Skip to content

Add exception_handler #284

Add exception_handler

Add exception_handler #284

Workflow file for this run

name: "Build and Test"
on:
- pull_request
- workflow_dispatch
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build sidecar
uses: docker/build-push-action@v4
with:
push: false
outputs: type=docker,dest=/tmp/k8s-sidecar.tar
tags: "kiwigrid/k8s-sidecar:testing"
- name: Prepare dummy server static resources
run: |
cp test/kubelogo.png test/server/static/
- name: Build dummy server
uses: docker/build-push-action@v4
with:
context: "test/server"
push: false
outputs: type=docker,dest=/tmp/dummy-server.tar
tags: "dummy-server:1.0.0"
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: images
path: /tmp/*.tar
test:
needs:
- build
strategy:
matrix:
# see https://github.com/kubernetes-sigs/kind/releases for supported k8s versions per kind version
k8s:
- maj_min: v1.21
digest: sha256:8a4e9bb3f415d2bb81629ce33ef9c76ba514c14d707f9797a01e3216376ba093
- maj_min: v1.22
digest: sha256:f5b2e5698c6c9d6d0adc419c0deae21a425c07d81bbf3b6a6834042f25d4fba2
- maj_min: v1.23
digest: sha256:59c989ff8a517a93127d4a536e7014d28e235fb3529d9fba91b3951d461edfdb
- maj_min: v1.24
digest: sha256:7db4f8bea3e14b82d12e044e25e34bd53754b7f2b0e9d56df21774e6f66a70ab
- maj_min: v1.25
digest: sha256:227fa11ce74ea76a0474eeefb84cb75d8dad1b08638371ecf0e86259b35be0c8
- maj_min: v1.26
digest: sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb
- maj_min: v1.27
digest: sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72
- maj_min: v1.28
digest: sha256:b7a4cad12c197af3ba43202d3efe03246b3f0793f162afb40a33c923952d5b31
name: "Test on k8s ${{ matrix.k8s.maj_min }}"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Create k8s Kind Cluster
# make sure the k8s versions match the kind version of the action version 🤯
uses: helm/[email protected]
with:
node_image: kindest/node@${{ matrix.k8s.digest }}
config: test/kind-config.yaml
cluster_name: sidecar-testing
wait: 5m
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: images
path: /tmp
- name: Load images into kind cluster
run: |
kind load image-archive /tmp/k8s-sidecar.tar --name sidecar-testing
kind load image-archive /tmp/dummy-server.tar --name sidecar-testing
- name: Install Sidecar and Dummy Server
run: |
wait_for_pod_ready() {
while [[ $(kubectl get pods $1 -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}') != "True" ]]; do echo "waiting for pod '$1' to become ready..." && sleep 5; done
echo "Pod '$1' ready."
}
echo "Installing sidecar..."
kubectl apply -f "test/resources/sidecar.yaml"
sleep 10
kubectl get pods
wait_for_pod_ready "sidecar"
wait_for_pod_ready "sidecar-5xx"
wait_for_pod_ready "sidecar-pythonscript"
wait_for_pod_ready "sidecar-pythonscript-logfile"
wait_for_pod_ready "sidecar-logtofile-pythonscript"
wait_for_pod_ready "dummy-server-pod"
- name: Install Configmaps and Secrets
run: |
wait_for_pod_log() {
while [[ $(kubectl logs $1 | grep $2) == "" ]]; do echo "waiting 5 more seconds for '$2' to appear in logs of pod '$1'..." && sleep 5; done
echo "Pod '$1' logs contains '$2'"
}
# because the sidecar pods signal ready state before we actually opened up all watching subprocesses, we wait some more time
sleep 20
echo "Installing resources..."
kubectl apply -f "test/resources/resources.yaml"
pods=("sidecar" "sidecar-5xx" "sidecar-pythonscript" "sidecar-pythonscript-logfile")
resources=("sample-configmap" "sample-secret-binary" "absolute-configmap" "relative-configmap" "change-dir-configmap" "similar-configmap-secret" "url-configmap-500" "url-configmap-basic-auth" "sample-configmap")
for p in ${pods[*]}; do
for r in ${resources[*]}; do
wait_for_pod_log $p $r
done
done
# 10 more seconds after the last thing appeared in the logs.
sleep 10
