diff --git a/test/acceptance/framework/consul/consul_cluster.go b/test/acceptance/framework/consul/consul_cluster.go index 00e7e7f776..33ca6a250b 100644 --- a/test/acceptance/framework/consul/consul_cluster.go +++ b/test/acceptance/framework/consul/consul_cluster.go @@ -41,7 +41,6 @@ type Cluster interface { // HelmCluster implements Cluster and uses Helm // to create, destroy, and upgrade consul type HelmCluster struct { - cfg config.TestConfig ctx environment.TestContext helmOptions *helm.Options releaseName string @@ -144,7 +143,7 @@ func (h *HelmCluster) Destroy(t *testing.T) { // Ignore the error returned by the helm delete here so that we can // always idempotently clean up resources in the cluster. - helm.DeleteE(t, h.helmOptions, h.releaseName, false) + _ = helm.DeleteE(t, h.helmOptions, h.releaseName, false) // Force delete any pods that have h.releaseName in their name because sometimes // graceful termination takes a long time and since this is an uninstall @@ -162,7 +161,8 @@ func (h *HelmCluster) Destroy(t *testing.T) { } // Delete PVCs. - h.kubernetesClient.CoreV1().PersistentVolumeClaims(h.helmOptions.KubectlOptions.Namespace).DeleteCollection(context.Background(), metav1.DeleteOptions{}, metav1.ListOptions{LabelSelector: "release=" + h.releaseName}) + err = h.kubernetesClient.CoreV1().PersistentVolumeClaims(h.helmOptions.KubectlOptions.Namespace).DeleteCollection(context.Background(), metav1.DeleteOptions{}, metav1.ListOptions{LabelSelector: "release=" + h.releaseName}) + require.NoError(t, err) // Delete any serviceaccounts that have h.releaseName in their name. sas, err := h.kubernetesClient.CoreV1().ServiceAccounts(h.helmOptions.KubectlOptions.Namespace).List(context.Background(), metav1.ListOptions{LabelSelector: "release=" + h.releaseName}) @@ -347,12 +347,11 @@ func configurePodSecurityPolicies(t *testing.T, client kubernetes.Interface, cfg // Pod Security Policy { // Check if the pod security policy with this name already exists - psp, err := client.PolicyV1beta1().PodSecurityPolicies().Get(context.Background(), pspName, metav1.GetOptions{}) - // If it doesn't exist, create it. + _, err := client.PolicyV1beta1().PodSecurityPolicies().Get(context.Background(), pspName, metav1.GetOptions{}) if errors.IsNotFound(err) { // This pod security policy can be used by any tests resources. // This policy is fairly simple and only prevents from running privileged containers. - psp = &policyv1beta.PodSecurityPolicy{ + psp := &policyv1beta.PodSecurityPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "test-psp", }, @@ -384,11 +383,11 @@ func configurePodSecurityPolicies(t *testing.T, client kubernetes.Interface, cfg // Cluster role for the PSP. { // Check if we have a cluster role that authorizes the use of the pod security policy. - pspClusterRole, err := client.RbacV1().ClusterRoles().Get(context.Background(), pspName, metav1.GetOptions{}) + _, err := client.RbacV1().ClusterRoles().Get(context.Background(), pspName, metav1.GetOptions{}) // If it doesn't exist, create the clusterrole. if errors.IsNotFound(err) { - pspClusterRole = &rbacv1.ClusterRole{ + pspClusterRole := &rbacv1.ClusterRole{ ObjectMeta: metav1.ObjectMeta{ Name: pspName, }, @@ -411,10 +410,10 @@ func configurePodSecurityPolicies(t *testing.T, client kubernetes.Interface, cfg // A role binding to allow default service account in the installation namespace access to the PSP. { // Check if this cluster role binding already