diff --git a/.github/actions/e2e/install-karpenter/action.yaml b/.github/actions/e2e/install-karpenter/action.yaml index b0c8ee550c00..36d2ef0b9dc8 100644 --- a/.github/actions/e2e/install-karpenter/action.yaml +++ b/.github/actions/e2e/install-karpenter/action.yaml @@ -22,6 +22,9 @@ inputs: k8s_version: description: 'Version of Kubernetes to use for the launched cluster' default: "1.29" + webhooks_enabled: + description: "Whether webhooks are enabled or not. Valid values are 'true' or 'false'" + default: 'true' git_ref: description: "The git commit, tag, or branch to check out. Requires a corresponding Karpenter snapshot release" runs: @@ -53,19 +56,19 @@ runs: ACCOUNT_ID: ${{ inputs.account_id }} CLUSTER_NAME: ${{ inputs.cluster_name }} K8S_VERSION: ${{ inputs.k8s_version }} + WEBHOOKS_ENABLED: ${{ inputs.webhooks_enabled }} run: | aws eks update-kubeconfig --name "$CLUSTER_NAME" # Parse minor version to determine whether to enable the webhooks K8S_VERSION_MINOR="${K8S_VERSION#*.}" - WEBHOOK_ENABLED=true # Remove service account annotation when dropping support for 1.23 helm upgrade --install karpenter "oci://$ECR_ACCOUNT_ID.dkr.ecr.$ECR_REGION.amazonaws.com/karpenter/snapshot/karpenter" \ -n kube-system \ --version "0-$(git rev-parse HEAD)" \ --set logLevel=debug \ - --set webhook.enabled=${WEBHOOK_ENABLED} \ + --set webhook.enabled=${WEBHOOKS_ENABLED} \ --set serviceAccount.annotations."eks\.amazonaws\.com/role-arn"="arn:aws:iam::$ACCOUNT_ID:role/karpenter-irsa-$CLUSTER_NAME" \ --set settings.clusterName="$CLUSTER_NAME" \ --set settings.interruptionQueue="$CLUSTER_NAME" \ diff --git a/.github/actions/e2e/setup-cluster/action.yaml b/.github/actions/e2e/setup-cluster/action.yaml index 5a78144a0d30..06de1503449f 100644 --- a/.github/actions/e2e/setup-cluster/action.yaml +++ b/.github/actions/e2e/setup-cluster/action.yaml @@ -45,6 +45,9 @@ inputs: cleanup: description: "Whether to cleanup resources on failure" default: 'false' + webhooks_enabled: + description: "Whether webhooks are enabled or not. Valid values are 'true' or 'false'" + default: 'true' runs: using: "composite" steps: @@ -281,3 +284,4 @@ runs: cluster_name: ${{ inputs.cluster_name }} k8s_version: ${{ inputs.k8s_version }} git_ref: ${{ inputs.git_ref }} + webhooks_enabled: ${{ inputs.webhooks_enabled }} diff --git a/.github/workflows/e2e-matrix.yaml b/.github/workflows/e2e-matrix.yaml index 5d5be7392c5c..bd33fe06c885 100644 --- a/.github/workflows/e2e-matrix.yaml +++ b/.github/workflows/e2e-matrix.yaml @@ -76,6 +76,8 @@ jobs: region: ${{ inputs.region }} - name: IPv6 region: ${{ inputs.region }} + - name: Webhooks + region: ${{ inputs.region }} - name: LocalZone # LAX is the only local zone available in the CI account, therefore only use us-west-2 region: us-west-2 diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 95cc85246409..32abe7f09bc0 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -27,6 +27,7 @@ on: - Scale - PrivateCluster - LocalZone + - Webhooks k8s_version: type: choice options: @@ -138,6 +139,7 @@ jobs: prometheus_region: ${{ vars.PROMETHEUS_REGION }} enable_local_zones: ${{ inputs.suite == 'LocalZone' }} cleanup: ${{ inputs.cleanup }} + webhooks_enabled: ${{ inputs.suite != 'Webhooks' && true }} # Set webhooks_enabled to false if running webhook smoke test suite - name: run the ${{ inputs.suite }} test suite env: SUITE: ${{ inputs.suite }} diff --git a/test/suites/webhooks/suite_test.go b/test/suites/webhooks/suite_test.go new file mode 100644 index 000000000000..b66ce2fa82aa --- /dev/null +++ b/test/suites/webhooks/suite_test.go @@ -0,0 +1,66 @@ +/* +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package webhooks_test + +import ( + "context" + "testing" + + v1beta1 "github.com/aws/karpenter-provider-aws/pkg/apis/v1beta1" + "github.com/aws/karpenter-provider-aws/test/pkg/environment/aws" + + karpv1beta1 "sigs.k8s.io/karpenter/pkg/apis/v1beta1" + + karptest "sigs.k8s.io/karpenter/pkg/test" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + . "knative.dev/pkg/logging/testing" +) + +var ctx context.Context +var env *aws.Environment +var nodeClass *v1beta1.EC2NodeClass +var nodePool *karpv1beta1.NodePool + +func TestWebhooks(t *testing.T) { + RegisterFailHandler(Fail) + + ctx = TestContextWithLogger(t) + BeforeSuite(func() { + env = aws.NewEnvironment(t) + }) + AfterSuite(func() { + env.Stop() + }) + RunSpecs(t, "Webhooks") +} + +var _ = BeforeEach(func() { + env.BeforeEach() + nodeClass = env.DefaultEC2NodeClass() + nodePool = env.DefaultNodePool(nodeClass) +}) +var _ = AfterEach(func() { env.Cleanup() }) +var _ = AfterEach(func() { env.AfterEach() }) + +var _ = Describe("Webhooks", func() { + It("should schedule pods when webhooks are disabled", func() { + pod := karptest.Pod() + env.ExpectCreated(pod, nodeClass, nodePool) + env.EventuallyExpectHealthy(pod) + env.ExpectCreatedNodeCount("==", 1) + }) +})