New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci: github actions job to run kubernetes upstream conformance tests #25913
Conversation
/assign @aanm let's wait for the results of the CI |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR.
One comment about making the regex for the test selection equivalent to what we already have in the tree.
@aojea it seems there's a syntax error https://github.com/cilium/cilium/actions/runs/5191485351/workflow#L214 |
it seems the auto commit does not handle well the end of line 😄 , repushed |
@aojea great! It looks that now the tests are failing in a similar way as the jenkins build https://github.com/cilium/cilium/commit/894b921a90c9173e55594efffbfa9f9abcdfe946/checks/14054603389/logs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM now that the job is running the same tests as the Jenkins job.
Just an FYI, if you put a I've removed the |
Interesting 8 failures
@aanm the jenkins job I saw failing where stuck without progressing, here the test are actually failing. Also, I would not trust much this network policy tests in 1.23, we had done a big refactor later and added CI to not regress. Coming back to the existing failures
That does look right Also the fact that probes are not working :/
|
I'm going to repush to see a diff and check if the test failures are random or consistent |
Commit 637ca2ec99062897e9bb4d385bdfd1e56b6444b3 does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
This is much better now, only one failure
and seem related to #24361
cc: @squeed @joestringer These tests may be very pod intensive |
@aojea where do you see the failure? It seems that it passed, no? https://github.com/cilium/cilium/actions/runs/5202623988/jobs/9384471810?pr=25913 I see, that failure that you just saw was fixed by my suggestion here |
oh, I may had a stale view, thanks for noticing |
Could you update the commit msg to reflect the changes that Nate suggested? |
He only mentioned to change the names of the jobs, so I assume that is what you referring too , I updated the commit message |
failure will be fixed in next kubernetes minor release kubernetes/kubernetes#118281
it passed but I want to get the logs when it fails, it seems that it use to run in 33 minutes but when it fails sometimes it timeouts in 45 minutes 👀 |
Commit 407361bad3691df40d06cb87b05c315852ee789a does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
Commit 407361bad3691df40d06cb87b05c315852ee789a does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
it passed again :(
pushing another time |
Use kind to run the kubernetes upstream e2e tests for network policies Signed-off-by: Antonio Ojea <aojea@google.com>
we need to analyze this last failure, something is wrong there, but I can't figure out what copying from slack https://cilium.slack.com/archives/C2B917YHE/p1686328834976569?thread_ts=1685593436.669409&cid=C2B917YHE I need your brain here
If you check kubelet logs in the
it tears down the network and never retries
why it never retries? I can’t fully understand where is the problem between kubelet -> containerd -> cni -> cilium-cni, but seems one of those paths get lost and pods is left in the limbo without network but considered running (the probes fail so is not ready) |
We will be merging this PR so that we get enough information about the test runs for this job. Later on we can mark this job as required. |
Use kind to run the kubernetes e2e network policies jobs
This is basically duplicating the existing job
.github/workflows/conformance-k8s-kind.yaml
and modifying the regex to also run the network policy tests.I don't recommend the network policy tests alone because most of the issues are discovered when running with other tests, since the network policies should not impact them, if there is a problem on the implementation is common to see how unrelated test flake