feat: refactor topology test to deploy slim clusters and run latest e…

.github/actions/deploy-components/action.yaml

@@ -116,6 +116,12 @@ runs:
         task -d ./${{ inputs.checkout-path }} integrations:kind:create \
           KIND_CLUSTER_NAME=${{ inputs.kind-cluster-name }}
 
+    - name: Deploy SPIRE
+      if: ${{ inputs.deploy-spire != 'false' }}      
+      shell: bash
+      run: |
+        task -d ./${{ inputs.checkout-path }} integrations:slim:spire:deploy          
+
     - name: Deploy SLIM topology
       if: ${{ inputs.deploy-slim-topology != 'false' }}      
       shell: bash
@@ -132,12 +138,6 @@ runs:
           KIND_CLUSTER_NAME=${{ inputs.kind-cluster-name }} \
           HELM_NAMESPACE=${{ inputs.kind-cluster-namespace }}
 
-    - name: Deploy SPIRE
-      if: ${{ inputs.deploy-spire != 'false' }}      
-      shell: bash
-      run: |
-        task -d ./${{ inputs.checkout-path }} integrations:slim:spire:deploy
-
     - name: Deploy Slim
       if: ${{ inputs.deploy-slim != 'false' }}
       shell: bash

.github/workflows/test-integrations.yaml

@@ -77,69 +77,6 @@ jobs:
           echo "Set KinD version to: $KIND_VERSION"
           echo "kind-version=$KIND_VERSION" >> "$GITHUB_OUTPUT"
 
-  run-tests-slim:
-    if: ${{ !inputs.skip_slim_test }}
-    needs: [set-kind-version]
-    runs-on: ubuntu-latest
-
-    permissions:
-      contents: "read"
-      id-token: "write"
-      packages: "read"
-      attestations: "read"
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Setup Environment
-        uses: ./.github/actions/setup-env
-        with:
-          python: true
-          go: false
-
-      - name: Setup K8S Tools
-        uses: ./.github/actions/setup-k8s
-        with:
-          kind-version: ${{ needs.set-kind-version.outputs.kind-version }}
-
-      - name: Deploy Slim
-        uses: ./.github/actions/deploy-components
-        with:
-          deploy-spire: "true"
-          deploy-slim: "true"
-          slim-image-tag: ${{ inputs.override_slim_image_tag }}
-          slim-chart-tag: ${{ inputs.override_slim_chart_tag }}
-
-      - name: Run slim sanity tests
-        env:
-          AZURE_OPENAI_ENDPOINT: ${{ vars.AZURE_OPENAI_ENDPOINT }}
-          AZURE_MODEL_VERSION: ${{ vars.AZURE_MODEL_VERSION }}
-          AZURE_DEPLOYMENT_NAME: ${{ vars.AZURE_DEPLOYMENT_NAME }}
-          AZURE_OPENAI_API_VERSION: ${{ vars.AZURE_OPENAI_API_VERSION }}
-          AZURE_OPENAI_API_KEY: ${{ secrets.AZURE_OPENAI_API_KEY }}
-        run: task integrations:slim:test:sanity
-        shell: bash
-
-      # - name: Run slim MCP integration tests
-      #   env:
-      #     AZURE_OPENAI_ENDPOINT: ${{ vars.AZURE_OPENAI_ENDPOINT }}
-      #     AZURE_MODEL_VERSION: ${{ vars.AZURE_MODEL_VERSION }}
-      #     AZURE_DEPLOYMENT_NAME: ${{ vars.AZURE_DEPLOYMENT_NAME }}
-      #     AZURE_OPENAI_API_VERSION: ${{ vars.AZURE_OPENAI_API_VERSION }}
-      #     AZURE_OPENAI_API_KEY: ${{ secrets.AZURE_OPENAI_API_KEY }}
-      #   run: task integrations:slim:test:mcp-server
-      #   shell: bash
-
   run-tests-slim-topology:
     if: ${{ !inputs.skip_slim_test }}
     needs: [set-kind-version]
@@ -179,7 +116,7 @@ jobs:
         uses: ./.github/actions/deploy-components
         with:
           deploy-slim: "false"
-          deploy-spire: "false"
+          deploy-spire: "true"
           deploy-slim-topology: "true"
           slim-config: "spire"
           slim-image-tag: ${{ inputs.override_slim_image_tag }}
@@ -194,66 +131,6 @@ jobs:
         with:
           artifact-name: "slim-test-result"
 
-  run-tests-slim-spire:
-    if: ${{ !inputs.skip_slim_spire_test }}
-    needs: [set-kind-version]
-    runs-on: ubuntu-latest
-
-    permissions:
-      contents: "read"
-      id-token: "write"
-      packages: "read"
-      attestations: "read"
-
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Setup Environment
-        uses: ./.github/actions/setup-env
-        with:
-          python: true
-          go: false
-
-      - name: Setup K8S Tools
-        uses: ./.github/actions/setup-k8s
-        with:
-          kind-version: ${{ needs.set-kind-version.outputs.kind-version }}
-
-      - name: Deploy Slim with SPIRE
-        uses: ./.github/actions/deploy-components
-        with:
-          deploy-slim: "true"
-          deploy-spire: "true"
-          slim-config: "spire"
-          slim-image-tag: ${{ inputs.override_slim_image_tag }}
-          slim-chart-tag: ${{ inputs.override_slim_chart_tag }}
-
-      - name: Run slim sanity tests (mtls with SPIRE)
-        env:
-          AZURE_OPENAI_ENDPOINT: ${{ vars.AZURE_OPENAI_ENDPOINT }}
-          AZURE_MODEL_VERSION: ${{ vars.AZURE_MODEL_VERSION }}
-          AZURE_DEPLOYMENT_NAME: ${{ vars.AZURE_DEPLOYMENT_NAME }}
-          AZURE_OPENAI_API_VERSION: ${{ vars.AZURE_OPENAI_API_VERSION }}
-          AZURE_OPENAI_API_KEY: ${{ secrets.AZURE_OPENAI_API_KEY }}
-          SLIM_CONFIG: "spire"
-        run: task integrations:slim:test:sanity
-        shell: bash
-
-      - name: Create artifact from integrations test reports
-        uses: ./.github/actions/create-artifact
-        with:
-          artifact-name: "slim-spire-test-result"
-
   run-tests-directory:
     if: ${{ !inputs.skip_directory_test }}
     needs: [set-kind-version]
@@ -390,11 +267,8 @@ jobs:
     # Ensure this job runs only after all jobs that produce artifacts have completed
     needs:
       [
-        run-tests-slim,
-        run-tests-slim-spire,
+        run-tests-slim-topology,
         run-tests-directory,
-        run-agentic-apps,
-        run-tests-wfsm,
       ]
     if: ${{ always() }}
     runs-on: ubuntu-latest

integrations/agntcy-slim/Taskfile.yml

@@ -10,15 +10,17 @@ vars:
   KIND_CLUSTER_NAME: '{{ .KIND_CLUSTER_NAME | default "agntcy-test" }}'
 
   ## Image config
-  IMAGE_REPO: '{{ .IMAGE_REPO | default "ghcr.io/agntcy" }}'
-  SLIM_IMAGE_TAG: '{{ .SLIM_IMAGE_TAG | default "0.4.0" }}'
+  IMAGE_REPO: '{{ .IMAGE_REPO | default "ghcr.io/agntcy" }}'  
   MCP_PROXY_IMAGE_TAG: '{{ .MCP_PROXY_IMAGE_TAG | default "0.1.5" }}'
-  SLIM_CHART_TAG: '{{ .SLIM_CHART_TAG | default "v0.1.9" }}'
   SLIM_CONFIG: '{{ .SLIM_CONFIG | default "base" }}'
 
-  SLIM_CONTROLLER_CHART_TAG: '{{ .SLIM_CONTROLLER_CHART_TAG | default "0.1.2" }}'
-  SLIM_CONTROLLER_IMAGE_TAG: '{{ .SLIM_CONTROLLER_IMAGE_TAG | default "0.1.0" }}'
-  SLIM_CONTROLLER_ENDPOINT: '{{ .SLIM_CONTROLLER_ENDPOINT | default "http://slim-control:50052" }}'
+  SLIM_CHART_TAG: '{{ .SLIM_CHART_TAG | default "v0.6.0" }}'
+  SLIM_IMAGE_TAG: '{{ .SLIM_IMAGE_TAG | default "0.6.0" }}'
+
+  SLIM_CONTROLLER_CHART_TAG: '{{ .SLIM_CONTROLLER_CHART_TAG | default "v0.6.0" }}'
+  SLIM_CONTROLLER_IMAGE_TAG: '{{ .SLIM_CONTROLLER_IMAGE_TAG | default "0.6.0" }}'
+
+  SLIM_CONTROLLER_ENDPOINT: '{{ .SLIM_CONTROLLER_ENDPOINT | default "https://slim-control.admin.svc.cluster.local:50052" }}'
   SLIM_CONTROLLER_LOCAL_ENDPOINT: '{{ .SLIM_CONTROLLER_LOCAL_ENDPOINT | default "localhost:50051" }}'
   SLIMCTL_VERSION: '{{ .SLIMCTL_VERSION | default "v0.2.1" }}'
   SLIMCTL_PATH: '{{ .SLIMCTL_PATH | default "./bin/slimctl" }}'
@@ -39,9 +41,9 @@ vars:
 
   RUNNER_TYPE: '{{ .RUNNER_TYPE | default "docker" }}'
 
-  SPIRE_NAMESPACE: '{{ .SPIRE_NAMESPACE | default "spire-server" }}'
+  SPIRE_NAMESPACE: '{{ .SPIRE_NAMESPACE | default "spire" }}'
 
-  TOPOLOGY_CONFIG: '{{ .TOPOLOGY_CONFIG | default "config/fire-and-forget.yaml" }}'
+  TOPOLOGY_CONFIG: '{{ .TOPOLOGY_CONFIG | default "config/peer-to-peer.yaml" }}'
 
 tasks:
   k8s:port-forward:setup:
@@ -94,18 +96,19 @@ tasks:
           oci://{{ .IMAGE_REPO }}/slim/helm/slim-control-plane \
           --version {{ .SLIM_CONTROLLER_CHART_TAG }} \
           --set image.tag="{{ .SLIM_CONTROLLER_IMAGE_TAG }}" \
-          --namespace {{ .HELM_NAMESPACE }} \
+          -f ./config/controller-values.yaml \
+          --namespace "admin" \
           --create-namespace \
           --install \
           --wait \
           --wait-for-jobs \
           --timeout "15m"
 
-  test-env:cleanup:contoroller:
+  test-env:cleanup:controller:
     desc: Remove agent slim test env
     cmds:
       - task k8s:port-forward:controller:teardown
-      - helm delete --namespace {{ .HELM_NAMESPACE }} slim-controller
+      - helm delete --namespace "admin" slim-controller
 
   test-env:deploy:generated:
     desc: Deploy agntcy slim test env for each values file in config/.generated
@@ -119,7 +122,7 @@ tasks:
           --version {{ .SLIM_CHART_TAG }} \
           --set slim.image.tag="{{ .SLIM_IMAGE_TAG }}" \
           -f "$file" \
-          --namespace {{ .HELM_NAMESPACE }} \
+          --namespace $(basename "$file" .yaml) \
           --create-namespace \
           --install \
           --wait \
@@ -133,7 +136,7 @@ tasks:
     cmd: |
       #!/bin/sh
       for file in "./config/.gen"/*.yaml ;do
-        helm delete --namespace {{ .HELM_NAMESPACE }} agntcy-$(basename "$file" .yaml) 
+        helm delete --namespace $(basename "$file" .yaml) agntcy-$(basename "$file" .yaml) 
         echo "Deleted agntcy-slim-$(basename "$file" .yaml) with config $(basename "$file")"
       done
 
@@ -230,10 +233,10 @@ tasks:
 
   test:topology:
     desc: Slim topology test
-    deps:
-      - test:slimctl-download
+    # deps:
+    #   - test:slimctl-download
     cmds:
-      - task k8s:port-forward:controller:setup
+      # - task k8s:port-forward:controller:setup
       - NAMESPACE={{.HELM_NAMESPACE}} SLIMCTL_PATH=../{{.SLIMCTL_PATH}} TOPOLOGY_CONFIG=../{{.TOPOLOGY_CONFIG}} SLIM_CONTROLLER_LOCAL_ENDPOINT={{.SLIM_CONTROLLER_LOCAL_ENDPOINT}} go test ./tests -v -failfast -test.v -test.paniconexit0 -ginkgo.timeout 30m -timeout 30m -ginkgo.v -ginkgo.focus "Slim topology test" --ginkgo.json-report=../reports/report-slim-topology.json --ginkgo.junit-report=../reports/report-slim-topology.xml
 
   test:mcp-server:

integrations/agntcy-slim/components/config/spire/helper.conf

@@ -6,10 +6,10 @@ renew_signal = ""
 svid_file_name = "tls.crt"
 svid_key_file_name = "tls.key"
 svid_bundle_file_name = "svid_bundle.pem"
-jwt_bundle_file_name = "cert.jwt"
+jwt_bundle_file_name = "key.jwt"
 cert_file_mode = 0644
 key_file_mode = 0644
 jwt_svid_file_mode = 0644
 jwt_bundle_file_mode = 0644
-jwt_svids = [{jwt_audience="test", jwt_svid_file_name="jwt_svid.token"}]
+jwt_svids = [{jwt_audience="slim-demo", jwt_svid_file_name="jwt_svid.token"}]
 daemon_mode = false

integrations/agntcy-slim/config/controller-values.yaml

@@ -0,0 +1,45 @@
+# Copyright AGNTCY Contributors (https://github.com/agntcy)
+# SPDX-License-Identifier: Apache-2.0
+
+# Default values for slim-control-plane.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
+replicaCount: 1
+
+# This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
+image:
+  repository: "ghcr.io/agntcy/slim/control-plane"
+  # This sets the pull policy for images.
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+fullnameOverride: "slim-control"
+
+config:
+  northbound:
+    httpHost: 0.0.0.0
+    httpPort: "{{ .Values.service.north.port }}"
+
+  southbound:
+    httpHost: 0.0.0.0
+    httpPort: "{{ .Values.service.south.port }}"
+    tls:
+      useSpiffe: true
+    spire:
+      socketPath: "unix:///run/spire/agent-sockets/api.sock"
+
+  logging:
+    level: DEBUG
+
+spire:
+  enabled: true
+
+service:
+  type: ClusterIP
+  south:
+    port: 50052
+  north:
+    port: 50051

integrations/agntcy-slim/config/peer-to-peer.yaml

@@ -0,0 +1,22 @@
+topology:
+    clients:
+        "alice":
+            spireMtls: true
+            connectedTo:
+                - "cluster-b"
+            image: ghcr.io/agntcy/slim/bindings-examples:0.6.0          
+            args: ["p2p", "--local", "org/ns/alice", "--shared-secret","secret123"]  
+            assertFor: "received: hello"                                        
+        "bob":
+            spireMtls: true
+            connectedTo:
+                - "cluster-a"
+            image: ghcr.io/agntcy/slim/bindings-examples:0.6.0                      
+            args: ["p2p", "--local", "org/ns/bob", "--remote", "org/ns/alice", "--shared-secret","secret123","--message","hello","--iterations","10"]
+            assertFor: "Sent message hello - 10/10"
+    clusters:
+        "cluster-a":
+            spireMtls: true
+            #daemonSet: false            
+        "cluster-b":
+            spireMtls: true