Skip to content

Commit

Permalink
Fix e2e
Browse files Browse the repository at this point in the history
  • Loading branch information
s1061123 committed Apr 2, 2024
1 parent 15b7997 commit d31b40d
Show file tree
Hide file tree
Showing 20 changed files with 47 additions and 91 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/build-images.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ jobs:
REPOSITORY: ghcr.io/${{ github.repository }}
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v2
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
uses: docker/setup-buildx-action@v3

- name: Build container image
uses: docker/build-push-action@v2
uses: docker/build-push-action@v5
with:
push: false
tags: ghcr.io/${{ github.repository }}:latest-amd64
4 changes: 2 additions & 2 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,12 @@ jobs:
GO111MODULE: on
steps:
- name: Install Go
uses: actions/setup-go@v2
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}

- name: Check out code into the Go module directory
uses: actions/checkout@v2
uses: actions/checkout@v4

- name: Build
env:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Initialize CodeQL
uses: github/codeql-action/init@v2
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/kind-e2e.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
run: sudo apt install bats

- name: Check out code into the Go module directory
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Setup registry
run: docker run -d --restart=always -p "5000:5000" --name "kind-registry" registry:2
Expand Down Expand Up @@ -48,7 +48,7 @@ jobs:
./e2e/bin/kind export logs /tmp/kind-logs

- name: Upload logs
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
if: ${{ failure() }}
with:
name: kind-logs-e2e
Expand Down
9 changes: 4 additions & 5 deletions .github/workflows/push-master.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,25 +13,24 @@ jobs:
REPOSITORY: ghcr.io/${{ github.repository }}
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Login to GitHub Container Registry
if: github.repository_owner == 'k8snetworkplumbingwg'
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Push to GitHub Container Registry
if: github.repository_owner == 'k8snetworkplumbingwg'
uses: docker/build-push-action@v3
uses: docker/build-push-action@v5
with:
push: true
platform: linux/amd64
tags: |
ghcr.io/${{ github.repository }}:latest
ghcr.io/${{ github.repository }}:snapshot
Expand Down
31 changes: 12 additions & 19 deletions .github/workflows/push-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,42 +12,35 @@ jobs:
REPOSITORY: ghcr.io/${{ github.repository }}
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v2
uses: actions/checkout@v4

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
uses: docker/setup-buildx-action@v3

- name: Login to GitHub Container Registry
if: github.repository_owner == 'k8snetworkplumbingwg'
uses: docker/login-action@v1
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Docker meta
id: docker_meta
uses: crazy-max/ghaction-docker-meta@v1
uses: docker/metadata-action@v5
with:
images: ${{ env.REPOSITORY }}
tag-latest: false
flavor:
latest=false

- name: Push to GitHub Container Registry
if: github.repository_owner == 'k8snetworkplumbingwg'
uses: docker/build-push-action@v2
uses: docker/build-push-action@v5
with:
push: true
tags: |
ghcr.io/${{ github.repository }}:stable-amd64
${{ steps.docker_meta.outputs.tags }}-amd64
- name: Create manifest for multi-arch images
if: github.repository_owner == 'k8snetworkplumbingwg'
run: |
docker manifest create ${{ env.REPOSITORY }}:stable ${{ env.REPOSITORY }}:stable-amd64
docker manifest annotate ${{ env.REPOSITORY }}:stable ${{ env.REPOSITORY }}:stable-amd64 --arch amd64
docker manifest push ${{ env.REPOSITORY }}:stable
docker manifest create ${{ steps.docker_meta.outputs.tags }} ${{ steps.docker_meta.outputs.tags }}-amd64
docker manifest annotate ${{ steps.docker_meta.outputs.tags }} ${{ steps.docker_meta.outputs.tags }}-amd64 --arch amd64
docker manifest push ${{ steps.docker_meta.outputs.tags }}
ghcr.io/${{ github.repository }}:stable
${{ steps.docker_meta.outputs.tags }}
platforms: linux/amd64
sbom: false
provenance: false
4 changes: 2 additions & 2 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,12 @@ jobs:
runs-on: ${{ matrix.os }}
steps:
- name: Install Go
uses: actions/setup-go@v2
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}

- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@v4

- name: Run Revive Action by pulling pre-built image
uses: docker://morphy/revive-action:v2
Expand Down
2 changes: 1 addition & 1 deletion e2e/get_tools.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ if [ ! -d bin ]; then
mkdir bin
fi

curl -Lo ./bin/kind "https://github.com/kubernetes-sigs/kind/releases/download/v0.20.0/kind-$(uname)-amd64"
curl -Lo ./bin/kind "https://github.com/kubernetes-sigs/kind/releases/download/v0.22.0/kind-$(uname)-amd64"
chmod +x ./bin/kind
curl -Lo ./bin/kubectl https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
chmod +x ./bin/kubectl
Expand Down
1 change: 0 additions & 1 deletion e2e/multi-network-policy-iptables-e2e.yml
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,6 @@ spec:
containers:
- name: multi-networkpolicy
image: localhost:5000/multus-networkpolicy-iptables:e2e
imagePullPolicy: Always
command: ["/usr/bin/multi-networkpolicy-iptables"]
args:
- "--host-prefix=/host"
Expand Down
41 changes: 3 additions & 38 deletions e2e/setup_cluster.sh
Original file line number Diff line number Diff line change
Expand Up @@ -8,58 +8,23 @@ export PATH=./bin:${PATH}
OCI_BIN="${OCI_BIN:-docker}"

kind_network='kind'
reg_name='kind-registry'
reg_port='5000'
running="$($OCI_BIN inspect -f '{{.State.Running}}' "${reg_name}" 2>/dev/null || true)"
if [ "${running}" != 'true' ]; then
$OCI_BIN run -d --restart=always -p "${reg_port}:5000" --name "${reg_name}" registry:2
fi

$OCI_BIN build -t localhost:5000/multus-networkpolicy-iptables:e2e -f ../Dockerfile ..
$OCI_BIN push localhost:5000/multus-networkpolicy-iptables:e2e

reg_host="${reg_name}"
echo "Registry Host: ${reg_host}"

# deploy cluster with kind
cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
containerdConfigPatches:
- |-
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:${reg_port}"]
endpoint = ["http://${reg_host}:${reg_port}"]
nodes:
- role: control-plane
- role: worker
networking:
disableDefaultCNI: true
podSubnet: 10.244.0.0/16
EOF

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
name: local-registry-hosting
namespace: kube-public
data:
localRegistryHosting.v1: |
host: "localhost:${reg_port}"
help: "https://kind.sigs.k8s.io/docs/user/local-registry/"
podSubnet: 192.168.0.0/16
EOF

# reconnect container registry if it is not connected
containers=$($OCI_BIN network inspect ${kind_network} -f "{{range .Containers}}{{.Name}} {{end}}")
needs_connect="true"
for c in $containers; do
if [ "$c" = "${reg_name}" ]; then
needs_connect="false"
fi
done
if [ "${needs_connect}" = "true" ]; then
$OCI_BIN network connect "${kind_network}" "${reg_name}" || true
fi
# load multus image from container host to kind node
kind load docker-image localhost:5000/multus-networkpolicy-iptables:e2e

kind export kubeconfig
sleep 1
Expand Down
2 changes: 1 addition & 1 deletion e2e/tests/ipblock-stacked.bats
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ setup() {

@test "check generated iptables rules" {
# wait for sync
sleep 3
sleep 5
run kubectl -n test-ipblock-stacked exec pod-server -it -- sh -c "iptables-save | grep MULTI-0-INGRESS"
[ "$status" -eq "0" ]
run kubectl -n test-ipblock-stacked exec pod-client-a -it -- sh -c "iptables-save | grep MULTI-0-INGRESS"
Expand Down
2 changes: 1 addition & 1 deletion e2e/tests/ipblock.bats
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ setup() {

@test "check generated iptables rules" {
# wait for sync
sleep 3
sleep 5
run kubectl -n test-ipblock exec pod-server -it -- sh -c "iptables-save | grep MULTI-0-INGRESS"
[ "$status" -eq "0" ]
run kubectl -n test-ipblock exec pod-client-a -it -- sh -c "iptables-save | grep MULTI-0-INGRESS"
Expand Down
2 changes: 1 addition & 1 deletion e2e/tests/simple-v4-egress-list.bats
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ setup() {
[ "$status" -eq "0" ]

# wait for sync
sleep 3
sleep 5
}

@test "test-simple-v4-egress-list check client-a -> server" {
Expand Down
8 changes: 4 additions & 4 deletions e2e/tests/simple-v4-egress.bats
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ setup() {

@test "check generated iptables rules" {
# wait for sync
sleep 3
sleep 5
# check pod-server has multi-networkpolicy iptables rules for ingress
run kubectl -n test-simple-v4-egress exec pod-server -- sh -c "iptables-save | grep MULTI-0-EGRESS"
[ "$status" -eq "0" ]
Expand All @@ -36,7 +36,7 @@ setup() {
[ "$status" -eq "1" ]

# wait for sync
sleep 3
sleep 5
# check that iptables files in pod-iptables
pod_name=$(kubectl -n kube-system get pod -o wide | grep 'kind-worker' | grep multi-net | cut -f 1 -d ' ')
run kubectl -n kube-system exec ${pod_name} -- \
Expand Down Expand Up @@ -80,7 +80,7 @@ setup() {

# enable multi-networkpolicy again
kubectl -n kube-system patch daemonsets multi-networkpolicy-ds-amd64 --type json -p='[{"op": "remove", "path": "/spec/template/spec/nodeSelector/non-existing"}]'
sleep 3
sleep 5
kubectl -n kube-system wait --for=condition=ready -l app=multi-networkpolicy pod --timeout=${kubewait_timeout}
}

