remove an e2e test specific to kubeup clusters

2025-07-30 15:05:27 +00:00 · 2023-10-02 16:21:41 +01:00 · 2023-10-02 16:21:41 +01:00 · 243ba5fb6b
commit 243ba5fb6b
parent 12dc19d46f
2 changed files with 0 additions and 169 deletions
--- a/test/e2e/framework/providers/gce/firewall.go
+++ b/test/e2e/framework/providers/gce/firewall.go
@ -90,165 +90,6 @@ func ConstructHealthCheckFirewallForLBService(clusterID string, svc *v1.Service,
 	return &fw
 }

-// GetInstancePrefix returns the INSTANCE_PREFIX env we set for e2e cluster.
-// From cluster/gce/config-test.sh, master name is set up using below format:
-// MASTER_NAME="${INSTANCE_PREFIX}-master"
-func GetInstancePrefix(masterName string) (string, error) {
-	if !strings.HasSuffix(masterName, "-master") {
-		return "", fmt.Errorf("unexpected master name format: %v", masterName)
-	}
-	return masterName[:len(masterName)-7], nil
-}
-
-// GetClusterName returns the CLUSTER_NAME env we set for e2e cluster.
-// From cluster/gce/config-test.sh, cluster name is set up using below format:
-// CLUSTER_NAME="${CLUSTER_NAME:-${INSTANCE_PREFIX}}"
-func GetClusterName(instancePrefix string) string {
-	return instancePrefix
-}
-
-// GetE2eFirewalls returns all firewall rules we create for an e2e cluster.
-// From cluster/gce/util.sh, all firewall rules should be consistent with the ones created by startup scripts.
-func GetE2eFirewalls(masterName, masterTag, nodeTag, network, clusterIPRange string) []*compute.Firewall {
-	instancePrefix, err := GetInstancePrefix(masterName)
-	framework.ExpectNoError(err)
-	clusterName := GetClusterName(instancePrefix)
-
-	fws := []*compute.Firewall{}
-	fws = append(fws, &compute.Firewall{
-		Name:         clusterName + "-default-internal-master",
-		SourceRanges: []string{"10.0.0.0/8"},
-		TargetTags:   []string{masterTag},
-		Allowed: []*compute.FirewallAllowed{
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"1-2379"},
-			},
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"2382-65535"},
-			},
-			{
-				IPProtocol: "udp",
-				Ports:      []string{"1-65535"},
-			},
-			{
-				IPProtocol: "icmp",
-			},
-		},
-	})
-	fws = append(fws, &compute.Firewall{
-		Name:         clusterName + "-default-internal-node",
-		SourceRanges: []string{"10.0.0.0/8"},
-		TargetTags:   []string{nodeTag},
-		Allowed: []*compute.FirewallAllowed{
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"1-65535"},
-			},
-			{
-				IPProtocol: "udp",
-				Ports:      []string{"1-65535"},
-			},
-			{
-				IPProtocol: "icmp",
-			},
-		},
-	})
-	fws = append(fws, &compute.Firewall{
-		Name:         network + "-default-ssh",
-		SourceRanges: []string{"0.0.0.0/0"},
-		Allowed: []*compute.FirewallAllowed{
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"22"},
-			},
-		},
-	})
-	fws = append(fws, &compute.Firewall{
-		Name:       masterName + "-etcd",
-		SourceTags: []string{masterTag},
-		TargetTags: []string{masterTag},
-		Allowed: []*compute.FirewallAllowed{
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"2380"},
-			},
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"2381"},
-			},
-		},
-	})
-	fws = append(fws, &compute.Firewall{
-		Name:         masterName + "-https",
-		SourceRanges: []string{"0.0.0.0/0"},
-		TargetTags:   []string{masterTag},
-		Allowed: []*compute.FirewallAllowed{
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"443"},
-			},
-		},
-	})
-	fws = append(fws, &compute.Firewall{
-		Name:         nodeTag + "-all",
-		SourceRanges: []string{clusterIPRange},
-		TargetTags:   []string{nodeTag},
-		Allowed: []*compute.FirewallAllowed{
-			{
-				IPProtocol: "tcp",
-			},
-			{
-				IPProtocol: "udp",
-			},
-			{
-				IPProtocol: "icmp",
-			},
-			{
-				IPProtocol: "esp",
-			},
-			{
-				IPProtocol: "ah",
-			},
-			{
-				IPProtocol: "sctp",
-			},
-		},
-	})
-	fws = append(fws, &compute.Firewall{
-		Name:         nodeTag + "-http-alt",
-		SourceRanges: []string{"0.0.0.0/0"},
-		TargetTags:   []string{nodeTag},
-		Allowed: []*compute.FirewallAllowed{
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"80"},
-			},
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"8080"},
-			},
-		},
-	})
-	fws = append(fws, &compute.Firewall{
-		Name:         nodeTag + "-nodeports",
-		SourceRanges: []string{"0.0.0.0/0"},
-		TargetTags:   []string{nodeTag},
-		Allowed: []*compute.FirewallAllowed{
-			{
-				IPProtocol: "tcp",
-				Ports:      []string{"30000-32767"},
-			},
-			{
-				IPProtocol: "udp",
-				Ports:      []string{"30000-32767"},
-			},
-		},
-	})
-	return fws
-}
-
 // PackProtocolsPortsFromFirewall packs protocols and ports in an unified way for verification.
 func PackProtocolsPortsFromFirewall(alloweds []*compute.FirewallAllowed) []string {
 	protocolPorts := []string{}
--- a/test/e2e/network/firewall.go
+++ b/test/e2e/network/firewall.go
@ -204,16 +204,6 @@ var _ = common.SIGDescribe("Firewall rule", func() {
 		framework.ExpectNoError(err)
 	})

-	ginkgo.It("should have correct firewall rules for e2e cluster", func(ctx context.Context) {
-		ginkgo.By("Checking if e2e firewall rules are correct")
-		for _, expFw := range gce.GetE2eFirewalls(cloudConfig.MasterName, cloudConfig.MasterTag, cloudConfig.NodeTag, cloudConfig.Network, cloudConfig.ClusterIPRange) {
-			fw, err := gceCloud.GetFirewall(expFw.Name)
-			framework.ExpectNoError(err)
-			err = gce.VerifyFirewallRule(fw, expFw, cloudConfig.Network, false)
-			framework.ExpectNoError(err)
-		}
-	})
-
 	ginkgo.It("control plane should not expose well-known ports", func(ctx context.Context) {
 		nodes, err := e2enode.GetReadySchedulableNodes(ctx, cs)
 		framework.ExpectNoError(err)