From 16467ec35ef23f8696c21b1d839f58cf116ae9b4 Mon Sep 17 00:00:00 2001 From: Israel Blancas Date: Wed, 1 Feb 2023 17:23:33 +0100 Subject: [PATCH] Fix daemonset-features E2E test for OpenShift Signed-off-by: Israel Blancas --- hack/install-metrics-server.sh | 2 +- hack/install-openshift-routes.sh | 2 +- tests/e2e/daemonset-features/00-add-scc.yaml | 4 ++++ .../{00-install.yaml => 01-install.yaml} | 4 ++-- .../{00-assert.yaml => 02-assert.yaml} | 2 -- .../03-add-sa-collector.yaml | 4 ++++ tests/e2e/daemonset-features/03-assert.yaml | 8 +++++++ .../daemonset-features/add-sa-collector.sh | 5 +++++ .../daemonset-features/add-scc-openshift.sh | 10 +++++++++ tests/e2e/daemonset-features/scc.yaml | 22 +++++++++++++++++++ 10 files changed, 57 insertions(+), 6 deletions(-) create mode 100644 tests/e2e/daemonset-features/00-add-scc.yaml rename tests/e2e/daemonset-features/{00-install.yaml => 01-install.yaml} (90%) rename tests/e2e/daemonset-features/{00-assert.yaml => 02-assert.yaml} (90%) create mode 100644 tests/e2e/daemonset-features/03-add-sa-collector.yaml create mode 100644 tests/e2e/daemonset-features/03-assert.yaml create mode 100755 tests/e2e/daemonset-features/add-sa-collector.sh create mode 100755 tests/e2e/daemonset-features/add-scc-openshift.sh create mode 100644 tests/e2e/daemonset-features/scc.yaml diff --git a/hack/install-metrics-server.sh b/hack/install-metrics-server.sh index 10720d16ae..e217a3d34b 100755 --- a/hack/install-metrics-server.sh +++ b/hack/install-metrics-server.sh @@ -5,7 +5,7 @@ # you can just add --addons "metrics-server" to the start command. -if [[ "$(kubectl api-resources)" =~ "openshift" ]]; then +if [[ "$(kubectl api-resources --api-group=operator.openshift.io -o name)" ]]; then echo "Connected to an OpenShift cluster. metrics-server installation is not needed" elif [[ "$(kubectl get deployment metrics-server -n kube-system 2>&1 )" =~ "NotFound" ]]; then kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml diff --git a/hack/install-openshift-routes.sh b/hack/install-openshift-routes.sh index d34903dbfd..41464b868a 100755 --- a/hack/install-openshift-routes.sh +++ b/hack/install-openshift-routes.sh @@ -1,6 +1,6 @@ #!/bin/bash -if [[ "$(kubectl api-resources)" =~ "openshift" ]]; then +if [[ "$(kubectl api-resources --api-group=operator.openshift.io -o name)" ]]; then echo "Connected to an OpenShift cluster. OpenShift routes installation is not needed" else kubectl apply -f https://raw.githubusercontent.com/openshift/router/release-4.12/deploy/router_rbac.yaml diff --git a/tests/e2e/daemonset-features/00-add-scc.yaml b/tests/e2e/daemonset-features/00-add-scc.yaml new file mode 100644 index 0000000000..63d417ea96 --- /dev/null +++ b/tests/e2e/daemonset-features/00-add-scc.yaml @@ -0,0 +1,4 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - script: ./add-scc-openshift.sh diff --git a/tests/e2e/daemonset-features/00-install.yaml b/tests/e2e/daemonset-features/01-install.yaml similarity index 90% rename from tests/e2e/daemonset-features/00-install.yaml rename to tests/e2e/daemonset-features/01-install.yaml index 3dde940cf4..a5f75ad5a2 100644 --- a/tests/e2e/daemonset-features/00-install.yaml +++ b/tests/e2e/daemonset-features/01-install.yaml @@ -1,9 +1,9 @@ apiVersion: opentelemetry.io/v1alpha1 kind: OpenTelemetryCollector metadata: - name: daemonset + name: daemonset spec: - mode: daemonset + mode: daemonset hostNetwork: true config: | receivers: diff --git a/tests/e2e/daemonset-features/00-assert.yaml b/tests/e2e/daemonset-features/02-assert.yaml similarity index 90% rename from tests/e2e/daemonset-features/00-assert.yaml rename to tests/e2e/daemonset-features/02-assert.yaml index d862c1f6a2..03798dbd6d 100644 --- a/tests/e2e/daemonset-features/00-assert.yaml +++ b/tests/e2e/daemonset-features/02-assert.yaml @@ -10,5 +10,3 @@ spec: - args: - --config=/conf/collector.yaml name: otc-container -status: - numberReady: 1 diff --git a/tests/e2e/daemonset-features/03-add-sa-collector.yaml b/tests/e2e/daemonset-features/03-add-sa-collector.yaml new file mode 100644 index 0000000000..1da56ca212 --- /dev/null +++ b/tests/e2e/daemonset-features/03-add-sa-collector.yaml @@ -0,0 +1,4 @@ +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +commands: + - script: ./add-sa-collector.sh diff --git a/tests/e2e/daemonset-features/03-assert.yaml b/tests/e2e/daemonset-features/03-assert.yaml new file mode 100644 index 0000000000..102ea5139b --- /dev/null +++ b/tests/e2e/daemonset-features/03-assert.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Pod +metadata: + labels: + app.kubernetes.io/name: daemonset-collector + app.kubernetes.io/part-of: opentelemetry +status: + phase: Running diff --git a/tests/e2e/daemonset-features/add-sa-collector.sh b/tests/e2e/daemonset-features/add-sa-collector.sh new file mode 100755 index 0000000000..cdd05f78fa --- /dev/null +++ b/tests/e2e/daemonset-features/add-sa-collector.sh @@ -0,0 +1,5 @@ +#!/bin/bash +if [[ "$(kubectl api-resources --api-group=operator.openshift.io -o name)" ]]; then + echo "Adding service account to the OpenTelemetry Collector" + kubectl patch otelcol daemonset --type=merge -p '{"spec":{"serviceAccount":"otel-collector-daemonset"}}' -n $NAMESPACE +fi diff --git a/tests/e2e/daemonset-features/add-scc-openshift.sh b/tests/e2e/daemonset-features/add-scc-openshift.sh new file mode 100755 index 0000000000..7412a51d12 --- /dev/null +++ b/tests/e2e/daemonset-features/add-scc-openshift.sh @@ -0,0 +1,10 @@ +#!/bin/bash +if [[ "$(kubectl api-resources --api-group=operator.openshift.io -o name)" ]]; then + echo "Running the test against an OpenShift Cluster" + echo "Creating an Service Account" + echo "Creating a Security Context Constrain" + echo "Setting the Service Account for the Daemonset" + echo "Adding the new policy to the Service Account" + kubectl apply -f scc.yaml -n $NAMESPACE + oc adm policy add-scc-to-user -z otel-collector-daemonset daemonset-with-hostport -n $NAMESPACE +fi diff --git a/tests/e2e/daemonset-features/scc.yaml b/tests/e2e/daemonset-features/scc.yaml new file mode 100644 index 0000000000..20e211716f --- /dev/null +++ b/tests/e2e/daemonset-features/scc.yaml @@ -0,0 +1,22 @@ +kind: SecurityContextConstraints +apiVersion: security.openshift.io/v1 +metadata: + name: daemonset-with-hostport + annotations: + kubernetes.io/description: 'Allows DaemonSets to bind to a well-known host port' +runAsUser: + type: RunAsAny +seLinuxContext: + type: RunAsAny +allowHostPorts: true +allowHostDirVolumePlugin: false +allowHostIPC: false +allowHostNetwork: true +allowHostPID: false +allowPrivilegedContainer: false +readOnlyRootFilesystem: false +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: otel-collector-daemonset