github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-30 06:54:01 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #99862 from jsturtevant/windows-gmsa-full-fix

Browse Source 
[Test] [sig-windows] Make sure the GMSA output doesn't have failures when resolving the domain
This commit is contained in:
Kubernetes Prow Robot 2021-03-09 16:08:16 -08:00 committed by GitHub
commit e57e476153
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
test/e2e/windows/gmsa_full.go
View File

@ -77,6 +77,12 @@ const (
// gmsaWebhookDeployScriptURL is the URL of the deploy script for the GMSA webook // gmsaWebhookDeployScriptURL is the URL of the deploy script for the GMSA webook
// TODO(wk8): we should pin versions. // TODO(wk8): we should pin versions.
gmsaWebhookDeployScriptURL = "https://raw.githubusercontent.com/kubernetes-sigs/windows-gmsa/master/admission-webhook/deploy/deploy-gmsa-webhook.sh" gmsaWebhookDeployScriptURL = "https://raw.githubusercontent.com/kubernetes-sigs/windows-gmsa/master/admission-webhook/deploy/deploy-gmsa-webhook.sh"
// output from the nltest /query command should have this in it
expectedQueryOutput = "The command completed successfully"
// The name of the expected domain
gmsaDomain = "k8sgmsa.lan"
) )
var _ = SIGDescribe("[Feature:Windows] GMSA Full [Serial] [Slow]", func() { var _ = SIGDescribe("[Feature:Windows] GMSA Full [Serial] [Slow]", func() {
@ -140,17 +146,34 @@ var _ = SIGDescribe("[Feature:Windows] GMSA Full [Serial] [Slow]", func() {
var output string var output string
gomega.Eventually(func() bool { gomega.Eventually(func() bool {
output, err = runKubectlExecInNamespace(f.Namespace.Name, podName, "nltest", "/QUERY") output, err = runKubectlExecInNamespace(f.Namespace.Name, podName, "nltest", "/QUERY")
return err == nil if err != nil {
}, 1*time.Minute, 1*time.Second).Should(gomega.BeTrue()) framework.Logf("unable to run command in container via exec: %s", err)
return false
expectedSubstr := "The command completed successfully"
if !strings.Contains(output, expectedSubstr) {
framework.Failf("Expected %q to contain %q", output, expectedSubstr)
} }
if !isValidOutput(output) {
// try repairing the secure channel by running reset command
// https://kubernetes.io/docs/tasks/configure-pod-container/configure-gmsa/#troubleshooting
output, err = runKubectlExecInNamespace(f.Namespace.Name, podName, "nltest", fmt.Sprintf("/sc_reset:%s", gmsaDomain))
if err != nil {
framework.Logf("unable to run command in container via exec: %s", err)
return false
}
framework.Logf("failed to connect to domain; tried resetting the domain, output:\n%s", string(output))
return false
}
return true
}, 1*time.Minute, 1*time.Second).Should(gomega.BeTrue())
}) })
}) })
}) })
func isValidOutput(output string) bool {
return strings.Contains(output, expectedQueryOutput) &&
!strings.Contains(output, "ERROR_NO_LOGON_SERVERS") &&
!strings.Contains(output, "RPC_S_SERVER_UNAVAILABLE")
}
// findPreconfiguredGmsaNode finds node with the gmsaFullNodeLabel label on it. // findPreconfiguredGmsaNode finds node with the gmsaFullNodeLabel label on it.
func findPreconfiguredGmsaNodes(c clientset.Interface) []v1.Node { func findPreconfiguredGmsaNodes(c clientset.Interface) []v1.Node {
nodeOpts := metav1.ListOptions{ nodeOpts := metav1.ListOptions{