Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.x](backport #41222) Switch K8s tests to Wolfi by default and make it configurable #41237

Merged
merged 5 commits into from
Oct 15, 2024
Merged

[8.x](backport #41222) Switch K8s tests to Wolfi by default and make it configurable #41237

merged 5 commits into from
Oct 15, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Oct 15, 2024

Proposed commit message

By default we test Wolfi-based images but there is now an environment variable IMAGE_MODIFIER that can be used for specifying different image prefixes when calling the make target.

Also, now the test verifies the actual container readiness and deletes resources after itself.

How to test this PR locally

Run the packaging command in the following folders:

  • x-pack/filebeat
  • x-pack/metricbeat
  • x-pack/auditbeat
  • x-pack/heartbeat

(put your architecture instead)

PLATFORMS=linux/arm64 PACKAGES=docker mage package

Then you need a running K8s cluster with the pre-configured kubectl. I used Docker Desktop.

then go to ./deploy/kubernetes and run

make test

by default we test against the Wolfi-based images but it can be switched by:

IMAGE_MODIFIER="-ubi" mage test

or test the main image instead:

IMAGE_MODIFIER="" mage test

The output should be something like this:

Generating filebeat-kubernetes.yaml for version 9.0.0 and image modifier '-wolfi'
file: filebeat/filebeat-service-account.yaml
file: filebeat/filebeat-role.yaml
file: filebeat/filebeat-role-binding.yaml
file: filebeat/filebeat-configmap.yaml
file: filebeat/filebeat-daemonset.yaml
Generating metricbeat-kubernetes.yaml for version 9.0.0 and image modifier '-wolfi'
file: metricbeat/metricbeat-service-account.yaml
file: metricbeat/metricbeat-role.yaml
file: metricbeat/metricbeat-role-binding.yaml
file: metricbeat/metricbeat-configmap.yaml
file: metricbeat/metricbeat-daemonset.yaml
Generating auditbeat-kubernetes.yaml for version 9.0.0 and image modifier '-wolfi'
file: auditbeat/auditbeat-service-account.yaml
file: auditbeat/auditbeat-role.yaml
file: auditbeat/auditbeat-role-binding.yaml
file: auditbeat/auditbeat-configmap.yaml
file: auditbeat/auditbeat-daemonset.yaml
Generating heartbeat-kubernetes.yaml for version 9.0.0 and image modifier '-wolfi'
file: heartbeat/heartbeat-service-account.yaml
file: heartbeat/heartbeat-role.yaml
file: heartbeat/heartbeat-role-binding.yaml
file: heartbeat/heartbeat-configmap.yaml
file: heartbeat/heartbeat-deployment.yaml

filebeat
serviceaccount/filebeat created
clusterrole.rbac.authorization.k8s.io/filebeat created
role.rbac.authorization.k8s.io/filebeat created
role.rbac.authorization.k8s.io/filebeat-kubeadm-config created
clusterrolebinding.rbac.authorization.k8s.io/filebeat created
rolebinding.rbac.authorization.k8s.io/filebeat created
rolebinding.rbac.authorization.k8s.io/filebeat-kubeadm-config created
configmap/filebeat-config created
daemonset.apps/filebeat created
Testing filebeat container for readiness...
pod/filebeat-wsn22 condition met
Deleting filebeat...
serviceaccount "filebeat" deleted
clusterrole.rbac.authorization.k8s.io "filebeat" deleted
role.rbac.authorization.k8s.io "filebeat" deleted
role.rbac.authorization.k8s.io "filebeat-kubeadm-config" deleted
clusterrolebinding.rbac.authorization.k8s.io "filebeat" deleted
rolebinding.rbac.authorization.k8s.io "filebeat" deleted
rolebinding.rbac.authorization.k8s.io "filebeat-kubeadm-config" deleted
configmap "filebeat-config" deleted
daemonset.apps "filebeat" deleted

metricbeat
serviceaccount/metricbeat created
clusterrole.rbac.authorization.k8s.io/metricbeat created
role.rbac.authorization.k8s.io/metricbeat created
role.rbac.authorization.k8s.io/metricbeat-kubeadm-config created
clusterrolebinding.rbac.authorization.k8s.io/metricbeat created
rolebinding.rbac.authorization.k8s.io/metricbeat created
rolebinding.rbac.authorization.k8s.io/metricbeat-kubeadm-config created
configmap/metricbeat-daemonset-config created
configmap/metricbeat-daemonset-modules created
daemonset.apps/metricbeat created
Testing metricbeat container for readiness...
pod/metricbeat-lfrqq condition met
Deleting metricbeat...
serviceaccount "metricbeat" deleted
clusterrole.rbac.authorization.k8s.io "metricbeat" deleted
role.rbac.authorization.k8s.io "metricbeat" deleted
role.rbac.authorization.k8s.io "metricbeat-kubeadm-config" deleted
clusterrolebinding.rbac.authorization.k8s.io "metricbeat" deleted
rolebinding.rbac.authorization.k8s.io "metricbeat" deleted
rolebinding.rbac.authorization.k8s.io "metricbeat-kubeadm-config" deleted
configmap "metricbeat-daemonset-config" deleted
configmap "metricbeat-daemonset-modules" deleted
daemonset.apps "metricbeat" deleted

auditbeat
serviceaccount/auditbeat created
clusterrole.rbac.authorization.k8s.io/auditbeat created
role.rbac.authorization.k8s.io/auditbeat created
role.rbac.authorization.k8s.io/auditbeat-kubeadm-config created
clusterrolebinding.rbac.authorization.k8s.io/auditbeat created
rolebinding.rbac.authorization.k8s.io/auditbeat created
rolebinding.rbac.authorization.k8s.io/auditbeat-kubeadm-config created
configmap/auditbeat-config created
configmap/auditbeat-daemonset-modules created
daemonset.apps/auditbeat created
Testing auditbeat container for readiness...
pod/auditbeat-jv9l5 condition met
Deleting auditbeat...
serviceaccount "auditbeat" deleted
clusterrole.rbac.authorization.k8s.io "auditbeat" deleted
role.rbac.authorization.k8s.io "auditbeat" deleted
role.rbac.authorization.k8s.io "auditbeat-kubeadm-config" deleted
clusterrolebinding.rbac.authorization.k8s.io "auditbeat" deleted
rolebinding.rbac.authorization.k8s.io "auditbeat" deleted
rolebinding.rbac.authorization.k8s.io "auditbeat-kubeadm-config" deleted
configmap "auditbeat-config" deleted
configmap "auditbeat-daemonset-modules" deleted
daemonset.apps "auditbeat" deleted

heartbeat
serviceaccount/heartbeat created
clusterrole.rbac.authorization.k8s.io/heartbeat created
role.rbac.authorization.k8s.io/heartbeat created
role.rbac.authorization.k8s.io/heartbeat-kubeadm-config created
clusterrolebinding.rbac.authorization.k8s.io/heartbeat created
rolebinding.rbac.authorization.k8s.io/heartbeat created
rolebinding.rbac.authorization.k8s.io/heartbeat-kubeadm-config created
configmap/heartbeat-deployment-config created
deployment.apps/heartbeat created
Testing heartbeat container for readiness...
pod/heartbeat-77f95d9b7-6rb9n condition met
Deleting heartbeat...
serviceaccount "heartbeat" deleted
clusterrole.rbac.authorization.k8s.io "heartbeat" deleted
role.rbac.authorization.k8s.io "heartbeat" deleted
role.rbac.authorization.k8s.io "heartbeat-kubeadm-config" deleted
clusterrolebinding.rbac.authorization.k8s.io "heartbeat" deleted
rolebinding.rbac.authorization.k8s.io "heartbeat" deleted
rolebinding.rbac.authorization.k8s.io "heartbeat-kubeadm-config" deleted
configmap "heartbeat-deployment-config" deleted
deployment.apps "heartbeat" deleted

This means K8s manifests were successfully generated, applied and the containers were running successfully.

Check the generated manifests for the images to have -wolfi suffix:

-rw-r--r--  1 rdner  staff   7.9K Oct 14 16:00 auditbeat-kubernetes.yaml
-rw-r--r--  1 rdner  staff   5.8K Oct 14 16:00 filebeat-kubernetes.yaml
-rw-r--r--  1 rdner  staff   5.3K Oct 14 16:00 heartbeat-kubernetes.yaml
-rw-r--r--  1 rdner  staff   9.3K Oct 14 16:00 metricbeat-kubernetes.yaml

Related issues

This is an automatic backport of pull request #41222 done by [Mergify](https://mergify.com).

@rdner @mergify
Switch K8s tests to Wolfi by default and make it configurable (#41222)
ec52a69 
By default we test Wolfi-based images but there is now an environment
variable `IMAGE_MODIFIER` that can be used for specifying different
image prefixes when calling the make target.

Also, now the test verifies the actual container readiness and deletes
resources after itself.

(cherry picked from commit 3492089)

# Conflicts:
#	deploy/kubernetes/auditbeat-kubernetes.yaml
#	deploy/kubernetes/filebeat-kubernetes.yaml
#	deploy/kubernetes/heartbeat-kubernetes.yaml
#	deploy/kubernetes/metricbeat-kubernetes.yaml
@mergify mergify bot requested review from a team as code owners October 15, 2024 13:42
@mergify mergify bot added backport conflicts There is a conflict in the backported pull request labels Oct 15, 2024
@mergify mergify bot requested review from mauri870 and faec and removed request for a team October 15, 2024 13:42
@mergify mergify bot assigned rdner Oct 15, 2024
@mergify mergify bot requested review from tetianakravchenko and constanca-m and removed request for a team October 15, 2024 13:42
@mergify Mergify
Copy link
Contributor Author

mergify bot commented Oct 15, 2024

Cherry-pick of 3492089 has failed:

On branch mergify/bp/8.x/pr-41222
Your branch is up to date with 'origin/8.x'.

You are currently cherry-picking commit 3492089397.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   deploy/kubernetes/Makefile
	modified:   deploy/kubernetes/auditbeat/auditbeat-daemonset.yaml
	modified:   deploy/kubernetes/filebeat/filebeat-daemonset.yaml
	modified:   deploy/kubernetes/heartbeat/heartbeat-deployment.yaml
	modified:   deploy/kubernetes/metricbeat/metricbeat-daemonset.yaml

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   deploy/kubernetes/auditbeat-kubernetes.yaml
	both modified:   deploy/kubernetes/filebeat-kubernetes.yaml
	both modified:   deploy/kubernetes/heartbeat-kubernetes.yaml
	both modified:   deploy/kubernetes/metricbeat-kubernetes.yaml

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Oct 15, 2024
@botelastic
Copy link

botelastic bot commented Oct 15, 2024

This pull request doesn't have a Team:<team> label.

@rdner rdner enabled auto-merge (squash) October 15, 2024 13:44
@rdner rdner merged commit 9812222 into 8.x Oct 15, 2024
15 of 16 checks passed
@rdner rdner deleted the mergify/bp/8.x/pr-41222 branch October 15, 2024 14:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rdner rdner rdner approved these changes

Assignees

@rdner rdner

Labels
backport conflicts There is a conflict in the backported pull request needs_team Indicates that the issue/PR needs a Team:* label
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@rdner