github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-09 12:07:47 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #122583 from jsafrane/fix-selinux-e2e

Browse Source 
Fix SELinux e2e tests: add label to observed metrics
This commit is contained in:
Kubernetes Prow Robot 2024-01-09 22:27:07 +01:00 committed by GitHub
commit 1cfe76a8e4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 39 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
test/e2e/storage/csi_mock/csi_selinux_mount.go
View File

@ -20,6 +20,7 @@ import (
"context" "context"
"fmt" "fmt"
"sort" "sort"
"strings"
"sync/atomic" "sync/atomic"
"time" "time"
@ -252,19 +253,6 @@ var _ = utils.SIGDescribe("CSI Mock selinux on mount metrics", func() {
// [Serial]: the tests read global kube-controller-manager metrics, so no other test changes them in parallel. // [Serial]: the tests read global kube-controller-manager metrics, so no other test changes them in parallel.
f.Context("SELinuxMount metrics [LinuxOnly]", feature.SELinux, feature.SELinuxMountReadWriteOncePod, f.WithSerial(), func() { f.Context("SELinuxMount metrics [LinuxOnly]", feature.SELinux, feature.SELinuxMountReadWriteOncePod, f.WithSerial(), func() {
// All SELinux metrics. Unless explicitly mentioned in test.expectIncreases, these metrics must not grow during
// a test.
allMetrics := sets.NewString(
"volume_manager_selinux_container_errors_total",
"volume_manager_selinux_container_warnings_total",
"volume_manager_selinux_pod_context_mismatch_errors_total",
"volume_manager_selinux_pod_context_mismatch_warnings_total",
"volume_manager_selinux_volume_context_mismatch_errors_total",
"volume_manager_selinux_volume_context_mismatch_warnings_total",
"volume_manager_selinux_volumes_admitted_total",
)
// Make sure all options are set so system specific defaults are not used. // Make sure all options are set so system specific defaults are not used.
seLinuxOpts1 := v1.SELinuxOptions{ seLinuxOpts1 := v1.SELinuxOptions{
User: "system_u", User: "system_u",
@ -321,6 +309,21 @@ var _ = utils.SIGDescribe("CSI Mock selinux on mount metrics", func() {
for _, t := range tests { for _, t := range tests {
t := t t := t
ginkgo.It(t.name, func(ctx context.Context) { ginkgo.It(t.name, func(ctx context.Context) {
// Some metrics use CSI driver name as a label, which is "csi-mock-" + the namespace name.
volumePluginLabel := "{volume_plugin=\"kubernetes.io/csi/csi-mock-" + f.Namespace.Name + "\"}"
// All SELinux metrics. Unless explicitly mentioned in test.expectIncreases, these metrics must not grow during
// a test.
allMetrics := sets.NewString(
"volume_manager_selinux_container_errors_total",
"volume_manager_selinux_container_warnings_total",
"volume_manager_selinux_pod_context_mismatch_errors_total",
"volume_manager_selinux_pod_context_mismatch_warnings_total",
"volume_manager_selinux_volume_context_mismatch_errors_total"+volumePluginLabel,
"volume_manager_selinux_volume_context_mismatch_warnings_total"+volumePluginLabel,
"volume_manager_selinux_volumes_admitted_total"+volumePluginLabel,
)
if framework.NodeOSDistroIs("windows") { if framework.NodeOSDistroIs("windows") {
e2eskipper.Skipf("SELinuxMount is only applied on linux nodes -- skipping") e2eskipper.Skipf("SELinuxMount is only applied on linux nodes -- skipping")
} }
@ -387,20 +390,17 @@ func grabMetrics(ctx context.Context, grabber *e2emetrics.Grabber, nodeName stri
framework.ExpectNoError(err) framework.ExpectNoError(err)
metrics := map[string]float64{} metrics := map[string]float64{}
for method, samples := range response { for _, samples := range response {
if metricNames.Has(method) { if len(samples) == 0 {
if len(samples) == 0 { continue
return nil, fmt.Errorf("metric %s has no samples", method)
}
lastSample := samples[len(samples)-1]
metrics[method] = float64(lastSample.Value)
} }
} // Find the *last* sample that has the label we are interested in.
for i := len(samples) - 1; i >= 0; i-- {
// Ensure all metrics were provided metricNameWithLabels := samples[i].Metric.String()
for name := range metricNames { if metricNames.Has(metricNameWithLabels) {
if _, found := metrics[name]; !found { metrics[metricNameWithLabels] = float64(samples[i].Value)
return nil, fmt.Errorf("metric %s not found", name) break
}
} }
} }
@ -421,11 +421,23 @@ func waitForMetricIncrease(ctx context.Context, grabber *e2emetrics.Grabber, nod
noIncreaseMetrics = sets.NewString() noIncreaseMetrics = sets.NewString()
// Always evaluate all SELinux metrics to check that the other metrics are not unexpectedly increased. // Always evaluate all SELinux metrics to check that the other metrics are not unexpectedly increased.
for name := range allMetricNames { for name := range allMetricNames {
if expectedIncreaseNames.Has(name) { expectIncrease := false
// allMetricNames can include "{volume_plugin="XXX"}", while expectedIncreaseNames does not.
// Compare them properly. Value of volume_plugin="XXX" was already checked in grabMetrics(),
// we can ignore it here.
for expectedIncreaseMetricName := range expectedIncreaseNames {
if strings.HasPrefix(name, expectedIncreaseMetricName) {
expectIncrease = true
break
}
}
if expectIncrease {
if metrics[name] <= initialValues[name] { if metrics[name] <= initialValues[name] {
noIncreaseMetrics.Insert(name) noIncreaseMetrics.Insert(name)
} }
} else { } else {
// Expect the metric to be stable
if initialValues[name] != metrics[name] { if initialValues[name] != metrics[name] {
return false, fmt.Errorf("metric %s unexpectedly increased to %v", name, metrics[name]) return false, fmt.Errorf("metric %s unexpectedly increased to %v", name, metrics[name])
} }