mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-30 05:43:58 +00:00

Files

Jan Safranek c4163a9cb8 Add label with access mode to SELinux metrics

In the KEP 1710 we promised to have all SELinux metrics with access mode
label, so cluster admin is able to distinguish when RWOP volumes are
failing to mount (-> SELinuxMountReadWriteOncePod feature gate must be
disabled) or volumes with any other access modes are failing (->
SELinuxMount feature gate must be disabled).

Adding the label to kubelet is quite straightforward, there were some
changes needed in the e2e test. Now grabMetrics() collects values of all
SELinux related metrics with all labels. It only skips unrelated volume
plugins. And waitForMetricIncrease gets metric with all labels on input, so
it can check that say RWOP metric increased and RWX one did not.

2024-03-04 13:16:56 +01:00

apimachinery

Add x-kubernetes-selectable-fields to fields excluded in publish openapi conformance comparisons

2024-03-02 11:14:06 -05:00

apps

e2e_apps:stop using deprecated framework.ExpectError

2024-02-27 13:46:36 +08:00

architecture

…

auth

ClusterTrustBundle projection: e2e test

2023-11-03 12:08:35 -07:00

autoscaling

Skip autoscaling tests when we hit rate limits

2024-02-24 18:07:49 -05:00

chaosmonkey

…

cloud

Merge pull request #121146 from shijinye/e2ecleanup-cloud-notequal

2024-02-05 08:44:53 -08:00

common

Merge pull request #121606 from saschagrunert/user-namespaces-serial-test

2024-02-28 13:54:25 -08:00

dra

Make golang::setup-env turn on workspaces

2024-02-29 22:07:42 -08:00

environment

e2e labels: ensure that the lists remain sorted

2024-02-13 11:51:45 +01:00

feature

Merge pull request #123554 from jsafrane/selinux-rwx-tests

2024-03-01 06:43:17 -08:00

framework

e2e pod: fail fast on failed pod

2024-03-04 00:01:02 +08:00

instrumentation

Skip autoscaling tests when we hit rate limits

2024-02-24 18:07:49 -05:00

kubectl

remote command turn on feature gates

2024-02-27 02:05:24 +00:00

lifecycle

e2e: use framework labels

2023-11-01 15:17:34 +01:00

network

e2e/service.go: remove same node nodeport test

2024-03-01 17:01:07 -06:00

node

Fix panic in getNpdPodStat

2024-02-28 10:50:43 -05:00

nodefeature

e2e labels: add placeholder docs for existing items

2024-02-13 11:57:36 +01:00

perftype

…

reporters

…

scheduling

Add providerless tags appropriately in test/

2024-01-07 08:16:05 -05:00

storage

Add label with access mode to SELinux metrics

2024-03-04 13:16:56 +01:00

testing-manifests

Switch to newer cos-gpu-installer - v2.1.10

2024-03-03 14:22:24 -05:00

upgrades

Always test PDB's during service upgrade test

2024-02-15 14:22:46 +01:00

windows

Merge pull request #120254 from ionutbalutoiu/windows-tests/conn-check-retries

2024-01-17 02:21:38 +01:00

e2e_test.go

…

e2e-example-config.json

…

e2e.go

e2e: replace klog.Fatal with assertion

2024-01-19 10:14:07 +01:00

providers.go

import providers selectively based on the tag

2024-01-07 08:16:05 -05:00

README.md

e2e: use framework labels

2023-11-01 15:17:34 +01:00

suites.go

…

README.md

test/e2e

This is home to e2e tests used for presubmit, periodic, and postsubmit jobs.

Some of these jobs are merge-blocking, some are release-blocking.

e2e test ownership

All e2e tests must adhere to the following policies:

the test must be owned by one and only one SIG
the test must live in/underneath a sig-owned package matching pattern: test/e2e/[{subpath}/]{sig}/..., e.g.
- test/e2e/auth - all tests owned by sig-auth
- test/e2e/common/storage - all tests common to cluster-level and node-level e2e tests, owned by sig-node
- test/e2e/upgrade/apps - all tests used in upgrade testing, owned by sig-apps
each sig-owned package should have an OWNERS file defining relevant approvers and labels for the owning sig, e.g.

# test/e2e/node/OWNERS
# See the OWNERS docs at https://go.k8s.io/owners

approvers:
- alice
- bob
- cynthia
emeritus_approvers:
- dave
reviewers:
- sig-node-reviewers
labels:
- sig/node

packages that use {subpath} should have an imports.go file importing sig-owned packages (for ginkgo's benefit), e.g.

// test/e2e/common/imports.go
package common

import (
	// ensure these packages are scanned by ginkgo for e2e tests
	_ "k8s.io/kubernetes/test/e2e/common/network"
	_ "k8s.io/kubernetes/test/e2e/common/node"
	_ "k8s.io/kubernetes/test/e2e/common/storage"
)

test ownership must be declared via a top-level SIGDescribe call defined in the sig-owned package, e.g.

// test/e2e/lifecycle/framework.go
package lifecycle

import "k8s.io/kubernetes/test/e2e/framework"

// SIGDescribe annotates the test with the SIG label.
var SIGDescribe = framework.SIGDescribe("cluster-lifecycle")

// test/e2e/lifecycle/bootstrap/bootstrap_signer.go

package bootstrap

import (
	"github.com/onsi/ginkgo"
	"k8s.io/kubernetes/test/e2e/lifecycle"
)
var _ = lifecycle.SIGDescribe("cluster", feature.BootstrapTokens, func() {
  /* ... */
  ginkgo.It("should sign the new added bootstrap tokens", func(ctx context.Context) {
    /* ... */
  })
  /* etc */
})

These polices are enforced:

via the merge-blocking presubmit job pull-kubernetes-verify
which ends up running hack/verify-e2e-test-ownership.sh
which can also be run via make verify WHAT=e2e-test-ownership

more info

See kubernetes/community/.../e2e-tests.md