diff options
| author | Irbe Krumina <irbe@tailscale.com> | 2024-07-17 11:39:05 +0300 |
|---|---|---|
| committer | Irbe Krumina <irbe@tailscale.com> | 2024-07-17 11:39:05 +0300 |
| commit | 3de468b37289fecf65e93e67d74eb039eb9fa33c (patch) | |
| tree | 53f00c3c4c9204d3339756bd943b9bed8adc0597 | |
| parent | 3f3edeec07ebef2d34e3eb3bf91cb540183ac3b1 (diff) | |
| download | tailscale-irbekrm/kubetestsetup.tar.xz tailscale-irbekrm/kubetestsetup.zip | |
Signed-off-by: Irbe Krumina <irbe@tailscale.com>
| -rwxr-xr-x | scripts/kubetests/cleanup.sh | 9 | ||||
| -rwxr-xr-x | scripts/kubetests/setup.sh | 71 | ||||
| -rwxr-xr-x | scripts/kubetests/test_on_kind.sh | 39 |
3 files changed, 119 insertions, 0 deletions
diff --git a/scripts/kubetests/cleanup.sh b/scripts/kubetests/cleanup.sh new file mode 100755 index 000000000..8332fdfc7 --- /dev/null +++ b/scripts/kubetests/cleanup.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env sh + +set -eu + +helm uninstall operator --namespace tailscale + +kubectl delete -f ./cmd/k8s-operator/deploy/crds + +helm uninstall ingress diff --git a/scripts/kubetests/setup.sh b/scripts/kubetests/setup.sh new file mode 100755 index 000000000..0112f29ca --- /dev/null +++ b/scripts/kubetests/setup.sh @@ -0,0 +1,71 @@ +#!/usr/bin/env bash + +set -eu + +# This script builds the latest operator and proxy images and manifests and +# installs them as well as ingress-nginx chart to the current kube cluster. Run +# it with KIND=<cluster-name> to upload images to a kind cluster else you must +# pass REPO env var pointing at a public repository where the images will be +# pushed. +# This script is also run from ./scripts/kubetests/test_on_kind.sh +# Run it with: +# OAUTH_CLIENT_ID=<oauth client ID> \ +# OAUTH_CLIENT_SECRET=<oauth-client-secret> \ +# [REPO=<image registry>] \ +# [KIND=<kind-cluster-name>] \ +# ./scripts/kubetests/setup.sh + +OAUTH_CLIENT_ID="$OAUTH_CLIENT_ID" +OAUTH_CLIENT_SECRET="$OAUTH_CLIENT_SECRET" +KIND=${KIND:-} + +if [[ ! -z "$KIND" ]]; then + REPO="tailscale-for-kind" +fi + +REPO="$REPO" + +eval `./tool/go run ./cmd/mkversion` + +args=(TAGS="${VERSION_SHORT}") + +make kube-generate-all # ensure things are up to date + +if [[ ! -z "$KIND" ]]; then +args+=" PLATFORM=local" +fi + +make ${args[@]} REPO="${REPO}/proxy" publishdevimage +make ${args[@]} REPO="${REPO}/operator" publishdevoperator + +if [[ ! -z "$KIND" ]]; then + kind load docker-image "${REPO}/operator:${VERSION_SHORT}" --name "${KIND}" + kind load docker-image "${REPO}/proxy:${VERSION_SHORT}" --name "${KIND}" +fi + +kubectl apply -f ./cmd/k8s-operator/deploy/crds/ + +helm upgrade \ + --install \ + operator ./cmd/k8s-operator/deploy/chart \ + --namespace tailscale \ + --create-namespace \ + --set operator.image.repo="${REPO}/operator" \ + --set operator.image.tag="${VERSION_SHORT} \ + --set opertor.image.pullPolicy="IfNotPresent" \ + --set proxy.image.repo="${REPO}/proxy \ + --set proxy.image.tag="${VERSION_SHORT}" \ + --set installCRDs=false \ + --set-string apiServerProxyConfig.mode="true" \ + --set oauth.clientId="${OAUTH_CLIENT_ID}" \ + --set oauth.clientSecret="${OAUTH_CLIENT_SECRET}" \ + --set operatorConfig.logging=debug \ + --wait + +# ingress-nginx is used in tests. +# Note that this command CANNOT be ran with --wait as the Service will never +# become ready (load balancer cannot be provisioned on kind). +helm upgrade --install ingress ingress-nginx/ingress-nginx + +# TODO: either wait for the ingress-controller Pod to become ready or do +# something else to wait for the parts we care about to be ready. diff --git a/scripts/kubetests/test_on_kind.sh b/scripts/kubetests/test_on_kind.sh new file mode 100755 index 000000000..a98ee6830 --- /dev/null +++ b/scripts/kubetests/test_on_kind.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env sh + +# Copyright (c) Tailscale Inc & AUTHORS +# SPDX-License-Identifier: BSD-3-Clause + +set -eu + +# This script creates a kind cluster, sets up test dependencies and runs e2e +# tests. It builds the latest operator and proxy image as well as manifests from +# this repo. The operator and proxy images are uploaded to the local container +# registry (i.e docker) and the kind cluster. +# +# Run it with: +# OAUTH_CLIENT_ID=<oauth client ID> \ +# OAUTH_CLIENT_SECRET=<oauth-client-secret> \ +# [K8S_VERSION=<k8s version>] \ +# [CLUSTER_NAME=<cluster_name] \ +# ./scripts/kubetests/test_on_kind.sh + +K8S_VERSION="${K8S_VERSION:=1.30}" +CLUSTER_NAME="${CLUSTER_NAME:=ts-e2e}" + +# Kind recommends to use the exact image SHAs with a given kind build +case $K8S_VERSION in +1.30*) kind_image=kindest/node:v1.30.0@sha256:047357ac0cfea04663786a612ba1eaba9702bef25227a794b52890dd8bcd692e ;; +1.29*) kind_image=kindest/node:v1.29.4@sha256:3abb816a5b1061fb15c6e9e60856ec40d56b7b52bcea5f5f1350bc6e2320b6f8 ;; +1.28*) kind_image=kindest/node:v1.28.9@sha256:dca54bc6a6079dd34699d53d7d4ffa2e853e46a20cd12d619a09207e35300bd0 ;; +1.27*) kind_image=kindest/node:v1.27.13@sha256:17439fa5b32290e3ead39ead1250dca1d822d94a10d26f1981756cd51b24b9d8 ;; +1.26*) kind_image=kindest/node:v1.26.15@sha256:84333e26cae1d70361bb7339efb568df1871419f2019c80f9a12b7e2d485fe19 ;; +1.25*) kind_image=kindest/node:v1.25.16@sha256:5da57dfc290ac3599e775e63b8b6c49c0c85d3fec771cd7d55b45fae14b38d3b ;; +esac + +# TODO: check that the cluster does not already exist +kind create cluster --name "${CLUSTER_NAME}" --image "${kind_image}" + +KIND="${CLUSTER_NAME}" OAUTH_CLIENT_ID="${OAUTH_CLIENT_ID}" OAUTH_CLIENT_SECRET="${OAUTH_CLIENT_SECRET}" ./scripts/kubetests/setup.sh + +# TODO: now run the tests +# go test ./cmd/k8s-operator/e2e/... |