Merge pull request #129 from Dyanngg/fix-go-mod

Remove k8s.io/kubernetes from project dependency
kubernetes-sigs · Jul 24, 2023 · bf98cec · bf98cec
2 parents 46be900 + 1e3b317
commit bf98cec
Show file tree

Hide file tree

Showing 22 changed files with 490 additions and 670 deletions.
diff --git a/conformance/conformance_test.go b/conformance/conformance_test.go
@@ -18,46 +18,53 @@ limitations under the License.
 package conformance_test
 
 import (
-	"flag"
 	"strings"
 	"testing"
 
-	"sigs.k8s.io/network-policy-api/apis/v1alpha1"
-	"sigs.k8s.io/network-policy-api/conformance/tests"
-	"sigs.k8s.io/network-policy-api/conformance/utils/flags"
-	"sigs.k8s.io/network-policy-api/conformance/utils/suite"
-
 	"k8s.io/apimachinery/pkg/util/sets"
+	"k8s.io/client-go/kubernetes"
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
-	"k8s.io/kubernetes/test/e2e/framework"
-	e2econfig "k8s.io/kubernetes/test/e2e/framework/config"
+	"k8s.io/client-go/tools/clientcmd"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/client/config"
+
+	"sigs.k8s.io/network-policy-api/apis/v1alpha1"
+	"sigs.k8s.io/network-policy-api/conformance/tests"
+	"sigs.k8s.io/network-policy-api/conformance/utils/flags"
+	"sigs.k8s.io/network-policy-api/conformance/utils/suite"
 )
 
 func TestConformance(t *testing.T) {
 	cfg, err := config.GetConfig()
 	if err != nil {
 		t.Fatalf("Error loading Kubernetes config: %v", err)
 	}
-	client, err := client.New(cfg, client.Options{})
+	c, err := client.New(cfg, client.Options{})
 	if err != nil {
 		t.Fatalf("Error initializing Kubernetes client: %v", err)
 	}
 
-	v1alpha1.AddToScheme(client.Scheme())
+	kubeConfig, err := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(clientcmd.NewDefaultClientConfigLoadingRules(), &clientcmd.ConfigOverrides{}).ClientConfig()
+	if err != nil {
+		t.Fatalf("error building Kube config for client-go: %v", err)
+	}
+	clientset, err := kubernetes.NewForConfig(kubeConfig)
+	if err != nil {
+		t.Fatalf("error when creating Kubernetes ClientSet: %v", err)
+	}
+
+	v1alpha1.AddToScheme(c.Scheme())
 
 	supportedFeatures := parseSupportedFeatures(*flags.SupportedFeatures)
 	exemptFeatures := parseSupportedFeatures(*flags.ExemptFeatures)
 
-	// Register test flags, then parse flags.
-	handleFlags()
-
 	t.Logf("Running conformance tests with cleanup: %t\n debug: %t\n enable all features: %t \n supported features: [%v]\n exempt features: [%v]",
 		*flags.CleanupBaseResources, *flags.ShowDebug, *flags.EnableAllSupportedFeatures, *flags.SupportedFeatures, *flags.ExemptFeatures)
 
