails',
         'trusted-2-httpdetails',
@@ -135,7 +135,7 @@ local ComposeService(name, definition, additionalAliases=[]) =
 
 function(mode, idp, dns_suffix='') {
   local name = 'pomerium',
-  local image = 'pomerium/pomerium:${POMERIUM_TAG:-master}',
+  local image = 'pomerium/pomerium:${POMERIUM_TAG:-main}',
   local environment = Environment(mode, idp, dns_suffix),
 
   compose: {

integration/tpl/backends/postgres.libsonnet

@@ -0,0 +1,43 @@
+local utils = import '../utils.libsonnet';
+
+function() {
+  local name = 'postgres',
+  local image = 'postgres:14.3-alpine',
+  local env = {
+    POSTGRES_USER: 'pomerium',
+    POSTGRES_PASSWORD: 'password',
+    POSTGRES_DB: 'test',
+  },
+
+  compose: {
+    services:
+      utils.ComposeService(name, {
+        image: image,
+        environment: env,
+      }) +
+      utils.ComposeService(name + '-ready', {
+        image: 'jwilder/dockerize:0.6.1',
+        command: [
+          '-wait',
+          'tcp://' + name + ':5432',
+          '-timeout',
+          '10m',
+        ],
+      }),
+  },
+  kubernetes: [
+    utils.KubernetesDeployment(name, {
+      image: image,
+      ports: [
+        { name: 'tcp', containerPort: 5432 },
+      ],
+      env: [
+        { name: k, value: env[k] }
+        for k in std.objectFields(env)
+      ],
+    }),
+    utils.KubernetesService(name, [
+      { name: 'tcp', port: 5432, targetPort: 'tcp' },
+    ]),
+  ],
+}

integration/tpl/backends/redis.libsonnet

@@ -1,30 +0,0 @@
-local utils = import '../utils.libsonnet';
-
-function() {
-  local name = 'redis',
-  local image = 'redis:6.2.5-alpine',
-
-  compose: {
-    services:
-      utils.ComposeService(name, {
-        image: image,
-      }) +
-      utils.ComposeService(name + '-ready', {
-        image: 'jwilder/dockerize:0.6.1',
-        command: [
-          '-wait',
-          'tcp://' + name + ':6379',
-          '-timeout',
-          '10m',
-        ],
-      }),
-  },
-  kubernetes: [
-    utils.KubernetesDeployment(name, image, null, [
-      { name: 'tcp', containerPort: 6379 },
-    ]),
-    utils.KubernetesService(name, [
-      { name: 'tcp', port: 6379, targetPort: 'tcp' },
-    ]),
-  ],
-}

integration/tpl/backends/verify.libsonnet

@@ -48,8 +48,11 @@ function(mode) {
     utils.KubernetesService(name, [
       { name: 'http', port: 80, targetPort: 'http' },
     ]),
-    utils.KubernetesDeployment(name, image, null, [
-      { name: 'http', containerPort: 8000 },
-    ]),
+    utils.KubernetesDeployment(name, {
+      image: image,
+      ports: [
+        { name: 'http', containerPort: 8000 },
+      ],
+    }),
   ],
 }

integration/tpl/backends/websocket-echo.libsonnet

@@ -23,9 +23,13 @@ function() {
     volumes: {},
   },
   kubernetes: [
-    utils.KubernetesDeployment(name, image, command, [
-      { name: 'http', containerPort: 80 },
-    ]),
+    utils.KubernetesDeployment(name, {
+      image: image,
+      args: command,
+      ports: [
+        { name: 'http', containerPort: 80 },
+      ],
+    }),
     utils.KubernetesService(name, [
       { name: 'http', port: 80, targetPort: 'http' },
     ]),