Skip to content

Commit

Permalink
Parallelize the Config Policy controller E2E tests
Browse files Browse the repository at this point in the history
Signed-off-by: Yi Rae Kim <yikim@redhat.com>
  • Loading branch information
yiraeChristineKim committed Jun 26, 2023
1 parent 418c94c commit a205045
Show file tree
Hide file tree
Showing 45 changed files with 539 additions and 488 deletions.
169 changes: 85 additions & 84 deletions .github/workflows/kind.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,89 +27,90 @@ jobs:
# The "minimum" tag is set in the Makefile
# KinD tags: https://hub.docker.com/r/kindest/node/tags
kind:
- 'minimum'
- 'latest'
- "minimum"
- "latest"
name: KinD tests
steps:
- name: Checkout Config Policy Controller
uses: actions/checkout@v3
with:
path: config-policy-controller
fetch-depth: 0 # Fetch all history for all tags and branches

- name: Set up Go
uses: actions/setup-go@v3
id: go
with:
go-version-file: config-policy-controller/go.mod

- name: Verify modules
run: |
go mod verify
- name: Verify format
run: |
make fmt
git diff --exit-code
make lint
- name: Verify deploy/operator.yaml
run: |
make generate-operator-yaml
git diff --exit-code
- name: Unit and Integration Tests
run: |
make test
- name: Create K8s KinD Cluster - ${{ matrix.kind }}
env:
KIND_VERSION: ${{ matrix.kind }}
run: |
make kind-bootstrap-cluster-dev
- name: Ensure Service Account kubeconfig
run: |
KUBECONFIG=${PWD}/kubeconfig_managed make kind-ensure-sa
- name: E2E Tests
run: |
export GOPATH=$(go env GOPATH)
KUBECONFIG=${PWD}/kubeconfig_managed make e2e-test-coverage
- name: Create K8s KinD Cluster to simulate hosted mode - ${{ matrix.kind }}
env:
KIND_VERSION: ${{ matrix.kind }}
run: |
make kind-additional-cluster
- name: E2E tests that simulate hosted mode
run: |
export GOPATH=$(go env GOPATH)
KUBECONFIG=${PWD}/kubeconfig_managed make e2e-test-hosted-mode-coverage
- name: Verify Deployment Configuration
run: |
make build-images
KUBECONFIG=${PWD}/kubeconfig_managed_e2e make kind-deploy-controller-dev
- name: E2E tests that require the controller running in a cluster
run: |
export GOPATH=$(go env GOPATH)
KUBECONFIG=${PWD}/kubeconfig_managed make e2e-test-running-in-cluster
- name: Test Coverage Verification
if: ${{ github.event_name == 'pull_request' }}
run: |
make test-coverage
make coverage-verify
- name: Debug
if: ${{ failure() }}
run: |
make e2e-debug
- name: Clean up cluster
if: ${{ always() }}
run: |
make kind-delete-cluster
- name: Checkout Config Policy Controller
uses: actions/checkout@v3
with:
path: config-policy-controller
fetch-depth: 0 # Fetch all history for all tags and branches

- name: Set up Go
uses: actions/setup-go@v3
id: go
with:
go-version-file: config-policy-controller/go.mod

- name: Verify modules
run: |
go mod verify
- name: Verify format
run: |
make fmt
git diff --exit-code
make lint
- name: Verify deploy/operator.yaml
run: |
make generate-operator-yaml
git diff --exit-code
- name: Unit and Integration Tests
run: |
make test
- name: Create K8s KinD Cluster - ${{ matrix.kind }}
env:
KIND_VERSION: ${{ matrix.kind }}
run: |
make kind-bootstrap-cluster-dev
- name: Ensure Service Account kubeconfig
run: |
KUBECONFIG=${PWD}/kubeconfig_managed make kind-ensure-sa
- name: E2E Tests
run: |
kubectl get pod -A
export GOPATH=$(go env GOPATH)
KUBECONFIG=${PWD}/kubeconfig_managed make e2e-test-coverage
- name: Create K8s KinD Cluster to simulate hosted mode - ${{ matrix.kind }}
env:
KIND_VERSION: ${{ matrix.kind }}
run: |
make kind-additional-cluster
- name: E2E tests that simulate hosted mode
run: |
export GOPATH=$(go env GOPATH)
KUBECONFIG=${PWD}/kubeconfig_managed make e2e-test-hosted-mode-coverage
- name: Verify Deployment Configuration
run: |
make build-images
KUBECONFIG=${PWD}/kubeconfig_managed_e2e make kind-deploy-controller-dev
- name: E2E tests that require the controller running in a cluster
run: |
export GOPATH=$(go env GOPATH)
KUBECONFIG=${PWD}/kubeconfig_managed make e2e-test-running-in-cluster
- name: Test Coverage Verification
if: ${{ github.event_name == 'pull_request' }}
run: |
make test-coverage
make coverage-verify
- name: Debug
if: ${{ failure() }}
run: |
make e2e-debug
- name: Clean up cluster
if: ${{ always() }}
run: |
make kind-delete-cluster
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ install-resources:

.PHONY: e2e-test
e2e-test: e2e-dependencies
$(GINKGO) -v --fail-fast $(E2E_TEST_ARGS) test/e2e
$(GINKGO) -v -p -procs=20 --fail-fast $(E2E_TEST_ARGS) test/e2e

.PHONY: e2e-test-coverage
e2e-test-coverage: E2E_TEST_ARGS = --json-report=report_e2e.json --label-filter='!hosted-mode && !running-in-cluster' --output-dir=.
Expand Down
8 changes: 4 additions & 4 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ require (
github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
github.com/go-logr/zapr v1.2.3
github.com/google/go-cmp v0.5.9
github.com/onsi/ginkgo/v2 v2.9.4
github.com/onsi/gomega v1.27.6
github.com/onsi/ginkgo/v2 v2.9.7
github.com/onsi/gomega v1.27.8
github.com/prometheus/client_golang v1.15.1
github.com/spf13/pflag v1.0.5
github.com/stolostron/go-log-utils v0.1.2
Expand Down Expand Up @@ -80,14 +80,14 @@ require (
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.24.0 // indirect
golang.org/x/crypto v0.8.0 // indirect
golang.org/x/net v0.9.0 // indirect
golang.org/x/net v0.10.0 // indirect
golang.org/x/oauth2 v0.7.0 // indirect
golang.org/x/sync v0.2.0 // indirect
golang.org/x/sys v0.8.0 // indirect
golang.org/x/term v0.8.0 // indirect
golang.org/x/text v0.9.0 // indirect
golang.org/x/time v0.3.0 // indirect
golang.org/x/tools v0.8.0 // indirect
golang.org/x/tools v0.9.1 // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.30.0 // indirect
Expand Down
16 changes: 8 additions & 8 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -156,10 +156,10 @@ github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE=
github.com/onsi/ginkgo/v2 v2.9.4/go.mod h1:gCQYp2Q+kSoIj7ykSVb9nskRSsR6PUj4AiLywzIhbKM=
github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE=
github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg=
github.com/onsi/ginkgo/v2 v2.9.7 h1:06xGQy5www2oN160RtEZoTvnP2sPhEfePYmCDc2szss=
github.com/onsi/ginkgo/v2 v2.9.7/go.mod h1:cxrmXWykAwTwhQsJOPfdIDiJ+l2RYq7U8hFU+M/1uw0=
github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc=
github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
Expand Down Expand Up @@ -256,8 +256,8 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM=
golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.7.0 h1:qe6s0zUXlPX80/dITx3440hWZ7GwMwgDDyrSGTPJG/g=
Expand Down Expand Up @@ -303,8 +303,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.8.0 h1:vSDcovVPld282ceKgDimkRSC8kpaH1dgyc9UMzlt84Y=
golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4=
golang.org/x/tools v0.9.1 h1:8WMNJAz3zrtPmnYC7ISf5dEn3MT0gY7jBJfw27yrrLo=
golang.org/x/tools v0.9.1/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
Expand Down
4 changes: 2 additions & 2 deletions test/e2e/case10_kind_field_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ const (
)

var _ = Describe("Test pod obj template handling", func() {
Describe("Create a pod policy on managed cluster in ns:"+testNamespace, func() {
Describe("Create a pod policy on managed cluster in ns:"+testNamespace, Ordered, func() {
It("should create a policy properly on the managed cluster", func() {
By("Creating " + case10ConfigPolicyNamePod + " on managed")
utils.Kubectl("apply", "-f", case10PolicyYamlPod, "-n", testNamespace)
Expand Down Expand Up @@ -60,7 +60,7 @@ var _ = Describe("Test pod obj template handling", func() {
return utils.GetComplianceState(managedPlc)
}, defaultTimeoutSeconds, 1).Should(Equal("NonCompliant"))
})
It("Cleans up", func() {
AfterAll(func() {
policies := []string{
case10ConfigPolicyNamePod,
case10ConfigPolicyNameCheck,
Expand Down
6 changes: 3 additions & 3 deletions test/e2e/case11_apiserver_config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ const (
tlsProfileInformYaml string = "../resources/case11_apiserver_config/tls_profile_inform.yaml"
)

var _ = Describe("Test APIServer Config policy", func() {
Describe("Test etcd encryption and tls profile", func() {
var _ = Describe("Test APIServer Config policy", Serial, func() {
Describe("Test etcd encryption and tls profile", Ordered, func() {
It("should be noncompliant for no encryption", func() {
By("Creating " + etcdEncryptionInformYaml + " on managed")
utils.Kubectl("apply", "-f", etcdEncryptionInformYaml, "-n", testNamespace)
Expand Down Expand Up @@ -122,7 +122,7 @@ var _ = Describe("Test APIServer Config policy", func() {
return utils.GetComplianceState(informPlc)
}, defaultTimeoutSeconds, 1).Should(Equal("Compliant"))
})
It("Cleans up", func() {
AfterAll(func() {
policies := []string{
etcdEncryptionEnforceName,
etcdEncryptionInformName,
Expand Down
23 changes: 13 additions & 10 deletions test/e2e/case12_list_compare_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import (
const (
case12ConfigPolicyNameInform string = "policy-pod-mh-listinform"
case12ConfigPolicyNameEnforce string = "policy-pod-create-listinspec"
case12PodName string = "nginx-pod-e2e-12"
case12InformYaml string = "../resources/case12_list_compare/case12_pod_inform.yaml"
case12EnforceYaml string = "../resources/case12_list_compare/case12_pod_create.yaml"
)
Expand Down Expand Up @@ -77,7 +78,7 @@ const (
)

var _ = Describe("Test list handling for musthave", func() {
Describe("Create a policy with a nested list on managed cluster in ns:"+testNamespace, func() {
Describe("Create a policy with a nested list on managed cluster in ns:"+testNamespace, Ordered, func() {
It("should be created properly on the managed cluster", func() {
By("Creating " + case12ConfigPolicyNameEnforce + " and " + case12ConfigPolicyNameInform + " on managed")
utils.Kubectl("apply", "-f", case12EnforceYaml, "-n", testNamespace)
Expand All @@ -101,16 +102,18 @@ var _ = Describe("Test list handling for musthave", func() {
return utils.GetComplianceState(managedPlc)
}, defaultTimeoutSeconds, 1).Should(Equal("Compliant"))
})
It("Cleans up", func() {
AfterAll(func() {
policies := []string{
case12ConfigPolicyNameInform,
case12ConfigPolicyNameEnforce,
}

deleteConfigPolicies(policies)

utils.Kubectl("delete", "pod", case12PodName, "-n", "default", "--ignore-not-found")
})
})
Describe("Create a policy with a list field on managed cluster in ns:"+testNamespace, func() {
Describe("Create a policy with a list field on managed cluster in ns:"+testNamespace, Ordered, func() {
It("should be created properly on the managed cluster", func() {
By("Creating " + case12ConfigPolicyNameRoleEnforce + " and " +
case12ConfigPolicyNameRoleInform + " on managed")
Expand All @@ -135,7 +138,7 @@ var _ = Describe("Test list handling for musthave", func() {
return utils.GetComplianceState(managedPlc)
}, defaultTimeoutSeconds, 1).Should(Equal("NonCompliant"))
})
It("Cleans up", func() {
AfterAll(func() {
policies := []string{
case12ConfigPolicyNameRoleInform,
case12ConfigPolicyNameRoleEnforce,
Expand All @@ -144,7 +147,7 @@ var _ = Describe("Test list handling for musthave", func() {
deleteConfigPolicies(policies)
})
})
Describe("Create and patch a role on managed cluster in ns:"+testNamespace, func() {
Describe("Create and patch a role on managed cluster in ns:"+testNamespace, Ordered, func() {
It("should be created properly on the managed cluster", func() {
By("Creating " + case12RoleToPatch + " and " + case12RolePatchEnforce + " on managed")
utils.Kubectl("apply", "-f", case12RoleToPatchYaml, "-n", testNamespace)
Expand Down Expand Up @@ -178,7 +181,7 @@ var _ = Describe("Test list handling for musthave", func() {
return utils.GetComplianceState(managedPlc)
}, defaultTimeoutSeconds, 1).Should(Equal("Compliant"))
})
It("Cleans up", func() {
AfterAll(func() {
policies := []string{
case12RoleToPatch,
case12RolePatchEnforce,
Expand All @@ -188,7 +191,7 @@ var _ = Describe("Test list handling for musthave", func() {
deleteConfigPolicies(policies)
})
})
Describe("Create and patch an oauth object on managed cluster in ns:"+testNamespace, func() {
Describe("Create and patch an oauth object on managed cluster in ns:"+testNamespace, Ordered, func() {
It("should be created properly on the managed cluster", func() {
By("Creating " + case12OauthCreate + " and " + case12OauthPatch + " on managed")
utils.Kubectl("apply", "-f", case12OauthCreateYaml, "-n", testNamespace)
Expand Down Expand Up @@ -295,7 +298,7 @@ var _ = Describe("Test list handling for musthave", func() {
}, defaultTimeoutSeconds, 1).Should(Equal("Compliant"))
})

It("Cleans up", func() {
AfterAll(func() {
policies := []string{
case12OauthCreate,
case12OauthPatch,
Expand All @@ -311,7 +314,7 @@ var _ = Describe("Test list handling for musthave", func() {
deleteConfigPolicies(policies)
})
})
Describe("Create a deployment object with env vars on managed cluster in ns:"+testNamespace, func() {
Describe("Create a deployment object with env vars on managed cluster in ns:"+testNamespace, Ordered, func() {
It("should only add the list item with prefix and suffix whitespace once", func() {
By("Creating " + case12WhitespaceListCreate + " and " + case12WhitespaceListInform + " on managed")
utils.Kubectl("apply", "-f", case12WhitespaceListCreateYaml, "-n", testNamespace)
Expand Down Expand Up @@ -347,7 +350,7 @@ var _ = Describe("Test list handling for musthave", func() {
Expect(envvars).To(HaveLen(1))
})

It("Cleans up", func() {
AfterAll(func() {
policies := []string{
case12WhitespaceListCreate,
case12WhitespaceListInform,
Expand Down
Loading

0 comments on commit a205045

Please sign in to comment.