exists. - pspRoleBinding, err := client.RbacV1().RoleBindings(namespace).Get(context.Background(), pspName, metav1.GetOptions{}) + _, err := client.RbacV1().RoleBindings(namespace).Get(context.Background(), pspName, metav1.GetOptions{}) if errors.IsNotFound(err) { - pspRoleBinding = &rbacv1.RoleBinding{ + pspRoleBinding := &rbacv1.RoleBinding{ ObjectMeta: metav1.ObjectMeta{ Name: pspName, }, @@ -439,9 +438,9 @@ func configurePodSecurityPolicies(t *testing.T, client kubernetes.Interface, cfg } helpers.Cleanup(t, cfg.NoCleanupOnFailure, func() { - client.PolicyV1beta1().PodSecurityPolicies().Delete(context.Background(), pspName, metav1.DeleteOptions{}) - client.RbacV1().ClusterRoles().Delete(context.Background(), pspName, metav1.DeleteOptions{}) - client.RbacV1().RoleBindings(namespace).Delete(context.Background(), pspName, metav1.DeleteOptions{}) + _ = client.PolicyV1beta1().PodSecurityPolicies().Delete(context.Background(), pspName, metav1.DeleteOptions{}) + _ = client.RbacV1().ClusterRoles().Delete(context.Background(), pspName, metav1.DeleteOptions{}) + _ = client.RbacV1().RoleBindings(namespace).Delete(context.Background(), pspName, metav1.DeleteOptions{}) }) } @@ -463,7 +462,7 @@ func createOrUpdateLicenseSecret(t *testing.T, client kubernetes.Interface, cfg } helpers.Cleanup(t, cfg.NoCleanupOnFailure, func() { - client.CoreV1().Secrets(namespace).Delete(context.Background(), config.LicenseSecretName, metav1.DeleteOptions{}) + _ = client.CoreV1().Secrets(namespace).Delete(context.Background(), config.LicenseSecretName, metav1.DeleteOptions{}) }) } @@ -479,10 +478,10 @@ func configureSCCs(t *testing.T, client kubernetes.Interface, cfg *config.TestCo { for clusterRoleName, roleBindingName := range map[string]string{anyuidClusterRole: anyuidRoleBinding, privilegedClusterRole: privilegedRoleBinding} { // Check if this cluster role binding already exists. - roleBinding, err := client.RbacV1().RoleBindings(namespace).Get(context.Background(), roleBindingName, metav1.GetOptions{}) + _, err := client.RbacV1().RoleBindings(namespace).Get(context.Background(), roleBindingName, metav1.GetOptions{}) if errors.IsNotFound(err) { - roleBinding = &rbacv1.RoleBinding{ + roleBinding := &rbacv1.RoleBinding{ ObjectMeta: metav1.ObjectMeta{ Name: roleBindingName, }, @@ -508,8 +507,8 @@ func configureSCCs(t *testing.T, client kubernetes.Interface, cfg *config.TestCo } helpers.Cleanup(t, cfg.NoCleanupOnFailure, func() { - client.RbacV1().RoleBindings(namespace).Delete(context.Background(), anyuidRoleBinding, metav1.DeleteOptions{}) - client.RbacV1().RoleBindings(namespace).Delete(context.Background(), privilegedRoleBinding, metav1.DeleteOptions{}) + _ = client.RbacV1().RoleBindings(namespace).Delete(context.Background(), anyuidRoleBinding, metav1.DeleteOptions{}) + _ = client.RbacV1().RoleBindings(namespace).Delete(context.Background(), privilegedRoleBinding, metav1.DeleteOptions{}) }) } diff --git a/test/acceptance/framework/environment/environment.go b/test/acceptance/framework/environment/environment.go index a7dbf0553b..a3349e1aa9 100644 --- a/test/acceptance/framework/environment/environment.go +++ b/test/acceptance/framework/environment/environment.go @@ -85,8 +85,6 @@ type kubernetesContext struct { client kubernetes.Interface options *k8s.KubectlOptions - - logDirectory string } func (k kubernetesContext) KubectlOptions(t *testing.T) *k8s.KubectlOptions { diff --git a/test/acceptance/framework/helpers/helpers.go b/test/acceptance/framework/helpers/helpers.go index b3131ccb89..6314c3025b 100644 --- a/test/acceptance/framework/helpers/helpers.go +++ b/test/acceptance/framework/helpers/helpers.go @@ -57,7 +57,7 @@ func WaitForAllPodsToBeReady(t *testing.T, client kubernetes.Interface, namespac // Sets up a goroutine that will wait for interrupt signals // and call cleanup function when it catches it. func SetupInterruptHandler(cleanup func()) { - c := make(chan os.Signal) + c := make(chan os.Signal, 1) signal.Notify(c, os.Interrupt, syscall.SIGTERM) go func() { <-c diff --git a/test/acceptance/framework/k8s/debug.go b/test/acceptance/framework/k8s/debug.go index 2cbe492893..240598d9b4 100644 --- a/test/acceptance/framework/k8s/debug.go +++ b/test/acceptance/framework/k8s/debug.go @@ -78,23 +78,35 @@ func WritePodsDebugInfoIfFailed(t *testing.T, kubectlOptions *k8s.KubectlOptions // Describe any stateful sets. statefulSets, err := client.AppsV1().StatefulSets(kubectlOptions.Namespace).List(context.Background(), metav1.ListOptions{LabelSelector: labelSelector}) - for _, statefulSet := range statefulSets.Items { - // Describe stateful set and write it to a file. - writeResourceInfoToFile(t, statefulSet.Name, "statefulset", testDebugDirectory, kubectlOptions) + if err != nil { + logger.Log(t, "unable to get statefulsets", "err", err) + } else { + for _, statefulSet := range statefulSets.Items { + // Describe stateful set and write it to a file. + writeResourceInfoToFile(t, statefulSet.Name, "statefulset", testDebugDirectory, kubectlOptions) + } } // Describe any daemonsets. daemonsets, err := client.AppsV1().DaemonSets(kubectlOptions.Namespace).List(context.Background(), metav1.ListOptions{LabelSelector: labelSelector}) - for _, daemonSet := range daemonsets.Items { - // Describe daemon set and write it to a file. - writeResourceInfoToFile(t, daemonSet.Name, "daemonset", testDebugDirectory, kubectlOptions) + if err != nil { + logger.Log(t, "unable to get daemonsets", "err", err) + } else { + for _, daemonSet := range daemonsets.Items { + // Describe daemon set and write it to a file. + writeResourceInfoToFile(t, daemonSet.Name, "daemonset", testDebugDirectory, kubectlOptions) + } } // Describe any deployments. deployments, err := client.AppsV1().Deployments(kubectlOptions.Namespace).List(context.Background(), metav1.ListOptions{LabelSelector: labelSelector}) - for _, deployment := range deployments.Items { - // Describe deployment and write it to a file. - writeResourceInfoToFile(t, deployment.Name, "deployment", testDebugDirectory, kubectlOptions) + if err != nil { + logger.Log(t, "unable to get deployments", "err", err) + } else { + for _, deployment := range deployments.Items { + // Describe deployment and write it to a file. + writeResourceInfoToFile(t, deployment.Name, "deployment", testDebugDirectory, kubectlOptions) + } } } } diff --git a/test/acceptance/tests/connect/connect_inject_namespaces_test.go b/test/acceptance/tests/connect/connect_inject_namespaces_test.go index 2b140be462..f28d80db3c 100644 --- a/test/acceptance/tests/connect/connect_inject_namespaces_test.go +++ b/test/acceptance/tests/connect/connect_inject_namespaces_test.go @@ -198,7 +198,7 @@ func TestConnectInjectNamespaces(t *testing.T) { } logger.Log(t, "creating intention") - _, _, err := consulClient.Connect().IntentionCreate(intention, nil) + _, err := consulClient.Connect().IntentionUpsert(intention, nil) require.NoError(t, err) } diff --git a/test/acceptance/tests/ingress-gateway/ingress_gateway_namespaces_test.go b/test/acceptance/tests/ingress-gateway/ingress_gateway_namespaces_test.go index 0676ecc4d9..9d39a4531f 100644 --- a/test/acceptance/tests/ingress-gateway/ingress_gateway_namespaces_test.go +++ b/test/acceptance/tests/ingress-gateway/ingress_gateway_namespaces_test.go @@ -132,7 +132,7 @@ func TestIngressGatewaySingleNamespace(t *testing.T) { // Now we create the allow intention. logger.Log(t, "creating ingress-gateway => static-server intention") - _, _, err = consulClient.Connect().IntentionCreate(&api.Intention{ + _, err = consulClient.Connect().IntentionUpsert(&api.Intention{ SourceName: "ingress-gateway", SourceNS: testNamespace, DestinationName: "static-server", @@ -252,7 +252,7 @@ func TestIngressGatewayNamespaceMirroring(t *testing.T) { // Now we create the allow intention. logger.Log(t, "creating ingress-gateway => static-server intention") - _, _, err = consulClient.Connect().IntentionCreate(&api.Intention{ + _, err = consulClient.Connect().IntentionUpsert(&api.Intention{ SourceName: "ingress-gateway", SourceNS: "default", DestinationName: "static-server", diff --git a/test/acceptance/tests/ingress-gateway/ingress_gateway_test.go b/test/acceptance/tests/ingress-gateway/ingress_gateway_test.go index 64cebf368d..7354b14202 100644 --- a/test/acceptance/tests/ingress-gateway/ingress_gateway_test.go +++ b/test/acceptance/tests/ingress-gateway/ingress_gateway_test.go @@ -96,7 +96,7 @@ func TestIngressGateway(t *testing.T) { // Now we create the allow intention. logger.Log(t, "creating ingress-gateway => static-server intention") - _, _, err = consulClient.Connect().IntentionCreate(&api.Intention{ + _, err = consulClient.Connect().IntentionUpsert(&api.Intention{ SourceName: "ingress-gateway", DestinationName: "static-server", Action: api.IntentionActionAllow, diff --git a/test/acceptance/tests/mesh-gateway/mesh_gateway_test.go b/test/acceptance/tests/mesh-gateway/mesh_gateway_test.go index 48c56b24fc..97e6b1b4c3 100644 --- a/test/acceptance/tests/mesh-gateway/mesh_gateway_test.go +++ b/test/acceptance/tests/mesh-gateway/mesh_gateway_test.go @@ -249,7 +249,7 @@ func TestMeshGatewaySecure(t *testing.T) { k8s.DeployKustomize(t, primaryContext.KubectlOptions(t), cfg.NoCleanupOnFailure, cfg.DebugDirectory, "../fixtures/cases/static-client-multi-dc") logger.Log(t, "creating intention") - _, _, err = primaryClient.Connect().IntentionCreate(&api.Intention{ + _, err = primaryClient.Connect().IntentionUpsert(&api.Intention{ SourceName: staticClientName, DestinationName: "static-server", Action: api.IntentionActionAllow, diff --git a/test/acceptance/tests/terminating-gateway/terminating_gateway_test.go b/test/acceptance/tests/terminating-gateway/terminating_gateway_test.go index 135b7057cb..0f68de53c3 100644 --- a/test/acceptance/tests/terminating-gateway/terminating_gateway_test.go +++ b/test/acceptance/tests/terminating-gateway/terminating_gateway_test.go @@ -194,7 +194,7 @@ func assertNoConnectionAndAddIntention(t *testing.T, consulClient *api.Client, k k8s.CheckStaticServerConnectionFailing(t, k8sOptions, "http://localhost:1234") logger.Log(t, "creating static-client => static-server intention") - _, _, err := consulClient.Connect().IntentionCreate(&api.Intention{ + _, err := consulClient.Connect().IntentionUpsert(&api.Intention{ SourceName: staticClientName, SourceNS: sourceNS, DestinationName: staticServerName,