1Feature: Wireguardctl manages wireguard VPN connections via VPNCofigs
2
3Scenario: Wireguard VPN connection established when new VPNConfig is created
4 Given the cluster-infra cluster is in a healthy state
5 When a new VPNConfig is created for a store cluster
6 Then a finalizer is added to the VPNConfig
7 And an ownerReference to the cluster is added to the VPNConfig
8 And a kubernetes secret is created for the store wireguard instance key pairs
9 And a secret manager secret is created for the store wireguard configuration
10 And the store wireguard configuration is created on the store via the secret manager secret
11 And the relay wireguard configuration is updated
12 And the client wireguard configuration is updated
13 And there is a successful handshake between store and relay wireguard instances
14 And there is a successful handshake between relay and client wireguard instances
15
16Scenario: Wireguard VPN connection updated when new VPNConfig is updated
17 Given the cluster-infra cluster is in a healthy state
18 When a VPNConfig for a store cluster is updated
19 Then the secret manager secret for the store wireguard configuration is updated
20 And the store wireguard configuration is updated on the store via the secret manager secret
21 And the relay wireguard configuration is updated
22 And the client wireguard configuration is updated
23 And there is a successful handshake between store and relay wireguard instances
24 And there is a successful handshake between relay and client wireguard instances
25
26Scenario: Wireguard VPN disconnected when store cluster is deleted
27 Given the cluster-infra cluster is in a healthy state
28 When a store cluster has been deleted
29 Then its associated VPNConfig should be marked for deletion
30 And the secertmanager secret for the store wireguard configuration is deleted
31 And the emissary mappings for the store are deleted
32 And kubernetes secret for the store wireguard instance key pairs is deleted
33 And the relay wireguard configuration is updated
34 And the client wireguard configuration is updated
35 And there is a successful handshake between relay and client wireguard instances
36 And the VPNConfig is removed
View as plain text