From 4fe029fa357276a5a39e912092372a8308aa67e3 Mon Sep 17 00:00:00 2001 From: Stavros Kontopoulos Date: Wed, 29 May 2024 02:01:26 +0300 Subject: [PATCH] Remove certmanager integration tests (#15261) * fix typo * add networking images used by net-certmanager * fix paths * fix certificate path * clean up and start net-certmanager reconciler * clean up * fix * clean up more * remove certmanager conformance tests * update codegen * vendor --- .../config/100-serving-namespace.yaml | 18 -- .../config/100-test-namespace.yaml | 18 -- .../config/200-service-account.yaml | 54 ---- .../certmanager/config/201-cluster-role.yaml | 33 --- .../certmanager/config/300-certificate.yaml | 1 - .../caissuer/config-certmanager.yaml | 50 ---- .../autotls/certmanager/caissuer/generate.sh | 52 ---- .../autotls/certmanager/caissuer/issuer.yaml | 21 -- .../autotls/certmanager/caissuer/secret.yaml | 22 -- .../http01/config-certmanager.yaml | 50 ---- .../autotls/certmanager/http01/issuer.yaml | 27 -- .../certmanager/http01/mesh-issuer.yaml | 31 --- .../selfsigned/config-certmanager.yaml | 50 ---- .../certmanager/selfsigned/issuer.yaml | 20 -- .../conformance/certificate_test.go | 35 --- test/e2e/certmanager/e2e-common.sh | 63 ----- test/e2e/certmanager/e2e-tests.sh | 41 --- test/e2e/certmanager/presubmit-tests.sh | 34 --- test/e2e/certmanager/upload-test-images.sh | 37 --- vendor/knative.dev/networking/test/cleanup.go | 67 ----- vendor/knative.dev/networking/test/clients.go | 91 ------- .../certificate/http01/certificate.go | 72 ----- .../conformance/certificate/http01/run.go | 23 -- .../certificate/nonhttp01/certificate.go | 43 --- .../conformance/certificate/nonhttp01/run.go | 23 -- .../test/conformance/certificate/utils.go | 152 ----------- .../networking/test/defaultsystem/system.go | 30 -- .../networking/test/e2e_constants.go | 26 -- .../knative.dev/networking/test/e2e_flags.go | 110 -------- vendor/knative.dev/networking/test/ingress.go | 57 ---- .../networking/test/presubmit-tests.sh | 28 -- vendor/knative.dev/networking/test/prober.go | 256 ------------------ .../networking/test/upload-test-images.sh | 38 --- vendor/knative.dev/networking/test/util.go | 103 ------- vendor/modules.txt | 5 - 35 files changed, 1781 deletions(-) delete mode 100644 test/e2e/certmanager/config/100-serving-namespace.yaml delete mode 100644 test/e2e/certmanager/config/100-test-namespace.yaml delete mode 100644 test/e2e/certmanager/config/200-service-account.yaml delete mode 100644 test/e2e/certmanager/config/201-cluster-role.yaml delete mode 120000 test/e2e/certmanager/config/300-certificate.yaml delete mode 100644 test/e2e/certmanager/config/autotls/certmanager/caissuer/config-certmanager.yaml delete mode 100755 test/e2e/certmanager/config/autotls/certmanager/caissuer/generate.sh delete mode 100644 test/e2e/certmanager/config/autotls/certmanager/caissuer/issuer.yaml delete mode 100644 test/e2e/certmanager/config/autotls/certmanager/caissuer/secret.yaml delete mode 100644 test/e2e/certmanager/config/autotls/certmanager/http01/config-certmanager.yaml delete mode 100644 test/e2e/certmanager/config/autotls/certmanager/http01/issuer.yaml delete mode 100644 test/e2e/certmanager/config/autotls/certmanager/http01/mesh-issuer.yaml delete mode 100644 test/e2e/certmanager/config/autotls/certmanager/selfsigned/config-certmanager.yaml delete mode 100644 test/e2e/certmanager/config/autotls/certmanager/selfsigned/issuer.yaml delete mode 100644 test/e2e/certmanager/conformance/certificate_test.go delete mode 100644 test/e2e/certmanager/e2e-common.sh delete mode 100755 test/e2e/certmanager/e2e-tests.sh delete mode 100755 test/e2e/certmanager/presubmit-tests.sh delete mode 100755 test/e2e/certmanager/upload-test-images.sh delete mode 100644 vendor/knative.dev/networking/test/cleanup.go delete mode 100644 vendor/knative.dev/networking/test/clients.go delete mode 100644 vendor/knative.dev/networking/test/conformance/certificate/http01/certificate.go delete mode 100644 vendor/knative.dev/networking/test/conformance/certificate/http01/run.go delete mode 100644 vendor/knative.dev/networking/test/conformance/certificate/nonhttp01/certificate.go delete mode 100644 vendor/knative.dev/networking/test/conformance/certificate/nonhttp01/run.go delete mode 100644 vendor/knative.dev/networking/test/conformance/certificate/utils.go delete mode 100644 vendor/knative.dev/networking/test/defaultsystem/system.go delete mode 100644 vendor/knative.dev/networking/test/e2e_constants.go delete mode 100644 vendor/knative.dev/networking/test/e2e_flags.go delete mode 100644 vendor/knative.dev/networking/test/ingress.go delete mode 100644 vendor/knative.dev/networking/test/presubmit-tests.sh delete mode 100644 vendor/knative.dev/networking/test/prober.go delete mode 100644 vendor/knative.dev/networking/test/upload-test-images.sh delete mode 100644 vendor/knative.dev/networking/test/util.go diff --git a/test/e2e/certmanager/config/100-serving-namespace.yaml b/test/e2e/certmanager/config/100-serving-namespace.yaml deleted file mode 100644 index 61979f2c2dcd..000000000000 --- a/test/e2e/certmanager/config/100-serving-namespace.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: knative-serving diff --git a/test/e2e/certmanager/config/100-test-namespace.yaml b/test/e2e/certmanager/config/100-test-namespace.yaml deleted file mode 100644 index ec9f35b99beb..000000000000 --- a/test/e2e/certmanager/config/100-test-namespace.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Namespace -metadata: - name: serving-tests diff --git a/test/e2e/certmanager/config/200-service-account.yaml b/test/e2e/certmanager/config/200-service-account.yaml deleted file mode 100644 index f99c61c99020..000000000000 --- a/test/e2e/certmanager/config/200-service-account.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: controller - namespace: knative-serving - labels: - app.kubernetes.io/component: net-certmanager - app.kubernetes.io/version: devel - app.kubernetes.io/part-of: knative-serving ---- -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-admin - labels: - app.kubernetes.io/component: net-certmanager - app.kubernetes.io/version: devel - app.kubernetes.io/part-of: knative-serving -aggregationRule: - clusterRoleSelectors: - - matchLabels: - serving.knative.dev/controller: "true" -rules: [] # Rules are automatically filled in by the controller manager. ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: knative-serving-controller-admin - labels: - app.kubernetes.io/component: net-certmanager - app.kubernetes.io/version: devel - app.kubernetes.io/part-of: knative-serving -subjects: - - kind: ServiceAccount - name: controller - namespace: knative-serving -roleRef: - kind: ClusterRole - name: knative-serving-admin - apiGroup: rbac.authorization.k8s.io diff --git a/test/e2e/certmanager/config/201-cluster-role.yaml b/test/e2e/certmanager/config/201-cluster-role.yaml deleted file mode 100644 index cded49c3876a..000000000000 --- a/test/e2e/certmanager/config/201-cluster-role.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: knative-serving-core - labels: - serving.knative.dev/controller: "true" -rules: - - apiGroups: [""] - resources: ["configmaps", "endpoints", "pods", "secrets", "services"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["mutatingwebhookconfigurations", "validatingwebhookconfigurations"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] - - apiGroups: ["networking.internal.knative.dev"] - resources: ["*", "*/status", "*/finalizers"] - verbs: ["get", "list", "create", "update", "delete", "deletecollection", "patch", "watch"] diff --git a/test/e2e/certmanager/config/300-certificate.yaml b/test/e2e/certmanager/config/300-certificate.yaml deleted file mode 120000 index f134be5a85fb..000000000000 --- a/test/e2e/certmanager/config/300-certificate.yaml +++ /dev/null @@ -1 +0,0 @@ -../../vendor/knative.dev/networking/config/certificate.yaml \ No newline at end of file diff --git a/test/e2e/certmanager/config/autotls/certmanager/caissuer/config-certmanager.yaml b/test/e2e/certmanager/config/autotls/certmanager/caissuer/config-certmanager.yaml deleted file mode 100644 index 625a4164437a..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/caissuer/config-certmanager.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-certmanager - namespace: knative-serving - labels: - app.kubernetes.io/component: net-certmanager - app.kubernetes.io/version: devel - app.kubernetes.io/name: knative-serving - networking.knative.dev/certificate-provider: cert-manager -data: - issuerRef: | - kind: ClusterIssuer - name: ca-issuer - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # issuerRef is a reference to the issuer for this certificate. - # IssuerRef should be either `ClusterIssuer` or `Issuer`. - # Please refer `IssuerRef` in https://github.com/jetstack/cert-manager/blob/master/pkg/apis/certmanager/v1alpha1/types_certificate.go - # for more details about IssuerRef configuration. - issuerRef: | - kind: ClusterIssuer - name: letsencrypt-issuer diff --git a/test/e2e/certmanager/config/autotls/certmanager/caissuer/generate.sh b/test/e2e/certmanager/config/autotls/certmanager/caissuer/generate.sh deleted file mode 100755 index bb8ddf078837..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/caissuer/generate.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This script generates test/config/autotls/certmanager/caissuer/secret.yaml. - -openssl genrsa -out rootCAKey.pem 2048 -openssl req -x509 -sha256 -new -nodes -key rootCAKey.pem -days 36500 -out rootCACert.pem -subj '/CN=example.com/O=Knative Community/C=US' - -CAKEY=$(cat rootCAKey.pem |base64 | tr -d '\n') -CACERT=$(cat rootCACert.pem |base64 | tr -d '\n') - -cat < secret.yaml -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: ca-key-pair - namespace: cert-manager -data: - tls.crt: ${CACERT} - tls.key: ${CAKEY} -EOF - - -# Clean up -rm -f rootCACert.pem rootCAKey.pem diff --git a/test/e2e/certmanager/config/autotls/certmanager/caissuer/issuer.yaml b/test/e2e/certmanager/config/autotls/certmanager/caissuer/issuer.yaml deleted file mode 100644 index 1801a08f99f9..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/caissuer/issuer.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: ca-issuer -spec: - ca: - secretName: ca-key-pair diff --git a/test/e2e/certmanager/config/autotls/certmanager/caissuer/secret.yaml b/test/e2e/certmanager/config/autotls/certmanager/caissuer/secret.yaml deleted file mode 100644 index c322c5b7f604..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/caissuer/secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: ca-key-pair - namespace: cert-manager -data: - tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURYVENDQWtXZ0F3SUJBZ0lVSUpLUVZTblBOZzBlajRDMkppVDlyRitZalY4d0RRWUpLb1pJaHZjTkFRRUwKQlFBd1BURVVNQklHQTFVRUF3d0xhMjVoZEdsMlpTNWtaWFl4R0RBV0JnTlZCQW9NRDB0dVlYUnBkbVVnUVhWMAphRzl5Y3pFTE1Ba0dBMVVFQmhNQ1ZWTXdJQmNOTWpBd016RTFNRGt4T1RFNVdoZ1BNakV5TURBeU1qQXdPVEU1Ck1UbGFNRDB4RkRBU0JnTlZCQU1NQzJ0dVlYUnBkbVV1WkdWMk1SZ3dGZ1lEVlFRS0RBOUxibUYwYVhabElFRjEKZEdodmNuTXhDekFKQmdOVkJBWVRBbFZUTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQwpBUUVBdzVDM0hhYXZ1QktVWkwrWU9PZWF6bW04RjRKK3g3MC9TeTRtZEl2aXUwdWRvdjNjWk9kUlpIdVhYcmdFCkJsUlgrYmJSR0lHV0pnRFM0WXZlYkkvakNvZWNJQ21oNkV0Q29UOG5JSGE4QmpVb1NVZ3pObTlLMm9CMzRpazgKekZiMXJaWFVWUTZnbjZSQlliWjZ5UWF4OUgxMExtZTkxbXRNM0lTRDI0K2ZRMmdRT0dHT3FSclZoYnk3d3NEcApoNVNLbDd2SXg5eDZzVU8vUlZuQUV4SFY5b1JIeU1UemY0UW1CZmlJQ2lhOVBTbDJoWjJwTzVJYTMwNUE1aW43CmhyS1h0SEV6SUJjaVArTkRqQ0Fhb3FyVSszelUxSXVmcDVSK0FOdGtOTTIvQnpGUUtWbzByY1JlSFB0b1lBYkkKTXQwY05wcDgxT2lnbS9MOTAzY1A5bThqT1FJREFRQUJvMU13VVRBZEJnTlZIUTRFRmdRVU10eDZPeEEvMGdMTQpLOWUxWDgzamtGOUpLTll3SHdZRFZSMGpCQmd3Rm9BVU10eDZPeEEvMGdMTUs5ZTFYODNqa0Y5SktOWXdEd1lEClZSMFRBUUgvQkFVd0F3RUIvekFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBcUFzNlB0TmJtV3V0a2xrVlBnUi8KUFZDTzRQOGtzN2Zsak40KzFkNnFWWTVLOERyL3k5VFVPeFVCZWxMdnlQaFliU1pKd3J5YkNJSlJXSU9yeUtCNApLSTZLc1luTURYVDA5aE1WQ0w2WXlOTmF5alNuKzZqbzR4cmY5Ym03NElFdXpwQldnOTc1aDN0Qkc4MHM3OStmCmZmZm4rcUFKN2xTTnZMYkFKRDIrY2VhaC9BYzhmQTVLZkNtbExtNGlFcHJGa0VGb3JpSnArUkkwdVkrdU9YaHoKUy9nZ2I3bHdXODJVRUZrd0V2a2o1bEZxRWJCVmE4ZFJTTlQwRFhFTVB3a0ZxOXRzQnNKWGgrNWR5Y1FtdVdyaQo1U0VNREhoM2JjekZZeFB1RmFISHBEUXZ0OW82Y1pZdkFVQ0J6LzNWM0QzeSs3bjMwWEIzQkZJYnE5M0JiZFFxCmtnPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= - tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb3dJQkFBS0NBUUVBdzVDM0hhYXZ1QktVWkwrWU9PZWF6bW04RjRKK3g3MC9TeTRtZEl2aXUwdWRvdjNjClpPZFJaSHVYWHJnRUJsUlgrYmJSR0lHV0pnRFM0WXZlYkkvakNvZWNJQ21oNkV0Q29UOG5JSGE4QmpVb1NVZ3oKTm05SzJvQjM0aWs4ekZiMXJaWFVWUTZnbjZSQlliWjZ5UWF4OUgxMExtZTkxbXRNM0lTRDI0K2ZRMmdRT0dHTwpxUnJWaGJ5N3dzRHBoNVNLbDd2SXg5eDZzVU8vUlZuQUV4SFY5b1JIeU1UemY0UW1CZmlJQ2lhOVBTbDJoWjJwCk81SWEzMDVBNWluN2hyS1h0SEV6SUJjaVArTkRqQ0Fhb3FyVSszelUxSXVmcDVSK0FOdGtOTTIvQnpGUUtWbzAKcmNSZUhQdG9ZQWJJTXQwY05wcDgxT2lnbS9MOTAzY1A5bThqT1FJREFRQUJBb0lCQUc1eXk4aDJQR1dVTUxUWgp0RW5uRy9vWm96NFAyRFJNZ0hPZ1E5MnNwMGVxUkFRcXBZOWpTUWViK1hob0t2VzhLdGVBVllVbW9yc2gyZmZCCis4T0tXK3ExZmdwNEdOWE5zM3JINVB3anNyczZ5RjdpNVBHSVYxa2lGeExtd1V5U2pEd1dFNDVhTFlNYnpFVTQKUHc1THRyTmpLdnVPWVp1NGkvYzY3QkZUZ3RvWTdaVTROQTZyM0xLZ3dDNk9SaDVZTDhYVzA5QWNoZFBEdWdEOQpLdWQxaE9PQVY4OUMvcWhMWk84RkZlbVNiNmYwclBxS2RKYXc3NTRCbTFyRmtNRzFkUDVJUTFVbm52OTNnVXBwCjlKaUNKbHgwdEdhVmV3UmxWVzU0QmhDTXB6M0pLU3pyNDN1eVhUWE1wVTJzOUFJZDhCbG9qQ2hXMlVnSmxPaXkKZkY1YllQVUNnWUVBNm1vVlFRdUE1R29leFhDaE51LzF0NE93Yld6TkNHWEQ1bGdsb2E0dXlpdTJUejZDUkFBRwpOMXRWZTBNZGtKMlF4ZXdhTkY1RUN4Y2d1UjNUR2dFRjRqU0JhdHBHcWVEVEoxbHJpRnFUN09tOW1QMjZKUTJkCklsUW1TcERka3g0d0ZnR2FmQktmek9KZ0VtQ1RhZWs5TTltbUxRR01oeC9pQzNGY3dPMGlBL01DZ1lFQTFaTFUKNFpTNG0yTnhFWTVKaGgxdWZjVW9YQytrcWNpdkcvMm1XaWw4TTgrVkQxR2RwUlJzb0NzZjJEYnI1UzRvSlNzdAp2VlBYenUwcWFsMDNwSFlsU1VQeXV6MDVjTkZqbGtFQUFtM2p6UzVGS0tGSzJpcmJlcHRHVkRMRnhKbzY2VFJBCjVBS0dUOC9JV1FTa3BvWGVIUEpmcW1lZFdqSXk5SjlLUzMxQVF5TUNnWUJpWjlZMFVCZnp5M2pQZWRDenQxaDMKaVpqdTF0WGJ5SnpNZmdTT013a0JaZ2hLaS9zemdLOGJYZ1Fza3FnK3BXYTVMN3h3YjRJeEJheC9DYjR0RkhEYgozUjdYTkhxbHBmUCtlTk5qa21LMitnalZ5TzN6MEJzKzVnU05HUE5yWnlqWWxDTytJak5qVjBUdGNnMXdVTEdZCnFxM1FCdTV2YXpzQmdyMWxZQ2IvY1FLQmdCVTJNUmg2ZWQ5TkFCVGJTZWdkRWpWQm1LR1hSY1pySFNFdGp4RVQKWDdlUm5WOVpIc3dmZkM1b09oQnlXL2wySFJ5YjdqNElqcjJKaHBYcnpqUHlXLytyMVBiTnZOKzhuQ1IzTGpZUApqZmw1NS9xQ0Vub2FtWlBTeWloZ3BvM0JONnFqdXZJcVlnYVpQMisvNjA1eXF6MjZ3TStlM056eGNXZ2tUZSt6CmIrZDdBb0dCQU5ZdmNROXVNYmZ5b1RGMzZsWVFlcFJlUjNyaHkyTzczbk1zWis5VDY4UngwVnFvcmQ1bTRYODgKdUxKbnczZmNjQlVsM3JKYUhOYXNIZFA3eXdDTGhyMTQ1aks3R3VIc3pEcG5PY3BvMlZxMjZvY2h6TTRyNzJaYQpoYTRUb2thRTA2eVRsNUdtVThtTVI1cTBNN1BxK0RIUmJ5TzA3aFphZERER3hlY3U0THB5Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== diff --git a/test/e2e/certmanager/config/autotls/certmanager/http01/config-certmanager.yaml b/test/e2e/certmanager/config/autotls/certmanager/http01/config-certmanager.yaml deleted file mode 100644 index 97a9101949c3..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/http01/config-certmanager.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-certmanager - namespace: knative-serving - labels: - app.kubernetes.io/component: net-certmanager - app.kubernetes.io/version: devel - app.kubernetes.io/name: knative-serving - networking.knative.dev/certificate-provider: cert-manager -data: - issuerRef: | - kind: ClusterIssuer - name: http01-issuer - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # issuerRef is a reference to the issuer for this certificate. - # IssuerRef should be either `ClusterIssuer` or `Issuer`. - # Please refer `IssuerRef` in https://github.com/jetstack/cert-manager/blob/master/pkg/apis/certmanager/v1alpha1/types_certificate.go - # for more details about IssuerRef configuration. - issuerRef: | - kind: ClusterIssuer - name: letsencrypt-issuer diff --git a/test/e2e/certmanager/config/autotls/certmanager/http01/issuer.yaml b/test/e2e/certmanager/config/autotls/certmanager/http01/issuer.yaml deleted file mode 100644 index 95213e885eab..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/http01/issuer.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: http01-issuer -spec: - acme: - server: https://acme-staging-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: "http01-key" - solvers: - - http01: - ingress: {} - selector: {} diff --git a/test/e2e/certmanager/config/autotls/certmanager/http01/mesh-issuer.yaml b/test/e2e/certmanager/config/autotls/certmanager/http01/mesh-issuer.yaml deleted file mode 100644 index 18499d8fe829..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/http01/mesh-issuer.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: http01-issuer -spec: - acme: - server: https://acme-staging-v02.api.letsencrypt.org/directory - privateKeySecretRef: - name: "http01-key" - solvers: - - http01: - ingress: - podTemplate: - metadata: - annotations: - sidecar.istio.io/inject: "true" - selector: {} diff --git a/test/e2e/certmanager/config/autotls/certmanager/selfsigned/config-certmanager.yaml b/test/e2e/certmanager/config/autotls/certmanager/selfsigned/config-certmanager.yaml deleted file mode 100644 index da1ebeef32d0..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/selfsigned/config-certmanager.yaml +++ /dev/null @@ -1,50 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: config-certmanager - namespace: knative-serving - labels: - app.kubernetes.io/component: net-certmanager - app.kubernetes.io/version: devel - app.kubernetes.io/name: knative-serving - networking.knative.dev/certificate-provider: cert-manager -data: - issuerRef: | - kind: ClusterIssuer - name: self-signed-issuer - _example: | - ################################ - # # - # EXAMPLE CONFIGURATION # - # # - ################################ - - # This block is not actually functional configuration, - # but serves to illustrate the available configuration - # options and document them in a way that is accessible - # to users that `kubectl edit` this config map. - # - # These sample configuration options may be copied out of - # this block and unindented to actually change the configuration. - - # issuerRef is a reference to the issuer for this certificate. - # IssuerRef should be either `ClusterIssuer` or `Issuer`. - # Please refer `IssuerRef` in https://github.com/jetstack/cert-manager/blob/master/pkg/apis/certmanager/v1alpha1/types_certificate.go - # for more details about IssuerRef configuration. - issuerRef: | - kind: ClusterIssuer - name: letsencrypt-issuer diff --git a/test/e2e/certmanager/config/autotls/certmanager/selfsigned/issuer.yaml b/test/e2e/certmanager/config/autotls/certmanager/selfsigned/issuer.yaml deleted file mode 100644 index 8fd984ab858c..000000000000 --- a/test/e2e/certmanager/config/autotls/certmanager/selfsigned/issuer.yaml +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: self-signed-issuer -spec: - selfSigned: {} diff --git a/test/e2e/certmanager/conformance/certificate_test.go b/test/e2e/certmanager/conformance/certificate_test.go deleted file mode 100644 index 638096242b87..000000000000 --- a/test/e2e/certmanager/conformance/certificate_test.go +++ /dev/null @@ -1,35 +0,0 @@ -//go:build e2e -// +build e2e - -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package conformance - -import ( - "testing" - - "knative.dev/networking/test/conformance/certificate/http01" - "knative.dev/networking/test/conformance/certificate/nonhttp01" -) - -func TestNonHTTP01Conformance(t *testing.T) { - nonhttp01.RunConformance(t) -} - -func TestHTTP01Conformance(t *testing.T) { - http01.RunConformance(t) -} diff --git a/test/e2e/certmanager/e2e-common.sh b/test/e2e/certmanager/e2e-common.sh deleted file mode 100644 index a4dde0f44bf6..000000000000 --- a/test/e2e/certmanager/e2e-common.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This script includes common functions for testing setup and teardown. -source $(dirname $0)/../../../vendor/knative.dev/hack/e2e-tests.sh - - -# Setup resources. -function test_setup() { - echo ">> Setting up logging..." - # Install kail if needed. - if ! which kail > /dev/null; then - bash <( curl -sfL https://raw.githubusercontent.com/boz/kail/master/godownloader.sh) -b "$GOPATH/bin" - fi - # Capture all logs. - kail > ${ARTIFACTS}/k8s.log.txt & - local kail_pid=$! - # Clean up kail so it doesn't interfere with job shutting down - add_trap "kill $kail_pid || true" EXIT - - # Setting up test resources. - echo ">> Publishing test images" - $(dirname $0)/upload-test-images.sh || fail_test "Error uploading test images" - echo ">> Creating test resources (test/config/)" - ko apply ${KO_FLAGS} -f test/config/ || return 1 - - # Bringing up controllers. - echo ">> Bringing up Cert-Manager" - kubectl apply -f third_party/cert-manager-latest/cert-manager.yaml || return 1 - wait_until_pods_running cert-manager || return 1 - - echo ">> Bringing up serving controller with net-certmanager enabled" - ko apply -f config || return 1 - echo ">> Waiting for Serving components to be running..." - wait_until_pods_running knative-serving || return 1 -} - -# Add function call to trap -# Parameters: $1 - Function to call -# $2...$n - Signals for trap -function add_trap() { - local cmd=$1 - shift - for trap_signal in $@; do - local current_trap="$(trap -p $trap_signal | cut -d\' -f2)" - local new_cmd="($cmd)" - [[ -n "${current_trap}" ]] && new_cmd="${current_trap};${new_cmd}" - trap -- "${new_cmd}" $trap_signal - done -} diff --git a/test/e2e/certmanager/e2e-tests.sh b/test/e2e/certmanager/e2e-tests.sh deleted file mode 100755 index db323e625217..000000000000 --- a/test/e2e/certmanager/e2e-tests.