tests: k8s-attach-handlers auto-generated policy #8922
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
danmihai1
added
the
wip
danmihai1
force-pushed
the
danmihai1/k8s-attach-handlers
branch
8 times, most recently
from
63ec0cb
to
94da070
Compare
danmihai1
force-pushed
the
danmihai1/k8s-attach-handlers
branch
from
94da070
to
82a74d8
Compare
danmihai1
removed
the
wip
wainersm
reviewed
Feb 6, 2024
fidencio
approved these changes
Feb 6, 2024
There was a problem hiding this comment.
@danmihai1, series looks good to me.
I'd like to have @wainersm taking a look at this one as well, if possible.
wainersm
reviewed
Feb 6, 2024
wainersm
reviewed
Feb 6, 2024
| @@ -139,14 +139,18 @@ test_successful_actions() { | |||
| for K8S_TEST_ENTRY in ${K8S_TEST_UNION[@]} | |||
| do | |||
| info "$(kubectl get pods --all-namespaces 2>&1)" | |||
| info "Executing ${K8S_TEST_ENTRY}" | |||
There was a problem hiding this comment.
Unfortunately bats doesn't provide an option to print the file name :(
wainersm
reviewed
Feb 6, 2024
wainersm
reviewed
Feb 6, 2024
wainersm
reviewed
Feb 6, 2024
wainersm
reviewed
Feb 6, 2024
|
hi @danmihai1 , finish my 1st round of review. Most nits & questions to you :) |
danmihai1
force-pushed
the
danmihai1/k8s-attach-handlers
branch
from
1bb9e25
to
a68efd4
Compare
Thanks for the feedback, @wainersm! I believe I addressed it with my latest push. |
Allow everyone to directly execute run_kubernetes_tests.sh, for easier local testing. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
1. Avoid repeating "kata-containers-k8s-tests". 2. Allow users to specify a different test namespace. 3. Introduce the TEST_CLUSTER_NAMESPACE variable, that will also be useful when auto-generating the Agent Policy for these tests. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
Make these scripts easier to debug. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
Output the names of test files, for easier search through logs. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
Add script functions useful for auto-generating and testing policy. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
Install the genpolicy app before starting test execution. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
Enable AUTO_GENERATE_POLICY for one of the Kata CI K8s test platforms. Additional platforms will be enabled after testing them. When AUTO_GENERATE_POLICY is enabled, create genpolicy settings that are common for all tests. Some of the tests will make temporary copies of these common settings and customize them as needed. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
Automatically generate the test policy for k8s-attach-handlers.bats, if AUTO_GENERATE_POLICY is enabled. Steps: - Create a temporary directory for the current test and copy the common genpolicy settings into this new directory. - Change genpolicy settings in the temp directory to allow the "kubectl exec" command that this test needs. (For CoCo, exec is blocked by the default policy settings) - Auto-generate the policy for the test YAML file. - Test as usual, using the YAML file. - Clean-up the temporary settings described above. Fixes: kata-containers#8921 Signed-off-by: Dan Mihai <dmihai@microsoft.com>
danmihai1
force-pushed
the
danmihai1/k8s-attach-handlers
branch
from
a68efd4
to
956577b
Compare
|
/test |
GabyCT
approved these changes
Feb 7, 2024
1. Rename install_kata_common to install_kata_core. 2. Add TODO for better way to install the Kata tools. Signed-off-by: Dan Mihai <dmihai@microsoft.com>
danmihai1
force-pushed
the
danmihai1/k8s-attach-handlers
branch
from
956577b
to
6b5e57f
Compare
|
/test |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Automatically generate the test policy for k8s-attach-handlers.bats, if AUTO_GENERATE_POLICY is enabled.
A few commits are part of this PR - some of them not directly related to k8s-attach-handlers.bats but helpful for easier testing of the k8s-attach-handlers.bats changes.
Fixes: #8921