summaryrefslogtreecommitdiff
path: root/test/e2e/play_kube_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'test/e2e/play_kube_test.go')
-rw-r--r--test/e2e/play_kube_test.go300
1 files changed, 265 insertions, 35 deletions
diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
index 9daf266b8..7fe4ce967 100644
--- a/test/e2e/play_kube_test.go
+++ b/test/e2e/play_kube_test.go
@@ -3,6 +3,7 @@
package integration
import (
+ "bytes"
"fmt"
"io/ioutil"
"os"
@@ -14,7 +15,18 @@ import (
. "github.com/onsi/gomega"
)
-var yamlTemplate = `
+var unknownKindYaml = `
+apiVerson: v1
+kind: UnknownKind
+metadata:
+ labels:
+ app: app1
+ name: unknown
+spec:
+ hostname: unknown
+`
+
+var podYamlTemplate = `
apiVersion: v1
kind: Pod
metadata:
@@ -77,31 +89,137 @@ spec:
status: {}
`
+var deploymentYamlTemplate = `
+apiVersion: v1
+kind: Deployment
+metadata:
+ creationTimestamp: "2019-07-17T14:44:08Z"
+ labels:
+ app: {{ .Name }}
+ name: {{ .Name }}
+{{ with .Annotations }}
+ annotations:
+ {{ range $key, $value := . }}
+ {{ $key }}: {{ $value }}
+ {{ end }}
+{{ end }}
+
+spec:
+ replicas: {{ .Replicas }}
+ selector:
+ matchLabels:
+ app: {{ .Name }}
+ template:
+ {{ with .PodTemplate }}
+ metadata:
+ labels:
+ app: {{ .Name }}
+ {{ with .Annotations }}
+ annotations:
+ {{ range $key, $value := . }}
+ {{ $key }}: {{ $value }}
+ {{ end }}
+ {{ end }}
+ spec:
+ hostname: {{ .Hostname }}
+ containers:
+ {{ with .Ctrs }}
+ {{ range . }}
+ - command:
+ {{ range .Cmd }}
+ - {{.}}
+ {{ end }}
+ env:
+ - name: PATH
+ value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ - name: TERM
+ value: xterm
+ - name: HOSTNAME
+ - name: container
+ value: podman
+ image: {{ .Image }}
+ name: {{ .Name }}
+ imagePullPolicy: {{ .PullPolicy }}
+ resources: {}
+ {{ if .SecurityContext }}
+ securityContext:
+ allowPrivilegeEscalation: true
+ {{ if .Caps }}
+ capabilities:
+ {{ with .CapAdd }}
+ add:
+ {{ range . }}
+ - {{.}}
+ {{ end }}
+ {{ end }}
+ {{ with .CapDrop }}
+ drop:
+ {{ range . }}
+ - {{.}}
+ {{ end }}
+ {{ end }}
+ {{ end }}
+ privileged: false
+ readOnlyRootFilesystem: false
+ workingDir: /
+ {{ end }}
+ {{ end }}
+ {{ end }}
+ {{ end }}
+`
+
var (
- defaultCtrName = "testCtr"
- defaultCtrCmd = []string{"top"}
- defaultCtrImage = ALPINE
- defaultPodName = "testPod"
- seccompPwdEPERM = []byte(`{"defaultAction":"SCMP_ACT_ALLOW","syscalls":[{"name":"getcwd","action":"SCMP_ACT_ERRNO"}]}`)
+ defaultCtrName = "testCtr"
+ defaultCtrCmd = []string{"top"}
+ defaultCtrImage = ALPINE
+ defaultPodName = "testPod"
+ defaultDeploymentName = "testDeployment"
+ seccompPwdEPERM = []byte(`{"defaultAction":"SCMP_ACT_ALLOW","syscalls":[{"name":"getcwd","action":"SCMP_ACT_ERRNO"}]}`)
)
-func generateKubeYaml(pod *Pod, fileName string) error {
+func writeYaml(content string, fileName string) error {
f, err := os.Create(fileName)
if err != nil {
return err
}
defer f.Close()
- t, err := template.New("pod").Parse(yamlTemplate)
+ _, err = f.WriteString(content)
if err != nil {
return err
}
- if err := t.Execute(f, pod); err != nil {
+ return nil
+}
+
+func generatePodKubeYaml(pod *Pod, fileName string) error {
+ templateBytes := &bytes.Buffer{}
+
+ t, err := template.New("pod").Parse(podYamlTemplate)
+ if err != nil {
return err
}
- return nil
+ if err := t.Execute(templateBytes, pod); err != nil {
+ return err
+ }
+
+ return writeYaml(templateBytes.String(), fileName)
+}
+
+func generateDeploymentKubeYaml(deployment *Deployment, fileName string) error {
+ templateBytes := &bytes.Buffer{}
+
+ t, err := template.New("deployment").Parse(deploymentYamlTemplate)
+ if err != nil {
+ return err
+ }
+
+ if err := t.Execute(templateBytes, deployment); err != nil {
+ return err
+ }
+
+ return writeYaml(templateBytes.String(), fileName)
}
// Pod describes the options a kube yaml can be configured at pod level
@@ -146,6 +264,59 @@ func withAnnotation(k, v string) podOption {
}
}
+// Deployment describes the options a kube yaml can be configured at deployment level
+type Deployment struct {
+ Name string
+ Replicas int32
+ Annotations map[string]string
+ PodTemplate *Pod
+}
+
+func getDeployment(options ...deploymentOption) *Deployment {
+ d := Deployment{defaultDeploymentName, 1, make(map[string]string), getPod()}
+ for _, option := range options {
+ option(&d)
+ }
+
+ return &d
+}
+
+type deploymentOption func(*Deployment)
+
+func withDeploymentAnnotation(k, v string) deploymentOption {
+ return func(deployment *Deployment) {
+ deployment.Annotations[k] = v
+ }
+}
+
+func withPod(pod *Pod) deploymentOption {
+ return func(d *Deployment) {
+ d.PodTemplate = pod
+ }
+}
+
+func withReplicas(replicas int32) deploymentOption {
+ return func(d *Deployment) {
+ d.Replicas = replicas
+ }
+}
+
+// getPodNamesInDeployment returns list of Pod objects
+// with just their name set, so that it can be passed around
+// and into getCtrNameInPod for ease of testing
+func getPodNamesInDeployment(d *Deployment) []Pod {
+ var pods []Pod
+ var i int32
+
+ for i = 0; i < d.Replicas; i++ {
+ p := Pod{}
+ p.Name = fmt.Sprintf("%s-pod-%d", d.Name, i)
+ pods = append(pods, p)
+ }
+
+ return pods
+}
+
// Ctr describes the options a kube yaml can be configured at container level
type Ctr struct {
Name string
@@ -208,6 +379,10 @@ func withPullPolicy(policy string) ctrOption {
}
}
+func getCtrNameInPod(pod *Pod) string {
+ return fmt.Sprintf("%s-%s", pod.Name, defaultCtrName)
+}
+
var _ = Describe("Podman generate kube", func() {
var (
tempdir string
@@ -234,8 +409,18 @@ var _ = Describe("Podman generate kube", func() {
processTestResult(f)
})
+ It("podman play kube fail with yaml of unsupported kind", func() {
+ err := writeYaml(unknownKindYaml, kubeYaml)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Not(Equal(0)))
+
+ })
+
It("podman play kube fail with nonexist authfile", func() {
- err := generateKubeYaml(getPod(), kubeYaml)
+ err := generatePodKubeYaml(getPod(), kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", "--authfile", "/tmp/nonexist", kubeYaml})
@@ -245,14 +430,15 @@ var _ = Describe("Podman generate kube", func() {
})
It("podman play kube test correct command", func() {
- err := generateKubeYaml(getPod(), kubeYaml)
+ pod := getPod()
+ err := generatePodKubeYaml(pod, kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- inspect := podmanTest.Podman([]string{"inspect", defaultCtrName})
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod)})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))
Expect(inspect.OutputToString()).To(ContainSubstring(defaultCtrCmd[0]))
@@ -261,33 +447,34 @@ var _ = Describe("Podman generate kube", func() {
It("podman play kube test correct output", func() {
p := getPod(withCtr(getCtr(withCmd([]string{"echo", "hello"}))))
- err := generateKubeYaml(p, kubeYaml)
+ err := generatePodKubeYaml(p, kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- logs := podmanTest.Podman([]string{"logs", defaultCtrName})
+ logs := podmanTest.Podman([]string{"logs", getCtrNameInPod(p)})
logs.WaitWithDefaultTimeout()
Expect(logs.ExitCode()).To(Equal(0))
Expect(logs.OutputToString()).To(ContainSubstring("hello"))
- inspect := podmanTest.Podman([]string{"inspect", defaultCtrName, "--format", "'{{ .Config.Cmd }}'"})
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(p), "--format", "'{{ .Config.Cmd }}'"})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))
Expect(inspect.OutputToString()).To(ContainSubstring("hello"))
})
It("podman play kube test hostname", func() {
- err := generateKubeYaml(getPod(), kubeYaml)
+ pod := getPod()
+ err := generatePodKubeYaml(pod, kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- inspect := podmanTest.Podman([]string{"inspect", defaultCtrName, "--format", "{{ .Config.Hostname }}"})
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod), "--format", "{{ .Config.Hostname }}"})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))
Expect(inspect.OutputToString()).To(Equal(defaultPodName))
@@ -295,14 +482,15 @@ var _ = Describe("Podman generate kube", func() {
It("podman play kube test with customized hostname", func() {
hostname := "myhostname"
- err := generateKubeYaml(getPod(withHostname(hostname)), kubeYaml)
+ pod := getPod(withHostname(hostname))
+ err := generatePodKubeYaml(getPod(withHostname(hostname)), kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- inspect := podmanTest.Podman([]string{"inspect", defaultCtrName, "--format", "{{ .Config.Hostname }}"})
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod), "--format", "{{ .Config.Hostname }}"})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))
Expect(inspect.OutputToString()).To(Equal(hostname))
@@ -312,14 +500,15 @@ var _ = Describe("Podman generate kube", func() {
capAdd := "CAP_SYS_ADMIN"
ctr := getCtr(withCapAdd([]string{capAdd}), withCmd([]string{"cat", "/proc/self/status"}))
- err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ pod := getPod(withCtr(ctr))
+ err := generatePodKubeYaml(pod, kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- inspect := podmanTest.Podman([]string{"inspect", defaultCtrName})
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod)})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))
Expect(inspect.OutputToString()).To(ContainSubstring(capAdd))
@@ -329,14 +518,15 @@ var _ = Describe("Podman generate kube", func() {
capDrop := "CAP_CHOWN"
ctr := getCtr(withCapDrop([]string{capDrop}))
- err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ pod := getPod(withCtr(ctr))
+ err := generatePodKubeYaml(pod, kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- inspect := podmanTest.Podman([]string{"inspect", defaultCtrName})
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod)})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))
Expect(inspect.OutputToString()).To(ContainSubstring(capDrop))
@@ -344,14 +534,15 @@ var _ = Describe("Podman generate kube", func() {
It("podman play kube no security context", func() {
// expect play kube to not fail if no security context is specified
- err := generateKubeYaml(getPod(withCtr(getCtr(withSecurityContext(false)))), kubeYaml)
+ pod := getPod(withCtr(getCtr(withSecurityContext(false))))
+ err := generatePodKubeYaml(pod, kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- inspect := podmanTest.Podman([]string{"inspect", defaultCtrName})
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(pod)})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))
})
@@ -367,7 +558,8 @@ var _ = Describe("Podman generate kube", func() {
ctrAnnotation := "container.seccomp.security.alpha.kubernetes.io/" + defaultCtrName
ctr := getCtr(withCmd([]string{"pwd"}))
- err = generateKubeYaml(getPod(withCtr(ctr), withAnnotation(ctrAnnotation, "localhost/"+filepath.Base(jsonFile))), kubeYaml)
+ pod := getPod(withCtr(ctr), withAnnotation(ctrAnnotation, "localhost/"+filepath.Base(jsonFile)))
+ err = generatePodKubeYaml(pod, kubeYaml)
Expect(err).To(BeNil())
// CreateSeccompJson will put the profile into podmanTest.TempDir. Use --seccomp-profile-root to tell play kube where to look
@@ -375,7 +567,7 @@ var _ = Describe("Podman generate kube", func() {
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- logs := podmanTest.Podman([]string{"logs", defaultCtrName})
+ logs := podmanTest.Podman([]string{"logs", getCtrNameInPod(pod)})
logs.WaitWithDefaultTimeout()
Expect(logs.ExitCode()).To(Equal(0))
Expect(logs.OutputToString()).To(ContainSubstring("Operation not permitted"))
@@ -392,7 +584,8 @@ var _ = Describe("Podman generate kube", func() {
ctr := getCtr(withCmd([]string{"pwd"}))
- err = generateKubeYaml(getPod(withCtr(ctr), withAnnotation("seccomp.security.alpha.kubernetes.io/pod", "localhost/"+filepath.Base(jsonFile))), kubeYaml)
+ pod := getPod(withCtr(ctr), withAnnotation("seccomp.security.alpha.kubernetes.io/pod", "localhost/"+filepath.Base(jsonFile)))
+ err = generatePodKubeYaml(pod, kubeYaml)
Expect(err).To(BeNil())
// CreateSeccompJson will put the profile into podmanTest.TempDir. Use --seccomp-profile-root to tell play kube where to look
@@ -400,7 +593,7 @@ var _ = Describe("Podman generate kube", func() {
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- logs := podmanTest.Podman([]string{"logs", defaultCtrName})
+ logs := podmanTest.Podman([]string{"logs", getCtrNameInPod(pod)})
logs.WaitWithDefaultTimeout()
Expect(logs.ExitCode()).To(Equal(0))
Expect(logs.OutputToString()).To(ContainSubstring("Operation not permitted"))
@@ -408,7 +601,7 @@ var _ = Describe("Podman generate kube", func() {
It("podman play kube with pull policy of never should be 125", func() {
ctr := getCtr(withPullPolicy("never"), withImage(BB_GLIBC))
- err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ err := generatePodKubeYaml(getPod(withCtr(ctr)), kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
@@ -418,7 +611,7 @@ var _ = Describe("Podman generate kube", func() {
It("podman play kube with pull policy of missing", func() {
ctr := getCtr(withPullPolicy("missing"), withImage(BB))
- err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ err := generatePodKubeYaml(getPod(withCtr(ctr)), kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
@@ -444,7 +637,7 @@ var _ = Describe("Podman generate kube", func() {
oldBBinspect := inspect.InspectImageJSON()
ctr := getCtr(withPullPolicy("always"), withImage(BB))
- err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ err := generatePodKubeYaml(getPod(withCtr(ctr)), kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
@@ -475,7 +668,7 @@ var _ = Describe("Podman generate kube", func() {
oldBBinspect := inspect.InspectImageJSON()
ctr := getCtr(withImage(BB))
- err := generateKubeYaml(getPod(withCtr(ctr)), kubeYaml)
+ err := generatePodKubeYaml(getPod(withCtr(ctr)), kubeYaml)
Expect(err).To(BeNil())
kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
@@ -519,7 +712,7 @@ spec:
kube.WaitWithDefaultTimeout()
Expect(kube.ExitCode()).To(Equal(0))
- inspect := podmanTest.Podman([]string{"inspect", "demo_kube"})
+ inspect := podmanTest.Podman([]string{"inspect", "demo_pod-demo_kube"})
inspect.WaitWithDefaultTimeout()
Expect(inspect.ExitCode()).To(Equal(0))
@@ -529,4 +722,41 @@ spec:
Expect(ctr[0].Config.Labels["key1"]).To(ContainSubstring("value1"))
Expect(ctr[0].Config.StopSignal).To(Equal(uint(51)))
})
+
+ // Deployment related tests
+ It("podman play kube deployment 1 replica test correct command", func() {
+ deployment := getDeployment()
+ err := generateDeploymentKubeYaml(deployment, kubeYaml)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ podNames := getPodNamesInDeployment(deployment)
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(&podNames[0])})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+ Expect(inspect.OutputToString()).To(ContainSubstring(defaultCtrCmd[0]))
+ })
+
+ It("podman play kube deployment more than 1 replica test correct command", func() {
+ var i, numReplicas int32
+ numReplicas = 5
+ deployment := getDeployment(withReplicas(numReplicas))
+ err := generateDeploymentKubeYaml(deployment, kubeYaml)
+ Expect(err).To(BeNil())
+
+ kube := podmanTest.Podman([]string{"play", "kube", kubeYaml})
+ kube.WaitWithDefaultTimeout()
+ Expect(kube.ExitCode()).To(Equal(0))
+
+ podNames := getPodNamesInDeployment(deployment)
+ for i = 0; i < numReplicas; i++ {
+ inspect := podmanTest.Podman([]string{"inspect", getCtrNameInPod(&podNames[i])})
+ inspect.WaitWithDefaultTimeout()
+ Expect(inspect.ExitCode()).To(Equal(0))
+ Expect(inspect.OutputToString()).To(ContainSubstring(defaultCtrCmd[0]))
+ }
+ })
})