# This file contains common environment variables and setup logic for all test # scripts. It assumes that the following environment variables are set by the # Makefile: # - PLATFORM # - TAG # - SHA # - ARTIFACTS # - TALOSCTL # - INTEGRATION_TEST # - KUBECTL # - SHORT_INTEGRATION_TEST # - CUSTOM_CNI_URL # - IMAGE # - INSTALLER_IMAGE # # Some environment variables set in this file (e. g. TALOS_VERSION and KUBERNETES_VERSION) # are referenced by https://github.com/siderolabs/cluster-api-templates. # See other e2e-*.sh scripts. set -eoux pipefail TMP="/tmp/e2e/${PLATFORM}" mkdir -p "${TMP}" # Talos export TALOSCONFIG="${TMP}/talosconfig" export TALOS_VERSION=v1.1 # Kubernetes export KUBECONFIG="${TMP}/kubeconfig" export KUBERNETES_VERSION=${KUBERNETES_VERSION:-1.26.0-beta.0} export NAME_PREFIX="talos-e2e-${SHA}-${PLATFORM}" export TIMEOUT=1200 export NUM_NODES=6 # default values, overridden by talosctl cluster create tests PROVISIONER= CLUSTER_NAME= cleanup_capi() { ${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig delete cluster ${NAME_PREFIX} } # Create a cluster via CAPI. function create_cluster_capi { trap cleanup_capi EXIT ${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig apply -f ${TMP}/cluster.yaml # Wait for first controlplane machine to have a name timeout=$(($(date +%s) + ${TIMEOUT})) until [ -n "$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -l cluster.x-k8s.io/control-plane,cluster.x-k8s.io/cluster-name=${NAME_PREFIX} --all-namespaces -o json | jq -re '.items[0].metadata.name | select (.!=null)')" ]; do [[ $(date +%s) -gt $timeout ]] && exit 1 sleep 10 ${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -l cluster.x-k8s.io/control-plane,cluster.x-k8s.io/cluster-name=${NAME_PREFIX} --all-namespaces done FIRST_CP_NODE=$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -l cluster.x-k8s.io/control-plane,cluster.x-k8s.io/cluster-name=${NAME_PREFIX} --all-namespaces -o json | jq -r '.items[0].metadata.name') # Wait for first controlplane machine to have a talosconfig ref timeout=$(($(date +%s) + ${TIMEOUT})) until [ -n "$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine ${FIRST_CP_NODE} -o json | jq -re '.spec.bootstrap.configRef.name | select (.!=null)')" ]; do [[ $(date +%s) -gt $timeout ]] && exit 1 sleep 10 done FIRST_CP_TALOSCONFIG=$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine ${FIRST_CP_NODE} -o json | jq -re '.spec.bootstrap.configRef.name') # Wait for talosconfig in cm then dump it out timeout=$(($(date +%s) + ${TIMEOUT})) until [ -n "$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get talosconfig ${FIRST_CP_TALOSCONFIG} -o jsonpath='{.status.talosConfig}')" ]; do [[ $(date +%s) -gt $timeout ]] && exit 1 sleep 10 done ${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get talosconfig ${FIRST_CP_TALOSCONFIG} -o jsonpath='{.status.talosConfig}' > ${TALOSCONFIG} # Wait until we have an IP for first controlplane node timeout=$(($(date +%s) + ${TIMEOUT})) until [ -n "$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -o go-template --template='{{range .status.addresses}}{{if eq .type "ExternalIP"}}{{.address}}{{end}}{{end}}' ${FIRST_CP_NODE})" ]; do [[ $(date +%s) -gt $timeout ]] && exit 1 sleep 10 done MASTER_IP=$(${KUBECTL} --kubeconfig /tmp/e2e/docker/kubeconfig get machine -o go-template --template='{{range .status.addresses}}{{if eq .type "ExternalIP"}}{{.address}}{{end}}{{end}}' ${FIRST_CP_NODE}) "${TALOSCTL}" config endpoint "${MASTER_IP}" "${TALOSCTL}" config node "${MASTER_IP}" # Wait for the kubeconfig from first cp node timeout=$(($(date +%s) + ${TIMEOUT})) until get_kubeconfig; do [[ $(date +%s) -gt $timeout ]] && exit 1 sleep 10 done # Wait for nodes to check in timeout=$(($(date +%s) + ${TIMEOUT})) until ${KUBECTL} get nodes -o go-template='{{ len .items }}' | grep ${NUM_NODES} >/dev/null; do [[ $(date +%s) -gt $timeout ]] && exit 1 ${KUBECTL} get nodes -o wide && : sleep 10 done # Wait for nodes to be ready timeout=$(($(date +%s) + ${TIMEOUT})) until ${KUBECTL} wait --timeout=1s --for=condition=ready=true --all nodes > /dev/null; do [[ $(date +%s) -gt $timeout ]] && exit 1 ${KUBECTL} get nodes -o wide && : sleep 10 done # Verify that we have an HA controlplane timeout=$(($(date +%s) + ${TIMEOUT})) until ${KUBECTL} get nodes -l node-role.kubernetes.io/control-plane='' -o go-template='{{ len .items }}' | grep 3 > /dev/null; do [[ $(date +%s) -gt $timeout ]] && exit 1 ${KUBECTL} get nodes -l node-role.kubernetes.io/control-plane='' && : sleep 10 done } function run_talos_integration_test { case "${SHORT_INTEGRATION_TEST:-no}" in yes|true|y) TEST_SHORT="-test.short" ;; *) TEST_SHORT="" ;; esac case "${INTEGRATION_TEST_RUN:-no}" in no) TEST_RUN="-test.run ." ;; *) TEST_RUN="-test.run ${INTEGRATION_TEST_RUN}" ;; esac "${INTEGRATION_TEST}" -test.v -talos.failfast -talos.talosctlpath "${TALOSCTL}" -talos.kubectlpath "${KUBECTL}" -talos.provisioner "${PROVISIONER}" -talos.name "${CLUSTER_NAME}" ${TEST_RUN} ${TEST_SHORT} } function run_talos_integration_test_docker { case "${SHORT_INTEGRATION_TEST:-no}" in yes|true|y) TEST_SHORT="-test.short" ;; *) TEST_SHORT="" ;; esac case "${INTEGRATION_TEST_RUN:-no}" in no) TEST_RUN="-test.run ." ;; *) TEST_RUN="-test.run ${INTEGRATION_TEST_RUN}" ;; esac "${INTEGRATION_TEST}" -test.v -talos.talosctlpath "${TALOSCTL}" -talos.kubectlpath "${KUBECTL}" -talos.k8sendpoint 127.0.0.1:6443 -talos.provisioner "${PROVISIONER}" -talos.name "${CLUSTER_NAME}" ${TEST_RUN} ${TEST_SHORT} } function run_kubernetes_conformance_test { "${TALOSCTL}" conformance kubernetes --mode="${1}" } function run_kubernetes_integration_test { "${TALOSCTL}" health --run-e2e } function run_control_plane_cis_benchmark { ${KUBECTL} apply -f ${PWD}/hack/test/cis/kube-bench-master.yaml ${KUBECTL} wait --timeout=300s --for=condition=complete job/kube-bench-master > /dev/null ${KUBECTL} logs job/kube-bench-master } function run_worker_cis_benchmark { ${KUBECTL} apply -f ${PWD}/hack/test/cis/kube-bench-node.yaml ${KUBECTL} wait --timeout=300s --for=condition=complete job/kube-bench-node > /dev/null ${KUBECTL} logs job/kube-bench-node } function get_kubeconfig { rm -f "${TMP}/kubeconfig" "${TALOSCTL}" kubeconfig "${TMP}" } function dump_cluster_state { nodes=$(${KUBECTL} get nodes -o jsonpath="{.items[*].status.addresses[?(@.type == 'InternalIP')].address}" | tr [:space:] ',') "${TALOSCTL}" -n ${nodes} services ${KUBECTL} get nodes -o wide ${KUBECTL} get pods --all-namespaces -o wide } function build_registry_mirrors { if [[ "${CI:-false}" == "true" ]]; then REGISTRY_MIRROR_FLAGS= for registry in docker.io k8s.gcr.io quay.io gcr.io ghcr.io registry.dev.talos-systems.io; do local service="registry-${registry//./-}.ci.svc" local addr=`python3 -c "import socket; print(socket.gethostbyname('${service}'))"` REGISTRY_MIRROR_FLAGS="${REGISTRY_MIRROR_FLAGS} --registry-mirror ${registry}=http://${addr}:5000" done else # use the value from the environment, if present REGISTRY_MIRROR_FLAGS=${REGISTRY_MIRROR_FLAGS:-} fi } function run_extensions_test { echo "Testing gVsisor..." ${KUBECTL} apply -f ${PWD}/hack/test/gvisor/manifest.yaml sleep 10 ${KUBECTL} wait --for=condition=ready pod nginx-gvisor --timeout=1m echo "Testing firmware extension..." ${TALOSCTL} ls -lr /lib/firmware | grep intel-ucode echo "Testing extension service..." curl http://172.20.1.2/ | grep Hello } function run_csi_tests { ${HELM} repo add rook-release https://charts.rook.io/release ${HELM} repo update ${HELM} upgrade --install --version=v1.8.2 --set=pspEnable=false --create-namespace --namespace rook-ceph rook-ceph rook-release/rook-ceph ${HELM} upgrade --install --version=v1.8.2 --set=pspEnable=false --create-namespace --namespace rook-ceph rook-ceph-cluster rook-release/rook-ceph-cluster ${KUBECTL} label ns rook-ceph pod-security.kubernetes.io/enforce=privileged # wait for the controller to populate the status field sleep 30 ${KUBECTL} --namespace rook-ceph wait --timeout=900s --for=jsonpath='{.status.phase}=Ready' cephclusters.ceph.rook.io/rook-ceph ${KUBECTL} --namespace rook-ceph wait --timeout=900s --for=jsonpath='{.status.state}=Created' cephclusters.ceph.rook.io/rook-ceph # .status.ceph is populated later only sleep 60 ${KUBECTL} --namespace rook-ceph wait --timeout=900s --for=jsonpath='{.status.ceph.health}=HEALTH_OK' cephclusters.ceph.rook.io/rook-ceph # hack until https://github.com/kastenhq/kubestr/issues/101 is addressed KUBERNETES_SERVICE_HOST= KUBECONFIG="${TMP}/kubeconfig" ${KUBESTR} fio --storageclass ceph-block --size 10G }