nomostest

package
v1.19.0-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 13, 2024 License: Apache-2.0 Imports: 105 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// RegistryUsername is a contrived username used for authenticating to the in-cluster registry
	RegistryUsername = "user"
	// RegistryPassword is a contrived password used for authenticating to the in-cluster registry
	RegistryPassword = "password"
	// RegistryHTTPPort is an HTTP port surfaced on the in-cluster registry.
	RegistryHTTPPort = 5000
	// RegistryHTTPSPort is an HTTPS port surfaced on the in-cluster registry. The HTTPS
	// certificate is signed using a contrived CA.
	RegistryHTTPSPort = 5001
	// RegistryHTTPSAuthPort is an HTTPS port surfaced on the in-cluster registry with
	// basic authentication enabled. The HTTPS certificate is signed using a contrived CA.
	RegistryHTTPSAuthPort = 5002
	// TestRegistryServer is the name of the in-cluster registry Deployment and Service
	TestRegistryServer = "test-registry-server"
	// TestRegistryServerAuthenticated is the name of the in-cluster registry Service
	// which requires basic auth. This endpoint can be used as a sync URL when writing
	// tests to verify basic auth.
	TestRegistryServerAuthenticated = "test-registry-server-auth"
	// TestRegistryNamespace is the namespace used for the in-cluster registry
	TestRegistryNamespace = "test-registry-system"
)
View Source
const (
	// RootAuthSecretName is the name of the Auth secret required by the
	// RootSync reconciler to authenticate with the git-server.
	RootAuthSecretName = controllers.GitCredentialVolume

	// NamespaceAuthSecretName is the name of the Auth secret required by the
	// RepoSync reconciler to authenticate with the git-server.
	NamespaceAuthSecretName = "ssh-key"

	// GitSyncSource is the name of the git-server sync source. Used by the git
	// source type.
	GitSyncSource SyncSource = "git-server"

	// RegistrySyncSource is the name of the registry-server sync source. Used
	// by both the oci and helm source types.
	RegistrySyncSource SyncSource = "registry-server"
)
View Source
const (
	// ConfigSyncE2EFinalizer is a contrived finalizer to block deletion of
	// objects created by the e2e tests.
	ConfigSyncE2EFinalizer = "config-sync/e2e-test"
)
View Source
const FieldManager = configsync.GroupName + "/nomostest"

FieldManager is the field manager to use when creating, updating, and patching kubernetes objects with kubectl and client-go. This is used to uniquely identify the nomostest client, to enable field pruning and merging. This must be different from the field manager used by config sync, in order to allow both clients to manage different fields on the same objects.

View Source
const NomosE2E = "nomos-e2e"

NomosE2E is the subdirectory inside the filesystem's temporary directory in which we write test data.

Variables

CSNamespaces is the namespaces of the Config Sync components.

View Source
var DefaultRootReconcilerName = core.RootReconcilerName(configsync.RootSyncName)

DefaultRootReconcilerName is the root-reconciler name of the default RootSync object: "root-sync".

View Source
var DefaultRootRepoNamespacedName = RootSyncNN(configsync.RootSyncName)

DefaultRootRepoNamespacedName is the NamespacedName of the default RootSync object.

Functions

func CheckImages added in v1.16.0

func CheckImages() error

CheckImages ensures that all required images are installed on the local docker registry.

func Clean

func Clean(nt *NT) error

Clean removes all objects of types registered in the Scheme, with the above caveats. It should be run before and after a test is run against any non-ephemeral cluster.

It is unnecessary to run this on Kind clusters that exist only for the duration of a single test.

func CleanSharedNTs added in v1.15.1

func CleanSharedNTs()

CleanSharedNTs tears down the shared test environments.

func CreateNamespaceSecretForNonCSR added in v1.18.0

func CreateNamespaceSecretForNonCSR(nt *NT, ns string) error

CreateNamespaceSecretForNonCSR creates secrets in a given namespace using local paths. It skips creating the Secret if the GitProvider is CSR because CSR uses either 'gcenode' or 'gcpserviceaccount' for authentication, which doesn't require a Secret.

func DefaultRepoSha1Fn

func DefaultRepoSha1Fn(nt *NT, nn types.NamespacedName) (string, error)

DefaultRepoSha1Fn is the default function to retrieve the commit hash of the namespace repo.

func DefaultRootSha1Fn

func DefaultRootSha1Fn(nt *NT, nn types.NamespacedName) (string, error)

DefaultRootSha1Fn is the default function to retrieve the commit hash of the root repo.

func DeleteObjectListItemsAndWait added in v1.16.0

func DeleteObjectListItemsAndWait(nt *NT, objList client.ObjectList) error

DeleteObjectListItemsAndWait deletes all the list items in serial and waits for not found in parallel.

func DeleteObjectsAndWait added in v1.16.0

func DeleteObjectsAndWait(nt *NT, objs ...client.Object) error

DeleteObjectsAndWait deletes zero or more objects in serial and waits for not found in parallel. NOTE: Deleting in parallel might be faster, but the log would be harder to debug.

func DeletePodByLabel

func DeletePodByLabel(nt *NT, label, value string, waitForChildren bool)

DeletePodByLabel deletes pods that have the label and waits until new pods come up.

func DeleteRemoteRepos

func DeleteRemoteRepos(nt *NT)

DeleteRemoteRepos removes all remote repos on the Git provider.

func DisableDeletionPropagation added in v1.15.1

func DisableDeletionPropagation(rs client.Object) bool

DisableDeletionPropagation disables foreground deletion propagation on a RootSync or RepoSync. The object annotated is removed locally, but not applied. Returns true if a change was made, false if already enabled.

func EnableDeletionPropagation added in v1.15.1

func EnableDeletionPropagation(rs client.Object) bool

EnableDeletionPropagation enables foreground deletion propagation on a RootSync or RepoSync. The object is annotated locally, but not applied. Returns true if a change was made, false if already enabled.

func FailIfUnknown

func FailIfUnknown(t testing.NTB, scheme *runtime.Scheme, o client.Object)

FailIfUnknown fails the test if the passed type is not declared in the passed Scheme.

func GetKnownHosts added in v1.17.0

func GetKnownHosts(nt *NT) (string, error)

GetKnownHosts will generate and format the key to be used for known_hosts authentication with local git provider

func HasDeletionPropagationPolicy added in v1.15.1

func HasDeletionPropagationPolicy(obj client.Object, policy metadata.DeletionPropagationPolicy) bool

HasDeletionPropagationPolicy returns true if deletion propagation annotation is set to the specified policy. Returns false if not set.

func InitGitRepos

func InitGitRepos(nt *NT, repos ...types.NamespacedName)

InitGitRepos initializes the specified repositories in the test-git-server

func InitSharedEnvironments added in v1.15.1

func InitSharedEnvironments() error

InitSharedEnvironments initializes shared test environments. It should be run at the beginning of the test suite if the --share-test-env flag is provided. It will produce a number of test environment equal to the go test parallelism.

func InstallConfigSync added in v1.19.0

func InstallConfigSync(nt *NT) error

InstallConfigSync installs ConfigSync on the test cluster

func InstallRootSyncCRD added in v1.17.1

func InstallRootSyncCRD(nt *NT) error

InstallRootSyncCRD installs the RootSync CRD on the test cluster

func InstallWebhook added in v1.18.0

func InstallWebhook(nt *NT) error

InstallWebhook installs the Config Sync ValidatingWebhookConfiguration object.

func IsDeletionPropagationEnabled added in v1.15.1

func IsDeletionPropagationEnabled(rs client.Object) bool

IsDeletionPropagationEnabled returns true if deletion propagation annotation is set to Foreground.

func IsEstablished

func IsEstablished(o client.Object) error

IsEstablished returns true if the given CRD is established on the cluster, which indicates if discovery knows about it yet. For more info see https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/#create-a-customresourcedefinition

func IsReconcilerManagerConfigMap

func IsReconcilerManagerConfigMap(obj client.Object) bool

IsReconcilerManagerConfigMap returns true if passed obj is the reconciler-manager ConfigMap reconciler-manager in config-management namespace.

func IsReconcilerTemplateConfigMap added in v1.16.0

func IsReconcilerTemplateConfigMap(obj client.Object) bool

IsReconcilerTemplateConfigMap returns true if passed obj is the reconciler-manager ConfigMap reconciler-manager-cm in config-management namespace.

func MetricLabelsForRepoSync added in v1.16.0

func MetricLabelsForRepoSync(nt *NT, syncNN types.NamespacedName) (prometheusmodel.LabelSet, error)

MetricLabelsForRepoSync returns a metric LabelSet that uniquely identifies metrics related to the specified RepoSync, since the latest generation.

func MetricLabelsForRootSync added in v1.16.0

func MetricLabelsForRootSync(nt *NT, syncNN types.NamespacedName) (prometheusmodel.LabelSet, error)

MetricLabelsForRootSync returns a metric LabelSet that uniquely identifies metrics related to the specified RootSync, since the latest generation.

func NewPodReady

func NewPodReady(nt *NT, labelName, currentLabel, childLabel string, oldCurrentPods, oldChildPods []corev1.Pod) error

NewPodReady checks if the new created pods are ready. It also checks if the new children pods that are managed by the pods are ready.

func NewTestWrapper added in v1.18.0

func NewTestWrapper(t *testing.T, testFeature nomostesting.Feature, ntOptions ...ntopts.Opt) (nomostesting.NTB, *ntopts.New)

NewTestWrapper creates a test wrapper for use by the tests. This applies a common set of rules across tests, such as test features for selecting sets of tests or rules for skipping certain tests (e.g. StressTest). Usually tests should use nomostest.New but this is surfaced as a public method for test cases which do not need all the features of NT, such as access to a k8s cluster.

func NsReconcilerObjectKey added in v1.15.1

func NsReconcilerObjectKey(namespace, syncName string) client.ObjectKey

NsReconcilerObjectKey returns an ObjectKey for interracting with the NsReconciler for the specified RepoSync.

func PrintFeatureDurations added in v1.17.0

func PrintFeatureDurations()

PrintFeatureDurations prints the accumulative time duration testing each feature. This is intended to be called at the end of the test suite.

func PublicCertSecretName added in v1.18.0

func PublicCertSecretName(sourceType SyncSource) string

PublicCertSecretName is the name of the Secret which contains a CA cert used for HTTPS handshakes of the provided sync source

func RemoteNsRepoSha1Fn

func RemoteNsRepoSha1Fn(nt *NT, nn types.NamespacedName) (string, error)

RemoteNsRepoSha1Fn returns the latest commit from a RepoSync Git spec.

func RemoteRootRepoSha1Fn

func RemoteRootRepoSha1Fn(nt *NT, nn types.NamespacedName) (string, error)

RemoteRootRepoSha1Fn returns the latest commit from a RootSync Git spec.

func RemoveDeletionPropagationPolicy added in v1.15.1

func RemoveDeletionPropagationPolicy(obj client.Object) bool

RemoveDeletionPropagationPolicy removes the deletion propagation annotation locally (does not apply). Returns true if the object was modified.

func RepoSyncHasStatusSyncCommit

func RepoSyncHasStatusSyncCommit(sha1 string) testpredicates.Predicate

RepoSyncHasStatusSyncCommit creates a Predicate that ensures that the .status.sync.commit field on the passed RepoSync matches sha1.

func RepoSyncHasStatusSyncDirectory

func RepoSyncHasStatusSyncDirectory(dir string) testpredicates.Predicate

RepoSyncHasStatusSyncDirectory creates a Predicate that ensures that the .status.sync.gitStatus.dir field on the passed RepoSync matches the provided dir.

func RepoSyncNN

func RepoSyncNN(ns, name string) types.NamespacedName

RepoSyncNN returns the NamespacedName of the RepoSync object.

func RepoSyncObjectV1Alpha1

func RepoSyncObjectV1Alpha1(nn types.NamespacedName, repoURL string) *v1alpha1.RepoSync

RepoSyncObjectV1Alpha1 returns the default RepoSync object in the given namespace. SourceFormat for RepoSync must be Unstructured (default), so it's left unspecified.

func RepoSyncObjectV1Alpha1FromNonRootRepo

func RepoSyncObjectV1Alpha1FromNonRootRepo(nt *NT, nn types.NamespacedName) *v1alpha1.RepoSync

RepoSyncObjectV1Alpha1FromNonRootRepo returns a v1alpha1 RepoSync object which uses a repo from nt.NonRootRepos.

func RepoSyncObjectV1Beta1

func RepoSyncObjectV1Beta1(nn types.NamespacedName, repoURL string, sourceFormat configsync.SourceFormat) *v1beta1.RepoSync

RepoSyncObjectV1Beta1 returns the default RepoSync object with version v1beta1 in the given namespace.

func RepoSyncObjectV1Beta1FromNonRootRepo

func RepoSyncObjectV1Beta1FromNonRootRepo(nt *NT, nn types.NamespacedName) *v1beta1.RepoSync

RepoSyncObjectV1Beta1FromNonRootRepo returns a v1beta1 RepoSync object which uses a repo from nt.NonRootRepos.

func RepoSyncObjectV1Beta1FromOtherRootRepo

func RepoSyncObjectV1Beta1FromOtherRootRepo(nt *NT, nn types.NamespacedName, repoName string) *v1beta1.RepoSync

RepoSyncObjectV1Beta1FromOtherRootRepo returns a v1beta1 RepoSync object which uses a repo from nt.RootRepos.

func RepoSyncRoleBinding

func RepoSyncRoleBinding(nn types.NamespacedName) *rbacv1.RoleBinding

RepoSyncRoleBinding returns rolebinding that grants service account permission to manage resources in the namespace.

func Reset added in v1.15.1

func Reset(nt *NT) error

Reset performs multi-repo test reset: - Delete unmanaged RootSyncs & RepoSyncs (with deletion propagation) - Validate managed RepoSyncs & RootSyncs are deleted - Delete all test namespaces not containing config-sync itself - Clear Repository-to-RSync assignments

This should cleanly delete or reset all registered RSyncs. Any managed RSyncs must have deletion propagation enabled by the test that created them, otherwise their managed resources will not be deleted when the RSync is deleted. Any unregistered Repos must be reset by individual test Cleanup.

func ResetNamespaces added in v1.15.1

func ResetNamespaces(nt *NT, nsList []corev1.Namespace) error

ResetNamespaces resets one or more Namespaces and all their namespaced objects. Use this for resetting Namespaces in tests that use delegated control.

func ResetReconcilerManagerConfigMap added in v1.15.1

func ResetReconcilerManagerConfigMap(nt *NT) error

ResetReconcilerManagerConfigMap resets the reconciler manager config map to what is defined in the manifest

func ResetRepoSyncs added in v1.15.1

func ResetRepoSyncs(nt *NT, rsList []v1beta1.RepoSync) error

ResetRepoSyncs cleans up one or more RepoSyncs and all their managed objects. Use this for cleaning up RepoSyncs in tests that use delegated control.

To ensure the reconcile finalizer has permission to delete managed resources, ClusterRole and RoleBindings will be created and then later deleted. This also cleans up any CRs, RBs, and CRBs left behind by delegated control.

func ResetRepository added in v1.15.1

func ResetRepository(nt *NT, repoType gitproviders.RepoType, nn types.NamespacedName, sourceFormat configsync.SourceFormat) *gitproviders.Repository

ResetRepository creates or re-initializes a remote repository.

func ResetRootSyncs added in v1.15.1

func ResetRootSyncs(nt *NT, rsList []v1beta1.RootSync) error

ResetRootSyncs cleans up one or more RootSyncs and all their managed objects. Use this for cleaning up RootSyncs in tests that use delegated control.

func RestConfig

func RestConfig(t testing.NTB, opts *ntopts.New)

RestConfig sets up the config for creating a Client connection to a K8s cluster. If --test-cluster=kind, it creates a Kind cluster. If --test-cluster=kubeconfig, it uses the context specified in kubeconfig.

func RootReconcilerObjectKey added in v1.15.1

func RootReconcilerObjectKey(syncName string) client.ObjectKey

RootReconcilerObjectKey returns an ObjectKey for interracting with the RootReconciler for the specified RootSync.

func RootSyncHasStatusSyncCommit

func RootSyncHasStatusSyncCommit(sha1 string) testpredicates.Predicate

RootSyncHasStatusSyncCommit creates a Predicate that ensures that the .status.sync.commit field on the passed RootSync matches sha1.

func RootSyncHasStatusSyncDirectory

func RootSyncHasStatusSyncDirectory(dir string) testpredicates.Predicate

RootSyncHasStatusSyncDirectory creates a Predicate that ensures that the .status.sync.gitStatus.dir field on the passed RootSync matches the provided dir.

func RootSyncNN

func RootSyncNN(name string) types.NamespacedName

RootSyncNN returns the NamespacedName of the RootSync object.

func RootSyncObjectV1Alpha1

func RootSyncObjectV1Alpha1(name, repoURL string, sourceFormat configsync.SourceFormat) *v1alpha1.RootSync

RootSyncObjectV1Alpha1 returns the default RootSync object.

func RootSyncObjectV1Alpha1FromRootRepo

func RootSyncObjectV1Alpha1FromRootRepo(nt *NT, name string) *v1alpha1.RootSync

RootSyncObjectV1Alpha1FromRootRepo returns a v1alpha1 RootSync object which uses a repo from nt.RootRepos.

func RootSyncObjectV1Beta1

func RootSyncObjectV1Beta1(name, repoURL string, sourceFormat configsync.SourceFormat) *v1beta1.RootSync

RootSyncObjectV1Beta1 returns the default RootSync object with version v1beta1.

func RootSyncObjectV1Beta1FromOtherRootRepo

func RootSyncObjectV1Beta1FromOtherRootRepo(nt *NT, syncName, repoName string) *v1beta1.RootSync

RootSyncObjectV1Beta1FromOtherRootRepo returns a v1beta1 RootSync object which uses a repo from a specific nt.RootRepo.

func RootSyncObjectV1Beta1FromRootRepo

func RootSyncObjectV1Beta1FromRootRepo(nt *NT, name string) *v1beta1.RootSync

RootSyncObjectV1Beta1FromRootRepo returns a v1beta1 RootSync object which uses a repo from nt.RootRepos.

func SetDeletionPropagationPolicy added in v1.15.1

func SetDeletionPropagationPolicy(obj client.Object, policy metadata.DeletionPropagationPolicy) bool

SetDeletionPropagationPolicy sets the value of the deletion propagation annotation locally (does not apply). Returns true if the object was modified.

func SetDependencies added in v1.15.1

func SetDependencies(obj client.Object, dependencies ...client.Object) error

SetDependencies sets the specified objects as dependencies of the first object.

func SetGitBranch added in v1.15.1

func SetGitBranch(nt *NT, syncName, branch string)

SetGitBranch updates the root-sync object with the provided git branch

func SetPolicyDir

func SetPolicyDir(nt *NT, syncName, policyDir string)

SetPolicyDir updates the root-sync object with the provided policyDir.

func SetRepoSyncDependencies added in v1.15.1

func SetRepoSyncDependencies(nt *NT, rs client.Object) error

SetRepoSyncDependencies sets the depends-on annotation on the RepoSync for other objects managed by CentralControl (`setupCentralizedControl`).

RootSync dependencies aren't managed by another RootSync, and DelegatedControl doesn't apply with ConfigSync, so depends-on won't have any effect in those scenerios.

Takes an Object because it supports both v1alpha1 and v1beta1 RepoSyncs.

func SetupFakeSSHCreds added in v1.18.0

func SetupFakeSSHCreds(nt *NT, rsKind string, rsRef types.NamespacedName, auth configsync.AuthType, secretName string) error

SetupFakeSSHCreds sets up the RSync Secret when needed. The Secret may or may not exist depending on the test settings.

  • If the Git provider is local, bitbucket, or gitlab, the test scaffolding uses 'ssh' as the auth type. The Secret should already exist in this case.
  • If the Git provider is CSR, it uses 'gcpserviceaccount' as the auth type. The Secret won't be created. Hence, this function creates a fake one to bypass the validation in the reconciler-manager.

func StopWebhook

func StopWebhook(nt *NT)

StopWebhook removes the Config Sync ValidatingWebhookConfiguration object.

func StructuredNSPath

func StructuredNSPath(namespace, resourceName string) string

StructuredNSPath returns structured path with namespace and resourcename in repo.

func TailReconcilerLogs added in v1.15.1

func TailReconcilerLogs(ctx context.Context, nt *NT, reconcilerNN types.NamespacedName)

TailReconcilerLogs starts tailing a reconciler's logs. The logs are stored in memory until either the context is cancelled or the kubectl command exits (usually because the container exited). This allows capturing logs even if the reconciler is deleted before the test ends. The logs will only be printed if the test has failed when the command exits. Run in an goroutine to capture logs in the background while deleting RSyncs.

func TestClusterName

func TestClusterName(t testing.NTB) string

TestClusterName returns the name of the test cluster.

func TestDir

func TestDir(t nomostesting.NTB) string

TestDir creates a unique temporary directory for the E2E test.

Returned directory is absolute and OS-specific.

func UninstallRootSyncCRD added in v1.17.1

func UninstallRootSyncCRD(nt *NT) error

UninstallRootSyncCRD uninstalls the RootSync CRD on the test cluster

func ValidateMetrics added in v1.15.1

func ValidateMetrics(nt *NT, predicates ...MetricsPredicate) error

ValidateMetrics connects to prometheus and retries the predicates in order until successful (with timeout).

func ValidateMultiRepoDeployments

func ValidateMultiRepoDeployments(nt *NT) error

ValidateMultiRepoDeployments waits for all Config Sync components to become available. RootSync root-sync will be re-created, if not found.

func ValidateStandardMetrics added in v1.15.1

func ValidateStandardMetrics(nt *NT) error

ValidateStandardMetrics validates the set of standard metrics for the reconciler-manager and all registered RootSyncs (nt.RootRepos) and RepoSyncs (nt.NonRootRepos).

func ValidateStandardMetricsForRepoSync added in v1.15.1

func ValidateStandardMetricsForRepoSync(nt *NT, summary testmetrics.Summary) error

ValidateStandardMetricsForRepoSync validates the set of standard metrics for the specified RootSync.

func ValidateStandardMetricsForRootSync added in v1.15.1

func ValidateStandardMetricsForRootSync(nt *NT, summary testmetrics.Summary) error

ValidateStandardMetricsForRootSync validates the set of standard metrics for the specified RootSync.

func ValidateStandardMetricsForSync added in v1.15.1

func ValidateStandardMetricsForSync(nt *NT, syncKind testmetrics.SyncKind, syncLabels prometheusmodel.LabelSet, commitHash string, summary testmetrics.Summary) error

ValidateStandardMetricsForSync validates the set of standard metrics for the specified sync.

func VersionFromManifest added in v1.15.1

func VersionFromManifest(t testing.NTB) string

VersionFromManifest parses the image tag from the local manifest

func Wait

func Wait(t testing.NTB, opName string, timeout time.Duration, condition func() error, opts ...WaitOption)

Wait provides a logged wait for condition to return nil with options for timeout. It fails the test on errors.

func WaitForCRDs

func WaitForCRDs(nt *NT, crds []string) error

WaitForCRDs waits until the specified CRDs are established on the cluster.

func WaitForConfigSyncReady added in v1.15.1

func WaitForConfigSyncReady(nt *NT) error

WaitForConfigSyncReady validates if the config sync deployments are ready.

func WaitForNamespace added in v1.15.1

func WaitForNamespace(nt *NT, timeout time.Duration, namespace string)

WaitForNamespace waits for a namespace to exist and be ready to use

func WaitForNamespaces added in v1.15.1

func WaitForNamespaces(nt *NT, timeout time.Duration, namespaces ...string)

WaitForNamespaces waits for namespaces to exist and be ready to use

func WaitForWebhookReadiness

func WaitForWebhookReadiness(nt *NT)

WaitForWebhookReadiness waits up to 3 minutes for the wehbook becomes ready. If the webhook still is not ready after 3 minutes, the test would fail.

Types

type Cluster added in v1.16.0

type Cluster interface {
	// Exists whether the cluster exists
	Exists() (bool, error)
	// Create the k8s cluster
	Create() error
	// Delete the k8s cluster
	Delete() error
	// Connect to the k8s cluster (generate kubeconfig)
	Connect() error
	// Hash returns the cluster hash.
	Hash() (string, error)
}

Cluster is an interface for a target k8s cluster used by the e2e tests

type MetricsPredicate added in v1.15.1

type MetricsPredicate func(context.Context, prometheusv1.API) error

MetricsPredicate errors if the metrics do not match expectations.

func ReconcilerErrorMetrics added in v1.15.1

func ReconcilerErrorMetrics(nt *NT, syncLabels prometheusmodel.LabelSet, commitHash string, summary testmetrics.ErrorSummary) MetricsPredicate

ReconcilerErrorMetrics returns a MetricsPredicate that validates the following metrics: - ResourceFightsView - ResourceConflictsView - InternalErrorsView - ReconcilerErrorsView

func ReconcilerManagerMetrics added in v1.15.1

func ReconcilerManagerMetrics(nt *NT) MetricsPredicate

ReconcilerManagerMetrics returns a MetricsPredicate that validates the ReconcileDurationView metric.

func ReconcilerOperationsMetrics added in v1.15.1

func ReconcilerOperationsMetrics(nt *NT, syncLabels prometheusmodel.LabelSet, ops ...testmetrics.ObjectOperation) MetricsPredicate

ReconcilerOperationsMetrics returns a MetricsPredicate that validates the APICallDurationView, ApplyOperationsView, and RemediateDurationView metrics.

func ReconcilerSourceMetrics added in v1.15.1

func ReconcilerSourceMetrics(nt *NT, syncLabels prometheusmodel.LabelSet, commitHash string, numResources int) MetricsPredicate

ReconcilerSourceMetrics returns a MetricsPredicate that validates the DeclaredResourcesView metric.

func ReconcilerSyncError added in v1.15.1

func ReconcilerSyncError(nt *NT, syncLabels prometheusmodel.LabelSet, commitHash string) MetricsPredicate

ReconcilerSyncError returns a MetricsPredicate that validates that the latest commit sync errored for the specified reconciler and commit.

func ReconcilerSyncMetrics added in v1.15.1

func ReconcilerSyncMetrics(nt *NT, syncLabels prometheusmodel.LabelSet, commitHash string) MetricsPredicate

ReconcilerSyncMetrics returns a MetricsPredicate that validates the LastApplyTimestampView, ApplyDurationView, and LastSyncTimestampView metrics.

func ReconcilerSyncSuccess added in v1.15.1

func ReconcilerSyncSuccess(nt *NT, syncLabels prometheusmodel.LabelSet, commitHash string) MetricsPredicate

ReconcilerSyncSuccess returns a MetricsPredicate that validates that the latest commit synced successfully for the specified reconciler and commit.

type NT

type NT struct {
	Context context.Context

	// T is the test environment for the test.
	// Used to exit tests early when setup fails, and for logging.
	T testing.NTB

	// Logger wraps testing.NTB and provides a simple logging interface for
	// test utilities to use without needing access to the whole testing.NTB.
	// Use if you want Debug and Log, but don't need to Error, Fatal, or Fail.
	Logger *testlogger.TestLogger

	// Shell is a test wrapper used to run shell commands.
	Shell *testshell.TestShell

	// ClusterName is the unique name of the test run.
	ClusterName string

	// TmpDir is the temporary directory the test will write to.
	// By default, automatically deleted when the test finishes.
	TmpDir string

	// Config specifies how to create a new connection to the cluster.
	Config *rest.Config

	// KubeClient is a test wrapper used to make Kubernetes calls.
	KubeClient *testkubeclient.KubeClient

	// Watcher is a test helper used to make Watch calls
	Watcher *testwatcher.Watcher

	// WatchClient is the underlying client used to talk to the Kubernetes
	// cluster, when performing watches.
	//
	// Most tests shouldn't need to talk directly to this, unless simulating
	// direct interactions with the API Server.
	WatchClient client.WithWatch

	// IsGKEAutopilot indicates if the test cluster is a GKE Autopilot cluster.
	IsGKEAutopilot bool

	// ClusterVersion is the parsed version of the target test cluster
	ClusterVersion *clusterversion.ClusterVersion

	// ClusterSupportsBursting indicates if the cluster supports bursting.
	ClusterSupportsBursting bool

	// ClusterHash is a 64 character long unique identifier formed in hex used to identify a GKE cluster.
	ClusterHash string

	// DefaultWaitTimeout is the default timeout for tests to wait for sync completion.
	DefaultWaitTimeout time.Duration

	// DefaultReconcileTimeout is the default timeout for the applier to wait
	// for object reconciliation.
	DefaultReconcileTimeout *time.Duration

	// RootRepos is the root repositories the cluster is syncing to.
	// The key is the RootSync name and the value points to the corresponding Repository object.
	// Each test case was set up with a default RootSync (`root-sync`) installed.
	// After the test, all other RootSync or RepoSync objects are deleted, but the default one persists.
	RootRepos map[string]*gitproviders.Repository

	// NonRootRepos is the Namespace repositories the cluster is syncing to.
	// Only used in multi-repo tests.
	// The key is the namespace and name of the RepoSync object, the value points to the corresponding Repository object.
	NonRootRepos map[types.NamespacedName]*gitproviders.Repository

	// MetricsExpectations tracks the objects expected to be declared in the
	// source and the operations expected to be performed on them by the set of
	// RootSyncs and RepoSyncs managed by this test.
	MetricsExpectations *testmetrics.SyncSetExpectations

	// ReconcilerPollingPeriod defines how often the reconciler should poll the
	// filesystem for updates to the source or rendered configs.
	ReconcilerPollingPeriod time.Duration

	// HydrationPollingPeriod defines how often the hydration-controller should
	// poll the filesystem for rendering the DRY configs.
	HydrationPollingPeriod time.Duration

	// Scheme is the Scheme for the test suite that maps from structs to GVKs.
	Scheme *runtime.Scheme

	// GitProvider is the provider that hosts the Git repositories.
	GitProvider gitproviders.GitProvider

	// OCIProvider is the provider that hosts the OCI repositories.
	OCIProvider registryproviders.OCIRegistryProvider

	// HelmProvider is the provider that hosts the helm packages.
	HelmProvider registryproviders.HelmRegistryProvider

	// HelmClient provides helm and crane clients to connect to
	// the environment-specific Helm repository.
	HelmClient *testshell.HelmClient

	// OCIClient provides a crane client to connect to the
	// environment-specific OCI repository.
	OCIClient *testshell.OCIClient

	// RemoteRepositories maintains a map between the repo local name and the remote repository.
	// It includes both root repo and namespace repos and can be shared among test cases.
	// It is used to reuse existing repositories instead of creating new ones.
	RemoteRepositories map[types.NamespacedName]*gitproviders.Repository

	// WebhookDisabled indicates whether the ValidatingWebhookConfiguration is deleted.
	WebhookDisabled *bool

	// Control indicates how the test case was setup.
	Control ntopts.RepoControl
	// contains filtered or unexported fields
}

NT represents the test environment for a single Nomos end-to-end test case.

func FreshTestEnv

func FreshTestEnv(t nomostesting.NTB, opts *ntopts.New) *NT

FreshTestEnv establishes a connection to a test cluster based on the passed

options.

Marks the test as parallel. For now we have no tests which *can't* be made parallel; if we need that in the future we can make a version of this function that doesn't do this. As below keeps us from forgetting to mark tests as parallel, and unnecessarily waiting.

The following are guaranteed to be available when this function returns: 1) A connection to the Kubernetes cluster. 2) A functioning git server hosted on the cluster. 3) A fresh ACM installation.

func New

func New(t *testing.T, testFeature nomostesting.Feature, ntOptions ...ntopts.Opt) *NT

New establishes a connection to a test cluster and prepares it for testing.

func SharedNT

func SharedNT(t testing.NTB) *NT

SharedNT returns the shared test environment.

func SharedTestEnv

func SharedTestEnv(t nomostesting.NTB, opts *ntopts.New) *NT

SharedTestEnv connects to a shared test cluster.

func (*NT) ApplyGatekeeperCRD added in v1.13.1

func (nt *NT) ApplyGatekeeperCRD(file, crd string) error

ApplyGatekeeperCRD applies the specified gatekeeper testdata file and waits for the specified CRD to be established, then resets the client RESTMapper.

func (*NT) BuildAndPushHelmPackage added in v1.18.0

func (nt *NT) BuildAndPushHelmPackage(rsRef types.NamespacedName, options ...registryproviders.HelmOption) (*registryproviders.HelmPackage, error)

BuildAndPushHelmPackage uses the current file system state of the provided Repository to build a helm package and push it to the current HelmProvider. The resulting HelmPackage object can be used to set the spec.oci.image field on the RSync.

func (*NT) BuildAndPushOCIImage added in v1.18.0

func (nt *NT) BuildAndPushOCIImage(rsRef types.NamespacedName, options ...registryproviders.ImageOption) (*registryproviders.OCIImage, error)

BuildAndPushOCIImage uses the current file system state of the provided Repository to build an OCI image and push it to the current OCIProvider. The resulting OCIImage object can be used to set the spec.oci.image field on the RSync.

func (*NT) ListReconcilerClusterRoleBindings added in v1.17.0

func (nt *NT) ListReconcilerClusterRoleBindings(syncKind string, rsRef types.NamespacedName) ([]rbacv1.ClusterRoleBinding, error)

ListReconcilerClusterRoleBindings is a convenience method for listing all ClusterRoleBindings associated with a reconciler.

func (*NT) ListReconcilerRoleBindings added in v1.17.0

func (nt *NT) ListReconcilerRoleBindings(syncKind string, rsRef types.NamespacedName) ([]rbacv1.RoleBinding, error)

ListReconcilerRoleBindings is a convenience method for listing all RoleBindings associated with a reconciler.

func (*NT) LogDeploymentPodResources added in v1.17.0

func (nt *NT) LogDeploymentPodResources(namespace, deployment string)

LogDeploymentPodResources logs the resources of the deployment's pod's containers

func (*NT) Must added in v1.15.1

func (nt *NT) Must(args ...interface{})

Must not error.

This is a test helper that immediately fails the test if any of the arguments are a non-nil error. All nil and non-error argument are ignored. Usage Example: nt.Must(DoSomething())

Note: Because nil objects lose their type when passed through an interface{}, There's no way to validate that an error type was actually passed. Consider using require.NoError instead, when the only return value is an error.

func (*NT) MustDeleteGatekeeperTestData added in v1.13.1

func (nt *NT) MustDeleteGatekeeperTestData(file, name string)

MustDeleteGatekeeperTestData deletes the specified gatekeeper testdata file, then resets the client RESTMapper.

func (*NT) MustKubectl

func (nt *NT) MustKubectl(args ...string) []byte

MustKubectl fails the test immediately if the kubectl command fails. On success, returns STDOUT.

func (*NT) MustMergePatch

func (nt *NT) MustMergePatch(obj client.Object, patch string, opts ...client.PatchOption)

MustMergePatch is like MergePatch but will call t.Fatal if the patch fails.

func (*NT) NumRepoSyncNamespaces added in v1.15.1

func (nt *NT) NumRepoSyncNamespaces() int

NumRepoSyncNamespaces returns the number of unique namespaces managed by RepoSyncs.

func (*NT) PodLogs

func (nt *NT) PodLogs(namespace, deployment, container string, previousPodLog bool)

PodLogs prints the logs from the specified deployment. If there is an error getting the logs for the specified deployment, prints the error.

func (*NT) RenewClient

func (nt *NT) RenewClient()

RenewClient gets a new Client for talking to the cluster.

Call this manually from within a test if you expect a controller to create a CRD dynamically, or if the test applies a CRD directly to the API Server.

func (*NT) RepoSyncClusterRole added in v1.15.1

func (nt *NT) RepoSyncClusterRole() *rbacv1.ClusterRole

RepoSyncClusterRole returns the NS reconciler ClusterRole

func (*NT) RepoSyncObjectHelm added in v1.18.0

func (nt *NT) RepoSyncObjectHelm(nn types.NamespacedName, chart *registryproviders.HelmPackage) *v1beta1.RepoSync

RepoSyncObjectHelm returns a RepoSync object that syncs the provided HelmPackage

func (*NT) RepoSyncObjectOCI added in v1.18.0

func (nt *NT) RepoSyncObjectOCI(nn types.NamespacedName, image *registryproviders.OCIImage) *v1beta1.RepoSync

RepoSyncObjectOCI returns a RepoSync object that syncs the provided OCIImage.

func (*NT) RootSyncObjectHelm added in v1.18.0

func (nt *NT) RootSyncObjectHelm(name string, chart *registryproviders.HelmPackage) *v1beta1.RootSync

RootSyncObjectHelm returns a RootSync object that syncs the provided HelmPackage

func (*NT) RootSyncObjectOCI added in v1.18.0

func (nt *NT) RootSyncObjectOCI(name string, image *registryproviders.OCIImage) *v1beta1.RootSync

RootSyncObjectOCI returns a RootSync object that syncs the provided OCIImage.

func (*NT) Validate

func (nt *NT) Validate(name, namespace string, o client.Object, predicates ...testpredicates.Predicate) error

Validate returns an error if the indicated object does not exist.

Validates the object against each of the passed Predicates, returning error if any Predicate fails.

func (*NT) ValidateNotFound

func (nt *NT) ValidateNotFound(name, namespace string, o client.Object) error

ValidateNotFound returns an error if the indicated object exists.

`o` must either be: 1) a struct pointer to the type of the object to search for, or 2) an unstructured.Unstructured with the type information filled in.

func (*NT) ValidateNotFoundOrNoMatch added in v1.15.1

func (nt *NT) ValidateNotFoundOrNoMatch(name, namespace string, o client.Object) error

ValidateNotFoundOrNoMatch returns an error if the indicated object is neither NotFound nor NoMatchFound (GVK not found).

Use this instead of ValidateNotFound when deleting a CRD or APIService at the same time as a custom resource, to avoid the race between possible errors.

func (*NT) ValidateSyncObject added in v1.15.1

func (nt *NT) ValidateSyncObject(gvk schema.GroupVersionKind, name, namespace string,
	predicates ...testpredicates.Predicate) error

ValidateSyncObject validates the specified object satisfies the specified constraints.

gvk specifies the GroupVersionKind of the object to retrieve and validate.

name and namespace identify the specific object to check.

predicates are functions that return an error if the object is invalid.

func (*NT) WaitForRepoImportErrorCode

func (nt *NT) WaitForRepoImportErrorCode(code string, opts ...WaitOption)

WaitForRepoImportErrorCode waits until the given error code is present on the Repo resource.

func (*NT) WaitForRepoSourceError

func (nt *NT) WaitForRepoSourceError(code string, opts ...WaitOption)

WaitForRepoSourceError waits until the given error (code and message) is present on the Repo resource

func (*NT) WaitForRepoSourceErrorClear

func (nt *NT) WaitForRepoSourceErrorClear(opts ...WaitOption)

WaitForRepoSourceErrorClear waits until the given error code disappears from the Repo resource

func (*NT) WaitForRepoSyncSourceError

func (nt *NT) WaitForRepoSyncSourceError(ns, rsName, code, message string, opts ...WaitOption)

WaitForRepoSyncSourceError waits until the given error (code and message) is present on the RepoSync resource

func (*NT) WaitForRepoSyncStalledError

func (nt *NT) WaitForRepoSyncStalledError(rsNamespace, rsName, reason, message string)

WaitForRepoSyncStalledError waits until the given Stalled error is present on the RepoSync resource.

func (*NT) WaitForRepoSyncSyncError

func (nt *NT) WaitForRepoSyncSyncError(ns, rsName, code string, message string, resources []v1beta1.ResourceRef, opts ...WaitOption)

WaitForRepoSyncSyncError waits until the given error (code and message) is present on the RepoSync resource

func (*NT) WaitForRootSyncSourceError

func (nt *NT) WaitForRootSyncSourceError(rsName, code string, message string, opts ...WaitOption)

WaitForRootSyncSourceError waits until the given error (code and message) is present on the RootSync resource

func (*NT) WaitForRootSyncStalledError

func (nt *NT) WaitForRootSyncStalledError(rsNamespace, rsName, reason, message string)

WaitForRootSyncStalledError waits until the given Stalled error is present on the RootSync resource.

func (*NT) WaitForRootSyncSyncError

func (nt *NT) WaitForRootSyncSyncError(rsName, code string, message string, resources []v1beta1.ResourceRef, opts ...WaitOption)

WaitForRootSyncSyncError waits until the given error (code and message) is present on the RootSync resource

func (*NT) WatchForAllSyncs added in v1.15.1

func (nt *NT) WatchForAllSyncs(options ...WatchForAllSyncsOptions) error

WatchForAllSyncs calls WatchForSync on all Syncs in nt.RootRepos & nt.NonRootRepos.

If you want to validate specific fields of a Sync object, use nt.Watcher.WatchObject() instead.

func (*NT) WatchForSync added in v1.15.1

func (nt *NT) WatchForSync(
	gvk schema.GroupVersionKind,
	name, namespace string,
	sha1Func Sha1Func,
	syncSha1 func(string) testpredicates.Predicate,
	syncDirPair *SyncDirPredicatePair,
	opts ...testwatcher.WatchOption,
) error

WatchForSync watches the specified sync object until it's synced.

  • gvk (required) is the sync object GroupVersionKind
  • name (required) is the sync object name
  • namespace (required) is the sync object namespace
  • sha1Func (required) is the function that to compute the expected commit.
  • syncSha1 (required) is a Predicate factory used to validate whether the object is synced, given the expected commit.
  • syncDirPair (optional) is a pair of sync dir and the corresponding predicate to validate the config directory.
  • opts (optional) allows configuring the watcher (e.g. timeout)

type Sha1Func

type Sha1Func func(nt *NT, nn types.NamespacedName) (string, error)

Sha1Func is the function type that retrieves the commit sha1.

func HelmChartVersionShaFn added in v1.17.2

func HelmChartVersionShaFn(chartVersion string) Sha1Func

HelmChartVersionShaFn returns the provided chart version as a function.

type SyncDirPredicatePair

type SyncDirPredicatePair struct {
	Dir       string
	Predicate func(string) testpredicates.Predicate
}

SyncDirPredicatePair is a pair of the sync directory and the predicate.

type SyncSource added in v1.18.0

type SyncSource string

SyncSource represents a type of sync source. This typically maps to a type of server which hosts a source of truth for syncing. This does not necessarily map 1:1 with SourceType, for example both helm and oci use registry-server.

type WaitFailureStrategy added in v1.15.1

type WaitFailureStrategy int

WaitFailureStrategy indicates how to handle validation failures

const (
	// WaitFailureStrategyLog calls Testing.Log when there's a validation failure
	WaitFailureStrategyLog WaitFailureStrategy = iota // Log
	// WaitFailureStrategyError calls Testing.Error when there's a validation failure
	WaitFailureStrategyError // Error
	// WaitFailureStrategyFatal calls Testing.Fatal when there's a validation failure
	WaitFailureStrategyFatal // Fatal
)

type WaitOption

type WaitOption func(wait *waitSpec)

WaitOption is an optional parameter for Wait

func WaitStrategy added in v1.15.1

func WaitStrategy(strategy WaitFailureStrategy) WaitOption

WaitStrategy configures how the Wait function handles failure.

func WaitTimeout

func WaitTimeout(timeout time.Duration) WaitOption

WaitTimeout provides the timeout option to Wait.

type WatchForAllSyncsOptions added in v1.15.1

type WatchForAllSyncsOptions func(*watchForAllSyncsOptions)

WatchForAllSyncsOptions is an optional parameter for WaitForRepoSyncs.

func RepoSyncOnly added in v1.17.1

func RepoSyncOnly() WatchForAllSyncsOptions

RepoSyncOnly specifies that only the NonRootRepos should be synced.

func RootSyncOnly

func RootSyncOnly() WatchForAllSyncsOptions

RootSyncOnly specifies that only the RootRepos should be synced.

func SkipNonRootRepos added in v1.18.0

func SkipNonRootRepos(skipNonRootRepos ...types.NamespacedName) WatchForAllSyncsOptions

SkipNonRootRepos specifies RepoSyncs which do not need to be synced.

func SkipReadyCheck added in v1.17.1

func SkipReadyCheck() WatchForAllSyncsOptions

SkipReadyCheck specifies not to wait for all Config Sync components to be ready.

func SkipRootRepos added in v1.18.0

func SkipRootRepos(skipRootRepos ...string) WatchForAllSyncsOptions

SkipRootRepos specifies RootSyncs which do not need to be synced.

func WithRepoSha1Func

func WithRepoSha1Func(fn Sha1Func) WatchForAllSyncsOptions

WithRepoSha1Func provides the function to get RepoSync commit sha1 to WaitForRepoSyncs.

func WithRootSha1Func

func WithRootSha1Func(fn Sha1Func) WatchForAllSyncsOptions

WithRootSha1Func provides the function to get RootSync commit sha1 to WaitForRepoSyncs.

func WithSyncDirectoryMap

func WithSyncDirectoryMap(syncDirectoryMap map[types.NamespacedName]string) WatchForAllSyncsOptions

WithSyncDirectoryMap provides a map of RootSync|RepoSync and the corresponding sync directory. The function is used to get the sync directory based on different RootSync|RepoSync name.

func WithTimeout

func WithTimeout(timeout time.Duration) WatchForAllSyncsOptions

WithTimeout provides the timeout to WaitForRepoSyncs.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL