provider

package
v0.0.0-...-e0006f2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 21, 2024 License: Apache-2.0 Imports: 44 Imported by: 0

Documentation

Overview

provider package is responsible for providing data needed by tests it's considered as a shim layer between tests and autodiscovery/configuration package test code is not supposed to import autodiscover/configuration packages

Index

Constants

View Source
const (
	HugePages2Mi = "hugepages-2Mi"
	HugePages1Gi = "hugepages-1Gi"
)
View Source
const (
	AffinityRequiredKey = "AffinityRequired"

	DaemonSetName = "certsuite-probe"

	CniNetworksStatusKey = "k8s.v1.cni.cncf.io/network-status"
)

CentOS Stream CoreOS starts being used instead of rhcos from OCP 4.13 latest.

Variables

View Source
var (
	WorkerLabels = []string{"node-role.kubernetes.io/worker"}
	MasterLabels = []string{"node-role.kubernetes.io/master", "node-role.kubernetes.io/control-plane"}
)

Node's roles labels. Node is role R if it has **any** of the labels of each list. Master's role label "master" is deprecated since k8s 1.20.

Functions

func AreCPUResourcesWholeUnits

func AreCPUResourcesWholeUnits(p *Pod) bool

func AreResourcesIdentical

func AreResourcesIdentical(p *Pod) bool

func CsvToString

func CsvToString(csv *olmv1Alpha.ClusterServiceVersion) string

func GetAllOperatorGroups

func GetAllOperatorGroups() ([]*olmv1.OperatorGroup, error)

func GetPciPerPod

func GetPciPerPod(annotation string) (pciAddr []string, err error)

func GetPodIPsPerNet

func GetPodIPsPerNet(annotation string) (ips map[string]CniNetworkInterface, err error)

GetPodIPsPerNet gets the IPs of a pod. CNI annotation "k8s.v1.cni.cncf.io/networks-status". Returns (ips, error).

func GetRuntimeUID

func GetRuntimeUID(cs *corev1.ContainerStatus) (runtime, uid string)

func IsOCPCluster

func IsOCPCluster() bool

func LoadBalancingDisabled

func LoadBalancingDisabled(p *Pod) bool

Types

type CniNetworkInterface

type CniNetworkInterface struct {
	Name       string                 `json:"name"`
	Interface  string                 `json:"interface"`
	IPs        []string               `json:"ips"`
	Default    bool                   `json:"default"`
	DNS        map[string]interface{} `json:"dns"`
	DeviceInfo deviceInfo             `json:"device-info"`
}

type Container

type Container struct {
	*corev1.Container
	Status                   corev1.ContainerStatus
	Namespace                string
	Podname                  string
	NodeName                 string
	Runtime                  string
	UID                      string
	ContainerImageIdentifier ContainerImageIdentifier
	PreflightResults         PreflightResultsDB
}

func NewContainer

func NewContainer() *Container

func (*Container) GetUID

func (c *Container) GetUID() (string, error)

func (*Container) HasExecProbes

func (c *Container) HasExecProbes() bool

func (*Container) HasIgnoredContainerName

func (c *Container) HasIgnoredContainerName() bool

func (*Container) IsContainerRunAsNonRoot

func (c *Container) IsContainerRunAsNonRoot(podRunAsNonRoot *bool) (isContainerRunAsNonRoot bool, reason string)

func (*Container) IsIstioProxy

func (c *Container) IsIstioProxy() bool

func (*Container) IsReadOnlyRootFilesystem

func (c *Container) IsReadOnlyRootFilesystem(logger *log.Logger) bool

func (*Container) IsTagEmpty

func (c *Container) IsTagEmpty() bool

func (*Container) SetPreflightResults

func (c *Container) SetPreflightResults(preflightImageCache map[string]PreflightResultsDB, env *TestEnvironment) error

func (*Container) String

func (c *Container) String() string

func (*Container) StringLong

func (c *Container) StringLong() string

type ContainerImageIdentifier

type ContainerImageIdentifier struct {
	// Repository is the name of the image that you want to check if exists in the RedHat catalog
	Repository string `yaml:"repository" json:"repository"`

	// Registry is the name of the registry `docker.io` of the container
	// This is valid for container only and required field
	Registry string `yaml:"registry" json:"registry"`

	// Tag is the optional image tag. "latest" is implied if not specified
	Tag string `yaml:"tag" json:"tag"`

	// Digest is the image digest following the "@" in a URL, e.g. image@sha256:45b23dee08af5e43a7fea6c4cf9c25ccf269ee113168c19722f87876677c5cb2
	Digest string `yaml:"digest" json:"digest"`
}

Tag and Digest should not be populated at the same time. Digest takes precedence if both are populated

type CrScale

type CrScale struct {
	*scalingv1.Scale
}

func GetUpdatedCrObject

func GetUpdatedCrObject(sg scale.ScalesGetter, namespace, name string, groupResourceSchema schema.GroupResource) (*CrScale, error)

func (CrScale) IsScaleObjectReady

func (crScale CrScale) IsScaleObjectReady() bool

func (CrScale) ToString

func (crScale CrScale) ToString() string

type CsvInstallPlan

type CsvInstallPlan struct {
	// Operator's installPlan name
	Name string `yaml:"name" json:"name"`
	// BundleImage is the URL referencing the bundle image
	BundleImage string `yaml:"bundleImage" json:"bundleImage"`
	// IndexImage is the URL referencing the index image
	IndexImage string `yaml:"indexImage" json:"indexImage"`
}

type Deployment

type Deployment struct {
	*appsv1.Deployment
}

func GetUpdatedDeployment

func GetUpdatedDeployment(ac appv1client.AppsV1Interface, namespace, name string) (*Deployment, error)

func (*Deployment) IsDeploymentReady

func (d *Deployment) IsDeploymentReady() bool

func (*Deployment) ToString

func (d *Deployment) ToString() string

type Event

type Event struct {
	*corev1.Event
}

func NewEvent

func NewEvent(aEvent *corev1.Event) (out Event)

func (*Event) String

func (e *Event) String() string

type MachineConfig

type MachineConfig struct {
	*mcv1.MachineConfig
	Config struct {
		Systemd struct {
			Units []struct {
				Contents string `json:"contents"`
				Name     string `json:"name"`
			} `json:"units"`
		} `json:"systemd"`
	} `json:"config"`
}

type Node

type Node struct {
	Data *corev1.Node
	Mc   MachineConfig `json:"-"`
}

func (*Node) GetCSCOSVersion

func (node *Node) GetCSCOSVersion() (string, error)

func (*Node) GetRHCOSVersion

func (node *Node) GetRHCOSVersion() (string, error)

func (*Node) GetRHELVersion

func (node *Node) GetRHELVersion() (string, error)

func (*Node) HasWorkloadDeployed

func (node *Node) HasWorkloadDeployed(podsUnderTest []*Pod) bool

func (*Node) IsCSCOS

func (node *Node) IsCSCOS() bool

func (*Node) IsControlPlaneNode

func (node *Node) IsControlPlaneNode() bool

func (*Node) IsHyperThreadNode

func (node *Node) IsHyperThreadNode(env *TestEnvironment) (bool, error)

func (*Node) IsRHCOS

func (node *Node) IsRHCOS() bool

func (*Node) IsRHEL

func (node *Node) IsRHEL() bool

func (*Node) IsRTKernel

func (node *Node) IsRTKernel() bool

func (*Node) IsWorkerNode

func (node *Node) IsWorkerNode() bool

func (Node) MarshalJSON

func (node Node) MarshalJSON() ([]byte, error)

type Operator

type Operator struct {
	Name                  string                                `yaml:"name" json:"name"`
	Namespace             string                                `yaml:"namespace" json:"namespace"`
	TargetNamespaces      []string                              `yaml:"targetNamespaces" json:"targetNamespaces,omitempty"`
	IsClusterWide         bool                                  `yaml:"isClusterWide" json:"isClusterWide"`
	Csv                   *olmv1Alpha.ClusterServiceVersion     `yaml:"csv,omitempty" json:"csv,omitempty"`
	Phase                 olmv1Alpha.ClusterServiceVersionPhase `yaml:"csvphase" json:"csvphase"`
	SubscriptionName      string                                `yaml:"subscriptionName" json:"subscriptionName"`
	SubscriptionNamespace string                                `yaml:"subscriptionNamespace" json:"subscriptionNamespace"`
	InstallPlans          []CsvInstallPlan                      `yaml:"installPlans,omitempty" json:"installPlans,omitempty"`
	Package               string                                `yaml:"package" json:"package"`
	Org                   string                                `yaml:"org" json:"org"`
	Version               string                                `yaml:"version" json:"version"`
	Channel               string                                `yaml:"channel" json:"channel"`
	PackageFromCsvName    string                                `yaml:"packagefromcsvname" json:"packagefromcsvname"`
	PreflightResults      PreflightResultsDB
}

func (*Operator) SetPreflightResults

func (op *Operator) SetPreflightResults(env *TestEnvironment) error

func (*Operator) String

func (op *Operator) String() string

type Pod

type Pod struct {
	*corev1.Pod
	AllServiceAccountsMap   *map[string]*corev1.ServiceAccount
	Containers              []*Container
	MultusNetworkInterfaces map[string]CniNetworkInterface
	MultusPCIs              []string
	SkipNetTests            bool
	SkipMultusNetTests      bool
	IsOperator              bool
}

func ConvertArrayPods

func ConvertArrayPods(pods []*corev1.Pod) (out []*Pod)

func NewPod

func NewPod(aPod *corev1.Pod) (out Pod)

func (*Pod) AffinityRequired

func (p *Pod) AffinityRequired() bool

func (*Pod) CheckResourceHugePagesSize

func (p *Pod) CheckResourceHugePagesSize(size string) bool

func (*Pod) ContainsIstioProxy

func (p *Pod) ContainsIstioProxy() bool

func (*Pod) CreatedByDeploymentConfig

func (p *Pod) CreatedByDeploymentConfig() (bool, error)

func (*Pod) GetRunAsNonRootFalseContainers

func (p *Pod) GetRunAsNonRootFalseContainers(knownContainersToSkip map[string]bool) (nonCompliantContainers []*Container, nonComplianceReason []string)

Returns the list of containers that have the RunAsNonRoot SCC parameter set to false The RunAsNonRoot parameter is checked first at the pod level and acts as a default value for the container configuration, if it is not present. The RunAsNonRoot parameter is checked next at the container level. See: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container

func (*Pod) GetTopOwner

func (p *Pod) GetTopOwner() (topOwners map[string]podhelper.TopOwner, err error)

Get the list of top owners of pods

func (*Pod) HasHugepages

func (p *Pod) HasHugepages() bool

returns true if at least one container in the pod has a resource name containing "hugepage", return false otherwise

func (*Pod) HasNodeSelector

func (p *Pod) HasNodeSelector() bool

func (*Pod) IsAffinityCompliant

func (p *Pod) IsAffinityCompliant() (bool, error)

func (*Pod) IsAutomountServiceAccountSetOnSA

func (p *Pod) IsAutomountServiceAccountSetOnSA() (isSet *bool, err error)

AutomountServiceAccountSetOnSA checks if the AutomountServiceAccountToken field is set on the pod's ServiceAccount. Returns:

  • A boolean pointer indicating whether the AutomountServiceAccountToken field is set.
  • An error if any occurred during the operation.

func (*Pod) IsCPUIsolationCompliant

func (p *Pod) IsCPUIsolationCompliant() bool

func (*Pod) IsPodGuaranteed

func (p *Pod) IsPodGuaranteed() bool

func (*Pod) IsPodGuaranteedWithExclusiveCPUs

func (p *Pod) IsPodGuaranteedWithExclusiveCPUs() bool

func (*Pod) IsRunAsUserID

func (p *Pod) IsRunAsUserID(uid int64) bool

func (*Pod) IsRuntimeClassNameSpecified

func (p *Pod) IsRuntimeClassNameSpecified() bool

func (*Pod) IsShareProcessNamespace

func (p *Pod) IsShareProcessNamespace() bool

func (*Pod) IsUsingClusterRoleBinding

func (p *Pod) IsUsingClusterRoleBinding(clusterRoleBindings []rbacv1.ClusterRoleBinding,
	logger *log.Logger) (bool, string, error)

func (*Pod) IsUsingSRIOV

func (p *Pod) IsUsingSRIOV() (bool, error)

IsUsingSRIOV returns true if any of the pod's interfaces is a sriov one. First, it retrieves the list of networks names from the CNFC annotation and then checks the config of the corresponding network-attachment definition (NAD).

func (*Pod) IsUsingSRIOVWithMTU

func (p *Pod) IsUsingSRIOVWithMTU() (bool, error)

IsUsingSRIOVWithMTU returns true if any of the pod's interfaces is a sriov one with MTU set.

func (*Pod) String

func (p *Pod) String() string

type PreflightResultsDB

type PreflightResultsDB struct {
	Passed []PreflightTest
	Failed []PreflightTest
	Errors []PreflightTest
}

func GetPreflightResultsDB

func GetPreflightResultsDB(results *plibRuntime.Results) PreflightResultsDB

type PreflightTest

type PreflightTest struct {
	Name        string
	Description string
	Remediation string
	Error       error
}

type ScaleObject

type ScaleObject struct {
	Scale               CrScale
	GroupResourceSchema schema.GroupResource
}

type StatefulSet

type StatefulSet struct {
	*appsv1.StatefulSet
}

func GetUpdatedStatefulset

func GetUpdatedStatefulset(ac appv1client.AppsV1Interface, namespace, name string) (*StatefulSet, error)

func (*StatefulSet) IsStatefulSetReady

func (ss *StatefulSet) IsStatefulSetReady() bool

func (*StatefulSet) ToString

func (ss *StatefulSet) ToString() string

type TestEnvironment

type TestEnvironment struct {
	Namespaces     []string `json:"testNamespaces"`
	AbnormalEvents []*Event

	// Pod Groupings
	Pods            []*Pod                 `json:"testPods"`
	ProbePods       map[string]*corev1.Pod // map from nodename to probePod
	AllPods         []*Pod                 `json:"AllPods"`
	CSVToPodListMap map[string][]*Pod      `json:"CSVToPodListMap"`

	// Deployment Groupings
	Deployments []*Deployment `json:"testDeployments"`
	// StatefulSet Groupings
	StatefulSets []*StatefulSet `json:"testStatefulSets"`

	// Note: Containers is a filtered list of objects based on a block list of disallowed container names.
	Containers             []*Container `json:"testContainers"`
	Operators              []*Operator  `json:"testOperators"`
	AllOperators           []*Operator  `json:"AllOperators"`
	AllOperatorsSummary    []string     `json:"AllOperatorsSummary"`
	PersistentVolumes      []corev1.PersistentVolume
	PersistentVolumeClaims []corev1.PersistentVolumeClaim
	ClusterRoleBindings    []rbacv1.ClusterRoleBinding
	RoleBindings           []rbacv1.RoleBinding
	Roles                  []rbacv1.Role

	Config configuration.TestConfiguration

	Crds    []*apiextv1.CustomResourceDefinition `json:"testCrds"`
	AllCrds []*apiextv1.CustomResourceDefinition

