-
Notifications
You must be signed in to change notification settings - Fork 903
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Accepted conformance tests run without full test suite #759
Comments
I don't have time to dig into why there is a delta @johnSchnake can you look quick to see what the delta is here? |
Making notes as I review this:
I will take a look and see if I can find a reason why those wouldn't have been chosen either by that hack script or some other reason. What needs to happen IMO going forward is:
|
/assign @hh @johnSchnake |
All 3 of those tests were also added to Conformance in v1.15; but the SHA in the logs for the test matches the SHA in my test run with 215 test so I don't think that could account for it. @OlegLoewen You were the one to submit for at least some of these; could you clarify how these runs were obtained? They indicate they used a sonobuoy yaml script which hasn't existed for some time and also wouldn't have matched the version of tests used here. |
@johnSchnake and I will take a closer look at this together tomorrow |
Let me know if I can helpful in any way. I looked through the docs for conformance tests and noticed that the Additionally I noticed that the wording around Some guidelines around which execution methods for the test cases are actually allowed would help debugging situations like this IMO. I am not sure how feasible that would be as I have no overview of the currently used execution methods except sonobuoy. |
@johnSchnake Thanks for pointing that out, I have found the root cause for the missing testcases. It was an unfortunate misconfiguration of our test case list file. I will fix it soon and reupload the test results. Let me explain how this test results have been obtained: At first, the description of how to reproduce the test results sap-cp-aws is outdated. I will update it soon. Further below I also describe how we currently run the conformance tests (and other) in detail. We are continuously working on test coverage of gardener, which is why readme descriptioins like the mentioned one are getting outdated pretty fast. At the beginning we were using suonoboy, which was fine for a moment. But since we wanted to test additional k8s e2e test cases, besides conformance and we wanted to automate test runs to ensure quality, we introduced Test Machinery and a kubetest wrapper which allow us to test clusters in a structured and consistant way. Currently we are running over 260 e2e test suites a day (on different landscsape, k8s versions, cloud providers and operating systems) which covers 1099 unique testscases and 113025 executed testcases in total per day. We are uploading conformance test results to testgrid (conformance, others) on daily basis for k8s versions 1.10 to 1.16 and multiple cloud provider. Reasons why we were forced to build a kubetest wrapper were to gain more control over testcase grouping and test result evaluation. With that we now have:
Regarding this discussion here, would be great to have some validation on testgrid side for e.g. testcase numbers to avoid such incomplete executions. You will be able to reproduce the test results if you run: #first set KUBECONFIG to your cluster
docker run -ti -e --rm -v $KUBECONFIG:/mye2e/shoot.config golang:1.13 bash
# run all commands below within container
export E2E_EXPORT_PATH=/tmp/export; export KUBECONFIG=/mye2e/shoot.config; export GINKGO_PARALLEL=false
go get github.com/gardener/test-infra; cd /go/src/github.com/gardener/test-infra
export GO111MODULE=on
go run -mod=vendor ./integration-tests/e2e -debug=true -k8sVersion=1.16.1 -cloudprovider=azure -testcasegroup="conformance"
echo "testsuite finished" Which internally runs: kubetest --provider=skeleton --extract=v1.16.2 --deployment=local --test --check-version-skew=false --test_args=--clean-start --ginkgo.dryRun=false --ginkgo.focus=\\[k8s\\.io\\]\\sSecurity\\sContext\\sWhen\\screating\\sa\\spod\\swith\\sprivileged\\sshould\\srun\\sthe\\scontain... -dump=/tmp/e2e.log |
The config here: https://github.com/gardener/test-infra/blob/68c3d60171fcb7d36b39d86935d14f5ea55064d6/integration-tests/e2e/kubetest/description/1.16/working.json#L3 makes it look the link between the FWIW, for conformance certification runs you should be just setting the focus to Here is the dir for all the v1.15 tests https://github.com/gardener/test-infra/tree/68c3d60171fcb7d36b39d86935d14f5ea55064d6/integration-tests/e2e/kubetest/description/1.15 and it just seems like those tests aren't listed in any of the working/skip/false-positive files so I must be misunderstanding a component of how the test list is run. |
The mentioned test cases weren't conformance-tagged in previous k8s release version. So since I have reused the description file of previous k8s release version for 1.15, these test cases were already assigned to the group fast/slow but not conformance, which is the reason why they have been discarded during the test suite execution. This commit is the quick fix, but I will think of something to prevent this kind of an issue in future. Also the commit somehow helps to understand the actual issue/bug. Regarding fokus skip fields in the description file: Our main test case groups are fast, slow and conformance (which can be combined). Test cases of the fast group are executed parallely with If we run e2e with { "testcase": "[Conformance]", "focus": "Serial|Slow", "groups": ["slow", "conformance"]},
{ "testcase": "[Conformance]", "skip": "Serial|Slow", "groups": ["fast", "conformance"]},
If this is a requirement and using a list of test cases is not an alternative, we can do this as well. |
I think this raises good questions about what is required for conformance certification. As I read it, Sonobuoy is optional but that the conformance run should be executed in a single test run rather than multiple which are spliced together. I think that makes the most sense as the instructions request a single log and junit result file. You could argue that you want to merge the junit results together but in that case you'd at least need to upload all of the log files separately. In addition, allowing N runs to be run at separate times but combined to meet certification seems like a loosening of requirements since clusters could undergo changes between the different runs. Everything is much more clear/standardized if we just require a single run (though again, parallelizing for CI makes sense). |
I agree with @johnSchnake regarding enforcement a specific list of tests in a single test run. I've created a ticket for creating a Prow Job to run before submissions can be accepted. |
AFAICT test runs are now automatically checked for completeness. Should this issue be closed? |
While looking through past conformance test results for comparison of our own I noticed that some results show not the full test suit being run.
Here is a set of notable examples in the 1.15 conformance tests :
sap-cp-aws
logsap-cp-azure
logsap-cp-openstack
loggardener-azure
loggardener-aws
loggardener-gcp
loggardener-openstack
logAll of these tests have in common that they run
212
test cases instead of the215
test cases the official suit runs. Additionally the configuration is visible in the log immediately at the beginning because the lineDoes not appear when running the official conformance e2e test. Here is a valid example from digitalocean for comparison: https://raw.githubusercontent.com/cncf/k8s-conformance/master/v1.15/digitalocean/e2e.log
This brings up several questions to me:
In general this seems to be a very unfortunate / accidental error to me - it however lessens the value of
certified kubernetes
in my mind at least.I do not believe that the parties submitting these conformance tests acted in bad faith but do however think that the verification process for conformance tests should be improved.
The text was updated successfully, but these errors were encountered: