Skip to content

Enable compliance tests to use plugins for cluster provisioning #753

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mbuechse merged 48 commits into from
Nov 19, 2024
Merged

Enable compliance tests to use plugins for cluster provisioning #753

mbuechse merged 48 commits into from
Nov 19, 2024

Conversation

@tonifinger
Copy link
Contributor

@tonifinger tonifinger commented Sep 18, 2024

This PR introduces an interface that enables the provision of kubeconfig files for the sonobuoy test framework.
Each Kubernetes provider must derive its own specific plugin from this interface class in order to provide a cluster for testing

@tonifinger tonifinger self-assigned this Sep 18, 2024
@tonifinger tonifinger linked an issue Sep 18, 2024 that may be closed by this pull request
[Feature Request] enable compliance tests to use plugins for cluster provisioning #710
Closed
@tonifinger tonifinger force-pushed the 710-feature-request-enable-compliance-tests-to-use-plugins-for-cluster-provisioning branch 2 times, most recently from d4b2b66 to bfd1a0f Compare September 18, 2024 13:57
@tonifinger tonifinger requested a review from mbuechse September 18, 2024 18:03
@mbuechse
Copy link
Contributor

mbuechse commented Sep 19, 2024

@tonifinger Can you please post what a run would look like in the shell? (Just paste something from your terminal.)

mbuechse
mbuechse reviewed Sep 19, 2024
View reviewed changes
Copy link
Contributor

@mbuechse mbuechse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would be good to use the test infrastructure that we already have, i.e., the scripts

and the spec files

The spec file for KaaS already includes the CNCF conformance test. What I think we could do:

  • We make a list of clusters that we need for testing purposes, and for each cluster, we say where we expect the Kubeconfig to sit,
  • then your tool can use the plugin to create all these clusters and the corresponding Kubeconfig files at the specified locations,
  • it could also use the plugin and this specification to remove the clusters.
  • We add calls to your tool to our Zuul job BEFORE and AFTER it runs the actual tests to create and remove clusters, respectively.

@tonifinger
Copy link
Contributor Author

tonifinger commented Sep 19, 2024

@tonifinger Can you please post what a run would look like in the shell? (Just paste something from your terminal.)

This is the output to the shell using the plugin of kind and the logging lvl set to info:

No kind clusters found.
INFO:root:Creating cluster scs-cluster..
Creating cluster "scs-cluster" ...
 ✓ Ensuring node image (kindest/node:v1.25.3) 🖼
 ✓ Preparing nodes 📦  
 ✓ Writing configuration 📜 
 ✓ Starting control-plane 🕹️ 
 ✓ Installing CNI 🔌 
 ✓ Installing StorageClass 💾 
Set kubectl context to "kind-scs-cluster"
You can now use your cluster with:

kubectl cluster-info --context kind-scs-cluster --kubeconfig .pytest-kind/scs-cluster/kubeconfig

Have a nice day! 👋
INFO:interface:check kubeconfig
INFO:interface:kubeconfigfile loaded successfully
Sonobuoy Version: v0.56.16
MinimumKubeVersion: 1.17.0
MaximumKubeVersion: 1.99.99
GitSHA: c7712478228e3b50a225783119fee1286b5104af
GoVersion: go1.19.10
Platform: linux/amd64
API Version:  v1.25.3
INFO:interface: invoke cncf conformance test
INFO[0000] create request issued                         name=sonobuoy namespace= resource=namespaces
INFO[0000] create request issued                         name=sonobuoy-serviceaccount namespace=sonobuoy resource=serviceaccounts
INFO[0000] create request issued                         name=sonobuoy-serviceaccount-sonobuoy namespace= resource=clusterrolebindings
INFO[0000] create request issued                         name=sonobuoy-serviceaccount-sonobuoy namespace= resource=clusterroles
INFO[0000] create request issued                         name=sonobuoy-config-cm namespace=sonobuoy resource=configmaps
INFO[0000] create request issued                         name=sonobuoy-plugins-cm namespace=sonobuoy resource=configmaps
INFO[0000] create request issued                         name=sonobuoy namespace=sonobuoy resource=pods
INFO[0000] create request issued                         name=sonobuoy-aggregator namespace=sonobuoy resource=services
14:08:41          PLUGIN                        NODE    STATUS   RESULT   PROGRESS
14:08:41    systemd-logs   scs-cluster-control-plane   running                    
14:08:41             e2e                      global   running                    
14:08:41 
14:08:41 Sonobuoy is still running. Runs can take 60 minutes or more depending on cluster and plugin configuration.
...
...
14:09:41    systemd-logs   scs-cluster-control-plane   complete                    
...
14:10:21    systemd-logs   scs-cluster-control-plane   complete   passed                         
14:10:21             e2e                      global   complete   passed   Passed:960, Failed:  0
14:10:21 Sonobuoy has completed. Use `sonobuoy retrieve` to get results.
INFO:interface: 1094 passed, 5976 failed of which 5976 were skipped
INFO:interface:removing sonobuoy tests from cluster
INFO[0000] delete request issued                         kind=namespace namespace=sonobuoy
INFO[0000] delete request issued                         kind=clusterrolebindings
INFO[0000] delete request issued                         kind=clusterroles

Namespace "sonobuoy" has status {Phase:Terminating Conditions:[]}

Namespace "sonobuoy" has status {Phase:Terminating Conditions:[{Type:NamespaceDeletionDiscoveryFailure Status:False LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:ResourcesDiscovered Message:All resources successfully discovered} {Type:NamespaceDeletionGroupVersionParsingFailure Status:False LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:ParsedGroupVersions Message:All legacy kube types successfully parsed} {Type:NamespaceDeletionContentFailure Status:False LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:ContentDeleted Message:All content successfully deleted, may be waiting on finalization} {Type:NamespaceContentRemaining Status:True LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:SomeResourcesRemain Message:Some resources are remaining: pods. has 2 resource instances} {Type:NamespaceFinalizersRemaining Status:False LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:ContentHasNoFinalizers Message:All content-preserving finalizers finished}]}

Namespace "sonobuoy" has status {Phase:Terminating Conditions:[{Type:NamespaceDeletionDiscoveryFailure Status:False LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:ResourcesDiscovered Message:All resources successfully discovered} {Type:NamespaceDeletionGroupVersionParsingFailure Status:False LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:ParsedGroupVersions Message:All legacy kube types successfully parsed} {Type:NamespaceDeletionContentFailure Status:False LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:ContentDeleted Message:All content successfully deleted, may be waiting on finalization} {Type:NamespaceContentRemaining Status:True LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:SomeResourcesRemain Message:Some resources are remaining: pods. has 1 resource instances} {Type:NamespaceFinalizersRemaining Status:False LastTransitionTime:2024-09-19 14:10:26 +0200 CEST Reason:ContentHasNoFinalizers Message:All content-preserving finalizers finished}]}
...
...
...

Namespace "sonobuoy" has been deleted

Deleted all ClusterRoles and ClusterRoleBindings.
INFO:interface:removing sonobuoy tests from cluster
INFO[0000] already deleted                               kind=namespace namespace=sonobuoy
INFO[0000] delete request issued                         kind=clusterrolebindings
INFO[0000] delete request issued                         kind=clusterroles

Namespace "sonobuoy" has been deleted

Deleted all ClusterRoles and ClusterRoleBindings.
INFO:root:Deleting cluster scs-cluster..
Deleting cluster "scs-cluster" ...

@tonifinger
Enable compliance tests to use plugins for cluster provisioning
a326e99 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Fix python style
ab0803b 
And apply static plugin

Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Fix path to junit file
199fdf2 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger tonifinger force-pushed the 710-feature-request-enable-compliance-tests-to-use-plugins-for-cluster-provisioning branch from a42542d to 199fdf2 Compare September 20, 2024 12:10
@tonifinger
Inital integration of the plugin into the 'scs-test-runner.py'
f994cde 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@mbuechse
Copy link
Contributor

mbuechse commented Oct 7, 2024

Please re-request review from me when you've reached the point.

@tonifinger
Adjust 'scs-test-runner.py' to handle kaas tests
4a51c0d 
Splitting the functionality into the
handling of sonobuoys and the provision of K8s clusters.

Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Copy link
Contributor Author

tonifinger commented Oct 10, 2024
edited
Loading

Please re-request review from me when you've reached the point.

I have reached a point where you can test the first approach by using scs-test-runner.py to run the kaas tests on self provisioned k8s clusters.

