From dc77e6213ccfe2ebbdebddcb7fb2ba21e0fcd956 Mon Sep 17 00:00:00 2001
From: Nick Cao <nickcao@nichi.co>
Date: Mon, 12 May 2025 10:00:23 -0400
Subject: [PATCH] Support running e2e on macOS

---
 .github/workflows/selftest.yml |  1 +
 action.yml                     | 31 ++++++++++++++++++++++++++-----
 tests.bats                     | 31 +++++++++++++++----------------
 3 files changed, 42 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/selftest.yml b/.github/workflows/selftest.yml
index 086e377..d719c14 100644
--- a/.github/workflows/selftest.yml
+++ b/.github/workflows/selftest.yml
@@ -8,6 +8,7 @@ jobs:
         os:
           - ubuntu-24.04
           - ubuntu-24.04-arm
+          - macos-13 # arm-based macOS runners does not support nested virt
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v4
diff --git a/action.yml b/action.yml
index 86e1a77..c1eb82f 100644
--- a/action.yml
+++ b/action.yml
@@ -15,11 +15,17 @@ runs:
       shell: bash
       run: |
         uv python install 3.12
-    - name: Install bats
+    - name: Install bats (Linux)
       shell: bash
+      if: runner.os == 'Linux'
       run: |
         sudo apt-get update
         sudo apt-get install -y bats bats-support bats-assert
+    - name: Install bats (macOS)
+      shell: bash
+      if: runner.os == 'macOS'
+      run: |
+        brew install bats-core bat-extras
     - name: Checkout jumpstarter controller
       uses: actions/checkout@v4
       with:
@@ -32,6 +38,12 @@ runs:
         repository: jumpstarter-dev/jumpstarter
         ref: ${{ inputs.jumpstarter-ref }}
         path: jumpstarter
+    - name: Install Docker and Kind (macOS)
+      if: runner.os == 'macOS'
+      shell: bash
+      run: |
+        brew install colima docker kind go kubectl helm gnu-sed
+        colima start --network-address --cpu 4 --memory 8 --mount-type virtiofs
     - name: Deploy dex
       shell: bash
       run: |
@@ -59,12 +71,20 @@ runs:
          --group=system:unauthenticated
 
         helm repo add dex https://charts.dexidp.io
-        helm install --namespace dex --wait -f "$GITHUB_ACTION_PATH"/dex.values.yaml dex dex/dex
+        helm install --namespace dex --wait --timeout 20m -f "$GITHUB_ACTION_PATH"/dex.values.yaml dex dex/dex
+
+        if [[ "$(uname)" == "Darwin" ]]; then
+          echo "192.168.65.2 dex.dex.svc.cluster.local" | sudo tee -a /etc/hosts
+          gsed -i 's|$("${SCRIPT_DIR}"/get_ext_ip.sh)|192.168.65.2|' ./controller/hack/deploy_with_helm.sh
+          gsed -i 's|RETRIES=60|RETRIES=600|' ./controller/hack/deploy_with_helm.sh
 
-        sudo cp ca.pem /usr/local/share/ca-certificates/dex.crt
-        sudo update-ca-certificates
+          sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ca.pem
+        else
+          echo "127.0.0.1 dex.dex.svc.cluster.local" | sudo tee -a /etc/hosts
 
-        echo "127.0.0.1 dex.dex.svc.cluster.local" | sudo tee -a /etc/hosts
+          sudo cp ca.pem /usr/local/share/ca-certificates/dex.crt
+          sudo update-ca-certificates
+        fi
     - name: Deploy jumpstarter controller
       shell: bash
       run: |
@@ -90,6 +110,7 @@ runs:
         . .venv/bin/activate
 
         export JUMPSTARTER_GRPC_INSECURE=1
+        export JUMPSTARTER_FORCE_SYSTEM_CERTS=1
 
         kubectl create -n default sa test-client-sa
         kubectl create -n default sa test-exporter-sa
diff --git a/tests.bats b/tests.bats
index 06d741f..c15c63f 100644
--- a/tests.bats
+++ b/tests.bats
@@ -1,6 +1,17 @@
 setup() {
   bats_load_library bats-support
   bats_load_library bats-assert
+
+  bats_require_minimum_version 1.5.0
+}
+
+wait_for_exporter() {
+  kubectl -n default wait --timeout 20m --for=condition=Online --for=condition=Registered \
+    exporters.jumpstarter.dev/test-exporter-oidc
+  kubectl -n default wait --timeout 20m --for=condition=Online --for=condition=Registered \
+    exporters.jumpstarter.dev/test-exporter-sa
+  kubectl -n default wait --timeout 20m --for=condition=Online --for=condition=Registered \
+    exporters.jumpstarter.dev/test-exporter-legacy
 }
 
 @test "can create clients with admin cli" {
@@ -78,17 +89,11 @@ while true; do
 done
 EOF
 
-  kubectl -n default wait --for=condition=Online --for=condition=Registered \
-    exporters.jumpstarter.dev/test-exporter-oidc
-  kubectl -n default wait --for=condition=Online --for=condition=Registered \
-    exporters.jumpstarter.dev/test-exporter-sa
-  kubectl -n default wait --for=condition=Online --for=condition=Registered \
-    exporters.jumpstarter.dev/test-exporter-legacy
+  wait_for_exporter
 }
 
 @test "can specify client config only using environment variables" {
-  kubectl -n default wait --for=condition=Online --for=condition=Registered \
-    exporters.jumpstarter.dev/test-exporter-oidc
+  wait_for_exporter
 
   JMP_NAMEPSACE=default \
   JMP_NAME=test-exporter-legacy \
@@ -98,8 +103,7 @@ EOF
 }
 
 @test "can operate on leases" {
-  kubectl -n default wait --for=condition=Online --for=condition=Registered \
-    exporters.jumpstarter.dev/test-exporter-oidc
+  wait_for_exporter
 
   jmp config client use test-client-oidc
 
@@ -110,12 +114,7 @@ EOF
 }
 
 @test "can lease and connect to exporters" {
-  kubectl -n default wait --for=condition=Online --for=condition=Registered \
-    exporters.jumpstarter.dev/test-exporter-oidc
-  kubectl -n default wait --for=condition=Online --for=condition=Registered \
-    exporters.jumpstarter.dev/test-exporter-sa
-  kubectl -n default wait --for=condition=Online --for=condition=Registered \
-    exporters.jumpstarter.dev/test-exporter-legacy
+  wait_for_exporter
 
   jmp shell --client test-client-oidc   --selector example.com/board=oidc   j power on
   jmp shell --client test-client-sa     --selector example.com/board=sa     j power on