	HorizontalScaler       []*scalingv1.HorizontalPodAutoscaler `json:"testHorizontalScaler"`
	Services               []*corev1.Service                    `json:"testServices"`
	ServiceAccounts        []*corev1.ServiceAccount             `json:"testServiceAccounts"`
	AllServiceAccounts     []*corev1.ServiceAccount             `json:"AllServiceAccounts"`
	AllServiceAccountsMap  map[string]*corev1.ServiceAccount
	Nodes                  map[string]Node    `json:"-"`
	K8sVersion             string             `json:"-"`
	OpenshiftVersion       string             `json:"-"`
	OCPStatus              string             `json:"-"`
	HelmChartReleases      []*release.Release `json:"testHelmChartReleases"`
	ResourceQuotas         []corev1.ResourceQuota
	PodDisruptionBudgets   []policyv1.PodDisruptionBudget
	NetworkPolicies        []networkingv1.NetworkPolicy
	AllInstallPlans        []*olmv1Alpha.InstallPlan   `json:"AllInstallPlans"`
	AllSubscriptions       []olmv1Alpha.Subscription   `json:"AllSubscriptions"`
	AllCatalogSources      []*olmv1Alpha.CatalogSource `json:"AllCatalogSources"`
	AllPackageManifests    []*olmpkgv1.PackageManifest `json:"AllPackageManifests"`
	OperatorGroups         []*olmv1.OperatorGroup      `json:"OperatorGroups"`
	IstioServiceMeshFound  bool
	ValidProtocolNames     []string
	DaemonsetFailedToSpawn bool
	ScaleCrUnderTest       []ScaleObject
	StorageClassList       []storagev1.StorageClass
	ExecutedBy             string
	PartnerName            string
	CollectorAppPassword   string
	CollectorAppEndpoint   string
	SkipPreflight          bool
	// contains filtered or unexported fields
}

func GetTestEnvironment

func GetTestEnvironment() TestEnvironment

func (*TestEnvironment) GetAffinityRequiredPods

func (env *TestEnvironment) GetAffinityRequiredPods() []*Pod

GetAffinityRequiredPods returns a slice of Pod objects that have affinity required. It iterates over the Pods in the TestEnvironment and filters out the Pods that have affinity required. The filtered Pods are returned as a slice.

func (*TestEnvironment) GetBaremetalNodes

func (env *TestEnvironment) GetBaremetalNodes() []Node

func (*TestEnvironment) GetCPUPinningPodsWithDpdk

func (env *TestEnvironment) GetCPUPinningPodsWithDpdk() []*Pod

GetCPUPinningPodsWithDpdk returns a slice of Pods that have CPU pinning enabled with DPDK.

func (*TestEnvironment) GetDockerConfigFile

func (env *TestEnvironment) GetDockerConfigFile() string

func (*TestEnvironment) GetGuaranteedPodContainersWithExclusiveCPUs

func (env *TestEnvironment) GetGuaranteedPodContainersWithExclusiveCPUs() []*Container

GetGuaranteedPodContainersWithExclusiveCPUs returns a slice of Container objects representing the containers that have exclusive CPUs in the TestEnvironment.

func (*TestEnvironment) GetGuaranteedPodContainersWithExclusiveCPUsWithoutHostPID

func (env *TestEnvironment) GetGuaranteedPodContainersWithExclusiveCPUsWithoutHostPID() []*Container

GetGuaranteedPodContainersWithExclusiveCPUsWithoutHostPID returns a slice of containers from the test environment that belong to pods with exclusive CPUs and do not have the host PID enabled.

func (*TestEnvironment) GetGuaranteedPodContainersWithIsolatedCPUsWithoutHostPID

func (env *TestEnvironment) GetGuaranteedPodContainersWithIsolatedCPUsWithoutHostPID() []*Container

GetGuaranteedPodContainersWithIsolatedCPUsWithoutHostPID returns a slice of containers from the TestEnvironment that have guaranteed pods with isolated CPUs and without the HostPID flag set.

func (*TestEnvironment) GetGuaranteedPods

func (env *TestEnvironment) GetGuaranteedPods() []*Pod

GetGuaranteedPods returns a slice of guaranteed pods in the test environment. A guaranteed pod is a pod that meets certain criteria specified by the IsPodGuaranteed method. The method iterates over all pods in the environment and filters out the guaranteed ones. It returns the filtered pods as a slice.