 	cSuite := suite.New(suite.Options{
-		Client:                     client,
+		Client:                     c,
+		ClientSet:                  clientset,
+		KubeConfig:                 *cfg,
 		Debug:                      *flags.ShowDebug,
 		CleanupBaseResources:       *flags.CleanupBaseResources,
 		SupportedFeatures:          supportedFeatures,
@@ -81,10 +88,3 @@ func parseSupportedFeatures(f string) sets.Set[suite.SupportedFeature] {
 	}
 	return res
 }
-
-// handleFlags sets up all flags and parses the command line.
-func handleFlags() {
-	e2econfig.CopyFlags(e2econfig.Flags, flag.CommandLine)
-	framework.RegisterCommonFlags(flag.CommandLine)
-	flag.Parse()
-}
diff --git a/conformance/tests/admin-network-policy-core-egress-sctp-rules.go b/conformance/tests/admin-network-policy-core-egress-sctp-rules.go
@@ -21,8 +21,8 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	v1 "k8s.io/api/core/v1"
-	"k8s.io/kubernetes/test/e2e/framework"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	"sigs.k8s.io/network-policy-api/apis/v1alpha1"
@@ -55,15 +55,15 @@ var AdminNetworkPolicyEgressSCTP = suite.ConformanceTest{
 				Namespace: "network-policy-conformance-gryffindor",
 				Name:      "harry-potter-0",
 			}, serverPod)
-			framework.ExpectNoError(err, "unable to fetch the server pod")
+			require.NoErrorf(t, err, "unable to fetch the server pod")
 			// luna-lovegood-0 is our client pod in ravenclaw namespace
 			// ensure egress is ALLOWED to gryffindor from ravenclaw
 			// egressRule at index0 will take precedence over egressRule at index1; thus ALLOW takes precedence over DENY since rules are ordered
-			success := kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
+			success := kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
 				serverPod.Status.PodIP, int32(9003), s.TimeoutConfig.RequestTimeout, true)
 			assert.Equal(t, true, success)
 			// luna-lovegood-1 is our client pod in ravenclaw namespace
-			success = kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
+			success = kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
 				serverPod.Status.PodIP, int32(9005), s.TimeoutConfig.RequestTimeout, true)
 			assert.Equal(t, true, success)
 		})
@@ -78,15 +78,15 @@ var AdminNetworkPolicyEgressSCTP = suite.ConformanceTest{
 				Namespace: "network-policy-conformance-hufflepuff",
 				Name:      "cedric-diggory-1",
 			}, serverPod)
-			framework.ExpectNoError(err, "unable to fetch the server pod")
+			require.NoErrorf(t, err, "unable to fetch the server pod")
 			// luna-lovegood-0 is our client pod in ravenclaw namespace
 			// ensure egress is ALLOWED to hufflepuff from ravenclaw at port 9003; egressRule at index5 should take effect
-			success := kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
+			success := kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
 				serverPod.Status.PodIP, int32(9003), s.TimeoutConfig.RequestTimeout, true)
 			assert.Equal(t, true, success)
 			// luna-lovegood-1 is our client pod in ravenclaw namespace
 			// ensure egress is DENIED to hufflepuff from ravenclaw for rest of the traffic; egressRule at index6 should take effect
-			success = kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
+			success = kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
 				serverPod.Status.PodIP, int32(9005), s.TimeoutConfig.RequestTimeout, false)
 			assert.Equal(t, true, success)
 		})
@@ -101,26 +101,26 @@ var AdminNetworkPolicyEgressSCTP = suite.ConformanceTest{
 				Namespace: "network-policy-conformance-gryffindor",
 				Name:      "harry-potter-1",
 			}, serverPod)
-			framework.ExpectNoError(err, "unable to fetch the server pod")
+			require.NoErrorf(t, err, "unable to fetch the server pod")
 			anp := &v1alpha1.AdminNetworkPolicy{}
 			err = s.Client.Get(ctx, client.ObjectKey{
 				Name: "egress-sctp",
 			}, anp)
-			framework.ExpectNoError(err, "unable to fetch the admin network policy")
+			require.NoErrorf(t, err, "unable to fetch the admin network policy")
 			// swap rules at index0 and index1
 			allowRule := anp.DeepCopy().Spec.Egress[0]
 			anp.Spec.Egress[0] = anp.DeepCopy().Spec.Egress[1]
 			anp.Spec.Egress[1] = allowRule
 			err = s.Client.Update(ctx, anp)
-			framework.ExpectNoError(err, "unable to update the admin network policy")
+			require.NoErrorf(t, err, "unable to update the admin network policy")
 			// luna-lovegood-0 is our client pod in gryffindor namespace
 			// ensure egress is DENIED to gryffindor from ravenclaw
 			// egressRule at index0 will take precedence over egressRule at index1; thus DENY takes precedence over ALLOW since rules are ordered
-			success := kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
+			success := kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
 				serverPod.Status.PodIP, int32(9003), s.TimeoutConfig.RequestTimeout, false)
 			assert.Equal(t, true, success)
 			// luna-lovegood-1 is our client pod in ravenclaw namespace
-			success = kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
+			success = kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
 				serverPod.Status.PodIP, int32(9005), s.TimeoutConfig.RequestTimeout, false)
 			assert.Equal(t, true, success)
 		})
@@ -135,15 +135,15 @@ var AdminNetworkPolicyEgressSCTP = suite.ConformanceTest{
 				Namespace: "network-policy-conformance-slytherin",
 				Name:      "draco-malfoy-0",
 			}, serverPod)
-			framework.ExpectNoError(err, "unable to fetch the server pod")
+			require.NoErrorf(t, err, "unable to fetch the server pod")
 			// luna-lovegood-0 is our client pod in ravenclaw namespace
 			// ensure egress to slytherin is DENIED from ravenclaw at port 9003; egressRule at index3 should take effect
-			success := kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
+			success := kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
 				serverPod.Status.PodIP, int32(9003), s.TimeoutConfig.RequestTimeout, false)
 			assert.Equal(t, true, success)
 			// luna-lovegood-1 is our client pod in ravenclaw namespace
 			// ensure egress to slytherin is ALLOWED from ravenclaw for rest of the traffic; matches no rules hence allowed
-			success = kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
+			success = kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
 				serverPod.Status.PodIP, int32(9005), s.TimeoutConfig.RequestTimeout, true)
 			assert.Equal(t, true, success)
 		})
@@ -158,26 +158,26 @@ var AdminNetworkPolicyEgressSCTP = suite.ConformanceTest{
 				Namespace: "network-policy-conformance-gryffindor",
 				Name:      "harry-potter-1",
 			}, serverPod)
-			framework.ExpectNoError(err, "unable to fetch the server pod")
+			require.NoErrorf(t, err, "unable to fetch the server pod")
 			anp := &v1alpha1.AdminNetworkPolicy{}
 			err = s.Client.Get(ctx, client.ObjectKey{
 				Name: "egress-sctp",
 			}, anp)
-			framework.ExpectNoError(err, "unable to fetch the admin network policy")
+			require.NoErrorf(t, err, "unable to fetch the admin network policy")
 			// swap rules at index0 and index2
 			denyRule := anp.DeepCopy().Spec.Egress[0]
 			anp.Spec.Egress[0] = anp.DeepCopy().Spec.Egress[2]
 			anp.Spec.Egress[2] = denyRule
 			err = s.Client.Update(ctx, anp)
-			framework.ExpectNoError(err, "unable to update the admin network policy")
+			require.NoErrorf(t, err, "unable to update the admin network policy")
 			// luna-lovegood-0 is our client pod in ravenclaw namespace
 			// ensure egress is PASSED from gryffindor to ravenclaw
 			// egressRule at index0 will take precedence over egressRule at index1&index2; thus PASS takes precedence over ALLOW/DENY since rules are ordered
-			success := kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
+			success := kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
 				serverPod.Status.PodIP, int32(9003), s.TimeoutConfig.RequestTimeout, true)
 			assert.Equal(t, true, success)
 			// luna-lovegood-1 is our client pod in ravenclaw namespace
-			success = kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
+			success = kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
 				serverPod.Status.PodIP, int32(9005), s.TimeoutConfig.RequestTimeout, true)
 			assert.Equal(t, true, success)
 		})
@@ -192,26 +192,26 @@ var AdminNetworkPolicyEgressSCTP = suite.ConformanceTest{
 				Namespace: "network-policy-conformance-slytherin",
 				Name:      "draco-malfoy-0",
 			}, serverPod)
-			framework.ExpectNoError(err, "unable to fetch the server pod")
+			require.NoErrorf(t, err, "unable to fetch the server pod")
 			anp := &v1alpha1.AdminNetworkPolicy{}
 			err = s.Client.Get(ctx, client.ObjectKey{
 				Name: "egress-sctp",
 			}, anp)
-			framework.ExpectNoError(err, "unable to fetch the admin network policy")
+			require.NoErrorf(t, err, "unable to fetch the admin network policy")
 			// swap rules at index3 and index4
 			denyRule := anp.DeepCopy().Spec.Egress[3]
 			anp.Spec.Egress[3] = anp.DeepCopy().Spec.Egress[4]
 			anp.Spec.Egress[4] = denyRule
 			err = s.Client.Update(ctx, anp)
-			framework.ExpectNoError(err, "unable to update the admin network policy")
+			require.NoErrorf(t, err, "unable to update the admin network policy")
 			// luna-lovegood-0 is our client pod in ravenclaw namespace
 			// ensure egress to slytherin is PASSED from ravenclaw at port 9003; egressRule at index3 should take effect
-			success := kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
+			success := kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-0", "sctp",
 				serverPod.Status.PodIP, int32(9003), s.TimeoutConfig.RequestTimeout, true)
 			assert.Equal(t, true, success)
 			// luna-lovegood-1 is our client pod in ravenclaw namespace
 			// ensure egress to slytherin is ALLOWED from ravenclaw for rest of the traffic; matches no rules hence allowed
-			success = kubernetes.PokeServer(t, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
+			success = kubernetes.PokeServer(t, s.ClientSet, &s.KubeConfig, "network-policy-conformance-ravenclaw", "luna-lovegood-1", "sctp",
 				serverPod.Status.PodIP, int32(9005), s.TimeoutConfig.RequestTimeout, true)
 			assert.Equal(t, true, success)
 		})