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -source $(dirname $0)/e2e-common.sh - - -# Script entry point. -initialize "$@" --cluster-version=1.28 - -CERTIFICATE_CLASS="cert-manager.certificate.networking.knative.dev" - -# Certificate conformance tests must be run separately -# because they need cert-manager specific configurations. -kubectl apply -f ./test/e2e/certmanager/config/autotls/certmanager/selfsigned/ -add_trap "kubectl delete -f ./test/e2e/certmanager/config/autotls/certmanager/selfsigned/ --ignore-not-found" SIGKILL SIGTERM SIGQUIT -go_test_e2e -timeout=10m ./test/e2e/certmanager/conformance \ - -run TestNonHTTP01Conformance \ - "--certificateClass=${CERTIFICATE_CLASS}" || fail_test -kubectl delete -f ./test/e2e/certmanager/config/autotls/certmanager/selfsigned/ - -kubectl apply -f ./test/e2e/certmanager/config/autotls/certmanager/http01/ -add_trap "kubectl delete -f ./test/e2e/certmanager/config/autotls/certmanager/http01/ --ignore-not-found" SIGKILL SIGTERM SIGQUIT -go_test_e2e -timeout=10m ./test/e2e/certmanager/conformance \ - -run TestHTTP01Conformance \ - "--certificateClass=${CERTIFICATE_CLASS}" || fail_test -kubectl delete -f ./test/e2e/certmanager/config/autotls/certmanager/http01/ - -success diff --git a/test/e2e/certmanager/presubmit-tests.sh b/test/e2e/certmanager/presubmit-tests.sh deleted file mode 100755 index 41c7a24c0b52..000000000000 --- a/test/e2e/certmanager/presubmit-tests.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This script runs the presubmit tests; it is started by prow for each PR. -# For convenience, it can also be executed manually. -# Running the script without parameters, or with the --all-tests -# flag, causes all tests to be executed, in the right order. -# Use the flags --build-tests, --unit-tests and --integration-tests -# to run a specific set of tests. - -# Markdown linting failures don't show up properly in Gubernator resulting -# in a net-negative contributor experience. -export DISABLE_MD_LINTING=1 - -export GO111MODULE=on - -source $(dirname $0)/../../../vendor/knative.dev/hack/presubmit-tests.sh - -# We use the default build, unit and integration test runners. - -main $@ diff --git a/test/e2e/certmanager/upload-test-images.sh b/test/e2e/certmanager/upload-test-images.sh deleted file mode 100755 index c7e711ad4b23..000000000000 --- a/test/e2e/certmanager/upload-test-images.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright 2020 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -o errexit - -function upload_test_images() { - echo ">> Publishing test images" - ( - # Script needs to be executed from repo root - cd "$( dirname "$0")/../../..." - local image_dir="vendor/knative.dev/networking/test/test_images" - local docker_tag=$1 - local tag_option="" - if [ -n "${docker_tag}" ]; then - tag_option="--tags $docker_tag,latest" - fi - - ko resolve --jobs=4 ${tag_option} -RBf "${image_dir}" > /dev/null - ) -} - -: ${KO_DOCKER_REPO:?"You must set 'KO_DOCKER_REPO', see DEVELOPMENT.md"} - -upload_test_images $@ diff --git a/vendor/knative.dev/networking/test/cleanup.go b/vendor/knative.dev/networking/test/cleanup.go deleted file mode 100644 index 4b6e217ccf12..000000000000 --- a/vendor/knative.dev/networking/test/cleanup.go +++ /dev/null @@ -1,67 +0,0 @@ -/* -Copyright 2018 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// cleanup allows you to define a cleanup function that will be executed -// if your test is interrupted. - -package test - -import ( - "os" - "os/signal" - "sync" - "testing" -) - -func init() { - c := make(chan os.Signal, 1) - signal.Notify(c, os.Interrupt) - go cleanupOnInterrupt(c) -} - -var cf struct { - o sync.Once - m sync.RWMutex - f []func() -} - -// cleanupOnInterrupt registers a signal handler and will execute a stack of functions if an interrupt signal is caught -func cleanupOnInterrupt(c chan os.Signal) { - for range c { - cf.o.Do(func() { - cf.m.RLock() - defer cf.m.RUnlock() - for i := len(cf.f) - 1; i >= 0; i-- { - cf.f[i]() - } - os.Exit(1) - }) - } -} - -// CleanupOnInterrupt stores cleanup functions to execute if an interrupt signal is caught -func CleanupOnInterrupt(cleanup func()) { - cf.m.Lock() - defer cf.m.Unlock() - cf.f = append(cf.f, cleanup) -} - -// EnsureCleanup will run the provided cleanup function when the test ends, -// either via t.Cleanup or on interrupt via CleanupOnInterrupt. -func EnsureCleanup(t *testing.T, cleanup func()) { - t.Cleanup(cleanup) - CleanupOnInterrupt(cleanup) -} diff --git a/vendor/knative.dev/networking/test/clients.go b/vendor/knative.dev/networking/test/clients.go deleted file mode 100644 index 123b7de71769..000000000000 --- a/vendor/knative.dev/networking/test/clients.go +++ /dev/null @@ -1,91 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// This file contains an object which encapsulates k8s clients which are useful for e2e tests. - -package test - -import ( - "k8s.io/client-go/dynamic" - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/rest" - - // Allow E2E to run against a cluster using OpenID. - _ "k8s.io/client-go/plugin/pkg/client/auth/oidc" - - "knative.dev/networking/pkg/client/clientset/versioned" - networkingv1alpha1 "knative.dev/networking/pkg/client/clientset/versioned/typed/networking/v1alpha1" -) - -// Clients holds instances of interfaces for making requests to Knative Serving. -type Clients struct { - KubeClient kubernetes.Interface - NetworkingClient *NetworkingClients - Dynamic dynamic.Interface -} - -// NetworkingClients holds instances of interfaces for making requests to Knative -// networking clients. -type NetworkingClients struct { - ServerlessServices networkingv1alpha1.ServerlessServiceInterface - Ingresses networkingv1alpha1.IngressInterface - Certificates networkingv1alpha1.CertificateInterface -} - -// NewClientsFromConfig instantiates and returns several clientsets required for making request to the -// Knative Serving cluster specified by the combination of clusterName and configPath. Clients can -// make requests within namespace. -func NewClientsFromConfig(cfg *rest.Config, namespace string) (*Clients, error) { - // We poll, so set our limits high. - cfg.QPS = 100 - cfg.Burst = 200 - - var ( - err error - clients Clients - ) - - clients.KubeClient, err = kubernetes.NewForConfig(cfg) - if err != nil { - return nil, err - } - - clients.Dynamic, err = dynamic.NewForConfig(cfg) - if err != nil { - return nil, err - } - - clients.NetworkingClient, err = newNetworkingClients(cfg, namespace) - if err != nil { - return nil, err - } - - return &clients, nil -} - -// newNetworkingClients instantiates and returns the networking clientset required to make requests -// to Networking resources on the Knative service cluster -func newNetworkingClients(cfg *rest.Config, namespace string) (*NetworkingClients, error) { - cs, err := versioned.NewForConfig(cfg) - if err != nil { - return nil, err - } - return &NetworkingClients{ - ServerlessServices: cs.NetworkingV1alpha1().ServerlessServices(namespace), - Ingresses: cs.NetworkingV1alpha1().Ingresses(namespace), - Certificates: cs.NetworkingV1alpha1().Certificates(namespace), - }, nil -} diff --git a/vendor/knative.dev/networking/test/conformance/certificate/http01/certificate.go b/vendor/knative.dev/networking/test/conformance/certificate/http01/certificate.go deleted file mode 100644 index 8b062da5b046..000000000000 --- a/vendor/knative.dev/networking/test/conformance/certificate/http01/certificate.go +++ /dev/null @@ -1,72 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package http01 - -import ( - "context" - "testing" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "knative.dev/networking/pkg/apis/networking/v1alpha1" - "knative.dev/networking/test" - utils "knative.dev/networking/test/conformance/certificate" -) - -// TestHTTP01Challenge verifies that HTTP challenges are created for a certificate -func TestHTTP01Challenge(t *testing.T) { - subDomain := test.ObjectNameForTest(t) - ctx, clients := context.Background(), test.Setup(t) - - certDomains := [][]string{ - {subDomain + ".knative-test.dev"}, - {subDomain + "2.knative-test.dev", subDomain + "3.knative-test.dev"}, - } - - for _, domains := range certDomains { - cert := utils.CreateCertificate(ctx, t, clients, domains) - - if err := utils.WaitForCertificateState(ctx, clients.NetworkingClient, cert.Name, - func(c *v1alpha1.Certificate) (bool, error) { - for _, dnsName := range c.Spec.DNSNames { - found := false - - for _, challenge := range c.Status.HTTP01Challenges { - if challenge.URL.Host == dnsName { - found = true - break - } - } - - if !found { - return false, nil - } - } - - return true, nil - }, - t.Name()); err != nil { - t.Fatal("failed to wait for HTTP01 challenges:", err) - } - - cert, err := clients.NetworkingClient.Certificates.Get(ctx, cert.Name, metav1.GetOptions{}) - if err != nil { - t.Fatal("failed to fetch certificate:", err) - } - - utils.VerifyChallenges(ctx, t, clients, cert) - } -} diff --git a/vendor/knative.dev/networking/test/conformance/certificate/http01/run.go b/vendor/knative.dev/networking/test/conformance/certificate/http01/run.go deleted file mode 100644 index e57440166e96..000000000000 --- a/vendor/knative.dev/networking/test/conformance/certificate/http01/run.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package http01 - -import "testing" - -func RunConformance(t *testing.T) { - t.Run("http01", TestHTTP01Challenge) -} diff --git a/vendor/knative.dev/networking/test/conformance/certificate/nonhttp01/certificate.go b/vendor/knative.dev/networking/test/conformance/certificate/nonhttp01/certificate.go deleted file mode 100644 index b5458098382a..000000000000 --- a/vendor/knative.dev/networking/test/conformance/certificate/nonhttp01/certificate.go +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package nonhttp01 - -import ( - "context" - "testing" - - "knative.dev/networking/test" - utils "knative.dev/networking/test/conformance/certificate" -) - -// TestSecret verifies that a certificate creates a secret -func TestSecret(t *testing.T) { - ctx, clients := context.Background(), test.Setup(t) - certName := test.ObjectNameForTest(t) + "." + test.NetworkingFlags.ServiceDomain - - cert := utils.CreateCertificate(ctx, t, clients, []string{certName}) - - t.Logf("Waiting for Certificate %q to transition to Ready", cert.Name) - if err := utils.WaitForCertificateState(ctx, clients.NetworkingClient, cert.Name, utils.IsCertificateReady, "CertificateIsReady"); err != nil { - t.Fatal("Error waiting for the certificate to become ready for the latest revision:", err) - } - - err := utils.WaitForCertificateSecret(ctx, t, clients, cert, t.Name()) - if err != nil { - t.Error("Failed to wait for secret:", err) - } -} diff --git a/vendor/knative.dev/networking/test/conformance/certificate/nonhttp01/run.go b/vendor/knative.dev/networking/test/conformance/certificate/nonhttp01/run.go deleted file mode 100644 index 60e4c7879dfc..000000000000 --- a/vendor/knative.dev/networking/test/conformance/certificate/nonhttp01/run.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package nonhttp01 - -import "testing" - -func RunConformance(t *testing.T) { - t.Run("secret", TestSecret) -} diff --git a/vendor/knative.dev/networking/test/conformance/certificate/utils.go b/vendor/knative.dev/networking/test/conformance/certificate/utils.go deleted file mode 100644 index 47bd26644be7..000000000000 --- a/vendor/knative.dev/networking/test/conformance/certificate/utils.go +++ /dev/null @@ -1,152 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package certificate - -import ( - "context" - "crypto/x509" - "encoding/pem" - "errors" - "fmt" - "testing" - - "github.com/google/go-cmp/cmp" - corev1 "k8s.io/api/core/v1" - apierrs "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/sets" - "k8s.io/apimachinery/pkg/util/wait" - "knative.dev/networking/pkg/apis/networking" - "knative.dev/networking/pkg/apis/networking/v1alpha1" - "knative.dev/networking/test" - "knative.dev/pkg/test/logging" -) - -// CreateCertificate creates a Certificate with the given DNS names. The -// certificate is automatically cleaned up when the test ends or is -// interrupted. -func CreateCertificate(ctx context.Context, t *testing.T, clients *test.Clients, dnsNames []string) *v1alpha1.Certificate { - t.Helper() - - name := test.ObjectNameForTest(t) - cert := &v1alpha1.Certificate{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - Namespace: test.ServingNamespace, - Annotations: map[string]string{ - networking.CertificateClassAnnotationKey: test.NetworkingFlags.CertificateClass, - }, - }, - Spec: v1alpha1.CertificateSpec{ - DNSNames: dnsNames, - SecretName: name, - }, - } - - test.EnsureCleanup(t, func() { - clients.NetworkingClient.Certificates.Delete(ctx, cert.Name, metav1.DeleteOptions{}) - clients.KubeClient.CoreV1().Secrets(test.ServingNamespace).Delete(ctx, cert.Spec.SecretName, metav1.DeleteOptions{}) - }) - - cert, err := clients.NetworkingClient.Certificates.Create(ctx, cert, metav1.CreateOptions{}) - if err != nil { - t.Fatal("Error creating Certificate:", err) - } - - return cert -} - -// IsCertificateReady will check the status conditions of the certificate and return true if the certificate is -// ready. -func IsCertificateReady(c *v1alpha1.Certificate) (bool, error) { - return c.IsReady(), nil -} - -// WaitForCertificateSecret polls the status of the Secret for the provided Certificate -// until it exists or the timeout is exceeded. It then validates its contents -func WaitForCertificateSecret(ctx context.Context, t *testing.T, client *test.Clients, cert *v1alpha1.Certificate, desc string) error { - span := logging.GetEmitableSpan(context.Background(), fmt.Sprintf("WaitForCertificateSecret/%s/%s", cert.Spec.SecretName, desc)) - defer span.End() - - return wait.PollUntilContextTimeout(ctx, test.PollInterval, test.PollTimeout, true, func(ctx context.Context) (bool, error) { - secret, err := client.KubeClient.CoreV1().Secrets(test.ServingNamespace).Get(ctx, cert.Spec.SecretName, metav1.GetOptions{}) - if apierrs.IsNotFound(err) { - return false, nil - } else if err != nil { - return true, fmt.Errorf("failed to get secret: %w", err) - } - - block, _ := pem.Decode(secret.Data[corev1.TLSCertKey]) - if block == nil { - // PEM files are text, so just dump it here. - t.Logf("Bad PEM file:\n%s", secret.Data[corev1.TLSCertKey]) - return true, errors.New("failed to decode PEM data") - } - - certData, err := x509.ParseCertificate(block.Bytes) - if err != nil { - return true, fmt.Errorf("failed to parse certificate: %w", err) - } - - if got, want := certData.DNSNames, cert.Spec.DNSNames; !cmp.Equal(got, want) { - return true, fmt.Errorf("incorrect DNSNames in secret. Got %v, want %v", got, want) - } - - return true, nil - }) -} - -// WaitForCertificateState polls the status of the Certificate called name from client -// every PollInterval until inState returns `true` indicating it is done, returns an -// error or PollTimeout. desc will be used to name the metric that is emitted to -// track how long it took for name to get into the state checked by inState. -func WaitForCertificateState(ctx context.Context, client *test.NetworkingClients, name string, inState func(r *v1alpha1.Certificate) (bool, error), desc string) error { - span := logging.GetEmitableSpan(context.Background(), fmt.Sprintf("WaitForCertificateState/%s/%s", name, desc)) - defer span.End() - - var lastState *v1alpha1.Certificate - return wait.PollUntilContextTimeout(ctx, test.PollInterval, test.PollTimeout, true, func(ctx context.Context) (bool, error) { - var err error - lastState, err = client.Certificates.Get(ctx, name, metav1.GetOptions{}) - if err != nil { - return true, err - } - return inState(lastState) - }) -} - -// VerifyChallenges verifies that the given certificate has the correct number -// of HTTP01challenges and they contain valid data. -func VerifyChallenges(ctx context.Context, t *testing.T, client *test.Clients, cert *v1alpha1.Certificate) { - t.Helper() - - certDomains := sets.New(cert.Spec.DNSNames...) - - for _, challenge := range cert.Status.HTTP01Challenges { - if challenge.ServiceName == "" { - t.Error("HTTP01 Challenge missing solver service name") - } - - if !certDomains.Has(challenge.URL.Host) { - t.Errorf("HTTP01 Challenge host %s is not one of: %v", challenge.URL.Host, cert.Spec.DNSNames) - } - _, err := client.KubeClient.CoreV1().Services(challenge.ServiceNamespace).Get(ctx, challenge.ServiceName, metav1.GetOptions{}) - if apierrs.IsNotFound(err) { - t.Error("failed to find solver service for challenge:", err) - } - } -} diff --git a/vendor/knative.dev/networking/test/defaultsystem/system.go b/vendor/knative.dev/networking/test/defaultsystem/system.go deleted file mode 100644 index 76a89f0e3a82..000000000000 --- a/vendor/knative.dev/networking/test/defaultsystem/system.go +++ /dev/null @@ -1,30 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package defaultsystem - -import ( - "os" - - "knative.dev/pkg/system" -) - -func init() { - if ns := os.Getenv(system.NamespaceEnvKey); ns != "" { - return - } - os.Setenv(system.NamespaceEnvKey, "knative-serving") -} diff --git a/vendor/knative.dev/networking/test/e2e_constants.go b/vendor/knative.dev/networking/test/e2e_constants.go deleted file mode 100644 index 44820133b32f..000000000000 --- a/vendor/knative.dev/networking/test/e2e_constants.go +++ /dev/null @@ -1,26 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// All test-affecting constants should be placed in this file -// At some point it may make sense to be able to modify them -// via a configuration mechanism (see https://github.com/knative/serving/issues/6109) - -package test - -const ( - // ServingNamespace is the default namespace for serving e2e tests - ServingNamespace = "serving-tests" -) diff --git a/vendor/knative.dev/networking/test/e2e_flags.go b/vendor/knative.dev/networking/test/e2e_flags.go deleted file mode 100644 index 77c83d18a2a8..000000000000 --- a/vendor/knative.dev/networking/test/e2e_flags.go +++ /dev/null @@ -1,110 +0,0 @@ -/* -Copyright 2018 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// This file contains logic to encapsulate flags which are needed to specify -// what cluster, etc. to use for e2e tests. - -package test - -import ( - "flag" - - "knative.dev/networking/pkg/config" -) - -// NetworkingFlags holds the flags or defaults for knative/networking settings in the user's environment. -var NetworkingFlags = initializeNetworkingFlags() - -// ServingFlags is an alias of NetworkingFlags. -// TODO: Delete this variable once all downstream migrate it to NetworkingFlags. -var ServingFlags = NetworkingFlags - -// NetworkingEnvironmentFlags holds the e2e flags needed only by the networking repo. -type NetworkingEnvironmentFlags struct { - ResolvableDomain bool // Resolve Route controller's `domainSuffix` - HTTPS bool // Indicates where the test service will be created with https - IngressClass string // Indicates the class of Ingress provider to test. - CertificateClass string // Indicates the class of Certificate provider to test. - Buckets int // The number of reconciler buckets configured. - Replicas int // The number of controlplane replicas being run. - EnableAlphaFeatures bool // Indicates whether we run tests for alpha features - EnableBetaFeatures bool // Indicates whether we run tests for beta features - SkipTests string // Indicates the test names we want to skip in alpha or beta features. - ClusterSuffix string // Specifies the cluster DNS suffix to be used in tests. - ServiceDomain string // Specifies the domain to use when creating the test services. -} - -func initializeNetworkingFlags() *NetworkingEnvironmentFlags { - var f NetworkingEnvironmentFlags - - // Only define and set flags here. Flag values cannot be read at package init time. - flag.BoolVar(&f.ResolvableDomain, - "resolvabledomain", - false, - "Set this flag to true if you have configured the `domainSuffix` on your Route controller to a domain that will resolve to your test cluster.") - - flag.BoolVar(&f.HTTPS, - "https", - false, - "Set this flag to true to run all tests with https.") - - flag.StringVar(&f.IngressClass, - "ingressClass", - config.IstioIngressClassName, - "Set this flag to the ingress class to test against.") - - flag.StringVar(&f.CertificateClass, - "certificateClass", - config.CertManagerCertificateClassName, - "Set this flag to the certificate class to test against.") - - flag.IntVar(&f.Buckets, - "buckets", - 1, - "Set this flag to the number of reconciler buckets configured.") - - flag.IntVar(&f.Replicas, - "replicas", - 1, - "Set this flag to the number of controlplane replicas being run.") - - flag.BoolVar(&f.EnableAlphaFeatures, - "enable-alpha", - false, - "Set this flag to run tests against alpha features.") - - flag.BoolVar(&f.EnableBetaFeatures, - "enable-beta", - false, - "Set this flag to run tests against beta features.") - - flag.StringVar(&f.SkipTests, - "skip-tests", - "", - "Set this flag to the tests you want to skip in alpha or beta features. Accepts a comma separated list.") - - flag.StringVar(&f.ClusterSuffix, - "cluster-suffix", - "cluster.local", - "Set this flag to the cluster suffix to be used in tests.") - - flag.StringVar(&f.ServiceDomain, - "service-domain", - "example.com", - "Set this flag to the domain to be used in tests.") - - return &f -} diff --git a/vendor/knative.dev/networking/test/ingress.go b/vendor/knative.dev/networking/test/ingress.go deleted file mode 100644 index ef6a3faaa652..000000000000 --- a/vendor/knative.dev/networking/test/ingress.go +++ /dev/null @@ -1,57 +0,0 @@ -/* -Copyright 2020 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package test - -import ( - "context" - "fmt" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/wait" - "knative.dev/networking/pkg/apis/networking/v1alpha1" - "knative.dev/pkg/test/logging" -) - -// WaitForIngressState polls the status of the Ingress called name from client every -// PollInterval until inState returns `true` indicating it is done, returns an -// error or PollTimeout. desc will be used to name the metric that is emitted to -// track how long it took for name to get into the state checked by inState. -func WaitForIngressState(ctx context.Context, client *NetworkingClients, name string, inState func(r *v1alpha1.Ingress) (bool, error), desc string) error { - span := logging.GetEmitableSpan(context.Background(), fmt.Sprintf("WaitForIngressState/%s/%s", name, desc)) - defer span.End() - - var lastState *v1alpha1.Ingress - waitErr := wait.PollUntilContextTimeout(ctx, PollInterval, PollTimeout, true, func(ctx context.Context) (bool, error) { - var err error - lastState, err = client.Ingresses.Get(ctx, name, metav1.GetOptions{}) - if err != nil { - return true, err - } - return inState(lastState) - }) - - if waitErr != nil { - return fmt.Errorf("ingress %q is not in desired state, got: %+v: %w", name, lastState, waitErr) - } - return nil -} - -// IsIngressReady will check the status conditions of the ingress and return true if the ingress is -// ready. -func IsIngressReady(r *v1alpha1.Ingress) (bool, error) { - return r.IsReady(), nil -} diff --git a/vendor/knative.dev/networking/test/presubmit-tests.sh b/vendor/knative.dev/networking/test/presubmit-tests.sh deleted file mode 100644 index b726c175a67f..000000000000 --- a/vendor/knative.dev/networking/test/presubmit-tests.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2019 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# This script runs the presubmit tests; it is started by prow for each PR. -# For convenience, it can also be executed manually. -# Running the script without parameters, or with the --all-tests -# flag, causes all tests to be executed, in the right order. -# Use the flags --build-tests, --unit-tests and --integration-tests -# to run a specific set of tests. - -source $(dirname $0)/../vendor/knative.dev/hack/presubmit-tests.sh - -# We use the default build, unit and integration test runners. - -main "$@" diff --git a/vendor/knative.dev/networking/test/prober.go b/vendor/knative.dev/networking/test/prober.go deleted file mode 100644 index 4932716288f3..000000000000 --- a/vendor/knative.dev/networking/test/prober.go +++ /dev/null @@ -1,256 +0,0 @@ -/* -Copyright 2019 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// route.go provides methods to perform actions on the route resource. - -package test - -import ( - "context" - "fmt" - "net/http" - "net/url" - "sync" - "testing" - - "go.uber.org/atomic" - "golang.org/x/sync/errgroup" - - pkgTest "knative.dev/pkg/test" - "knative.dev/pkg/test/logging" - "knative.dev/pkg/test/spoof" -) - -// Prober is the interface for a prober, which checks the result of the probes when stopped. -type Prober interface { - // SLI returns the "service level indicator" for the prober, which is the observed - // success rate of the probes. This will panic if the prober has not been stopped. - SLI() (total int64, failures int64) - - // Stop terminates the prober, returning any observed errors. - // Implementations may choose to put additional requirements on - // the prober, which may cause this to block (e.g. a minimum number - // of probes to achieve a population suitable for SLI measurement). - Stop() error -} - -type prober struct { - // These shouldn't change after creation - logf logging.FormatLogger - url *url.URL - minimumProbes int64 - - requests atomic.Int64 - failures atomic.Int64 - - // This channel is simply closed when minimumProbes has been satisfied. - minDoneCh chan struct{} - - errGrp *errgroup.Group - ctx context.Context - cancel context.CancelFunc -} - -// prober implements Prober -var _ Prober = (*prober)(nil) - -// SLI implements Prober -func (p *prober) SLI() (int64, int64) { - return p.requests.Load(), p.failures.Load() -} - -// Stop implements Prober -func (p *prober) Stop() error { - // Wait for either an error to happen or the minimumProbes we want. - select { - case <-p.ctx.Done(): - case <-p.minDoneCh: - } - - // Stop all probing. - p.cancel() - - return p.errGrp.Wait() -} - -// ProberManager is the interface for spawning probers, and checking their results. -type ProberManager interface { - // The ProberManager should expose a way to collectively reason about spawned - // probes as a sort of aggregating Prober. - Prober - - // Spawn creates a new Prober - Spawn(url *url.URL) Prober - - // Foreach iterates over the probers spawned by this ProberManager. - Foreach(func(url *url.URL, p Prober)) -} - -type manager struct { - // Should not change after creation - logf logging.FormatLogger - clients *Clients - minProbes int64 - - m sync.RWMutex - probes map[*url.URL]Prober - transportOptions []spoof.TransportOption -} - -var _ ProberManager = (*manager)(nil) - -// Spawn implements ProberManager -func (m *manager) Spawn(url *url.URL) Prober { - m.m.Lock() - defer m.m.Unlock() - - if p, ok := m.probes[url]; ok { - return p - } - - m.logf("Starting Route prober for %s.", url) - - ctx, cancel := context.WithCancel(context.Background()) - errGrp, ctx := errgroup.WithContext(ctx) - - p := &prober{ - logf: m.logf, - url: url, - minimumProbes: m.minProbes, - - minDoneCh: make(chan struct{}), - - errGrp: errGrp, - ctx: ctx, - cancel: cancel, - } - m.probes[url] = p - - errGrp.Go(func() error { - client, err := pkgTest.NewSpoofingClient(ctx, m.clients.KubeClient, m.logf, url.Hostname(), NetworkingFlags.ResolvableDomain, m.transportOptions...) - if err != nil { - return fmt.Errorf("failed to generate client: %w", err) - } - - req, err := http.NewRequest(http.MethodGet, url.String(), nil) - if err != nil { - return fmt.Errorf("failed to generate request: %w", err) - } - - // We keep polling the domain and accumulate success rates - // to ultimately establish the SLI and compare to the SLO. - for { - select { - case <-ctx.Done(): - return nil - default: - res, err := client.Do(req) - if p.requests.Inc() == p.minimumProbes { - close(p.minDoneCh) - } - if err != nil { - p.logf("%q error: %v", p.url, err) - p.failures.Inc() - } else if res.StatusCode != http.StatusOK { - p.logf("%q status = %d, want: %d", p.url, res.StatusCode, http.StatusOK) - p.logf("Response: %s", res) - p.failures.Inc() - } - } - } - }) - return p -} - -// Stop implements ProberManager -func (m *manager) Stop() error { - m.m.Lock() - defer m.m.Unlock() - - m.logf("Stopping all probers") - - errgrp := &errgroup.Group{} - for _, prober := range m.probes { - errgrp.Go(prober.Stop) - } - return errgrp.Wait() -} - -// SLI implements Prober -func (m *manager) SLI() (total int64, failures int64) { - m.m.RLock() - defer m.m.RUnlock() - for _, prober := range m.probes { - pt, pf := prober.SLI() - total += pt - failures += pf - } - return -} - -// Foreach implements ProberManager -func (m *manager) Foreach(f func(url *url.URL, p Prober)) { - m.m.RLock() - defer m.m.RUnlock() - - for url, prober := range m.probes { - f(url, prober) - } -} - -// NewProberManager creates a new manager for probes. -func NewProberManager(logf logging.FormatLogger, clients *Clients, minProbes int64, opts ...spoof.TransportOption) ProberManager { - return &manager{ - logf: logf, - clients: clients, - minProbes: minProbes, - probes: make(map[*url.URL]Prober), - transportOptions: opts, - } -} - -// RunRouteProber starts a single Prober of the given domain. -func RunRouteProber(logf logging.FormatLogger, clients *Clients, url *url.URL, opts ...spoof.TransportOption) Prober { - // Default to 10 probes - pm := NewProberManager(logf, clients, 10, opts...) - pm.Spawn(url) - return pm -} - -// AssertProberDefault is a helper for stopping the Prober and checking its SLI -// against the default SLO, which requires perfect responses. -// This takes `testing.T` so that it may be used in `defer`. -func AssertProberDefault(t testing.TB, p Prober) { - t.Helper() - if err := p.Stop(); err != nil { - t.Error("Stop()", "error", err.Error()) - } - // Default to 100% correct (typically used in conjunction with the low probe count above) - if err := CheckSLO(1.0, t.Name(), p); err != nil { - t.Error("CheckSLO()", "error", err.Error()) - } -} - -// CheckSLO compares the SLI of the given prober against the SLO, erroring if too low. -func CheckSLO(slo float64, name string, p Prober) error { - total, failures := p.SLI() - - successRate := float64(total-failures) / float64(total) - if successRate < slo { - return fmt.Errorf("SLI for %q = %f, wanted >= %f", name, successRate, slo) - } - return nil -} diff --git a/vendor/knative.dev/networking/test/upload-test-images.sh b/vendor/knative.dev/networking/test/upload-test-images.sh deleted file mode 100644 index d02c76f9d084..000000000000 --- a/vendor/knative.dev/networking/test/upload-test-images.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright 2018 The Knative Authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# https://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -o errexit - -function upload_test_images() { - echo ">> Publishing test images" - # Script needs to be executed from the root directory - # to pickup .ko.yaml - cd "$( dirname "$0")/.." - local image_dir="test/test_images" - local docker_tag=$1 - local tag_option="" - if [ -n "${docker_tag}" ]; then - tag_option="--tags $docker_tag,latest" - fi - - # ko resolve is being used for the side-effect of publishing images, - # so the resulting yaml produced is ignored. - ko resolve ${tag_option} -RBf "${image_dir}" > /dev/null -} - -: ${KO_DOCKER_REPO:?"You must set 'KO_DOCKER_REPO', see DEVELOPMENT.md"} - -upload_test_images $@ diff --git a/vendor/knative.dev/networking/test/util.go b/vendor/knative.dev/networking/test/util.go deleted file mode 100644 index 5d09f86ae20e..000000000000 --- a/vendor/knative.dev/networking/test/util.go +++ /dev/null @@ -1,103 +0,0 @@ -/* -Copyright 2018 The Knative Authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package test - -import ( - "context" - "net/http" - "testing" - "time" - - pkgnet "knative.dev/pkg/network" - "knative.dev/pkg/signals" - pkgTest "knative.dev/pkg/test" - "knative.dev/pkg/test/helpers" - "knative.dev/pkg/test/logstream" - - // For our e2e testing, we want this linked first so that our - // systen namespace environment variable is defaulted prior to - // logstream initialization. - _ "knative.dev/networking/test/defaultsystem" - - // Mysteriously required to support GCP auth (required by k8s libs). Apparently just importing it is enough. @_@ side effects @_@. https://github.com/kubernetes/client-go/issues/242 - _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" -) - -const ( - // PollInterval is how frequently e2e tests will poll for updates. - PollInterval = 1 * time.Second - // PollTimeout is how long e2e tests will wait for resource updates when polling. - PollTimeout = 10 * time.Minute -) - -// util.go provides shared utilities methods across knative serving test - -// Setup creates client to run Knative Service requests -func Setup(t testing.TB) *Clients { - t.Helper() - - cancel := logstream.Start(t) - t.Cleanup(cancel) - - cfg, err := pkgTest.Flags.GetRESTConfig() - if err != nil { - t.Fatal("couldn't get REST config:", err) - } - - clients, err := NewClientsFromConfig(cfg, ServingNamespace) - if err != nil { - t.Fatal("Couldn't initialize clients", "error", err.Error()) - } - return clients -} - -// ObjectNameForTest generates a random object name based on the test name. -var ObjectNameForTest = helpers.ObjectNameForTest - -// ListenAndServeGracefully calls into ListenAndServeGracefullyWithHandler -// by passing handler to handle requests for "/" -func ListenAndServeGracefully(addr string, handler func(w http.ResponseWriter, r *http.Request)) { - ListenAndServeGracefullyWithHandler(addr, http.HandlerFunc(handler)) -} - -// ListenAndServeGracefullyWithHandler creates an HTTP server, listens on the defined address -// and handles incoming requests with the given handler. -// It blocks until SIGTERM is received and the underlying server has shutdown gracefully. -func ListenAndServeGracefullyWithHandler(addr string, handler http.Handler) { - server := pkgnet.NewServer(addr, handler) - go server.ListenAndServe() - - <-signals.SetupSignalHandler() - server.Shutdown(context.Background()) -} - -// ListenAndServeTLSGracefully calls into ListenAndServeTLSGracefullyWithHandler -// by passing handler to handle requests for "/" -func ListenAndServeTLSGracefully(cert, key, addr string, handler func(w http.ResponseWriter, r *http.Request)) { - ListenAndServeTLSGracefullyWithHandler(cert, key, addr, http.HandlerFunc(handler)) -} - -// ListenAndServeTLSGracefullyWithHandler creates an HTTPS server, listens on the defined address -// and handles incoming requests with the given handler. -// It blocks until SIGTERM is received and the underlying server has shutdown gracefully. -func ListenAndServeTLSGracefullyWithHandler(cert, key, addr string, handler http.Handler) { - server := pkgnet.NewServer(addr, handler) - go server.ListenAndServeTLS(cert, key) - - <-signals.SetupSignalHandler() - server.Shutdown(context.Background()) -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 3f3144606cef..cabc781b5d74 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1388,11 +1388,6 @@ knative.dev/networking/pkg/http/stats knative.dev/networking/pkg/ingress knative.dev/networking/pkg/k8s knative.dev/networking/pkg/prober -knative.dev/networking/test -knative.dev/networking/test/conformance/certificate -knative.dev/networking/test/conformance/certificate/http01 -knative.dev/networking/test/conformance/certificate/nonhttp01 -knative.dev/networking/test/defaultsystem # knative.dev/pkg v0.0.0-20240527142806-5eeb7ecd482d ## explicit; go 1.21 knative.dev/pkg/apiextensions/storageversion