func (*TestEnvironment) GetGuaranteedPodsWithExclusiveCPUs

func (env *TestEnvironment) GetGuaranteedPodsWithExclusiveCPUs() []*Pod

GetGuaranteedPodsWithExclusiveCPUs returns a slice of Pod objects that are guaranteed to have exclusive CPUs. It iterates over the Pods in the TestEnvironment and filters out the Pods that do not have exclusive CPUs. The filtered Pods are then returned as a slice.

func (*TestEnvironment) GetGuaranteedPodsWithIsolatedCPUs

func (env *TestEnvironment) GetGuaranteedPodsWithIsolatedCPUs() []*Pod

GetGuaranteedPodsWithIsolatedCPUs returns a list of pods from the TestEnvironment that are guaranteed to have isolated CPUs and are CPU isolation compliant.

func (*TestEnvironment) GetHugepagesPods

func (env *TestEnvironment) GetHugepagesPods() []*Pod

GetHugepagesPods returns a slice of Pod objects that have hugepages enabled. It iterates over the Pods in the TestEnvironment and filters out the ones that do not have hugepages. The filtered Pods are returned as a []*Pod.

func (*TestEnvironment) GetMasterCount

func (env *TestEnvironment) GetMasterCount() int

func (*TestEnvironment) GetNonGuaranteedPodContainersWithoutHostPID

func (env *TestEnvironment) GetNonGuaranteedPodContainersWithoutHostPID() []*Container

GetNonGuaranteedPodContainersWithoutHostPID returns a slice of containers from the test environment that belong to non-guaranteed pods without the HostPID setting enabled.

func (*TestEnvironment) GetNonGuaranteedPods

func (env *TestEnvironment) GetNonGuaranteedPods() []*Pod

GetNonGuaranteedPods returns a slice of non-guaranteed pods in the test environment.

func (*TestEnvironment) GetOfflineDBPath

func (env *TestEnvironment) GetOfflineDBPath() string

func (*TestEnvironment) GetPodsUsingSRIOV

func (env *TestEnvironment) GetPodsUsingSRIOV() ([]*Pod, error)

GetPodsUsingSRIOV returns a list of pods that are using SR-IOV. It iterates through the pods in the TestEnvironment and checks if each pod is using SR-IOV. If an error occurs while checking the SR-IOV usage for a pod, it returns an error. The filtered pods that are using SR-IOV are returned along with a nil error.

func (*TestEnvironment) GetPodsWithoutAffinityRequiredLabel

func (env *TestEnvironment) GetPodsWithoutAffinityRequiredLabel() []*Pod

GetPodsWithoutAffinityRequiredLabel returns a slice of Pod objects that do not have the affinity required label. It iterates over the Pods in the TestEnvironment and filters out the ones that do not have the affinity required label. The filtered Pods are returned as a slice.

func (*TestEnvironment) GetShareProcessNamespacePods

func (env *TestEnvironment) GetShareProcessNamespacePods() []*Pod

GetShareProcessNamespacePods returns a slice of Pod objects that have the ShareProcessNamespace flag set to true. It iterates over the Pods in the TestEnvironment and filters out the ones that do not have the ShareProcessNamespace flag set. The filtered Pods are then returned as a slice.

func (*TestEnvironment) GetWorkerCount

func (env *TestEnvironment) GetWorkerCount() int

func (*TestEnvironment) IsIntrusive

func (env *TestEnvironment) IsIntrusive() bool

func (*TestEnvironment) IsPreflightInsecureAllowed

func (env *TestEnvironment) IsPreflightInsecureAllowed() bool

func (*TestEnvironment) IsSNO

func (env *TestEnvironment) IsSNO() bool

func (*TestEnvironment) SetNeedsRefresh

func (env *TestEnvironment) SetNeedsRefresh()

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL