ci: add cilium identities check to nightly pipeline #2071
Conversation
paulyufan2
force-pushed
the
camrynl/ciliumnightlypipeline
branch
from
00fc095 to
8390b97
Compare
| else | ||
| echo "skip cilium identities check for PR pipeline" | ||
| fi | ||
| name: "CiliumIdentites" |
There was a problem hiding this comment.
NIT: Typo: CiliumIdentities
| echo "skip cilium identities check for PR pipeline" | ||
| fi | ||
| name: "CiliumIdentites" | ||
| displayName: "Verify Cilium Identity Deletion" |
There was a problem hiding this comment.
nit: should we use plural? displayName: "Verify Cilium Identities Deletion"
| while true; do | ||
| pods=$(kubectl get pods -n $ns --no-headers=true 2>/dev/null) | ||
| if [[ -z "$pods" ]]; then | ||
| echo "No pods found" | ||
| break | ||
| fi | ||
| sleep 2s | ||
| done | ||
| sleep 20s | ||
| echo "Verify cilium identities are deleted" | ||
| checkIdentity="$(kubectl get ciliumidentity -o json | grep cilium-test | jq -e 'length == 0')" | ||
| if [[ -n $checkIdentity ]]; then | ||
| echo "##[error]Cilium Identities still present" | ||
| else | ||
| printf -- "Identities deleted\n" |
There was a problem hiding this comment.
Can we have additional logging here? If identities are still present -> see what they are and confirm which identities are being deleted (if possible).
There was a problem hiding this comment.
Sure, the check is verifying that the identities are being deleted from the cilium-test ns. I updated the logging with references to the namespace.
| fi | ||
| sleep 2s | ||
| done | ||
| sleep 20s |
There was a problem hiding this comment.
Why are sleeping again after checking the deletion of pods ? For cilium gc ?
There was a problem hiding this comment.
Yes, need to wait for cilium gc
| if [[ -n $checkIdentity ]]; then | ||
| echo "##[error]Cilium Identities still present in cilium-test namespace" | ||
| else | ||
| printf -- "Identities deleted from cilium-test namespace\n" |
There was a problem hiding this comment.
Any reason we added printf and not echo
There was a problem hiding this comment.
When I wrote this for the original nightly pipeline I recall I had to change the first case to echo with azp syntax in order to indicate actual failure in the pipeline.
camrynl
force-pushed
the
camrynl/ciliumnightlypipeline
branch
from
3bb6c79 to
df2d839
Compare
Reason for Change:
This check will only run for the nightly pipeline and will be skipped in the PR runs. It was previously added to the old version of our nightly pipeline.
Issue Fixed:
Requirements:
Notes: