search

SAP-archive / karydia

Kubernetes Security Walnut
Other
77 stars 10 forks source link

e2e tests #40

Closed schu closed 5 years ago

schu commented 5 years ago

Contains boilerplate code to setup the test environment plus a first e2e test.

schu commented 5 years ago

I briefly tried to setup CircleCI, but Minikube's localkube setup isn't really an option anymore (long deprecated, supports only k8s <=1.10, entirely removed from the project now). So I suggest we merge the tests to be able to add more tests and test locally and setup CI from a separate pull request and on a different platform later.

schu commented 5 years ago

The fact that I added tests/manifests/deployment.yml is a bit of a hack: manifests/deployment.yml enables more features and would require more setup code for the tests to work. So we need to decide if we setup all test components from the example manifests or from code. Right now it's a mix.

Using the example manifests has the advantage that they are constantly tested too.

schu commented 5 years ago

The fact that I added tests/manifests/deployment.yml is a bit of a hack: manifests/deployment.yml enables more features and would require more setup code for the tests to work. So we need to decide if we setup all test components from the example manifests or from code. Right now it's a mix.

I dropped the extra manifest and all resources are created from code now.

schu commented 5 years ago

@alban please take a look.

alban commented 5 years ago

Does Minikube work on Semaphore CI with recent versions of Kubernetes?

I see this script using minikube on Semaphore CI (by using an old version of minikube: https://github.com/sorintlab/stolon/commit/e6969ccf2ee7a6f41684edab9da7624e3e4938f5)

schu commented 5 years ago

s/reuqests/requests

Fixed, thanks.

What are Kind=Binding?

It's about https://github.com/kubernetes/kubernetes/blob/cc67ccfd7f4f0bc96d7f1c8e5fe8577821757d03/staging/src/k8s.io/apiserver/pkg/admission/interfaces.go#L38-L40 - particularly

The binding resource for a pod though may be /pods/foo/binding, which has resource "pods", subresource "binding", and kind "Binding".

Ultimately https://github.com/kubernetes/community/blob/master/contributors/devel/api-conventions.md#types-kinds IIUC, i.e.

/binding: Used to bind a resource representing a user request (e.g., Pod, PersistentVolumeClaim) to a cluster infrastructure resource (e.g., Node, PersistentVolume).

schu commented 5 years ago

Does Minikube work on Semaphore CI with recent versions of Kubernetes?

I haven't tried and only used CircleCI in the past (when localkube still was a valuable option). Let's decide that outside of this pull request.

alban commented 5 years ago

Thanks for the links!

LGTM