- name: Retrieve pod logs
run: |
mkdir /tmp/logs
kubectl logs sidecar > /tmp/logs/sidecar.log
kubectl logs sidecar-5xx > /tmp/logs/sidecar-5xx.log
kubectl logs sidecar-pythonscript > /tmp/logs/sidecar-pythonscript.log
kubectl logs sidecar-pythonscript-logfile > /tmp/logs/sidecar-pythonscript-logfile.log
kubectl logs dummy-server-pod > /tmp/logs/dummy-server.log
- name: Upload artifacts (pod logs)
uses: actions/upload-artifact@v3
with:
name: pod-logs_${{ matrix.k8s.maj_min }}
path: /tmp/logs/*
- name: Download expected files from cluster
run: |
mkdir /tmp/sidecar
mkdir /tmp/sidecar-5xx
echo "Downloading resource files from sidecar..."
kubectl cp sidecar:/tmp/hello.world /tmp/sidecar/hello.world
kubectl cp sidecar:/tmp/cm-kubelogo.png /tmp/sidecar/cm-kubelogo.png
kubectl cp sidecar:/tmp/secret-kubelogo.png /tmp/sidecar/secret-kubelogo.png
kubectl cp sidecar:/tmp/url-downloaded-kubelogo.png /tmp/sidecar/url-downloaded-kubelogo.png
# script also generates into '/tmp'
kubectl cp sidecar:/tmp/script_result /tmp/sidecar/script_result
# absolute path in configmap points to /tmp in 'absolute-configmap'
kubectl cp sidecar:/tmp/absolute/absolute.txt /tmp/sidecar/absolute.txt
kubectl cp sidecar:/tmp/relative/relative.txt /tmp/sidecar/relative.txt
kubectl cp sidecar:/tmp/orig-dir/change-dir.txt /tmp/sidecar/change-dir.txt
kubectl cp sidecar:/tmp/500.txt /tmp/sidecar/500.txt || true
kubectl cp sidecar:/tmp/secured.txt /tmp/sidecar/secured.txt
kubectl cp sidecar:/tmp/similar-configmap.txt /tmp/sidecar/similar-configmap.txt
kubectl cp sidecar:/tmp/similar-secret.txt /tmp/sidecar/similar-secret.txt
echo "Downloading resource files from sidecar-5xx..."
kubectl cp sidecar-5xx:/tmp-5xx/hello.world /tmp/sidecar-5xx/hello.world
kubectl cp sidecar-5xx:/tmp-5xx/cm-kubelogo.png /tmp/sidecar-5xx/cm-kubelogo.png
kubectl cp sidecar-5xx:/tmp-5xx/secret-kubelogo.png /tmp/sidecar-5xx/secret-kubelogo.png
kubectl cp sidecar-5xx:/tmp-5xx/url-downloaded-kubelogo.png /tmp/sidecar-5xx/url-downloaded-kubelogo.png
# script also generates into '/tmp'
kubectl cp sidecar-5xx:/tmp/script_result /tmp/sidecar-5xx/script_result
# absolute path in configmap points to /tmp in 'absolute-configmap'
kubectl cp sidecar-5xx:/tmp/absolute/absolute.txt /tmp/sidecar-5xx/absolute.txt
kubectl cp sidecar-5xx:/tmp-5xx/relative/relative.txt /tmp/sidecar-5xx/relative.txt
kubectl cp sidecar-5xx:/tmp-5xx/orig-dir/change-dir.txt /tmp/sidecar-5xx/change-dir.txt
kubectl cp sidecar-5xx:/tmp-5xx/500.txt /tmp/sidecar-5xx/500.txt
kubectl cp sidecar-5xx:/tmp-5xx/secured.txt /tmp/sidecar-5xx/secured.txt
kubectl cp sidecar-5xx:/tmp-5xx/similar-configmap.txt /tmp/sidecar-5xx/similar-configmap.txt
kubectl cp sidecar-5xx:/tmp-5xx/similar-secret.txt /tmp/sidecar-5xx/similar-secret.txt
- name: Upload artifacts (expected files from cluster)
uses: actions/upload-artifact@v3
with:
name: expected-files_${{ matrix.k8s.maj_min }}
path: |
/tmp/sidecar/**
/tmp/sidecar-5xx/**
- name: Update Configmaps and Secrets
run: |
sleep 5
current_time=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
wait_for_pod_log() {
while [[ $(kubectl logs $1 --since-time ${current_time} | grep $2) == "" ]]; do echo "waiting 5 more seconds for '$2' to appear in logs of pod '$1'..." && sleep 5; done
echo "Pod '$1' logs contains '$2'"
}
echo "Updating resources..."
kubectl apply -f "test/resources/change_resources.yaml"
pods=("sidecar" "sidecar-5xx")
resources=("sample-configmap" "sample-secret-binary" "absolute-configmap" "relative-configmap" "change-dir-configmap" "similar-configmap-secret" "url-configmap-500" "url-configmap-basic-auth" "sample-configmap")
for p in ${pods[*]}; do
for r in ${resources[*]}; do
wait_for_pod_log $p $r
done
done
# 20 more seconds after the last thing appeared in the logs.
sleep 20
- name: Verify sidecar files after initial sync
run: |
echo -n "Hello World!" | diff - /tmp/sidecar/hello.world &&
diff test/kubelogo.png /tmp/sidecar/cm-kubelogo.png &&
diff test/kubelogo.png /tmp/sidecar/secret-kubelogo.png &&
diff test/kubelogo.png /tmp/sidecar/url-downloaded-kubelogo.png &&
echo -n "This absolutely exists" | diff - /tmp/sidecar/absolute.txt &&
echo -n "This relatively exists" | diff - /tmp/sidecar/relative.txt &&
echo -n "This change-dir exists" | diff - /tmp/sidecar/change-dir.txt &&
echo -n "I'm very similar" | diff - /tmp/sidecar/similar-configmap.txt &&
echo -n "I'm very similar" | diff - /tmp/sidecar/similar-secret.txt &&
echo -n "allowed" | diff - /tmp/sidecar/secured.txt &&
[ ! -f /tmp/sidecar/500.txt ] && echo "No 5xx file created" &&
ls /tmp/sidecar/script_result
- name: Verify sidecar-5xx files after initial sync
run: |
echo -n '{"detail":"Not authenticated"}' | diff - /tmp/sidecar-5xx/secured.txt &&
echo -n "Hello World!" | diff - /tmp/sidecar-5xx/hello.world &&
diff test/kubelogo.png /tmp/sidecar-5xx/cm-kubelogo.png &&
diff test/kubelogo.png /tmp/sidecar-5xx/secret-kubelogo.png &&
diff test/kubelogo.png /tmp/sidecar-5xx/url-downloaded-kubelogo.png &&
echo -n "This absolutely exists" | diff - /tmp/sidecar-5xx/absolute.txt &&
echo -n "This relatively exists" | diff - /tmp/sidecar-5xx/relative.txt &&
echo -n "This change-dir exists" | diff - /tmp/sidecar-5xx/change-dir.txt &&
echo -n "I'm very similar" | diff - /tmp/sidecar-5xx/similar-configmap.txt &&
echo -n "I'm very similar" | diff - /tmp/sidecar-5xx/similar-secret.txt &&
echo -n "500" | diff - /tmp/sidecar-5xx/500.txt &&
ls /tmp/sidecar-5xx/script_result
- name: Verify sidecar-python logs after initial sync
run: |
# Make sure to update this number this when adding or removing configmap or secrets
# For log to a file, Need to consider Jobs "Install Configmaps and Secrets" and "Update Configmaps and Secrets"
# Total is (9 + 7)
test $(cat /tmp/logs/sidecar-pythonscript.log | grep "Hello from python script!" | wc -l) = "9" &&
test $(cat /tmp/logs/sidecar-pythonscript-logfile.log | grep "Hello from python script!" | wc -l) = "9" &&
kubectl exec sidecar-logtofile-pythonscript -- sh -c "test -e /opt/logs/sidecar.log" &&
test $(kubectl exec sidecar-logtofile-pythonscript -- sh -c 'cat /opt/logs/sidecar.log | grep "Hello from python script!" | wc -l') = "16"
- name: Verify sidecar files after update
run: |
kubectl exec sidecar -- sh -c "ls /tmp/" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/hello.world" && kubectl exec sidecar -- sh -c "test -e /tmp/change-hello.world" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/cm-kubelogo.png" && kubectl exec sidecar -- sh -c "test -e /tmp/change-cm-kubelogo.png" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/secret-kubelogo.png" && kubectl exec sidecar -- sh -c "test -e /tmp/change-secret-kubelogo.png" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/absolute/absolute.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/absolute/change-absolute.txt" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/relative/relative.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/relative/change-relative.txt" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/orig-dir/change-dir.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/new-dir/change-dir.txt" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/similar-configmap.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/change-similar-configmap.txt" &&
kubectl exec sidecar -- sh -c "! test -e /tmp/similar-secret.txt" && kubectl exec sidecar -- sh -c "test -e /tmp/change-similar-secret.txt"