Architecture: rebase testkube ontop of argo-workflows

[gberche-orange]

Is your feature request related to a problem? Please describe.

As a testkube user, In order to benefit from the features available in argo workflow that are missing in test kube, I need testkube to leverage argo workflow while keeping differentiating testkube features

Currently, testkube is implementing its features on top of plain k8s api, generating Job and CronJob resources, with init container fetching git sources and custom triggers.

Describe the solution you'd like

TestKube to leverage argo workflows for most of the facilities, and focus on missing and test-specific features instead

Additional context

Following are some thoughts on requirements in my team for a test facade, and how testkube could leverage argo workflows to support them.

Actors:

• Test author (~google TE, SWE) : authors new tests to assert some behavior
• Test template author (~google SET): maintains templates that factor out behavior common to multiple tests
• Test reader (~google TE, SWE ): invoke tests in specific environments. Read test status. Diagnose root cause of test failures

Key desired features of an off the shelf K8S test framework

• Gitops and K8S native: authoring via CRD and gitops
• Catalog of maintained templates for running off-the-shelf test tools
  • e.g. kuttl https://github.com/kubeshop/testkube/issues/1142
  • e.g. goss https://github.com/goss-org/goss
  • client test tool default sensible configuration and execution
    • container image
    • default options (output archival formatting, debug verbose flags)
  • sample dogfooding/community usage and benefits: test source code, diagnosed issues, outputs (possibly sampled)
  • Server-side installation if required
  • Service subscription for commercial managed services
• Git-ops ready:
  • Trigger when changes to workflow/script content
  • Trigger on external conditions: SUT (system-under-test) changes
• Web ui for "Test reader" actor
  • auth
  • trigger tests/scripts through custom input web forms
  • logs archiving
  • artefacts archiving
  • observability
    • prometheus metrics
    • notifications

features	sub-feature	Argo-workflow	TestKube
K8S native	authoring via CRD	~OK	OK
Git-ops ready	Mount content from Gitops repo	To-test	OK
Git-ops ready	Trigger when changes to workflow/script content	To-test (gh webhook)	https://github.com/kubeshop/testkube/issues/4007
Git-ops ready	Trigger on external conditions: SUT (system-under-test) changes	To-test (gh webhook)	https://github.com/kubeshop/testkube/issues/3712 https://github.com/kubeshop/testkube/issues/4017
Web ui	ease of use, user friendly	Weak	Good
Web ui	auth	OK	OK
Web ui	trigger tests/scripts through custom input web forms	~ OK (basic enums)	https://github.com/kubeshop/testkube/issues/4030
Web ui	logs archiving	OK	OK
Web ui	artefacts archiving	OK	OK
Web ui	artefacts visualization	To-test	https://github.com/kubeshop/testkube/issues/4029
Web ui	prometheus metrics	To-test	OK
Web ui	notifications	To-test	To-test
Community	size, maturity	Large	Small
Community	support	To-test	OSS or enterprise/cloud subscription
Community	reuseable templates	To-test	Builtin Test executors

argo workflow details

trigger when changes to script/workflow content

https://github.com/argoproj/argo-workflows/issues/8415 Conditionally Run Workflows Based on Git Artifact Files Changed

• Use Argo Events to setup a GitHub event source: https://github.com/argoproj/argo-events/blob/master/docs/eventsources/setup/github.md

• Also https://github.com/argoproj/argo-events/blob/master/docs/eventsources/setup/gitlab.md

webui

Use cases

• [x] List templates
• [x] Run templates
  • [x] With params forms
• [x] List executions

reuseable templates

https://github.com/argoproj-labs/argo-workflows-catalog/tree/master/templates few unmaintained templates

• https://equinor.github.io/flowify-documentation/components/
  • https://github.com/equinor/?q=flowify-component&type=all&language=&sort= jq, http, gcp, azure blob, array

resulting test artifacts

https://argoproj.github.io/argo-workflows/artifact-visualization/

Prometheus metrics

https://argoproj.github.io/argo-workflows/metrics/

Trigger on git change

Likely through a webhook from the git repo provider (e.g. github or gitlab) https://argoproj.github.io/argo-workflows/events/#workflow-template-triggered-by-the-event https://argoproj.github.io/argo-workflows/webhooks/

The secret argo-workflows-webhook-clients tells Argo: What type of webhook the account can be used for, e.g. github. What "secret" that webhook is configured for, e.g. in your Github settings page.

https://argo-cd.readthedocs.io/en/stable/operator-manual/webhook/

Argo CD polls Git repositories every three minutes to detect changes to the manifests. To eliminate this delay from polling, the API server can be configured to receive webhook events. Argo CD supports Git webhook notifications from GitHub, GitLab, Bitbucket, Bitbucket Server and Gogs. The following explains how to configure a Git webhook for GitHub, but the same process should be applicable to other providers.

CRD schema

Argo workflow CRD schema are currently empty because the schema size exceeds the K8S supported size. See https://github.com/argoproj/argo-workflows/issues/8190 and https://github.com/argoproj/argo-helm/issues/2105

Mount content from gitops repo

apiVersion: argoproj.io/v1alpha1
kind: WorkflowTemplate
metadata:
  name: osb-smoke-test-template
spec:
  entrypoint: osb-smoke-test
  arguments:
    artifacts:
      - name: myrepo
        git:
          repo: https://
          branch: main
          depth: 1
          disableSubmodules: true
          usernameSecret:
            name: name
            key: key
          passwordSecret:
            name: name
            key: key 

• https://argoproj.github.io/argo-workflows/artifact-repository-ref/
• https://argoproj.github.io/argo-workflows/fields/#gitartifact

Related issues:

• https://github.com/argoproj/argo-workflows/issues/10375
• https://github.com/argoproj/argo-workflows/issues/10600
• https://github.com/argoproj/argo-workflows/issues/10375 parse checkout RFE
• https://github.com/argoproj/argo-workflows/issues/10091 move away from go-git (being discussed)

[gberche-orange]

thanks to @dejanzele and @TheBrunoLopes for our 2nd sync up meeting today on this topic and your sharing of current testkube dogfooding:

TestKube helm release is tested using testkube, covering test kube api using postman executor, and playright executor (+ executor smoke tests)

• github action source at https://github.com/kubeshop/helm-charts/blob/75ea82c618d01a708aa3758992560965a8bb9a33/.github/workflows/helm-releaser-testkube-charts.yaml#L380-L424
• github action logs https://github.com/kubeshop/helm-charts/actions/workflows/helm-releaser-testkube-charts.yaml
• postman tests
  • source at https://github.com/kubeshop/testkube/blob/bc326516fa9105aa93bd627adc708c3fe532a0e6/test/postman/TestKube-Sanity.postman_collection.json#L61-L451
  • executions logs within https://demo.testkube.io/tests/executions/sanity
• playright tests
• test source code
  • https://github.com/kubeshop/testkube-dashboard/blob/7bdd0c5ae9804f5d4afcf5cb2440b1d9690cbac2/test/dashboard-e2e/tests/create-test.spec.ts#L13-L31
  • https://github.com/kubeshop/testkube-dashboard/blob/7bdd0c5ae9804f5d4afcf5cb2440b1d9690cbac2/test/dashboard-e2e/tests/run-test.spec.ts#L9-L33
• execution logs https://demo.testkube.io/tests/executions/dashboard-e2e-tests

[vsukhin]

4017 is done

4007 is in progress

[senare]

Looks promising !

I got 2 questions (or suggestions maybe?)

First when it comes to auth and authn ... would it be possible to stand on the shoulders of ArgoCD here ? I just configured ArgoCD <= SAML => Authentik and then added ArgoWorkflow <= OIDC => DEX => ArgoCD (I think thats the flow atleast)

Then we also have Argo Events, which I was looking to add in to the mix for triggering the right flow and coordination etc ... but when you describe it above it is not mentioned, would you care to elaborate as to why a bit ?

LINKS

• Argo Events
• Use Argo CD Dex for authentication
• Authentik