From 496bd1c706edcf3f1e757b059a015ab2be71460c Mon Sep 17 00:00:00 2001 From: Nikolaj Hey Hinnerskov Date: Thu, 14 May 2020 15:14:02 +0200 Subject: nixosTests.kubernetes: port tests to python --- nixos/tests/kubernetes/base.nix | 8 ++-- nixos/tests/kubernetes/dns.nix | 74 +++++++++++++++++++++++------------ nixos/tests/kubernetes/rbac.nix | 86 ++++++++++++++++++++++++++--------------- 3 files changed, 107 insertions(+), 61 deletions(-) diff --git a/nixos/tests/kubernetes/base.nix b/nixos/tests/kubernetes/base.nix index adb73650689..86de9455e73 100644 --- a/nixos/tests/kubernetes/base.nix +++ b/nixos/tests/kubernetes/base.nix @@ -3,7 +3,7 @@ pkgs ? import ../../.. { inherit system config; } }: -with import ../../lib/testing.nix { inherit system pkgs; }; +with import ../../lib/testing-python.nix { inherit system pkgs; }; with pkgs.lib; let @@ -75,10 +75,8 @@ let ) machines; testScript = '' - startAll; - - ${test} - ''; + start_all() + '' + test; }; mkKubernetesMultiNodeTest = attrs: mkKubernetesBaseTest ({ diff --git a/nixos/tests/kubernetes/dns.nix b/nixos/tests/kubernetes/dns.nix index 638942e1540..890499a0fb8 100644 --- a/nixos/tests/kubernetes/dns.nix +++ b/nixos/tests/kubernetes/dns.nix @@ -75,51 +75,75 @@ let singleNodeTest = { test = '' # prepare machine1 for test - $machine1->waitUntilSucceeds("kubectl get node machine1.${domain} | grep -w Ready"); - $machine1->waitUntilSucceeds("docker load < ${redisImage}"); - $machine1->waitUntilSucceeds("kubectl create -f ${redisPod}"); - $machine1->waitUntilSucceeds("kubectl create -f ${redisService}"); - $machine1->waitUntilSucceeds("docker load < ${probeImage}"); - $machine1->waitUntilSucceeds("kubectl create -f ${probePod}"); + machine1.wait_until_succeeds("kubectl get node machine1.${domain} | grep -w Ready") + machine1.wait_until_succeeds( + "docker load < ${redisImage}" + ) + machine1.wait_until_succeeds( + "kubectl create -f ${redisPod}" + ) + machine1.wait_until_succeeds( + "kubectl create -f ${redisService}" + ) + machine1.wait_until_succeeds( + "docker load < ${probeImage}" + ) + machine1.wait_until_succeeds( + "kubectl create -f ${probePod}" + ) # check if pods are running - $machine1->waitUntilSucceeds("kubectl get pod redis | grep Running"); - $machine1->waitUntilSucceeds("kubectl get pod probe | grep Running"); - $machine1->waitUntilSucceeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'"); + machine1.wait_until_succeeds("kubectl get pod redis | grep Running") + machine1.wait_until_succeeds("kubectl get pod probe | grep Running") + machine1.wait_until_succeeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'") # check dns on host (dnsmasq) - $machine1->succeed("host redis.default.svc.cluster.local"); + machine1.succeed("host redis.default.svc.cluster.local") # check dns inside the container - $machine1->succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local"); + machine1.succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local") ''; }; multiNodeTest = { test = '' # Node token exchange - $machine1->waitUntilSucceeds("cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"); - $machine2->waitUntilSucceeds("cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"); + machine1.wait_until_succeeds( + "cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret" + ) + machine2.wait_until_succeeds( + "cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join" + ) # prepare machines for test - $machine1->waitUntilSucceeds("kubectl get node machine2.${domain} | grep -w Ready"); - $machine2->waitUntilSucceeds("docker load < ${redisImage}"); - $machine1->waitUntilSucceeds("kubectl create -f ${redisPod}"); - $machine1->waitUntilSucceeds("kubectl create -f ${redisService}"); - $machine2->waitUntilSucceeds("docker load < ${probeImage}"); - $machine1->waitUntilSucceeds("kubectl create -f ${probePod}"); + machine1.wait_until_succeeds("kubectl get node machine2.${domain} | grep -w Ready") + machine2.wait_until_succeeds( + "docker load < ${redisImage}" + ) + machine1.wait_until_succeeds( + "kubectl create -f ${redisPod}" + ) + machine1.wait_until_succeeds( + "kubectl create -f ${redisService}" + ) + machine2.wait_until_succeeds( + "docker load < ${probeImage}" + ) + machine1.wait_until_succeeds( + "kubectl create -f ${probePod}" + ) # check if pods are running - $machine1->waitUntilSucceeds("kubectl get pod redis | grep Running"); - $machine1->waitUntilSucceeds("kubectl get pod probe | grep Running"); - $machine1->waitUntilSucceeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'"); + machine1.wait_until_succeeds("kubectl get pod redis | grep Running") + machine1.wait_until_succeeds("kubectl get pod probe | grep Running") + machine1.wait_until_succeeds("kubectl get pods -n kube-system | grep 'coredns.*1/1'") # check dns on hosts (dnsmasq) - $machine1->succeed("host redis.default.svc.cluster.local"); - $machine2->succeed("host redis.default.svc.cluster.local"); + machine1.succeed("host redis.default.svc.cluster.local") + machine2.succeed("host redis.default.svc.cluster.local") # check dns inside the container - $machine1->succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local"); + machine1.succeed("kubectl exec -ti probe -- /bin/host redis.default.svc.cluster.local") ''; }; in { diff --git a/nixos/tests/kubernetes/rbac.nix b/nixos/tests/kubernetes/rbac.nix index 3ce7adcd0d7..c922da515d9 100644 --- a/nixos/tests/kubernetes/rbac.nix +++ b/nixos/tests/kubernetes/rbac.nix @@ -94,43 +94,67 @@ let singlenode = base // { test = '' - $machine1->waitUntilSucceeds("kubectl get node machine1.my.zyx | grep -w Ready"); - - $machine1->waitUntilSucceeds("docker load < ${kubectlImage}"); - - $machine1->waitUntilSucceeds("kubectl apply -f ${roServiceAccount}"); - $machine1->waitUntilSucceeds("kubectl apply -f ${roRole}"); - $machine1->waitUntilSucceeds("kubectl apply -f ${roRoleBinding}"); - $machine1->waitUntilSucceeds("kubectl create -f ${kubectlPod}"); - - $machine1->waitUntilSucceeds("kubectl get pod kubectl | grep Running"); - - $machine1->waitUntilSucceeds("kubectl exec -ti kubectl -- kubectl get pods"); - $machine1->fail("kubectl exec -ti kubectl -- kubectl create -f /kubectl-pod-2.json"); - $machine1->fail("kubectl exec -ti kubectl -- kubectl delete pods -l name=kubectl"); + machine1.wait_until_succeeds("kubectl get node machine1.my.zyx | grep -w Ready") + + machine1.wait_until_succeeds( + "docker load < ${kubectlImage}" + ) + + machine1.wait_until_succeeds( + "kubectl apply -f ${roServiceAccount}" + ) + machine1.wait_until_succeeds( + "kubectl apply -f ${roRole}" + ) + machine1.wait_until_succeeds( + "kubectl apply -f ${roRoleBinding}" + ) + machine1.wait_until_succeeds( + "kubectl create -f ${kubectlPod}" + ) + + machine1.wait_until_succeeds("kubectl get pod kubectl | grep Running") + + machine1.wait_until_succeeds("kubectl exec -ti kubectl -- kubectl get pods") + machine1.fail("kubectl exec -ti kubectl -- kubectl create -f /kubectl-pod-2.json") + machine1.fail("kubectl exec -ti kubectl -- kubectl delete pods -l name=kubectl") ''; }; multinode = base // { test = '' # Node token exchange - $machine1->waitUntilSucceeds("cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret"); - $machine2->waitUntilSucceeds("cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join"); - - $machine1->waitUntilSucceeds("kubectl get node machine2.my.zyx | grep -w Ready"); - - $machine2->waitUntilSucceeds("docker load < ${kubectlImage}"); - - $machine1->waitUntilSucceeds("kubectl apply -f ${roServiceAccount}"); - $machine1->waitUntilSucceeds("kubectl apply -f ${roRole}"); - $machine1->waitUntilSucceeds("kubectl apply -f ${roRoleBinding}"); - $machine1->waitUntilSucceeds("kubectl create -f ${kubectlPod}"); - - $machine1->waitUntilSucceeds("kubectl get pod kubectl | grep Running"); - - $machine1->waitUntilSucceeds("kubectl exec -ti kubectl -- kubectl get pods"); - $machine1->fail("kubectl exec -ti kubectl -- kubectl create -f /kubectl-pod-2.json"); - $machine1->fail("kubectl exec -ti kubectl -- kubectl delete pods -l name=kubectl"); + machine1.wait_until_succeeds( + "cp -f /var/lib/cfssl/apitoken.secret /tmp/shared/apitoken.secret" + ) + machine2.wait_until_succeeds( + "cat /tmp/shared/apitoken.secret | nixos-kubernetes-node-join" + ) + + machine1.wait_until_succeeds("kubectl get node machine2.my.zyx | grep -w Ready") + + machine2.wait_until_succeeds( + "docker load < ${kubectlImage}" + ) + + machine1.wait_until_succeeds( + "kubectl apply -f ${roServiceAccount}" + ) + machine1.wait_until_succeeds( + "kubectl apply -f ${roRole}" + ) + machine1.wait_until_succeeds( + "kubectl apply -f ${roRoleBinding}" + ) + machine1.wait_until_succeeds( + "kubectl create -f ${kubectlPod}" + ) + + machine1.wait_until_succeeds("kubectl get pod kubectl | grep Running") + + machine1.wait_until_succeeds("kubectl exec -ti kubectl -- kubectl get pods") + machine1.fail("kubectl exec -ti kubectl -- kubectl create -f /kubectl-pod-2.json") + machine1.fail("kubectl exec -ti kubectl -- kubectl delete pods -l name=kubectl") ''; }; -- cgit 1.4.1