Expand All @@ -90,7 +90,7 @@ setup() {
run kubectl -n test-simple-v4-egress wait --for=delete -l app=test-simple-v4-egress pod --timeout=${kubewait_timeout}
[ "$status" -eq "0" ]

sleep 3
sleep 5
# check that no iptables files in pod-iptables
pod_name=$(kubectl -n kube-system get pod -o wide | grep 'kind-worker' | grep multi-net | cut -f 1 -d ' ')
run kubectl -n kube-system exec ${pod_name} -- \
Expand Down
2 changes: 1 addition & 1 deletion e2e/tests/simple-v4-ingress-list.bats
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ setup() {
[ "$status" -eq "0" ]

# wait for sync
sleep 3
sleep 5
}

@test "test-simple-v4-ingress-list check client-a -> server" {
Expand Down
8 changes: 4 additions & 4 deletions e2e/tests/simple-v4-ingress.bats
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ setup() {

@test "check generated iptables rules" {
# wait for sync
sleep 3
sleep 5
# check pod-server has multi-networkpolicy iptables rules for ingress
run kubectl -n test-simple-v4-ingress exec pod-server -- sh -c "iptables-save | grep MULTI-0-INGRESS"
[ "$status" -eq "0" ]
Expand All @@ -36,7 +36,7 @@ setup() {
[ "$status" -eq "1" ]

# wait for sync
sleep 3
sleep 5
# check that iptables files in pod-iptables
pod_name=$(kubectl -n kube-system get pod -o wide | grep 'kind-worker' | grep multi-net | cut -f 1 -d ' ')
run kubectl -n kube-system exec ${pod_name} -- \
Expand Down Expand Up @@ -80,7 +80,7 @@ setup() {

# enable multi-networkpolicy again
kubectl -n kube-system patch daemonsets multi-networkpolicy-ds-amd64 --type json -p='[{"op": "remove", "path": "/spec/template/spec/nodeSelector/non-existing"}]'
sleep 3
sleep 5
kubectl -n kube-system wait --for=condition=ready -l app=multi-networkpolicy pod --timeout=${kubewait_timeout}
}

Expand All @@ -90,7 +90,7 @@ setup() {
run kubectl -n test-simple-v4-ingress wait --for=delete -l app=test-simple-v4-ingress pod --timeout=${kubewait_timeout}
[ "$status" -eq "0" ]

sleep 3
sleep 5
# check that no iptables files in pod-iptables
pod_name=$(kubectl -n kube-system get pod -o wide | grep 'kind-worker' | grep multi-net | cut -f 1 -d ' ')
run kubectl -n kube-system exec ${pod_name} -- \
Expand Down
2 changes: 1 addition & 1 deletion e2e/tests/simple-v6-ingress-list.bats
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ setup() {
[ "$status" -eq "0" ]

# wait for sync
sleep 3
sleep 5
}

@test "test-simple-v6-ingress-list check client-a -> server" {
Expand Down
4 changes: 2 additions & 2 deletions e2e/tests/simple-v6-ingress.bats
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ setup() {

@test "check generated ip6tables rules" {
# wait for sync
sleep 3
sleep 5

# check pod-server has multi-networkpolicy ip6tables rules for ingress
run kubectl -n test-simple-v6-ingress exec pod-server -- sh -c "ip6tables-save | grep MULTI-0-INGRESS"
Expand Down Expand Up @@ -80,7 +80,7 @@ setup() {

# enable multi-networkpolicy again
kubectl -n kube-system patch daemonsets multi-networkpolicy-ds-amd64 --type json -p='[{"op": "remove", "path": "/spec/template/spec/nodeSelector/non-existing"}]'
sleep 3
sleep 5
kubectl -n kube-system wait --for=condition=ready -l app=multi-networkpolicy pod --timeout=${kubewait_timeout}
}

Expand Down
2 changes: 1 addition & 1 deletion e2e/tests/stacked.bats
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ setup() {

@test "check generated iptables rules" {
# wait for sync
sleep 3
sleep 5
run kubectl -n test-stacked exec pod-server -it -- sh -c "iptables-save | grep MULTI-0-INGRESS"
[ "$status" -eq "0" ]
run kubectl -n test-stacked exec pod-client-a -it -- sh -c "iptables-save | grep MULTI-0-INGRESS"
Expand Down
2 changes: 1 addition & 1 deletion e2e/update_image_on_cluster.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ OCI_BIN="${OCI_BIN:-docker}"
IMAGE="localhost:5000/multus-networkpolicy-iptables:e2e"

$OCI_BIN build -t ${IMAGE} ${E2E}/..
$OCI_BIN push ${IMAGE}
kind load docker-image ${IMAGE}
new_image_with_digest=`${OCI_BIN} inspect --format='{{index .RepoDigests 0}}' ${IMAGE}`

kubectl set image -n kube-system ds/multi-networkpolicy-ds-amd64 multi-networkpolicy=${new_image_with_digest}

0 comments on commit d31b40d

Please sign in to comment.