You should be able to test this with the following command:

./scs-test-runner.py --config ./config-kaas-example.toml --debug run --preset="all-kaas" -o report.yaml --no-upload

This PR is still in draft as I have to:

  • Handle configurations to allow selecting cluster versions on plugin side
  • Handle generic configuration hand over
  • Add the function to delete clusters to the cleanup command
  • Finalize static_plugin to handle excising k8s clusters
  • Add integration Tests

@tonifinger tonifinger requested a review from mbuechse October 10, 2024 12:18
@tonifinger
Add ability to deploy clusters for different K8s versions
928ea83 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
mbuechse
mbuechse requested changes Oct 16, 2024
View reviewed changes
tonifinger and others added 5 commits October 18, 2024 11:36
@tonifinger
Update scs-test-runner.py
acc451d 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@mbuechse
still draft: a few steps towards my vision
e4d6c3c 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
add missing file
1dd220c 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@tonifinger
Fixup!
7c063d8 
Rework rebase conflicts

Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Fixup plugin kubeconfig file generation
5b11641 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@mbuechse
Copy link
Contributor

mbuechse commented Nov 1, 2024
edited
Loading

Just a quick update on ongoing work:

  • we decided that we create a 'subject' for each combination of CSP and k8s branch,
  • we decided that each such subject must be equipped with the additional information necessary for the plugin in question to work (for instance, if the CSP uses Gardener, then we might need some sort of "shoot cluster manifest")
  • if this additional information is added to this repository at all, it would either go into .zuul.d/secure.yaml or into somewhere under playbooks (and then referenced by config.toml)

@tonifinger
Draft: split up clusterspec file
7fb5f32 
In order to have one clusterspec file for each k8s version

Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Merge to back to usage of one single clustersspec
9a2809a 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Rearange configuration files
bfa6ba4 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
mbuechse
mbuechse reviewed Nov 5, 2024
View reviewed changes
Copy link
Contributor

@mbuechse mbuechse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few remarks

@tonifinger
Fixup configuration files
1cfee94 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
mbuechse
mbuechse reviewed Nov 6, 2024
View reviewed changes
Copy link
Contributor

@mbuechse mbuechse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is starting to look really good now. A few minor things though.

tonifinger and others added 10 commits November 7, 2024 10:10
@tonifinger
Remove abstract base clase handling and directly
cfa113c 
make use of Not ImplementedError

Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Update 'kind_plugin.py' kubeconfig filepath handling
d43a38d 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Sort python imports
8f4970b 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Fixup: use '__name__' for logging handler
5a8f8ca 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger @mbuechse
Update Tests/kaas/plugin/run_plugin.py
7d6a0cb 
Co-authored-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
Signed-off-by: tonifinger <129007376+tonifinger@users.noreply.github.com>
@tonifinger
Update plugin kubeconfig handling
c4b2611 
Removed the return of the kubeconfig filepath from the `create_cluster`
method as we do not use this handling.

Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Update plugin_static.py
78fd694 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Fixup remove obsolete f-string
2301ba3 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Fixup
fa0247e 
Remove default values to prevent parameters from being optional

Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Fixup: remove default value in description
932ed7a 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger tonifinger requested a review from mbuechse November 8, 2024 12:04
@michal-gubricky michal-gubricky mentioned this pull request Nov 11, 2024
Closed
tonifinger and others added 13 commits November 11, 2024 12:10
@tonifinger
Fixup: remove version parameter form delete
a96047d 
Signed-off-by: Toni Finger <toni.finger@cloudandheat.com>
@tonifinger
Merge branch 'main' into 710-feature-request-enable-compliance-tests-…
c686a45 
…to-use-plugins-for-cluster-provisioning
@tonifinger
Fixup plugin deletion parameters
6cab484 
Signed-off-by: Toni Finger  <toni.finger@cloudandheat.com>
@mbuechse
Move kind_config.yaml, because it's not related to our partners
aecc697 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
rename clusterspec_cluster
73da3fd 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
config is not optional, rename config_file to config_path
1331546 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
remove unused dependency junitparser
8cdac9f 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
polish scs-compatible-kaas.yaml
d80db24 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
remove comment from the future
dc2a350 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
Bugfix: amendment to e4d6c3c
f24f9ee 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
remove outdated requirement
a56a3bb 
the file is a bit outdated altogether, but let's correct that at a later stage

Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
use more telling names in config.toml
85b04fe 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse
reduce number of workers for kaas-dev
8dd4e38 
Signed-off-by: Matthias Büchse <matthias.buechse@cloudandheat.com>
@mbuechse mbuechse merged commit 8c383ca into main Nov 19, 2024
@mbuechse mbuechse deleted the 710-feature-request-enable-compliance-tests-to-use-plugins-for-cluster-provisioning branch November 19, 2024 22:17
@tonifinger tonifinger mentioned this pull request Nov 25, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mbuechse mbuechse mbuechse approved these changes

Assignees

@tonifinger tonifinger

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature Request] enable compliance tests to use plugins for cluster provisioning

3 participants

@tonifinger @mbuechse