From bfd44ab83e022cc977c39b747505e77f92171fd2 Mon Sep 17 00:00:00 2001 From: Ricardo Katz Date: Sun, 4 Sep 2022 20:22:36 -0300 Subject: [PATCH] Add v1.25 test and reduce amount of e2e tests (#9018) --- .github/workflows/ci.yaml | 16 ++++++++-------- build/build.sh | 2 +- rootfs/chroot.sh | 1 + test/e2e/settings/pod_security_policy.go | 17 ++++++++++++++++- .../e2e/settings/pod_security_policy_volumes.go | 17 ++++++++++++++++- 5 files changed, 42 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 86ba9af4d..d469ae959 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -174,8 +174,8 @@ jobs: id: kind uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 #v0.5.0 with: - version: v0.14.0 - image: kindest/node:v1.21.12 + version: v0.15.0 + image: kindest/node:v1.25.0 - uses: geekyeggo/delete-artifact@b73cb986740e466292a536d0e32e2666c56fdeb3 # v1 with: @@ -208,7 +208,7 @@ jobs: strategy: matrix: - k8s: [v1.21.2, v1.22.9, v1.23.6, v1.24.0] + k8s: [v1.23.10, v1.24.4, v1.25.0] steps: @@ -224,7 +224,7 @@ jobs: id: kind uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 #v0.5.0 with: - version: v0.14.0 + version: v0.15.0 config: test/e2e/kind.yaml image: kindest/node:${{ matrix.k8s }} @@ -265,7 +265,7 @@ jobs: strategy: matrix: - k8s: [v1.21.10, v1.22.9, v1.23.6, v1.24.0] + k8s: [v1.24.4, v1.25.0] steps: @@ -281,7 +281,7 @@ jobs: id: kind uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 #v0.5.0 with: - version: v0.14.0 + version: v0.15.0 config: test/e2e/kind.yaml image: kindest/node:${{ matrix.k8s }} @@ -403,8 +403,8 @@ jobs: if: ${{ steps.filter-images.outputs.kube-webhook-certgen == 'true' }} uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 #v0.5.0 with: - version: v0.14.0 - image: kindest/node:v1.21.12 + version: v0.15.0 + image: kindest/node:v1.25.0 - name: Set up Go 1.19.0 id: go diff --git a/build/build.sh b/build/build.sh index 88d53d654..c0372bc25 100755 --- a/build/build.sh +++ b/build/build.sh @@ -49,7 +49,7 @@ echo "Building targets for ${ARCH}, generated targets in ${TARGETS_DIR} director echo "Building ${PKG}/cmd/nginx" -git config --global --add safe.directory /go/src/k8s.io/ingress-nginx +git config --add safe.directory /go/src/k8s.io/ingress-nginx ${GO_BUILD_CMD} \ -trimpath -ldflags="-buildid= -w -s \ diff --git a/rootfs/chroot.sh b/rootfs/chroot.sh index 9f3cbd804..3f64aa63f 100755 --- a/rootfs/chroot.sh +++ b/rootfs/chroot.sh @@ -40,6 +40,7 @@ for dir in "${writeDirs[@]}"; do chown -R www-data.www-data ${dir}; done + mkdir -p /chroot/lib /chroot/proc /chroot/usr /chroot/bin /chroot/dev /chroot/run cp /etc/passwd /etc/group /chroot/etc/ cp -a /usr/* /chroot/usr/ diff --git a/test/e2e/settings/pod_security_policy.go b/test/e2e/settings/pod_security_policy.go index 0e0300829..b21fb870e 100644 --- a/test/e2e/settings/pod_security_policy.go +++ b/test/e2e/settings/pod_security_policy.go @@ -19,6 +19,7 @@ package settings import ( "context" "net/http" + "strconv" "strings" "github.com/onsi/ginkgo/v2" @@ -41,8 +42,22 @@ var _ = framework.IngressNginxDescribe("[Security] Pod Security Policies", func( f := framework.NewDefaultFramework("pod-security-policies") ginkgo.It("should be running with a Pod Security Policy", func() { + k8sversion, err := f.KubeClientSet.Discovery().ServerVersion() + if err != nil { + assert.Nil(ginkgo.GinkgoT(), err, "getting version") + } + + numversion, err := strconv.Atoi(k8sversion.Minor) + if err != nil { + assert.Nil(ginkgo.GinkgoT(), err, "converting version") + } + + if numversion > 24 { + ginkgo.Skip("PSP not supported in this version") + } + psp := createPodSecurityPolicy() - _, err := f.KubeClientSet.PolicyV1beta1().PodSecurityPolicies().Create(context.TODO(), psp, metav1.CreateOptions{}) + _, err = f.KubeClientSet.PolicyV1beta1().PodSecurityPolicies().Create(context.TODO(), psp, metav1.CreateOptions{}) if !k8sErrors.IsAlreadyExists(err) { assert.Nil(ginkgo.GinkgoT(), err, "creating Pod Security Policy") } diff --git a/test/e2e/settings/pod_security_policy_volumes.go b/test/e2e/settings/pod_security_policy_volumes.go index 8af74ea60..dd4df3bd9 100644 --- a/test/e2e/settings/pod_security_policy_volumes.go +++ b/test/e2e/settings/pod_security_policy_volumes.go @@ -19,6 +19,7 @@ package settings import ( "context" "net/http" + "strconv" "strings" "github.com/onsi/ginkgo/v2" @@ -37,8 +38,22 @@ var _ = framework.IngressNginxDescribe("[Security] Pod Security Policies with vo f := framework.NewDefaultFramework("pod-security-policies-volumes") ginkgo.It("should be running with a Pod Security Policy", func() { + + k8sversion, err := f.KubeClientSet.Discovery().ServerVersion() + if err != nil { + assert.Nil(ginkgo.GinkgoT(), err, "getting version") + } + + numversion, err := strconv.Atoi(k8sversion.Minor) + if err != nil { + assert.Nil(ginkgo.GinkgoT(), err, "converting version") + } + + if numversion > 24 { + ginkgo.Skip("PSP not supported in this version") + } psp := createPodSecurityPolicy() - _, err := f.KubeClientSet.PolicyV1beta1().PodSecurityPolicies().Create(context.TODO(), psp, metav1.CreateOptions{}) + _, err = f.KubeClientSet.PolicyV1beta1().PodSecurityPolicies().Create(context.TODO(), psp, metav1.CreateOptions{}) if !k8sErrors.IsAlreadyExists(err) { assert.Nil(ginkgo.GinkgoT(), err, "creating Pod Security Policy") }