diff --git a/.github/actions/e2e/install-karpenter/action.yaml b/.github/actions/e2e/install-karpenter/action.yaml index 137f6237bb26..936f8676c820 100644 --- a/.github/actions/e2e/install-karpenter/action.yaml +++ b/.github/actions/e2e/install-karpenter/action.yaml @@ -27,6 +27,9 @@ inputs: private_cluster: description: "Whether the cluster is private or not. Valid values are 'true' or 'false'" default: 'false' + webhooks_enabled: + description: "Whether webhooks are enabled or not. Valid values are 'true' or 'false'" + default: 'true' runs: using: "composite" steps: @@ -57,6 +60,7 @@ runs: CLUSTER_NAME: ${{ inputs.cluster_name }} K8S_VERSION: ${{ inputs.k8s_version }} PRIVATE_CLUSTER: ${{ inputs.private_cluster }} + WEBHOOKS_ENABLED: ${{ inputs.webhooks_enabled }} run: | ./test/hack/e2e_scripts/install_karpenter.sh - name: diff-karpenter diff --git a/.github/actions/e2e/setup-cluster/action.yaml b/.github/actions/e2e/setup-cluster/action.yaml index c829662294f0..0835657cdfbe 100644 --- a/.github/actions/e2e/setup-cluster/action.yaml +++ b/.github/actions/e2e/setup-cluster/action.yaml @@ -47,6 +47,9 @@ inputs: default: 'false' codebuild_role: description: "Codebuild Role that must be given an access entry in case of private cluster" + webhooks_enabled: + description: "Whether webhooks are enabled or not. Valid values are 'true' or 'false'" + default: 'true' runs: using: "composite" steps: @@ -269,3 +272,4 @@ runs: k8s_version: ${{ inputs.k8s_version }} git_ref: ${{ inputs.git_ref }} private_cluster: ${{ inputs.private_cluster }} + webhooks_enabled: ${{ inputs.webhooks_enabled }} diff --git a/.github/workflows/e2e-matrix.yaml b/.github/workflows/e2e-matrix.yaml index c6d8ba7a89a6..93ceb3f1e61f 100644 --- a/.github/workflows/e2e-matrix.yaml +++ b/.github/workflows/e2e-matrix.yaml @@ -76,6 +76,8 @@ jobs: region: ${{ inputs.region }} - name: IPv6 region: ${{ inputs.region }} + - name: Webhooks + region: ${{ inputs.region }} - name: LocalZone # LAX is the only local zone available in the CI account, therefore only use us-west-2 region: us-west-2 diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index dc120754be4a..a8e782e2893b 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -27,6 +27,7 @@ on: - Scale - PrivateCluster - LocalZone + - Webhooks k8s_version: type: choice options: @@ -143,6 +144,7 @@ jobs: enable_local_zones: ${{ inputs.suite == 'LocalZone' }} cleanup: ${{ inputs.cleanup }} codebuild_role: ${{ vars[format('{0}_CODEBUILD_ROLE', inputs.codebuild_region)] }} + webhooks_enabled: ${{ inputs.suite != 'Webhooks' && true }} # Set webhooks_enabled to false if running webhook smoke test suite - name: run tests for private cluster if: ${{ inputs.workflow_trigger == 'private_cluster' }} uses: ./.github/actions/e2e/run-tests-private-cluster diff --git a/test/hack/e2e_scripts/install_karpenter.sh b/test/hack/e2e_scripts/install_karpenter.sh index e6d10ce1df3b..da9a71266708 100755 --- a/test/hack/e2e_scripts/install_karpenter.sh +++ b/test/hack/e2e_scripts/install_karpenter.sh @@ -2,7 +2,6 @@ aws eks update-kubeconfig --name "$CLUSTER_NAME" # Parse minor version to determine whether to enable the webhooks K8S_VERSION_MINOR="${K8S_VERSION#*.}" -WEBHOOK_ENABLED=true CHART="oci://$ECR_ACCOUNT_ID.dkr.ecr.$ECR_REGION.amazonaws.com/karpenter/snapshot/karpenter" ADDITIONAL_FLAGS="" @@ -16,7 +15,7 @@ helm upgrade --install karpenter "${CHART}" \ -n kube-system \ --version "0-$(git rev-parse HEAD)" \ --set logLevel=debug \ - --set webhook.enabled=${WEBHOOK_ENABLED} \ + --set webhook.enabled=${WEBHOOKS_ENABLED} \ --set settings.isolatedVPC=${PRIVATE_CLUSTER} \ --set serviceAccount.annotations."eks\.amazonaws\.com/role-arn"="arn:aws:iam::$ACCOUNT_ID:role/karpenter-irsa-$CLUSTER_NAME" \ $ADDITIONAL_FLAGS \ diff --git a/test/suites/webhooks/suite_test.go b/test/suites/webhooks/suite_test.go new file mode 100644 index 000000000000..b66ce2fa82aa --- /dev/null +++ b/test/suites/webhooks/suite_test.go @@ -0,0 +1,66 @@ +/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package webhooks_test + +import ( + "context" + "testing" + + v1beta1 "github.com/aws/karpenter-provider-aws/pkg/apis/v1beta1" + "github.com/aws/karpenter-provider-aws/test/pkg/environment/aws" + + karpv1beta1 "sigs.k8s.io/karpenter/pkg/apis/v1beta1" + + karptest "sigs.k8s.io/karpenter/pkg/test" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + . "knative.dev/pkg/logging/testing" +) + +var ctx context.Context +var env *aws.Environment +var nodeClass *v1beta1.EC2NodeClass +var nodePool *karpv1beta1.NodePool + +func TestWebhooks(t *testing.T) { + RegisterFailHandler(Fail) + + ctx = TestContextWithLogger(t) + BeforeSuite(func() { + env = aws.NewEnvironment(t) + }) + AfterSuite(func() { + env.Stop() + }) + RunSpecs(t, "Webhooks") +} + +var _ = BeforeEach(func() { + env.BeforeEach() + nodeClass = env.DefaultEC2NodeClass() + nodePool = env.DefaultNodePool(nodeClass) +}) +var _ = AfterEach(func() { env.Cleanup() }) +var _ = AfterEach(func() { env.AfterEach() }) + +var _ = Describe("Webhooks", func() { + It("should schedule pods when webhooks are disabled", func() { + pod := karptest.Pod() + env.ExpectCreated(pod, nodeClass, nodePool) + env.EventuallyExpectHealthy(pod) + env.ExpectCreatedNodeCount("==", 1) + }) +})