Skip to content

Commit 645c7c7

Browse files
jsafranejsafrane
committed
Add SELinuxMount tests
SELinuxMount is a new alpha feature gate in Kubernetes 1.30. Add tests for it as a new job. kops-aws-selinux: - Has SELinuxMountReadWriteOnce feature gate on (it's beta). - Has SELinuxMount feature gate off (it's alpha). -> Run all SELinux tests except those that require FeatureGate:SELinuxMount. kops-aws-selinux-alpha: - Has both SELinuxMount and SELinuxMountReadWriteOnce enabled. -> Run Run all SELinux tests except Feature:SELinuxMountReadWriteOnceOnly. (these tests require SELinuxMount off).
1 parent 7f8e4cb commit 645c7c7

11 files changed

+334
-230
lines changed

config/jobs/kubernetes/kops/build_jobs.py

Lines changed: 36 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -858,7 +858,7 @@ def generate_misc():
858858
runs_per_day=3,
859859
extra_dashboards=['kops-misc']),
860860

861-
# [sig-storage, @jsafrane] A one-off scenario testing SELinux features, because kops
861+
# [sig-storage, @jsafrane] Test SELinux features, because kops
862862
# is the only way how to get Kubernetes on a Linux with SELinux in enforcing mode in CI.
863863
# Test the latest kops and CI build of Kubernetes (=almost master).
864864
build_test(name_override="kops-aws-selinux",
@@ -879,14 +879,48 @@ def generate_misc():
879879
# - Driver: local: this is optimization only, the volume plugin does not
880880
# support SELinux and there are several subvariants of local volumes
881881
# that multiply nr. of tests.
882-
skip_regex=r"\[Feature:Volumes\]|\[Driver:.nfs\]|\[Driver:.local\]",
882+
# - FeatureGate:SELinuxMount: the feature gate is alpha / disabled by default
883+
# in v1.30.
884+
skip_regex=r"\[Feature:Volumes\]|\[Driver:.nfs\]|\[Driver:.local\]|\FeatureGate:SELinuxMount\]", # pylint: disable=line-too-long
883885
# [Serial] and [Disruptive] are intentionally not skipped, therefore run
884886
# everything as serial.
885887
test_parallelism=1,
886888
# Serial and Disruptive tests can be slow.
887889
test_timeout_minutes=120,
888890
runs_per_day=3),
889891

892+
# [sig-storage, @jsafrane] A one-off scenario testing SELinuxMount feature (alpha in v1.30).
893+
# This will need to merge with kops-aws-selinux when SELinuxMount gets enabled by default.
894+
build_test(name_override="kops-aws-selinux-alpha",
895+
# RHEL8 VM image is enforcing SELinux by default.
896+
distro="rhel8",
897+
networking="cilium",
898+
k8s_version="ci",
899+
kops_channel="alpha",
900+
feature_flags=['SELinuxMount'],
901+
kubernetes_feature_gates="SELinuxMount",
902+
extra_flags=[
903+
"--set=cluster.spec.containerd.selinuxEnabled=true",
904+
],
905+
focus_regex=r"\[Feature:SELinux\]",
906+
# Skip:
907+
# - Feature:Volumes: skips iSCSI and Ceph tests, they don't have client tools
908+
# installed on nodes.
909+
# - Driver: nfs: NFS does not have client tools installed on nodes.
910+
# - Driver: local: this is optimization only, the volume plugin does not
911+
# support SELinux and there are several subvariants of local volumes
912+
# that multiply nr. of tests.
913+
# - Feature:SELinuxMountReadWriteOncePodOnly: these tests require SELinuxMount
914+
# feature gate off.
915+
skip_regex=r"\[Feature:Volumes\]|\[Driver:.nfs\]|\[Driver:.local\]|\[Feature:SELinuxMountReadWriteOncePodOnly\]", # pylint: disable=line-too-long
916+
# [Serial] and [Disruptive] are intentionally not skipped, therefore run
917+
# everything as serial.
918+
test_parallelism=1,
919+
# Serial and Disruptive tests can be slow.
920+
test_timeout_minutes=120,
921+
runs_per_day=3),
922+
923+
890924
# test kube-up to kops jobs migration
891925
build_test(name_override="ci-kubernetes-e2e-cos-gce-canary",
892926
cloud="gce",

config/jobs/kubernetes/kops/kops-periodics-conformance.yaml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ periodics:
3232
-v 2 \
3333
--up --down \
3434
--cloud-provider=aws \
35-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20240220' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \
35+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20240301' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \
3636
--kops-version-marker=https://storage.googleapis.com/kops-ci/markers/release-1.29/latest-ci-updown-green.txt \
3737
--kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \
3838
--test=kops \
@@ -98,7 +98,7 @@ periodics:
9898
-v 2 \
9999
--up --down \
100100
--cloud-provider=aws \
101-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-arm64-server-20240220' --channel=alpha --networking=calico --zones=eu-central-1a --node-size=t4g.large --master-size=t4g.large --discovery-store=s3://k8s-kops-prow/discovery" \
101+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-arm64-server-20240301' --channel=alpha --networking=calico --zones=eu-central-1a --node-size=t4g.large --master-size=t4g.large --discovery-store=s3://k8s-kops-prow/discovery" \
102102
--kops-version-marker=https://storage.googleapis.com/kops-ci/markers/release-1.29/latest-ci-updown-green.txt \
103103
--kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \
104104
--test=kops \
@@ -164,7 +164,7 @@ periodics:
164164
-v 2 \
165165
--up --down \
166166
--cloud-provider=aws \
167-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20240220' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \
167+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20240301' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \
168168
--kops-version-marker=https://storage.googleapis.com/kops-ci/markers/release-1.28/latest-ci-updown-green.txt \
169169
--kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \
170170
--test=kops \
@@ -230,7 +230,7 @@ periodics:
230230
-v 2 \
231231
--up --down \
232232
--cloud-provider=aws \
233-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-arm64-server-20240220' --channel=alpha --networking=calico --zones=eu-central-1a --node-size=t4g.large --master-size=t4g.large --discovery-store=s3://k8s-kops-prow/discovery" \
233+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-arm64-server-20240301' --channel=alpha --networking=calico --zones=eu-central-1a --node-size=t4g.large --master-size=t4g.large --discovery-store=s3://k8s-kops-prow/discovery" \
234234
--kops-version-marker=https://storage.googleapis.com/kops-ci/markers/release-1.28/latest-ci-updown-green.txt \
235235
--kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \
236236
--test=kops \
@@ -296,7 +296,7 @@ periodics:
296296
-v 2 \
297297
--up --down \
298298
--cloud-provider=aws \
299-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20240220' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \
299+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20240301' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \
300300
--kops-version-marker=https://storage.googleapis.com/kops-ci/markers/release-1.27/latest-ci-updown-green.txt \
301301
--kubernetes-version=https://dl.k8s.io/release/stable-1.27.txt \
302302
--test=kops \
@@ -362,7 +362,7 @@ periodics:
362362
-v 2 \
363363
--up --down \
364364
--cloud-provider=aws \
365-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-arm64-server-20240220' --channel=alpha --networking=calico --zones=eu-central-1a --node-size=t4g.large --master-size=t4g.large --discovery-store=s3://k8s-kops-prow/discovery" \
365+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-arm64-server-20240301' --channel=alpha --networking=calico --zones=eu-central-1a --node-size=t4g.large --master-size=t4g.large --discovery-store=s3://k8s-kops-prow/discovery" \
366366
--kops-version-marker=https://storage.googleapis.com/kops-ci/markers/release-1.27/latest-ci-updown-green.txt \
367367
--kubernetes-version=https://dl.k8s.io/release/stable-1.27.txt \
368368
--test=kops \

config/jobs/kubernetes/kops/kops-periodics-distros.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -224,7 +224,7 @@ periodics:
224224
-v 2 \
225225
--up --down \
226226
--cloud-provider=aws \
227-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20240215' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \
227+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-20240229' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \
228228
--kops-version-marker=https://storage.googleapis.com/kops-ci/bin/latest-ci-updown-green.txt \
229229
--kubernetes-version=https://dl.k8s.io/release/stable.txt \
230230
--test=kops \
@@ -288,7 +288,7 @@ periodics:
288288
-v 2 \
289289
--up --down \
290290
--cloud-provider=aws \
291-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-arm64-server-20240215' --channel=alpha --networking=cilium --zones=eu-west-1a --node-size=m6g.large --master-size=m6g.large --discovery-store=s3://k8s-kops-prow/discovery" \
291+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-focal-20.04-arm64-server-20240229' --channel=alpha --networking=cilium --zones=eu-west-1a --node-size=m6g.large --master-size=m6g.large --discovery-store=s3://k8s-kops-prow/discovery" \
292292
--kops-version-marker=https://storage.googleapis.com/kops-ci/bin/latest-ci-updown-green.txt \
293293
--kubernetes-version=https://dl.k8s.io/release/stable.txt \
294294
--test=kops \
@@ -352,7 +352,7 @@ periodics:
352352
-v 2 \
353353
--up --down \
354354
--cloud-provider=aws \
355-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20240220' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \
355+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-20240301' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \
356356
--kops-version-marker=https://storage.googleapis.com/kops-ci/bin/latest-ci-updown-green.txt \
357357
--kubernetes-version=https://dl.k8s.io/release/stable.txt \
358358
--test=kops \
@@ -416,7 +416,7 @@ periodics:
416416
-v 2 \
417417
--up --down \
418418
--cloud-provider=aws \
419-
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-arm64-server-20240220' --channel=alpha --networking=cilium --zones=eu-west-1a --node-size=m6g.large --master-size=m6g.large --discovery-store=s3://k8s-kops-prow/discovery" \
419+
--create-args="--image='099720109477/ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-arm64-server-20240301' --channel=alpha --networking=cilium --zones=eu-west-1a --node-size=m6g.large --master-size=m6g.large --discovery-store=s3://k8s-kops-prow/discovery" \
420420
--kops-version-marker=https://storage.googleapis.com/kops-ci/bin/latest-ci-updown-green.txt \
421421
--kubernetes-version=https://dl.k8s.io/release/stable.txt \
422422
--test=kops \
@@ -480,7 +480,7 @@ periodics:
480480
-v 2 \
481481
--up --down \
482482
--cloud-provider=aws \
483-
--create-args="--image='137112412989/amzn2-ami-kernel-5.10-hvm-2.0.20240131.0-x86_64-gp2' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \
483+
--create-args="--image='137112412989/amzn2-ami-kernel-5.10-hvm-2.0.20240223.0-x86_64-gp2' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \
484484
--kops-version-marker=https://storage.googleapis.com/kops-ci/bin/latest-ci-updown-green.txt \
485485
--kubernetes-version=https://dl.k8s.io/release/stable.txt \
486486
--test=kops \

0 commit comments

Comments
 (0)