From af5c0c9e09a2dbf8a81a306b28d8476040d53520 Mon Sep 17 00:00:00 2001 From: Claudiu Belu Date: Mon, 20 May 2019 14:15:10 -0700 Subject: [PATCH 1/2] Centralizes images into agnhost (part 3) Centralizes the following images into agnhost: - audit-proxy - crd-conversion-webhook - entrypoint-tester - inclusterclient - iperf - porter - serve-hostname --- test/images/BUILD | 6 - test/images/agnhost/BUILD | 12 ++ test/images/agnhost/Dockerfile | 17 ++- test/images/agnhost/README.md | 127 +++++++++++++++++- test/images/agnhost/VERSION | 2 +- test/images/agnhost/agnhost.go | 12 ++ test/images/{ => agnhost}/audit-proxy/BUILD | 13 +- test/images/{ => agnhost}/audit-proxy/main.go | 15 ++- .../crd-conversion-webhook/BUILD | 17 +-- .../crd-conversion-webhook/config.go | 2 +- .../crd-conversion-webhook/converter/BUILD | 2 +- .../converter/converter_test.go | 0 .../converter/example_converter.go | 0 .../converter/framework.go | 0 .../crd-conversion-webhook/main.go | 47 ++++--- .../{ => agnhost}/entrypoint-tester/BUILD | 14 +- .../{ => agnhost}/entrypoint-tester/ep.go | 17 ++- .../{ => agnhost}/inclusterclient/BUILD | 13 +- .../{ => agnhost}/inclusterclient/main.go | 28 +++- test/images/agnhost/pause/pause.go | 1 + test/images/{ => agnhost}/porter/BUILD | 9 +- .../images/{ => agnhost}/porter/localhost.crt | 0 .../images/{ => agnhost}/porter/localhost.key | 0 test/images/{ => agnhost}/porter/porter.go | 22 ++- .../images/{ => agnhost}/serve-hostname/BUILD | 11 +- .../serve-hostname/serve_hostname.go | 54 +++++--- test/images/audit-proxy/Dockerfile | 17 --- test/images/audit-proxy/Makefile | 26 ---- test/images/audit-proxy/README.md | 4 - test/images/audit-proxy/VERSION | 1 - test/images/crd-conversion-webhook/BASEIMAGE | 4 - test/images/crd-conversion-webhook/Dockerfile | 18 --- test/images/crd-conversion-webhook/Makefile | 25 ---- test/images/crd-conversion-webhook/README.md | 11 -- test/images/crd-conversion-webhook/VERSION | 1 - test/images/entrypoint-tester/Dockerfile | 20 --- test/images/entrypoint-tester/Makefile | 25 ---- test/images/entrypoint-tester/VERSION | 1 - test/images/inclusterclient/Dockerfile | 18 --- test/images/inclusterclient/Makefile | 25 ---- test/images/inclusterclient/VERSION | 1 - test/images/iperf/BASEIMAGE | 4 - test/images/iperf/Dockerfile | 23 ---- test/images/iperf/README.md | 8 -- test/images/iperf/VERSION | 1 - test/images/porter/.gitignore | 2 - test/images/porter/Dockerfile | 19 --- test/images/porter/Makefile | 25 ---- test/images/porter/README.md | 12 -- test/images/porter/VERSION | 1 - test/images/porter/pod.json | 59 -------- test/images/serve-hostname/BASEIMAGE | 5 - test/images/serve-hostname/Dockerfile | 18 --- test/images/serve-hostname/Makefile | 25 ---- test/images/serve-hostname/README.md | 39 ------ test/images/serve-hostname/VERSION | 1 - 56 files changed, 324 insertions(+), 556 deletions(-) rename test/images/{ => agnhost}/audit-proxy/BUILD (76%) rename test/images/{ => agnhost}/audit-proxy/main.go (82%) rename test/images/{ => agnhost}/crd-conversion-webhook/BUILD (61%) rename test/images/{ => agnhost}/crd-conversion-webhook/config.go (98%) rename test/images/{ => agnhost}/crd-conversion-webhook/converter/BUILD (94%) rename test/images/{ => agnhost}/crd-conversion-webhook/converter/converter_test.go (100%) rename test/images/{ => agnhost}/crd-conversion-webhook/converter/example_converter.go (100%) rename test/images/{ => agnhost}/crd-conversion-webhook/converter/framework.go (100%) rename test/images/{ => agnhost}/crd-conversion-webhook/main.go (50%) rename test/images/{ => agnhost}/entrypoint-tester/BUILD (60%) rename test/images/{ => agnhost}/entrypoint-tester/ep.go (65%) rename test/images/{ => agnhost}/inclusterclient/BUILD (72%) rename test/images/{ => agnhost}/inclusterclient/main.go (70%) rename test/images/{ => agnhost}/porter/BUILD (74%) rename test/images/{ => agnhost}/porter/localhost.crt (100%) rename test/images/{ => agnhost}/porter/localhost.key (100%) rename test/images/{ => agnhost}/porter/porter.go (70%) rename test/images/{ => agnhost}/serve-hostname/BUILD (72%) rename test/images/{ => agnhost}/serve-hostname/serve_hostname.go (66%) delete mode 100644 test/images/audit-proxy/Dockerfile delete mode 100644 test/images/audit-proxy/Makefile delete mode 100644 test/images/audit-proxy/README.md delete mode 100644 test/images/audit-proxy/VERSION delete mode 100644 test/images/crd-conversion-webhook/BASEIMAGE delete mode 100644 test/images/crd-conversion-webhook/Dockerfile delete mode 100644 test/images/crd-conversion-webhook/Makefile delete mode 100644 test/images/crd-conversion-webhook/README.md delete mode 100644 test/images/crd-conversion-webhook/VERSION delete mode 100644 test/images/entrypoint-tester/Dockerfile delete mode 100644 test/images/entrypoint-tester/Makefile delete mode 100644 test/images/entrypoint-tester/VERSION delete mode 100644 test/images/inclusterclient/Dockerfile delete mode 100644 test/images/inclusterclient/Makefile delete mode 100644 test/images/inclusterclient/VERSION delete mode 100644 test/images/iperf/BASEIMAGE delete mode 100644 test/images/iperf/Dockerfile delete mode 100644 test/images/iperf/README.md delete mode 100644 test/images/iperf/VERSION delete mode 100644 test/images/porter/.gitignore delete mode 100644 test/images/porter/Dockerfile delete mode 100644 test/images/porter/Makefile delete mode 100644 test/images/porter/README.md delete mode 100644 test/images/porter/VERSION delete mode 100644 test/images/porter/pod.json delete mode 100644 test/images/serve-hostname/BASEIMAGE delete mode 100644 test/images/serve-hostname/Dockerfile delete mode 100644 test/images/serve-hostname/Makefile delete mode 100644 test/images/serve-hostname/README.md delete mode 100644 test/images/serve-hostname/VERSION diff --git a/test/images/BUILD b/test/images/BUILD index d40deb53b7e..47ea674f016 100644 --- a/test/images/BUILD +++ b/test/images/BUILD @@ -13,22 +13,16 @@ filegroup( ":package-srcs", "//test/images/agnhost:all-srcs", "//test/images/apparmor-loader:all-srcs", - "//test/images/audit-proxy:all-srcs", - "//test/images/crd-conversion-webhook:all-srcs", "//test/images/echoserver:all-srcs", - "//test/images/entrypoint-tester:all-srcs", - "//test/images/inclusterclient:all-srcs", "//test/images/metadata-concealment:all-srcs", "//test/images/mounttest:all-srcs", "//test/images/nonewprivs:all-srcs", "//test/images/pets/peer-finder:all-srcs", - "//test/images/porter:all-srcs", "//test/images/regression-issue-74839:all-srcs", "//test/images/resource-consumer:all-srcs", "//test/images/resource-consumer-controller:all-srcs", "//test/images/sample-apiserver:all-srcs", "//test/images/sample-device-plugin:all-srcs", - "//test/images/serve-hostname:all-srcs", "//test/images/test-webserver:all-srcs", ], tags = ["automanaged"], diff --git a/test/images/agnhost/BUILD b/test/images/agnhost/BUILD index 3a711c4cf7f..351b0c1ce9c 100644 --- a/test/images/agnhost/BUILD +++ b/test/images/agnhost/BUILD @@ -16,8 +16,12 @@ go_library( srcs = ["agnhost.go"], importpath = "k8s.io/kubernetes/test/images/agnhost", deps = [ + "//test/images/agnhost/audit-proxy:go_default_library", + "//test/images/agnhost/crd-conversion-webhook:go_default_library", "//test/images/agnhost/dns:go_default_library", + "//test/images/agnhost/entrypoint-tester:go_default_library", "//test/images/agnhost/fakegitserver:go_default_library", + "//test/images/agnhost/inclusterclient:go_default_library", "//test/images/agnhost/liveness:go_default_library", "//test/images/agnhost/logs-generator:go_default_library", "//test/images/agnhost/net:go_default_library", @@ -27,6 +31,8 @@ go_library( "//test/images/agnhost/no-snat-test-proxy:go_default_library", "//test/images/agnhost/pause:go_default_library", "//test/images/agnhost/port-forward-tester:go_default_library", + "//test/images/agnhost/porter:go_default_library", + "//test/images/agnhost/serve-hostname:go_default_library", "//test/images/agnhost/webhook:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/k8s.io/klog:go_default_library", @@ -44,8 +50,12 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", + "//test/images/agnhost/audit-proxy:all-srcs", + "//test/images/agnhost/crd-conversion-webhook:all-srcs", "//test/images/agnhost/dns:all-srcs", + "//test/images/agnhost/entrypoint-tester:all-srcs", "//test/images/agnhost/fakegitserver:all-srcs", + "//test/images/agnhost/inclusterclient:all-srcs", "//test/images/agnhost/liveness:all-srcs", "//test/images/agnhost/logs-generator:all-srcs", "//test/images/agnhost/net:all-srcs", @@ -55,6 +65,8 @@ filegroup( "//test/images/agnhost/no-snat-test-proxy:all-srcs", "//test/images/agnhost/pause:all-srcs", "//test/images/agnhost/port-forward-tester:all-srcs", + "//test/images/agnhost/porter:all-srcs", + "//test/images/agnhost/serve-hostname:all-srcs", "//test/images/agnhost/webhook:all-srcs", ], tags = ["automanaged"], diff --git a/test/images/agnhost/Dockerfile b/test/images/agnhost/Dockerfile index e88050a6d57..9b8766a9b54 100644 --- a/test/images/agnhost/Dockerfile +++ b/test/images/agnhost/Dockerfile @@ -20,15 +20,28 @@ CROSS_BUILD_COPY qemu-QEMUARCH-static /usr/bin/ # install necessary packages: # - curl, nc: used by a lot of e2e tests # - iproute2: includes ss used in NodePort tests -RUN apk --update add curl netcat-openbsd iproute2 && rm -rf /var/cache/apk/* +# from iperf image +# install necessary packages: iperf, bash +RUN apk --update add curl netcat-openbsd iproute2 iperf bash && rm -rf /var/cache/apk/* \ + && ln -s /usr/bin/iperf /usr/local/bin/iperf \ + && ls -altrh /usr/local/bin/iperf # PORT 8080 needed by: netexec, nettest # PORT 8081 needed by: netexec -EXPOSE 8080 8081 +# PORT 9376 needed by: serve-hostname +EXPOSE 8080 8081 9376 # from netexec RUN mkdir /uploads +# from porter +ADD porter/localhost.crt localhost.crt +ADD porter/localhost.key localhost.key + ADD agnhost agnhost + +# needed for the entrypoint-tester related tests. +RUN ln -s agnhost agnhost-2 + ENTRYPOINT ["/agnhost"] CMD ["pause"] diff --git a/test/images/agnhost/README.md b/test/images/agnhost/README.md index c1b47c0cc58..7f90017d78e 100644 --- a/test/images/agnhost/README.md +++ b/test/images/agnhost/README.md @@ -31,7 +31,7 @@ For example, let's consider the following `pod.yaml` file: containers: - args: - dns-suffix - image: gcr.io/kubernetes-e2e-test-images/agnhost:2.1 + image: gcr.io/kubernetes-e2e-test-images/agnhost:2.2 name: agnhost dnsConfig: nameservers: @@ -65,6 +65,35 @@ created with the `pause` argument instead, allowing us execute multiple commands The `agnhost` binary is a CLI with the following subcommands: +### audit-proxy + +The audit proxy is used to test dynamic auditing. It listens on port 8080 for incoming audit +events and writes them in a uniform manner to stdout. + +Usage: + +```console + kubectl exec test-agnhost -- /agnhost audit-proxy +``` + + +### crd-conversion-webhook + +The subcommand tests `CustomResourceConversionWebhook`. After deploying it to Kubernetes cluster, +the administrator needs to create a `CustomResourceConversion.Webhook` in Kubernetes cluster +to use remote webhook for conversions. + +The subcommand starts a HTTP server, listening on port 443, and creating the `/crdconvert` +endpoint. + +Usage + +```console + kubectl exec test-agnhost -- /agnhost crd-conversion-webhook \ + [--tls-cert-file ] [--tls-private-key-file ] +``` + + ### dns-server-list It will output the host's configured DNS servers, separated by commas. @@ -87,6 +116,17 @@ Usage: ``` +### entrypoint-tester + +This subcommand will print the arguments it's passed and exists. + +Usage: + +```console + kubectl exec test-agnhost -- /agnhost entrypoint-tester foo lish args +``` + + ### etc-hosts It will output the contents of host's `hosts` file. This file's location is `/etc/hosts` @@ -124,6 +164,22 @@ Usage: ``` +### inclusterclient + +The subcommand will periodically poll the Kubernetes `/healthz` endpoint using the in-cluster +config. Because of this, the subcommand is meant to be run inside of a Kubernetes pod. It can +also be used to validate token rotation. + +The given `--poll-interval` flag (default is 30 seconds) represents the poll interval in +seconds of the call to `/healhz`. + +Usage: + +```console + kubectl exec test-agnhost -- /agnhost inclusterclient [--poll-interval ] +``` + + ### liveness Starts a simple server that is alive for 10 seconds, then reports unhealthy for the rest @@ -165,14 +221,14 @@ Examples: ```console docker run -i \ - gcr.io/kubernetes-e2e-test-images/agnhost:2.1 \ + gcr.io/kubernetes-e2e-test-images/agnhost:2.2 \ logs-generator --log-lines-total 10 --run-duration 1s ``` ```console kubectl run logs-generator \ --generator=run-pod/v1 \ - --image=gcr.io/kubernetes-e2e-test-images/agnhost:2.1 \ + --image=gcr.io/kubernetes-e2e-test-images/agnhost:2.2 \ --restart=Never \ -- logs-generator -t 10 -d 1s ``` @@ -299,7 +355,7 @@ Usage: ```console kubectl run test-agnhost \ --generator=run-pod/v1 \ - --image=gcr.io/kubernetes-e2e-test-images/agnhost:2.1 \ + --image=gcr.io/kubernetes-e2e-test-images/agnhost:2.2 \ --restart=Never \ --env "POD_IP=" \ --env "NODE_IP=" \ @@ -366,6 +422,59 @@ Usage: ``` +### porter + +Serves requested data on ports specified in ENV variables. For example, if the the environment +variable `SERVE_PORT_9001` is set, then the subcommand will start serving on the port 9001. +Additionally, if the environment variable `SERVE_TLS_PORT_9002` is set, then the subcommand +will start a TLS server on that port. + +The included `localhost.crt` is a PEM-encoded TLS cert with SAN IPs `127.0.0.1` and `[::1]`, +expiring in January 2084, generated from `src/crypto/tls`: + +```console + go run generate_cert.go --rsa-bits 2048 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h +``` + +To use a different cert/key, mount them into the pod and set the `CERT_FILE` and `KEY_FILE` +environment variables to the desired paths. + +Usage: + +```console + kubectl exec test-agnhost -- /agnhost porter +``` + +[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/images/porter/README.md?pixel)]() + + +### serve-hostname + +This is a small util app to serve your hostname on TCP and/or UDP. Useful for testing. + +The subcommand can accept the following flags: + +- `tcp` (default: `false`): Serve raw over TCP. +- `udp` (default: `false`): Serve raw over UDP. +- `http` (default: `true`): Serve HTTP. +- `close` (default: `false`): Close connection per each HTTP request. +- `port` (default: `9376`): The port number to listen to. + +Keep in mind that `--http` cannot be given at the same time as `--tcp` or `--udp`. + +Usage: + +```console + kubectl exec test-agnhost -- /agnhost serve-hostname [--tcp] [--udp] [--http] [--close] [--port ] +``` + +[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/contrib/for-demos/serve_hostname/README.md +?pixel)]() + +[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/images/serve_hostname/README.md?pixel +)]() + + ### webhook (Kubernetes External Admission Webhook) The subcommand tests MutatingAdmissionWebhook and ValidatingAdmissionWebhook. After deploying @@ -382,8 +491,14 @@ Usage: kubectl exec test-agnhost -- /agnhost webhook [--tls-cert-file ] [--tls-private-key-file ] ``` + +## Other tools + +The image contains `iperf`. + + ## Image -The image can be found at `gcr.io/kubernetes-e2e-test-images/agnhost:2.1` for Linux -containers, and `e2eteam/agnhost:2.1` for Windows containers. In the future, the same +The image can be found at `gcr.io/kubernetes-e2e-test-images/agnhost:2.2` for Linux +containers, and `e2eteam/agnhost:2.2` for Windows containers. In the future, the same repository can be used for both OSes. diff --git a/test/images/agnhost/VERSION b/test/images/agnhost/VERSION index 879b416e609..8bbe6cf74a1 100644 --- a/test/images/agnhost/VERSION +++ b/test/images/agnhost/VERSION @@ -1 +1 @@ -2.1 +2.2 diff --git a/test/images/agnhost/agnhost.go b/test/images/agnhost/agnhost.go index 3db8f7c9093..98e63482391 100644 --- a/test/images/agnhost/agnhost.go +++ b/test/images/agnhost/agnhost.go @@ -22,8 +22,12 @@ import ( "github.com/spf13/cobra" "k8s.io/klog" + "k8s.io/kubernetes/test/images/agnhost/audit-proxy" + "k8s.io/kubernetes/test/images/agnhost/crd-conversion-webhook" "k8s.io/kubernetes/test/images/agnhost/dns" + "k8s.io/kubernetes/test/images/agnhost/entrypoint-tester" "k8s.io/kubernetes/test/images/agnhost/fakegitserver" + "k8s.io/kubernetes/test/images/agnhost/inclusterclient" "k8s.io/kubernetes/test/images/agnhost/liveness" "k8s.io/kubernetes/test/images/agnhost/logs-generator" "k8s.io/kubernetes/test/images/agnhost/net" @@ -33,15 +37,21 @@ import ( "k8s.io/kubernetes/test/images/agnhost/no-snat-test-proxy" "k8s.io/kubernetes/test/images/agnhost/pause" "k8s.io/kubernetes/test/images/agnhost/port-forward-tester" + "k8s.io/kubernetes/test/images/agnhost/porter" + "k8s.io/kubernetes/test/images/agnhost/serve-hostname" "k8s.io/kubernetes/test/images/agnhost/webhook" ) func main() { rootCmd := &cobra.Command{Use: "app"} + rootCmd.AddCommand(auditproxy.CmdAuditProxy) + rootCmd.AddCommand(crdconvwebhook.CmdCrdConversionWebhook) rootCmd.AddCommand(dns.CmdDNSSuffix) rootCmd.AddCommand(dns.CmdDNSServerList) rootCmd.AddCommand(dns.CmdEtcHosts) + rootCmd.AddCommand(entrypoint.CmdEntrypointTester) rootCmd.AddCommand(fakegitserver.CmdFakeGitServer) + rootCmd.AddCommand(inclusterclient.CmdInClusterClient) rootCmd.AddCommand(liveness.CmdLiveness) rootCmd.AddCommand(logsgen.CmdLogsGenerator) rootCmd.AddCommand(net.CmdNet) @@ -50,7 +60,9 @@ func main() { rootCmd.AddCommand(nosnat.CmdNoSnatTest) rootCmd.AddCommand(nosnatproxy.CmdNoSnatTestProxy) rootCmd.AddCommand(pause.CmdPause) + rootCmd.AddCommand(porter.CmdPorter) rootCmd.AddCommand(portforwardtester.CmdPortForwardTester) + rootCmd.AddCommand(servehostname.CmdServeHostname) rootCmd.AddCommand(webhook.CmdWebhook) // NOTE(claudiub): Some tests are passing logging related flags, so we need to be able to diff --git a/test/images/audit-proxy/BUILD b/test/images/agnhost/audit-proxy/BUILD similarity index 76% rename from test/images/audit-proxy/BUILD rename to test/images/agnhost/audit-proxy/BUILD index 20b59a82153..c5f19a762bc 100644 --- a/test/images/audit-proxy/BUILD +++ b/test/images/agnhost/audit-proxy/BUILD @@ -1,25 +1,20 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") +load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = ["main.go"], - importpath = "k8s.io/kubernetes/test/images/audit-proxy", - visibility = ["//visibility:private"], + importpath = "k8s.io/kubernetes/test/images/agnhost/audit-proxy", + visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apimachinery/pkg/runtime:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library", "//staging/src/k8s.io/apiserver/pkg/apis/audit/install:go_default_library", "//staging/src/k8s.io/apiserver/pkg/apis/audit/v1:go_default_library", "//staging/src/k8s.io/apiserver/pkg/audit:go_default_library", + "//vendor/github.com/spf13/cobra:go_default_library", ], ) -go_binary( - name = "audit-proxy", - embed = [":go_default_library"], - visibility = ["//visibility:public"], -) - filegroup( name = "package-srcs", srcs = glob(["**"]), diff --git a/test/images/audit-proxy/main.go b/test/images/agnhost/audit-proxy/main.go similarity index 82% rename from test/images/audit-proxy/main.go rename to test/images/agnhost/audit-proxy/main.go index 8438e5eda96..99ecb81e9b0 100644 --- a/test/images/audit-proxy/main.go +++ b/test/images/agnhost/audit-proxy/main.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package main +package auditproxy import ( "io/ioutil" @@ -22,6 +22,8 @@ import ( "net/http" "os" + "github.com/spf13/cobra" + "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/serializer/json" auditinstall "k8s.io/apiserver/pkg/apis/audit/install" @@ -29,12 +31,21 @@ import ( "k8s.io/apiserver/pkg/audit" ) +// CmdAuditProxy is used by agnhost Cobra. +var CmdAuditProxy = &cobra.Command{ + Use: "audit-proxy", + Short: "Listens on port 8080 for incoming audit events", + Long: "Used to test dynamic auditing. It listens on port 8080 for incoming audit events and writes them in a uniform manner to stdout.", + Args: cobra.MaximumNArgs(0), + Run: main, +} + var ( encoder runtime.Encoder decoder runtime.Decoder ) -func main() { +func main(cmd *cobra.Command, args []string) { scheme := runtime.NewScheme() auditinstall.Install(scheme) serializer := json.NewSerializer(json.DefaultMetaFactory, scheme, scheme, false) diff --git a/test/images/crd-conversion-webhook/BUILD b/test/images/agnhost/crd-conversion-webhook/BUILD similarity index 61% rename from test/images/crd-conversion-webhook/BUILD rename to test/images/agnhost/crd-conversion-webhook/BUILD index 9018d79e77e..5ce4b069752 100644 --- a/test/images/crd-conversion-webhook/BUILD +++ b/test/images/agnhost/crd-conversion-webhook/BUILD @@ -1,4 +1,4 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") +load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", @@ -6,22 +6,17 @@ go_library( "config.go", "main.go", ], - importpath = "k8s.io/kubernetes/test/images/crd-conversion-webhook", - visibility = ["//visibility:private"], + importpath = "k8s.io/kubernetes/test/images/agnhost/crd-conversion-webhook", + visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", - "//test/images/crd-conversion-webhook/converter:go_default_library", + "//test/images/agnhost/crd-conversion-webhook/converter:go_default_library", + "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], ) -go_binary( - name = "crd-conversion-webhook", - embed = [":go_default_library"], - visibility = ["//visibility:public"], -) - filegroup( name = "package-srcs", srcs = glob(["**"]), @@ -33,7 +28,7 @@ filegroup( name = "all-srcs", srcs = [ ":package-srcs", - "//test/images/crd-conversion-webhook/converter:all-srcs", + "//test/images/agnhost/crd-conversion-webhook/converter:all-srcs", ], tags = ["automanaged"], visibility = ["//visibility:public"], diff --git a/test/images/crd-conversion-webhook/config.go b/test/images/agnhost/crd-conversion-webhook/config.go similarity index 98% rename from test/images/crd-conversion-webhook/config.go rename to test/images/agnhost/crd-conversion-webhook/config.go index 11ff1b5d98f..d62d991a93e 100644 --- a/test/images/crd-conversion-webhook/config.go +++ b/test/images/agnhost/crd-conversion-webhook/config.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package main +package crdconvwebhook import ( "crypto/tls" diff --git a/test/images/crd-conversion-webhook/converter/BUILD b/test/images/agnhost/crd-conversion-webhook/converter/BUILD similarity index 94% rename from test/images/crd-conversion-webhook/converter/BUILD rename to test/images/agnhost/crd-conversion-webhook/converter/BUILD index bc55307e795..e76b458301f 100644 --- a/test/images/crd-conversion-webhook/converter/BUILD +++ b/test/images/agnhost/crd-conversion-webhook/converter/BUILD @@ -6,7 +6,7 @@ go_library( "example_converter.go", "framework.go", ], - importpath = "k8s.io/kubernetes/test/images/crd-conversion-webhook/converter", + importpath = "k8s.io/kubernetes/test/images/agnhost/crd-conversion-webhook/converter", visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1:go_default_library", diff --git a/test/images/crd-conversion-webhook/converter/converter_test.go b/test/images/agnhost/crd-conversion-webhook/converter/converter_test.go similarity index 100% rename from test/images/crd-conversion-webhook/converter/converter_test.go rename to test/images/agnhost/crd-conversion-webhook/converter/converter_test.go diff --git a/test/images/crd-conversion-webhook/converter/example_converter.go b/test/images/agnhost/crd-conversion-webhook/converter/example_converter.go similarity index 100% rename from test/images/crd-conversion-webhook/converter/example_converter.go rename to test/images/agnhost/crd-conversion-webhook/converter/example_converter.go diff --git a/test/images/crd-conversion-webhook/converter/framework.go b/test/images/agnhost/crd-conversion-webhook/converter/framework.go similarity index 100% rename from test/images/crd-conversion-webhook/converter/framework.go rename to test/images/agnhost/crd-conversion-webhook/converter/framework.go diff --git a/test/images/crd-conversion-webhook/main.go b/test/images/agnhost/crd-conversion-webhook/main.go similarity index 50% rename from test/images/crd-conversion-webhook/main.go rename to test/images/agnhost/crd-conversion-webhook/main.go index 6c80074f13c..ac5096ddb9b 100644 --- a/test/images/crd-conversion-webhook/main.go +++ b/test/images/agnhost/crd-conversion-webhook/main.go @@ -14,33 +14,50 @@ See the License for the specific language governing permissions and limitations under the License. */ -package main +package crdconvwebhook import ( - "flag" "net/http" - "k8s.io/kubernetes/test/images/crd-conversion-webhook/converter" + "github.com/spf13/cobra" + + "k8s.io/kubernetes/test/images/agnhost/crd-conversion-webhook/converter" ) +var ( + certFile string + keyFile string +) + +// CmdCrdConversionWebhook is used by agnhost Cobra. +var CmdCrdConversionWebhook = &cobra.Command{ + Use: "crd-conversion-webhook", + Short: "Starts HTTP server on port 443 for testing CustomResourceConversionWebhook", + Long: `The subcommand tests "CustomResourceConversionWebhook". + +After deploying it to Kubernetes cluster, the administrator needs to create a "CustomResourceConversion.Webhook" in Kubernetes cluster to use remote webhook for conversions. + +The subcommand starts a HTTP server, listening on port 443, and creating the "/crdconvert" endpoint.`, + Args: cobra.MaximumNArgs(0), + Run: main, +} + +func init() { + CmdCrdConversionWebhook.Flags().StringVar(&certFile, "tls-cert-file", "", + "File containing the default x509 Certificate for HTTPS. (CA cert, if any, concatenated "+ + "after server cert.") + CmdCrdConversionWebhook.Flags().StringVar(&keyFile, "tls-private-key-file", "", + "File containing the default x509 private key matching --tls-cert-file.") +} + // Config contains the server (the webhook) cert and key. type Config struct { CertFile string KeyFile string } -func (c *Config) addFlags() { - flag.StringVar(&c.CertFile, "tls-cert-file", c.CertFile, ""+ - "File containing the default x509 Certificate for HTTPS. (CA cert, if any, concatenated "+ - "after server cert).") - flag.StringVar(&c.KeyFile, "tls-private-key-file", c.KeyFile, ""+ - "File containing the default x509 private key matching --tls-cert-file.") -} - -func main() { - var config Config - config.addFlags() - flag.Parse() +func main(cmd *cobra.Command, args []string) { + config := Config{CertFile: certFile, KeyFile: keyFile} http.HandleFunc("/crdconvert", converter.ServeExampleConvert) clientset := getClient() diff --git a/test/images/entrypoint-tester/BUILD b/test/images/agnhost/entrypoint-tester/BUILD similarity index 60% rename from test/images/entrypoint-tester/BUILD rename to test/images/agnhost/entrypoint-tester/BUILD index 070c76d4002..d621a68f8a4 100644 --- a/test/images/entrypoint-tester/BUILD +++ b/test/images/agnhost/entrypoint-tester/BUILD @@ -1,20 +1,12 @@ package(default_visibility = ["//visibility:public"]) -load( - "@io_bazel_rules_go//go:def.bzl", - "go_binary", - "go_library", -) - -go_binary( - name = "entrypoint-tester", - embed = [":go_default_library"], -) +load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = ["ep.go"], - importpath = "k8s.io/kubernetes/test/images/entrypoint-tester", + importpath = "k8s.io/kubernetes/test/images/agnhost/entrypoint-tester", + deps = ["//vendor/github.com/spf13/cobra:go_default_library"], ) filegroup( diff --git a/test/images/entrypoint-tester/ep.go b/test/images/agnhost/entrypoint-tester/ep.go similarity index 65% rename from test/images/entrypoint-tester/ep.go rename to test/images/agnhost/entrypoint-tester/ep.go index e76fd31c0da..2b9eb924181 100644 --- a/test/images/entrypoint-tester/ep.go +++ b/test/images/agnhost/entrypoint-tester/ep.go @@ -14,16 +14,25 @@ See the License for the specific language governing permissions and limitations under the License. */ -package main +package entrypoint import ( "fmt" "os" + + "github.com/spf13/cobra" ) +// CmdEntrypointTester is used by agnhost Cobra. +var CmdEntrypointTester = &cobra.Command{ + Use: "entrypoint-tester", + Short: "Prints the args it's passed and exits", + Long: "Prints the args it's passed and exits.", + Run: main, +} + // This program prints the arguments it's passed and exits. -func main() { - args := os.Args - fmt.Printf("%v\n", args) +func main(cmd *cobra.Command, args []string) { + fmt.Printf("%v\n", os.Args) os.Exit(0) } diff --git a/test/images/inclusterclient/BUILD b/test/images/agnhost/inclusterclient/BUILD similarity index 72% rename from test/images/inclusterclient/BUILD rename to test/images/agnhost/inclusterclient/BUILD index 07cfc21064b..95424e53333 100644 --- a/test/images/inclusterclient/BUILD +++ b/test/images/agnhost/inclusterclient/BUILD @@ -1,24 +1,19 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library") +load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = ["main.go"], - importpath = "k8s.io/kubernetes/test/images/inclusterclient", - visibility = ["//visibility:private"], + importpath = "k8s.io/kubernetes/test/images/agnhost/inclusterclient", + visibility = ["//visibility:public"], deps = [ "//staging/src/k8s.io/client-go/kubernetes:go_default_library", "//staging/src/k8s.io/client-go/rest:go_default_library", "//staging/src/k8s.io/component-base/logs:go_default_library", + "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/k8s.io/klog:go_default_library", ], ) -go_binary( - name = "inclusterconfig", - embed = [":go_default_library"], - visibility = ["//visibility:public"], -) - filegroup( name = "package-srcs", srcs = glob(["**"]), diff --git a/test/images/inclusterclient/main.go b/test/images/agnhost/inclusterclient/main.go similarity index 70% rename from test/images/inclusterclient/main.go rename to test/images/agnhost/inclusterclient/main.go index bf7a0ac6944..2ea9959d606 100644 --- a/test/images/inclusterclient/main.go +++ b/test/images/agnhost/inclusterclient/main.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package main +package inclusterclient import ( "crypto/sha256" @@ -25,19 +25,37 @@ import ( "net/http" "time" + "github.com/spf13/cobra" + "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" "k8s.io/component-base/logs" "k8s.io/klog" ) -func main() { +var pollInterval int + +// CmdInClusterClient is used by agnhost Cobra. +var CmdInClusterClient = &cobra.Command{ + Use: "inclusterclient", + Short: "Periodically poll the Kubernetes \"/healthz\" endpoint", + Long: `Periodically polls the Kubernetes "/healthz" endpoint using the in-cluster config. Because of this, this subcommand is meant to be run inside of a Kubernetes pod. + +This subcommand can also be used to validate token rotation.`, + Args: cobra.MaximumNArgs(0), + Run: main, +} + +func init() { + CmdInClusterClient.Flags().IntVar(&pollInterval, "poll-interval", 30, + "poll interval of call to /healhtz in seconds") +} + +func main(cmd *cobra.Command, args []string) { logs.InitLogs() defer logs.FlushLogs() - pollInterval := flag.Int("poll-interval", 30, "poll interval of call to /healhtz in seconds") flag.Set("logtostderr", "true") - flag.Parse() klog.Infof("started") @@ -54,7 +72,7 @@ func main() { c := kubernetes.NewForConfigOrDie(cfg).RESTClient() - t := time.Tick(time.Duration(*pollInterval) * time.Second) + t := time.Tick(time.Duration(pollInterval) * time.Second) for { <-t klog.Infof("calling /healthz") diff --git a/test/images/agnhost/pause/pause.go b/test/images/agnhost/pause/pause.go index 1f93037a66b..3fd01f2f79c 100644 --- a/test/images/agnhost/pause/pause.go +++ b/test/images/agnhost/pause/pause.go @@ -35,6 +35,7 @@ var CmdPause = &cobra.Command{ } func pause(cmd *cobra.Command, args []string) { + fmt.Println("Paused") sigCh := make(chan os.Signal) done := make(chan int, 1) signal.Notify(sigCh, syscall.SIGINT) diff --git a/test/images/porter/BUILD b/test/images/agnhost/porter/BUILD similarity index 74% rename from test/images/porter/BUILD rename to test/images/agnhost/porter/BUILD index 421f4d387e8..12ff35d1a65 100644 --- a/test/images/porter/BUILD +++ b/test/images/agnhost/porter/BUILD @@ -2,19 +2,14 @@ package(default_visibility = ["//visibility:public"]) load( "@io_bazel_rules_go//go:def.bzl", - "go_binary", "go_library", ) -go_binary( - name = "porter", - embed = [":go_default_library"], -) - go_library( name = "go_default_library", srcs = ["porter.go"], - importpath = "k8s.io/kubernetes/test/images/porter", + importpath = "k8s.io/kubernetes/test/images/agnhost/porter", + deps = ["//vendor/github.com/spf13/cobra:go_default_library"], ) filegroup( diff --git a/test/images/porter/localhost.crt b/test/images/agnhost/porter/localhost.crt similarity index 100% rename from test/images/porter/localhost.crt rename to test/images/agnhost/porter/localhost.crt diff --git a/test/images/porter/localhost.key b/test/images/agnhost/porter/localhost.key similarity index 100% rename from test/images/porter/localhost.key rename to test/images/agnhost/porter/localhost.key diff --git a/test/images/porter/porter.go b/test/images/agnhost/porter/porter.go similarity index 70% rename from test/images/porter/porter.go rename to test/images/agnhost/porter/porter.go index 43ea56403bd..643715d7d52 100644 --- a/test/images/porter/porter.go +++ b/test/images/agnhost/porter/porter.go @@ -19,7 +19,8 @@ limitations under the License. // Reads env vars; for every var of the form SERVE_PORT_X, where X is a valid // port number, porter starts an HTTP server which serves the env var's value // in response to any query. -package main + +package porter import ( "fmt" @@ -27,12 +28,29 @@ import ( "net/http" "os" "strings" + + "github.com/spf13/cobra" ) const prefix = "SERVE_PORT_" const tlsPrefix = "SERVE_TLS_PORT_" -func main() { +// CmdPorter is used by agnhost Cobra. +var CmdPorter = &cobra.Command{ + Use: "porter", + Short: "Serves requested data on ports specified in ENV variables", + Long: `Serves requested data on ports specified in ENV variables. For example, if the the environment variable "SERVE_PORT_9001" is set, then the subcommand will start serving on the port 9001. + +Additionally, if the environment variable "SERVE_TLS_PORT_9002" is set, then the subcommand will start a TLS server on that port. + +The included "localhost.crt" is a PEM-encoded TLS cert with SAN IPs "127.0.0.1" and "[::1]", expiring in January 2084, generated from "src/crypto/tls". + +To use a different cert/key, mount them into the pod and set the "CERT_FILE" and "KEY_FILE" environment variables to the desired paths.`, + Args: cobra.MaximumNArgs(0), + Run: main, +} + +func main(cmd *cobra.Command, args []string) { for _, vk := range os.Environ() { // Put everything before the first = sign in parts[0], and // everything else in parts[1] (even if there are multiple = diff --git a/test/images/serve-hostname/BUILD b/test/images/agnhost/serve-hostname/BUILD similarity index 72% rename from test/images/serve-hostname/BUILD rename to test/images/agnhost/serve-hostname/BUILD index 72f7322d272..a4989ae15c0 100644 --- a/test/images/serve-hostname/BUILD +++ b/test/images/agnhost/serve-hostname/BUILD @@ -2,14 +2,16 @@ package(default_visibility = ["//visibility:public"]) load( "@io_bazel_rules_go//go:def.bzl", - "go_binary", "go_library", ) go_library( name = "go_default_library", srcs = ["serve_hostname.go"], - importpath = "k8s.io/kubernetes/test/images/serve-hostname", + importpath = "k8s.io/kubernetes/test/images/agnhost/serve-hostname", + deps = [ + "//vendor/github.com/spf13/cobra:go_default_library", + ], ) filegroup( @@ -24,8 +26,3 @@ filegroup( srcs = [":package-srcs"], tags = ["automanaged"], ) - -go_binary( - name = "serve-hostname", - embed = [":go_default_library"], -) diff --git a/test/images/serve-hostname/serve_hostname.go b/test/images/agnhost/serve-hostname/serve_hostname.go similarity index 66% rename from test/images/serve-hostname/serve_hostname.go rename to test/images/agnhost/serve-hostname/serve_hostname.go index f6d7507e1f4..1e0b9b449d9 100644 --- a/test/images/serve-hostname/serve_hostname.go +++ b/test/images/agnhost/serve-hostname/serve_hostname.go @@ -15,10 +15,10 @@ limitations under the License. */ // A small utility to just serve the hostname on TCP and/or UDP. -package main + +package servehostname import ( - "flag" "fmt" "log" "net" @@ -27,19 +27,37 @@ import ( "os/signal" "syscall" "time" + + "github.com/spf13/cobra" ) +// CmdServeHostname is used by agnhost Cobra. +var CmdServeHostname = &cobra.Command{ + Use: "serve-hostname", + Short: "Serves the hostname", + Long: `Serves the hostname through HTTP / TCP / UDP on the given port.`, + Args: cobra.MaximumNArgs(0), + Run: main, +} + var ( - doTCP = flag.Bool("tcp", false, "Serve raw over TCP.") - doUDP = flag.Bool("udp", false, "Serve raw over UDP.") - doHTTP = flag.Bool("http", true, "Serve HTTP.") - doClose = flag.Bool("close", false, "Close connection per each HTTP request") - port = flag.Int("port", 9376, "Port number.") + doTCP bool + doUDP bool + doHTTP bool + doClose bool + port int ) -func main() { - flag.Parse() - if *doHTTP && (*doTCP || *doUDP) { +func init() { + CmdServeHostname.Flags().BoolVar(&doTCP, "tcp", false, "Serve raw over TCP.") + CmdServeHostname.Flags().BoolVar(&doUDP, "udp", false, "Serve raw over UDP.") + CmdServeHostname.Flags().BoolVar(&doHTTP, "http", true, "Serve HTTP.") + CmdServeHostname.Flags().BoolVar(&doClose, "close", false, "Close connection per each HTTP request.") + CmdServeHostname.Flags().IntVar(&port, "port", 9376, "Port number.") +} + +func main(cmd *cobra.Command, args []string) { + if doHTTP && (doTCP || doUDP) { log.Fatalf("Can't server TCP/UDP mode and HTTP mode at the same time") } @@ -48,8 +66,8 @@ func main() { log.Fatalf("Error from os.Hostname(): %s", err) } - if *doTCP { - listener, err := net.Listen("tcp", fmt.Sprintf(":%d", *port)) + if doTCP { + listener, err := net.Listen("tcp", fmt.Sprintf(":%d", port)) if err != nil { log.Fatalf("Error from net.Listen(): %s", err) } @@ -65,8 +83,8 @@ func main() { } }() } - if *doUDP { - addr, err := net.ResolveUDPAddr("udp", fmt.Sprintf(":%d", *port)) + if doUDP { + addr, err := net.ResolveUDPAddr("udp", fmt.Sprintf(":%d", port)) if err != nil { log.Fatalf("Error from net.ResolveUDPAddr(): %s", err) } @@ -86,11 +104,11 @@ func main() { } }() } - if *doHTTP { + if doHTTP { http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { log.Printf("HTTP request from %s", r.RemoteAddr) - if *doClose { + if doClose { // Add this header to force to close the connection after serving the request. w.Header().Add("Connection", "close") } @@ -99,10 +117,10 @@ func main() { }) go func() { // Run in a closure so http.ListenAndServe doesn't block - log.Fatal(http.ListenAndServe(fmt.Sprintf(":%d", *port), nil)) + log.Fatal(http.ListenAndServe(fmt.Sprintf(":%d", port), nil)) }() } - log.Printf("Serving on port %d.\n", *port) + log.Printf("Serving on port %d.\n", port) signals := make(chan os.Signal) signal.Notify(signals, syscall.SIGTERM) sig := <-signals diff --git a/test/images/audit-proxy/Dockerfile b/test/images/audit-proxy/Dockerfile deleted file mode 100644 index ef7ef7fafb5..00000000000 --- a/test/images/audit-proxy/Dockerfile +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright 2019 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM gcr.io/distroless/static:latest -COPY audit-proxy / -ENTRYPOINT ["/audit-proxy"] diff --git a/test/images/audit-proxy/Makefile b/test/images/audit-proxy/Makefile deleted file mode 100644 index 3f7976a459f..00000000000 --- a/test/images/audit-proxy/Makefile +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright 2019 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -SRCS=audit-proxy -ARCH ?= amd64 -TARGET ?= $(CURDIR) -GOARM=7 -GOLANG_VERSION ?= latest -SRC_DIR = $(notdir $(shell pwd)) -export - -bin: - ../image-util.sh bin $(SRCS) - -.PHONY: bin diff --git a/test/images/audit-proxy/README.md b/test/images/audit-proxy/README.md deleted file mode 100644 index 4f7eba99711..00000000000 --- a/test/images/audit-proxy/README.md +++ /dev/null @@ -1,4 +0,0 @@ -# Audit Proxy - -The audit proxy is used to test dynamic auditing. It listens on port 8080 for incoming audit events and -writes them in a uniform manner to stdout. \ No newline at end of file diff --git a/test/images/audit-proxy/VERSION b/test/images/audit-proxy/VERSION deleted file mode 100644 index 9459d4ba2a0..00000000000 --- a/test/images/audit-proxy/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.1 diff --git a/test/images/crd-conversion-webhook/BASEIMAGE b/test/images/crd-conversion-webhook/BASEIMAGE deleted file mode 100644 index 114844f395e..00000000000 --- a/test/images/crd-conversion-webhook/BASEIMAGE +++ /dev/null @@ -1,4 +0,0 @@ -amd64=alpine:3.6 -arm=arm32v6/alpine:3.6 -arm64=arm64v8/alpine:3.6 -ppc64le=ppc64le/alpine:3.6 diff --git a/test/images/crd-conversion-webhook/Dockerfile b/test/images/crd-conversion-webhook/Dockerfile deleted file mode 100644 index 1743be6bbdb..00000000000 --- a/test/images/crd-conversion-webhook/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2018 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM BASEIMAGE - -ADD crd_conversion_webhook /crd_conversion_webhook -ENTRYPOINT ["/crd_conversion_webhook"] diff --git a/test/images/crd-conversion-webhook/Makefile b/test/images/crd-conversion-webhook/Makefile deleted file mode 100644 index b0decfb3086..00000000000 --- a/test/images/crd-conversion-webhook/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2018 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -SRCS=crd_conversion_webhook -ARCH ?= amd64 -TARGET ?= $(CURDIR) -GOLANG_VERSION ?= latest -SRC_DIR = $(notdir $(shell pwd)) -export - -bin: - ../image-util.sh bin $(SRCS) - -.PHONY: bin diff --git a/test/images/crd-conversion-webhook/README.md b/test/images/crd-conversion-webhook/README.md deleted file mode 100644 index b04d34fde49..00000000000 --- a/test/images/crd-conversion-webhook/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Kubernetes External Admission Webhook Test Image - -The image tests CustomResourceConversionWebhook. After deploying it to kubernetes cluster, -administrator needs to create a CustomResourceConversion.Webhook -in kubernetes cluster to use remote webhook for conversions. - -## Build the code - -```bash -make build -``` diff --git a/test/images/crd-conversion-webhook/VERSION b/test/images/crd-conversion-webhook/VERSION deleted file mode 100644 index d24646986ce..00000000000 --- a/test/images/crd-conversion-webhook/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.13rev2 diff --git a/test/images/entrypoint-tester/Dockerfile b/test/images/entrypoint-tester/Dockerfile deleted file mode 100644 index 92dfe729995..00000000000 --- a/test/images/entrypoint-tester/Dockerfile +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM scratch -ADD ep ep -ADD ep ep-2 -EXPOSE 8080 -ENTRYPOINT ["/ep"] -CMD ["default", "arguments"] diff --git a/test/images/entrypoint-tester/Makefile b/test/images/entrypoint-tester/Makefile deleted file mode 100644 index 79201cd4197..00000000000 --- a/test/images/entrypoint-tester/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -SRCS=ep -ARCH ?= amd64 -TARGET ?= $(CURDIR) -GOLANG_VERSION ?= latest -SRC_DIR = $(notdir $(shell pwd)) -export - -bin: - ../image-util.sh bin $(SRCS) - -.PHONY: bin diff --git a/test/images/entrypoint-tester/VERSION b/test/images/entrypoint-tester/VERSION deleted file mode 100644 index d3827e75a5c..00000000000 --- a/test/images/entrypoint-tester/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.0 diff --git a/test/images/inclusterclient/Dockerfile b/test/images/inclusterclient/Dockerfile deleted file mode 100644 index 478ccddefed..00000000000 --- a/test/images/inclusterclient/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2019 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM gcr.io/distroless/static:latest - -ADD inclusterclient /inclusterclient -ENTRYPOINT ["/inclusterclient"] diff --git a/test/images/inclusterclient/Makefile b/test/images/inclusterclient/Makefile deleted file mode 100644 index 0ce0b522c41..00000000000 --- a/test/images/inclusterclient/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2019 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -SRCS = inclusterclient -ARCH ?= amd64 -TARGET ?= $(CURDIR) -GOLANG_VERSION ?= latest -SRC_DIR = $(notdir $(shell pwd)) -export - -bin: - ../image-util.sh bin $(SRCS) - -.PHONY: bin diff --git a/test/images/inclusterclient/VERSION b/test/images/inclusterclient/VERSION deleted file mode 100644 index d3827e75a5c..00000000000 --- a/test/images/inclusterclient/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.0 diff --git a/test/images/iperf/BASEIMAGE b/test/images/iperf/BASEIMAGE deleted file mode 100644 index 7f7f90c89a0..00000000000 --- a/test/images/iperf/BASEIMAGE +++ /dev/null @@ -1,4 +0,0 @@ -amd64=k8s.gcr.io/ubuntu-slim:0.12 -arm=k8s.gcr.io/ubuntu-slim-arm:0.12 -arm64=k8s.gcr.io/ubuntu-slim-arm64:0.12 -ppc64le=k8s.gcr.io/ubuntu-slim-ppc64le:0.12 diff --git a/test/images/iperf/Dockerfile b/test/images/iperf/Dockerfile deleted file mode 100644 index bfb0ce98794..00000000000 --- a/test/images/iperf/Dockerfile +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM BASEIMAGE - -CROSS_BUILD_COPY qemu-QEMUARCH-static /usr/bin/ - -RUN apt-get update && apt-get install -y --no-install-recommends iperf bash \ - && apt-get clean -y \ - && rm -rf /var/lib/apt/lists/* \ - && ln -s /usr/bin/iperf /usr/local/bin/iperf -RUN ls -altrh /usr/local/bin/iperf diff --git a/test/images/iperf/README.md b/test/images/iperf/README.md deleted file mode 100644 index 98f13a8e762..00000000000 --- a/test/images/iperf/README.md +++ /dev/null @@ -1,8 +0,0 @@ -This is a dockerfile which we curate inside of kubernetes for running iperf as a service. - -Eventually we would like to update it to iperf3. - -Possibly we might even start using a pure go based iperf and maintain the same cmd line abstraction. - - -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/images/iperf/README.md?pixel)]() diff --git a/test/images/iperf/VERSION b/test/images/iperf/VERSION deleted file mode 100644 index d3827e75a5c..00000000000 --- a/test/images/iperf/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.0 diff --git a/test/images/porter/.gitignore b/test/images/porter/.gitignore deleted file mode 100644 index c6f989a1ac4..00000000000 --- a/test/images/porter/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -porter -.tag diff --git a/test/images/porter/Dockerfile b/test/images/porter/Dockerfile deleted file mode 100644 index 4e5b6156043..00000000000 --- a/test/images/porter/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM scratch -ADD localhost.crt localhost.crt -ADD localhost.key localhost.key -ADD porter porter -ENTRYPOINT ["/porter"] diff --git a/test/images/porter/Makefile b/test/images/porter/Makefile deleted file mode 100644 index eefe96f71a0..00000000000 --- a/test/images/porter/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -SRCS=porter -ARCH ?= amd64 -TARGET ?= $(CURDIR) -GOLANG_VERSION ?= latest -SRC_DIR = $(notdir $(shell pwd)) -export - -bin: - ../image-util.sh bin $(SRCS) - -.PHONY: bin diff --git a/test/images/porter/README.md b/test/images/porter/README.md deleted file mode 100644 index d666e2984d3..00000000000 --- a/test/images/porter/README.md +++ /dev/null @@ -1,12 +0,0 @@ -This directory contains go source, Dockerfile and Makefile for making a test -container which serves requested data on ports specified in ENV variables. - -The included localhost.crt is a PEM-encoded TLS cert with SAN IPs -"127.0.0.1" and "[::1]", expiring in January 2084, generated from -src/crypto/tls: -go run generate_cert.go --rsa-bits 2048 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h - -To use a different cert/key, mount them into the pod and set the -CERT_FILE and KEY_FILE environment variables to the desired paths. - -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/images/porter/README.md?pixel)]() diff --git a/test/images/porter/VERSION b/test/images/porter/VERSION deleted file mode 100644 index d3827e75a5c..00000000000 --- a/test/images/porter/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.0 diff --git a/test/images/porter/pod.json b/test/images/porter/pod.json deleted file mode 100644 index d98387d831b..00000000000 --- a/test/images/porter/pod.json +++ /dev/null @@ -1,59 +0,0 @@ -{ - "kind": "Pod", - "apiVersion": "v1", - "metadata": { - "name": "porter" - }, - "spec": { - "containers": [ - { - "name": "porter", - "image": "gcr.io/kubernetes-e2e-test-images/porter-amd64:1.0", - "env": [ - { - "name": "SERVE_PORT_80", - "value": "foo" - }, - { - "name": "SERVE_PORT_81", - "value": "rewritten link" - }, - { - "name": "SERVE_TLS_PORT_443", - "value": "tls foo" - }, - { - "name": "SERVE_TLS_PORT_444", - "value": "tls rewritten link" - }, - { - "name": "CERT_FILE", - "value": "/localhost.crt" - }, - { - "name": "KEY_FILE", - "value": "/localhost.key" - } - ], - "ports": [ - { - "name": "p80", - "containerPort": 80 - }, - { - "name": "p81", - "containerPort": 81 - }, - { - "name": "p443", - "containerPort": 443 - }, - { - "name": "p444", - "containerPort": 444 - } - ] - } - ] - } -} diff --git a/test/images/serve-hostname/BASEIMAGE b/test/images/serve-hostname/BASEIMAGE deleted file mode 100644 index 44329aaa5b1..00000000000 --- a/test/images/serve-hostname/BASEIMAGE +++ /dev/null @@ -1,5 +0,0 @@ -amd64=busybox -arm=arm32v6/busybox -arm64=arm64v8/busybox -ppc64le=ppc64le/busybox -s390x=s390x/busybox diff --git a/test/images/serve-hostname/Dockerfile b/test/images/serve-hostname/Dockerfile deleted file mode 100644 index 7a2e3cbf4ca..00000000000 --- a/test/images/serve-hostname/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM BASEIMAGE -COPY serve_hostname / -EXPOSE 9376 -ENTRYPOINT ["/serve_hostname"] diff --git a/test/images/serve-hostname/Makefile b/test/images/serve-hostname/Makefile deleted file mode 100644 index 1c2ea577518..00000000000 --- a/test/images/serve-hostname/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# Copyright 2016 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -SRCS=serve_hostname -ARCH ?= amd64 -TARGET ?= $(CURDIR) -GOLANG_VERSION ?= latest -SRC_DIR = $(notdir $(shell pwd)) -export - -bin: - ../image-util.sh bin $(SRCS) - -.PHONY: bin diff --git a/test/images/serve-hostname/README.md b/test/images/serve-hostname/README.md deleted file mode 100644 index 4396a26888f..00000000000 --- a/test/images/serve-hostname/README.md +++ /dev/null @@ -1,39 +0,0 @@ -## serve_hostname - -This is a small util app to serve your hostname on TCP and/or UDP. Useful for testing. - -The `serve_hostname` Makefile supports multiple architectures, which means it may cross-compile and build a docker image easily. -Arch-specific busybox images serve as base images. - -If you are releasing a new version, please bump the `TAG` value in the `Makefile` before building the images. - -## How to release: - -``` -# Build cross-platform binaries -$ make all-push - -# Build for linux/amd64 (default) -$ make push ARCH=amd64 -# ---> staging-k8s.gcr.io/serve_hostname-amd64:TAG - -$ make push ARCH=arm -# ---> staging-k8s.gcr.io/serve_hostname-arm:TAG - -$ make push ARCH=arm64 -# ---> staging-k8s.gcr.io/serve_hostname-arm64:TAG - -$ make push ARCH=ppc64le -# ---> staging-k8s.gcr.io/serve_hostname-ppc64le:TAG - -$ make push ARCH=s390x -# ---> staging-k8s.gcr.io/serve_hostname-s390x:TAG -``` - -Of course, if you don't want to push the images, run `make all-container` or `make container ARCH={target_arch}` instead. - - -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/contrib/for-demos/serve_hostname/README.md?pixel)]() - - -[![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/test/images/serve_hostname/README.md?pixel)]() diff --git a/test/images/serve-hostname/VERSION b/test/images/serve-hostname/VERSION deleted file mode 100644 index 5625e59da88..00000000000 --- a/test/images/serve-hostname/VERSION +++ /dev/null @@ -1 +0,0 @@ -1.2 From 54be3825529ba16f16b1828f01e1828ae8ce8a1e Mon Sep 17 00:00:00 2001 From: Claudiu Belu Date: Mon, 20 May 2019 14:15:10 -0700 Subject: [PATCH 2/2] tests: Clarifies agnhost's entrypoint-tester's usage Some of the entrypoint-tester related tests overrides agnhost's default entrypoint with agnhost-2, and this function's args will only contain the subcommand's args (./agnhost entrypoint-tester these args), but we need to print *all* the args, which is why os.Args should be printed instead. --- test/images/agnhost/Dockerfile | 4 +++- test/images/agnhost/entrypoint-tester/ep.go | 6 +++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/test/images/agnhost/Dockerfile b/test/images/agnhost/Dockerfile index 9b8766a9b54..be4c2e8e6f8 100644 --- a/test/images/agnhost/Dockerfile +++ b/test/images/agnhost/Dockerfile @@ -40,7 +40,9 @@ ADD porter/localhost.key localhost.key ADD agnhost agnhost -# needed for the entrypoint-tester related tests. +# needed for the entrypoint-tester related tests. Some of the entrypoint-tester related tests +# overrides this image's entrypoint with agnhost-2 binary, and will verify that the correct +# entrypoint is used by the containers. RUN ln -s agnhost agnhost-2 ENTRYPOINT ["/agnhost"] diff --git a/test/images/agnhost/entrypoint-tester/ep.go b/test/images/agnhost/entrypoint-tester/ep.go index 2b9eb924181..7d9e177e964 100644 --- a/test/images/agnhost/entrypoint-tester/ep.go +++ b/test/images/agnhost/entrypoint-tester/ep.go @@ -31,8 +31,12 @@ var CmdEntrypointTester = &cobra.Command{ Run: main, } -// This program prints the arguments it's passed and exits. +// This program prints all the executable's arguments and exits. func main(cmd *cobra.Command, args []string) { + // Some of the entrypoint-tester related tests overrides agnhost's default entrypoint + // with agnhost-2, and this function's args will only contain the subcommand's + // args (./agnhost entrypoint-tester these args), but we need to print *all* the + // args, which is why os.Args should be printed instead. fmt.Printf("%v\n", os.Args) os.Exit(0) }