add e2e testing. #121
add e2e testing. #121
Conversation
morvencao
commented
Jun 11, 2024
•
morvencao
commented
- Add spec resync testing for agent restart
- Add status resync testing for server restart
- Add gRPC API testing
- Enable MTLS auth for MQTT broker.
- Add resync test after reconnecting for Maestro agent.
morvencao
force-pushed
the
br_e2e_test
branch
6 times, most recently
from
3a1e6e0
to
f70ca5d
Compare
|
/assign @qiujian16 @clyang82 @skeeey |
morvencao
force-pushed
the
br_e2e_test
branch
5 times, most recently
from
9faf013
to
8ebc1d1
Compare
test/e2e/setup/e2e_setup.sh
Outdated
| tar -xzvf step_0.26.2_amd64.tar.gz | ||
| chmod +x ./step_0.26.2/bin/step | ||
| sudo mv ./step_0.26.2/bin/step /usr/local/bin/step | ||
| rm -rf ./step_0.26.2_amd64.tar.gz ./step_0.26.2 |
There was a problem hiding this comment.
It is worth extracting a version variable to define 0.26.2.
morvencao
force-pushed
the
br_e2e_test
branch
4 times, most recently
from
6ecf1a7
to
a46b394
Compare
test/e2e/setup/e2e_setup.sh
Outdated
|
|
||
| # create secret containing the client certs to mqtt broker and patch the maestro deployment | ||
| kubectl create secret generic maestro-server-certs -n $namespace --from-file=ca.crt=${certDir}/ca.crt --from-file=client.crt=${certDir}/server-client.crt --from-file=client.key=${certDir}/server-client.key | ||
| kubectl create secret generic maestro-server-invalid-certs -n $namespace --from-file=ca.crt=${certDir}/ca.crt --from-file=client.crt=${certDir}/invalid-client.crt --from-file=client.key=${certDir}/invalid-client.key |
There was a problem hiding this comment.
why do you need maestro-server-invalid-certs?
There was a problem hiding this comment.
This certificate will be expired in 1 minute, it is used to replace the client certificate, to simulate the case:
- the MQTT client certificate is expired, the connection to broker will be broken
- then we replace the expired certificate with the valid certificate, after that the maestro agent should be able to reload the valid certificate and then resync the resources during disconnected time.
There was a problem hiding this comment.
This is mainly used to test:
- agent reload certificate.
- agent resync spec after reconnect to broker.
There was a problem hiding this comment.
as we discussed, removed this for now.
cmd/maestro/agent/cmd.go
Outdated
| @@ -70,4 +77,6 @@ func addFlags(fs *pflag.FlagSet) { | |||
| commonOptions.SpokeClusterName, "Name of the consumer") | |||
| fs.BoolVar(&commonOptions.CommoOpts.CmdConfig.DisableLeaderElection, "disable-leader-election", | |||
| true, "Disable leader election.") | |||
| fs.DurationVar(&certRefreshDuration, "cert-refresh-duration", | |||
| certRefreshDuration, "Client certificate refresh duration for MQTT broker.") | |||
There was a problem hiding this comment.
add default value 5 minutes in the message.
There was a problem hiding this comment.
looks like cobra flag will add this, if you try --help, you will see:
# go run ./cmd/maestro/main.go agent --help
Start the Maestro Agent
Usage:
maestro agent [flags]
Flags:
--add-dir-header If true, adds the file directory to the header of the log messages
--alsologtostderr log to standard error as well as files (no effect when -logtostderr=true)
--appliedmanifestwork-eviction-grace-period duration Grace period for appliedmanifestwork eviction (default 1h0m0s)
--cert-refresh-duration duration Client certificate refresh duration for MQTT broker. (default 5m0s)
test/e2e/pkg/certificate_test.go
Outdated
| } | ||
|
|
||
| return fmt.Errorf("maestro-agent logs does not have 'expired certificate'") | ||
| }, 3*time.Minute, 3*time.Second).ShouldNot(HaveOccurred()) |
There was a problem hiding this comment.
will not refresh the certificates if they are expired?
There was a problem hiding this comment.
you mean deploying a cert-manager for certificate rotation?
There was a problem hiding this comment.
no. i mean the current behaviour. we do not refresh the certificate. correct?
There was a problem hiding this comment.
we don't refresh the certificate, only replace it.
There was a problem hiding this comment.
as we discussed, removed the certificate test for now.
| @@ -175,13 +193,13 @@ var _ = Describe("Resources", Ordered, Label("e2e-tests-resources"), func() { | |||
| Consistently(func() error { | |||
There was a problem hiding this comment.
Here is using Consistently. Consistently blocks when called for a specified duration. During that duration Consistently repeatedly polls its matcher and ensures that it is satisfied. If the matcher is consistently satisfied, then Consistently will pass. Otherwise Consistently will fail.
There was a problem hiding this comment.
yes, I updated the Consistently check to avoid intermittent error to break the check when getting nginx deployment.
test/e2e/pkg/spec_resync_test.go
Outdated
| }, 30*time.Second, 2*time.Second).ShouldNot(HaveOccurred()) | ||
| }) | ||
|
|
||
| It("start maestro agent", func() { |
There was a problem hiding this comment.
why do you need to shutdown maestro agent repeatedly? to trigger re-sync?
There was a problem hiding this comment.
if so, how about use Consistently?
There was a problem hiding this comment.
Updated this to only restart agent once, to resync spec for created resource, updated resource and deleted resource.
morvencao
force-pushed
the
br_e2e_test
branch
5 times, most recently
from
75c704a
to
768daa5
Compare
Signed-off-by: morvencao <[email protected]>
Signed-off-by: morvencao <[email protected]>
Signed-off-by: morvencao <[email protected]>
morvencao
force-pushed
the
br_e2e_test
branch
4 times, most recently
from
8f38127
to
d48b2a6
Compare
morvencao
force-pushed
the
br_e2e_test
branch
3 times, most recently
from
e3339e1
to
fc3620a
Compare
|
@clyang82 Another look? |
|
/ok-to-test |
I listed some cases that take a longer time to complete. Is this desired? Can the time be reduced? |
morvencao
force-pushed
the
br_e2e_test
branch
5 times, most recently
from
eec9217
to
1cfc614
Compare
Signed-off-by: morvencao <[email protected]>
