diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 7ce09703f9..b7acec07bf 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -120,11 +120,11 @@ KUBEBUILDER_ASSETS=$(./bin/setup-envtest use -p path 1.23) go test ./pkg... To run the end-to-end tests, you'll need [`kind`](https://kind.sigs.k8s.io) and [`chainsaw`](https://kyverno.github.io/chainsaw). Refer to their documentation for installation instructions. -Once they are installed, the tests can be executed with `make prepare-e2e`, which will build an image to use with the tests, followed by `make e2e`. Each call to the `e2e` target will setup a fresh `kind` cluster, making it safe to be executed multiple times with a single `prepare-e2e` step. +Once they are installed, the tests can be executed with `make prepare-e2e`, which will build an image to use with the tests, followed by `make e2e`. Each call to the `e2e` target will set up a fresh `kind` cluster, making it safe to be executed multiple times with a single `prepare-e2e` step. The tests are located under `tests/e2e` and are written to be used with `chainsaw`. Refer to their documentation to understand how tests are written. -To evert the changes made by the `make prepare-e2e` run `make reset`. +To revert the changes made by the `make prepare-e2e` run `make reset`. ### OpenShift End to End tests To run the end-to-end tests written for OpenShift, you'll need a OpenShift cluster. diff --git a/Makefile b/Makefile index 91ea6a7103..25418789b1 100644 --- a/Makefile +++ b/Makefile @@ -361,18 +361,13 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen ENVTEST ?= $(LOCALBIN)/setup-envtest CHLOGGEN ?= $(LOCALBIN)/chloggen GOLANGCI_LINT ?= $(LOCALBIN)/golangci-lint +CHAINSAW ?= $(LOCALBIN)/chainsaw KUSTOMIZE_VERSION ?= v5.0.3 CONTROLLER_TOOLS_VERSION ?= v0.12.0 GOLANGCI_LINT_VERSION ?= v1.54.0 KIND_VERSION ?= v0.20.0 - -# Checks if chainsaw is in your PATH -ifneq ($(shell which chainsaw),) -CHAINSAW ?= $(shell which chainsaw) -else -CHAINSAW ?= $(LOCALBIN)/chainsaw -endif +CHAINSAW_VERSION ?= v0.1.4 .PHONY: install-tools install-tools: kustomize golangci-lint kind controller-gen envtest crdoc kind operator-sdk chainsaw @@ -406,15 +401,7 @@ crdoc: ## Download crdoc locally if necessary. .PHONY: chainsaw chainsaw: ## Find or download chainsaw -ifeq (, $(shell which chainsaw)) - @{ \ - set -e ;\ - go install github.com/kyverno/chainsaw@v0.1.4 ;\ - } -CHAINSAW ?= $(GOBIN)/chainsaw -else -CHAINSAW ?= $(shell which chainsaw) -endif + $(call go-get-tool, $(CHAINSAW), github.com/kyverno/chainsaw, $(CHAINSAW_VERSION)) # go-get-tool will 'go get' any package $2 and install it to $1. PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST)))) diff --git a/tests/e2e-instrumentation/instrumentation-apache-httpd/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-apache-httpd/chainsaw-test.yaml index 4b768642a2..b630a2ddb8 100755 --- a/tests/e2e-instrumentation/instrumentation-apache-httpd/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-apache-httpd/chainsaw-test.yaml @@ -2,28 +2,16 @@ apiVersion: chainsaw.kyverno.io/v1alpha1 kind: Test metadata: - creationTimestamp: null name: instrumentation-apache-httpd spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 3000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=3000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-dotnet-musl/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-dotnet-musl/chainsaw-test.yaml index 80f80bf9fe..2e66379911 100755 --- a/tests/e2e-instrumentation/instrumentation-dotnet-musl/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-dotnet-musl/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-dotnet-musl spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 2000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=2000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-dotnet/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-dotnet/chainsaw-test.yaml index 9e601c8a28..9f6752c00c 100755 --- a/tests/e2e-instrumentation/instrumentation-dotnet/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-dotnet/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-dotnet spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 2000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=2000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-go/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-go/chainsaw-test.yaml index 9a90a86467..1a44d8007c 100755 --- a/tests/e2e-instrumentation/instrumentation-go/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-go/chainsaw-test.yaml @@ -5,6 +5,11 @@ metadata: creationTimestamp: null name: instrumentation-go spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 0/0 + openshift.io/sa.scc.supplemental-groups: 2000/1000 steps: - name: step-00 try: @@ -14,12 +19,6 @@ spec: file: 00-install-instrumentation.yaml - name: step-01 try: - - script: - content: kubectl annotate namespace ${NAMESPACE} openshift.io/sa.scc.uid-range=0/0 - --overwrite - - script: - content: kubectl annotate namespace ${NAMESPACE} openshift.io/sa.scc.supplemental-groups=2000/1000 - --overwrite - script: content: ./add-scc.sh - apply: diff --git a/tests/e2e-instrumentation/instrumentation-java-other-ns/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-java-other-ns/chainsaw-test.yaml index da1b86d44f..6ea738787a 100755 --- a/tests/e2e-instrumentation/instrumentation-java-other-ns/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-java-other-ns/chainsaw-test.yaml @@ -5,6 +5,11 @@ metadata: creationTimestamp: null name: instrumentation-java-other-ns spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 2000/1000 steps: - name: step-01 try: @@ -15,22 +20,6 @@ spec: name: my-other-ns - name: step-02 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=2000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 02-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-java/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-java/chainsaw-test.yaml index a535ea3b42..064d020f72 100755 --- a/tests/e2e-instrumentation/instrumentation-java/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-java/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-java spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 2000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=2000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-nginx-contnr-secctx/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-nginx-contnr-secctx/chainsaw-test.yaml index 7f1948aa5b..52ca3192b9 100755 --- a/tests/e2e-instrumentation/instrumentation-nginx-contnr-secctx/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-nginx-contnr-secctx/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-nginx-contnr-secctx spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 3000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=3000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-nginx-multicontainer/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-nginx-multicontainer/chainsaw-test.yaml index 47349ca018..cec812a1ea 100755 --- a/tests/e2e-instrumentation/instrumentation-nginx-multicontainer/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-nginx-multicontainer/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-nginx-multicontainer spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 3000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=3000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-nginx/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-nginx/chainsaw-test.yaml index 5ad0986285..d6f0073f81 100755 --- a/tests/e2e-instrumentation/instrumentation-nginx/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-nginx/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-nginx spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 3000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=3000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-nodejs/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-nodejs/chainsaw-test.yaml index 656604f597..7595b0c448 100755 --- a/tests/e2e-instrumentation/instrumentation-nodejs/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-nodejs/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-nodejs spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 2000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=2000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-python/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-python/chainsaw-test.yaml index 2c70f182f3..d36d69d224 100755 --- a/tests/e2e-instrumentation/instrumentation-python/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-python/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-python spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 2000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=2000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-instrumentation/instrumentation-sdk/chainsaw-test.yaml b/tests/e2e-instrumentation/instrumentation-sdk/chainsaw-test.yaml index 0bd1c74890..e329a7ff4e 100755 --- a/tests/e2e-instrumentation/instrumentation-sdk/chainsaw-test.yaml +++ b/tests/e2e-instrumentation/instrumentation-sdk/chainsaw-test.yaml @@ -5,25 +5,14 @@ metadata: creationTimestamp: null name: instrumentation-sdk spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 2000/1000 steps: - name: step-00 try: - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=2000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install-collector.yaml - apply: diff --git a/tests/e2e-targetallocator/targetallocator-features/chainsaw-test.yaml b/tests/e2e-targetallocator/targetallocator-features/chainsaw-test.yaml index 1d1fc397c4..43e028c886 100755 --- a/tests/e2e-targetallocator/targetallocator-features/chainsaw-test.yaml +++ b/tests/e2e-targetallocator/targetallocator-features/chainsaw-test.yaml @@ -5,6 +5,11 @@ metadata: creationTimestamp: null name: targetallocator-features spec: + namespaceTemplate: + metadata: + annotations: + openshift.io/sa.scc.uid-range: 1000/1000 + openshift.io/sa.scc.supplemental-groups: 3000/1000 steps: - catch: - podLogs: @@ -21,22 +26,6 @@ spec: - --clusterrole=targetallocator-features - --serviceaccount=$NAMESPACE:ta entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.uid-range=1000/1000 - - --overwrite - entrypoint: kubectl - - command: - args: - - annotate - - namespace - - ${NAMESPACE} - - openshift.io/sa.scc.supplemental-groups=3000/1000 - - --overwrite - entrypoint: kubectl - apply: file: 00-install.yaml - assert: