Test TLS termination, SSL-redirect, Canary, and CORS#330
Test TLS termination, SSL-redirect, Canary, and CORS#330Stevenjin8 wants to merge 34 commits intokubernetes-sigs:mainfrom
Conversation
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
We need a dummy workload so that ingresses and gateways have some service to send test traffic to. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Kong is both an ingress controller and a GWAPI implementation. Add helpers for both. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
We use port forwarding to reach ingress controllers and gateways in an infrastructure-agnostic way during testing. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
To be able to run multiple test cases concurrently on the same cluster, some resources must be shared. For example, CRDs are cluster-level rather than namespace-scoped. In addition, deploying multiple instances of an ingress controller or GWAPI implementation wastes time and resources even in cases where it's technically possible to do so. To address these concerns, we add a resource manager. This construct allows efficient and thread-safe sharing of resources. A shared resource is created on first usage, returned on subsequent attempts to acquire the resources and cleaned up when no users remain. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Verifiers are used to ensure ingress and GWAPI resources process traffic according to expectations. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
We can't use sudo on CI. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
This allows for more compact test case definitions and fewer indentation levels. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Rather than implementing bespoke retry logic across the code base, implement generic retry helpers and reuse them. This also extracts the retry logic out of verifiers for a better separation of concerns. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
Call the binary instead of running Go code directly. This simulates actual customer usage better and works around concurrency issues caused by multiple test cases executing in parallel. Signed-off-by: Johanan Liebermann <jliebermann@microsoft.com>
|
@Stevenjin8: The label(s) DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Stevenjin8 The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
approved
k8s-ci-robot
added
size/XXL
k8s-ci-robot
added
size/XL
Stevenjin8
force-pushed
the
tests/e2e-tls
branch
from
feb90ec to
c01ca8a
Compare
Stevenjin8
changed the title
|
Right now The e2e tests are executed on a single Kind cluster in parallel. To avoid races, we use a resource manager singleton: ingress2gateway/e2e/resource_manager.go Lines 23 to 25 in 2802595 This assumes all e2e tests are under the same package. The addition of a new sub-package creates two instances of the test framework which in effect duplicates the resource manager. This makes the two e2e package race against the Kind cluster. To address that, we could do one of the following:
I suggest we do 1. |
|
I think you need to rebase. I'm currently seeing many commits already in main in your feature branch. |
| pfs = append(pfs, pf) | ||
| addresses[ingressnginx.NginxIngressClass] = addr | ||
| addresses[ingressnginx.NginxIngressClass] = Addresses{HTTP: addr} | ||
| if useHTTPS { |
There was a problem hiding this comment.
This switch is becoming big and seems to be largely duplicated code. I wonder if we should make it generic and extract only the provider-specific values to some helper data structure. Please treat as optional since this isn't 100% in scope for this specific PR.
3 participants
What type of PR is this?
/kind test
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Does this PR introduce a user-facing change?: