test failure

Signed-off-by: Aryan-sharma11 <[email protected]>
Aryan-sharma11 · Feb 5, 2025 · 17ad20a · 17ad20a
1 parent f11bfeb
commit 17ad20a
Show file tree

Hide file tree

Showing 5 changed files with 34 additions and 3 deletions.
diff --git a/.github/workflows/ci-test-controllers.yml b/.github/workflows/ci-test-controllers.yml
@@ -95,14 +95,30 @@ jobs:
             kubectl rollout status --timeout=5m daemonset -l kubearmor-app=kubearmor -n kubearmor
             kubectl rollout status --timeout=5m deployment -n kubearmor -l kubearmor-app=kubearmor-controller -n kubearmor
             kubectl get pods -A
-          done         
+          done 
+          
+      - name: Get KubeArmor POD info
+        run: |
+          DAEMONSET_NAME=$(kubectl get daemonset -n kubearmor -o jsonpath='{.items[0].metadata.name}')
+          LABEL_SELECTOR=$(kubectl get daemonset $DAEMONSET_NAME -n kubearmor -o jsonpath='{.spec.selector.matchLabels}' | jq -r 'to_entries[] | "\(.key)=\(.value)"' | paste -sd, -)
+          POD_NAME=$(kubectl get pods -n kubearmor -l "$LABEL_SELECTOR" -o jsonpath='{.items[*].metadata.name}')
+          echo "Pod: $POD_NAME"
+          echo "POD_NAME=$POD_NAME" >> $GITHUB_ENV
+          sleep 15
+          kubectl get pods -A 
+          kubectl logs -n kubearmor "$POD_NAME"      
 
       - name: Test KubeArmor using Ginkgo
         run: |
           go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo
-          ginkgo --vv --flake-attempts=10 --timeout=10m smoke/
+          ginkgo --vv --flake-attempts=10 --timeout=10m blockposture/
         working-directory: ./tests/k8s_env
         timeout-minutes: 30
+
+      - name: Controller logs
+        if: ${{ failure() }}
+        run: |
+          kubectl logs -l app=kubearmor-controller -n kubearmor --all-containers=true -f
 
       - name: Get karmor sysdump
         if: ${{ failure() }}

diff --git a/.github/workflows/ci-test-ginkgo.yml b/.github/workflows/ci-test-ginkgo.yml
@@ -172,13 +172,21 @@ jobs:
           POD_NAME=$(kubectl get pods -n kubearmor -l "$LABEL_SELECTOR" -o jsonpath='{.items[*].metadata.name}')
           echo "Pod: $POD_NAME"
           echo "POD_NAME=$POD_NAME" >> $GITHUB_ENV
+          sleep 15
+          kubectl get pods -A 
+          kubectl logs -n kubearmor "$POD_NAME"
+          kubectl logs -l app=kubearmor-controller -n kubearmor --all-containers=true 
 
       - name: Test KubeArmor using Ginkgo
         run: |
           go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo
           make
         working-directory: ./tests/k8s_env
         timeout-minutes: 30
+      - name: Controller logs
+        if: ${{ failure() }}
+        run: |
+          kubectl logs -l app=kubearmor-controller -n kubearmor --all-containers=true -f
 
       - name: Kill KubeArmor prcoess in the pod
         run: |

diff --git a/pkg/KubeArmorController/handlers/pod_mutation.go b/pkg/KubeArmorController/handlers/pod_mutation.go
@@ -6,6 +6,7 @@ package handlers
 import (
 	"context"
 	"encoding/json"
+	"fmt"
 	"net/http"
 
 	"github.com/go-logr/logr"
@@ -64,8 +65,11 @@ func (a *PodAnnotator) Handle(ctx context.Context, req admission.Request) admiss
 		}
 		a.Cluster.ClusterLock.RUnlock()
 		if annotate {
+			fmt.Println("updating pod annotation")
 			common.AppArmorAnnotatorBinding(binding, pod)
 		}
+		fmt.Println("annotation binidng", binding)
+
 		// == //
 		// send the mutation response
 		marshaledPod, err := json.Marshal(binding)
@@ -100,8 +104,10 @@ func (a *PodAnnotator) Handle(ctx context.Context, req admission.Request) admiss
 		}
 		a.Cluster.ClusterLock.RUnlock()
 		if annotate {
+			fmt.Println("updating pod annotation")
 			common.AppArmorAnnotator(pod)
 		}
+		fmt.Println("annotation pod", pod)
 
 	}
 	// == //

diff --git a/tests/k8s_env/Makefile b/tests/k8s_env/Makefile
@@ -6,7 +6,7 @@ build:
 	@go mod tidy
 	# run in two steps as syscall suite fails if run at the very end
 	# see - https://github.com/kubearmor/KubeArmor/issues/1269
-	@ginkgo --vv --flake-attempts=10 --timeout=15m syscalls/
+	# @ginkgo --vv --flake-attempts=10 --timeout=15m syscalls/
 	@ginkgo -r --vv --flake-attempts=10 --timeout=30m --skip-package "syscalls"
 .PHONY: test
 test:

diff --git a/tests/util/kartutil.go b/tests/util/kartutil.go
@@ -273,6 +273,7 @@ func K8sGetPods(podstr string, ns string, ants []string, timeout int) ([]string,
 		}
 		pods = []string{}
 		for _, p := range podList.Items {
+			fmt.Printf("pod name := %s , pod annotation:= %s", p.Name, p.Annotations)
 			if p.Status.Phase != corev1.PodRunning || p.DeletionTimestamp != nil {
 				continue
 			}