Skip to content

Commit

Permalink
NetworkPolicy Evaluation E2E Framework
Browse files Browse the repository at this point in the history
Adds networkpolicyevaluation test options,
test steps and test cases into the existing
antreapolicy e2e tests.

Signed-off-by: Qiyue Yao <[email protected]>
  • Loading branch information
qiyueyao committed Apr 29, 2024
1 parent dc97a83 commit de419fd
Show file tree
Hide file tree
Showing 8 changed files with 250 additions and 65 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/kind.yml
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,8 @@ jobs:
--proxy-all \
--node-ipam \
--extra-vlan \
--multicast
--multicast \
--networkpolicy-evaluation
- name: Tar coverage files
run: tar -czf test-e2e-encap-all-features-enabled-coverage.tar.gz test-e2e-encap-all-features-enabled-coverage
- name: Upload coverage for test-e2e-encap-all-features-enabled-coverage
Expand Down
17 changes: 14 additions & 3 deletions ci/kind/test-e2e-kind.sh
Original file line number Diff line number Diff line change
Expand Up @@ -29,14 +29,15 @@ _usage="Usage: $0 [--encap-mode <mode>] [--ip-family <v4|v6|dual>] [--coverage]
--run Run only tests matching the regexp.
--proxy-all Enables Antrea proxy with all Service support.
--load-balancer-mode LoadBalancer mode.
--node-ipam Enables Antrea NodeIPAN.
--node-ipam Enables Antrea NodeIPAM.
--multicast Enables Multicast.
--flow-visibility Only run flow visibility related e2e tests.
--networkpolicy-evaluation Configures additional NetworkPolicy evaluation level when running e2e tests.
--extra-network Creates an extra network that worker Nodes will connect to. Cannot be specified with the hybrid mode.
--extra-vlan Creates an subnet-based VLAN that worker Nodes will connect to.
--deploy-external-server Deploy a container running as an external server for the cluster.
--skip A comma-separated list of keywords, with which tests should be skipped.
--coverage Enables measure Antrea code coverage when run e2e tests on kind.
--coverage Enables measure Antrea code coverage when running e2e tests on kind.
--setup-only Only perform setting up the cluster and run test.
--cleanup-only Only perform cleaning up the cluster.
--test-only Only run test on current cluster. Not set up/clean up the cluster.
Expand Down Expand Up @@ -76,6 +77,7 @@ load_balancer_mode=""
node_ipam=false
multicast=false
flow_visibility=false
np_evaluation=false
extra_network=false
extra_vlan=false
deploy_external_server=false
Expand Down Expand Up @@ -126,6 +128,10 @@ case $key in
flow_visibility=true
shift
;;
--networkpolicy-evaluation)
np_evaluation=true
shift
;;
--encap-mode)
mode="$2"
shift 2
Expand Down Expand Up @@ -368,11 +374,16 @@ function run_test {
RUN_OPT="-run $run"
fi

np_evaluation_flag=""
if $np_evaluation; then
np_evaluation_flag="--networkpolicy-evaluation"
fi

external_server_cid=$(docker ps -f name="^antrea-external-server" --format '{{.ID}}')
external_server_ips=$(docker inspect $external_server_cid -f '{{.NetworkSettings.Networks.kind.IPAddress}},{{.NetworkSettings.Networks.kind.GlobalIPv6Address}}')
EXTRA_ARGS="$vlan_args --external-server-ips $external_server_ips"

go test -v -timeout=$timeout $RUN_OPT antrea.io/antrea/test/e2e $flow_visibility_args -provider=kind --logs-export-dir=$ANTREA_LOG_DIR --skip-cases=$skiplist $coverage_args $EXTRA_ARGS
go test -v -timeout=$timeout $RUN_OPT antrea.io/antrea/test/e2e $flow_visibility_args -provider=kind --logs-export-dir=$ANTREA_LOG_DIR $np_evaluation_flag --skip-cases=$skiplist $coverage_args $EXTRA_ARGS
}

if [[ "$mode" == "" ]] || [[ "$mode" == "encap" ]]; then
Expand Down
2 changes: 2 additions & 0 deletions test/e2e/antctl_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import (
"testing"
"time"

log "github.com/sirupsen/logrus"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
corev1 "k8s.io/api/core/v1"
Expand Down Expand Up @@ -379,6 +380,7 @@ func createAntctlServiceAccount(t *testing.T, data *TestData, name string) {
Name: name,
},
}
log.Infof("Creating ServiceAccount '%s/%s' for antctl test Pods", data.testNamespace, name)
_, err := data.clientset.CoreV1().ServiceAccounts(data.testNamespace).Create(context.TODO(), serviceAccount, metav1.CreateOptions{})
require.NoErrorf(t, err, "failed to create ServiceAccount '%s/%s' for antctl test Pods", data.testNamespace, name)

Expand Down
Loading

0 comments on commit de419fd

Please sign in to comment.