gitee.com/ks-custle/core-gm@v0.0.0-20230922171213-b83bdd97b62c/grpc/test/kokoro/psm-security.sh

gitee.com/ks-custle/core-gm@v0.0.0-20230922171213-b83bdd97b62c/grpc/test/kokoro/psm-security.sh (about)

     1  #!/usr/bin/env bash
     2  # Copyright 2021 gRPC authors.
     3  #
     4  # Licensed under the Apache License, Version 2.0 (the "License");
     5  # you may not use this file except in compliance with the License.
     6  # You may obtain a copy of the License at
     7  #
     8  #     http://www.apache.org/licenses/LICENSE-2.0
     9  #
    10  # Unless required by applicable law or agreed to in writing, software
    11  # distributed under the License is distributed on an "AS IS" BASIS,
    12  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  # See the License for the specific language governing permissions and
    14  # limitations under the License.
    15  
    16  set -eo pipefail
    17  
    18  # Constants
    19  readonly GITHUB_REPOSITORY_NAME="grpc-go"
    20  readonly TEST_DRIVER_INSTALL_SCRIPT_URL="https://raw.githubusercontent.com/${TEST_DRIVER_REPO_OWNER:-grpc}/grpc/${TEST_DRIVER_BRANCH:-master}/tools/internal_ci/linux/grpc_xds_k8s_install_test_driver.sh"
    21  ## xDS test server/client Docker images
    22  readonly SERVER_IMAGE_NAME="gcr.io/grpc-testing/xds-interop/go-server"
    23  readonly CLIENT_IMAGE_NAME="gcr.io/grpc-testing/xds-interop/go-client"
    24  readonly FORCE_IMAGE_BUILD="${FORCE_IMAGE_BUILD:-0}"
    25  
    26  #######################################
    27  # Builds test app Docker images and pushes them to GCR
    28  # Globals:
    29  #   SERVER_IMAGE_NAME: Test server Docker image name
    30  #   CLIENT_IMAGE_NAME: Test client Docker image name
    31  #   GIT_COMMIT: SHA-1 of git commit being built
    32  # Arguments:
    33  #   None
    34  # Outputs:
    35  #   Writes the output of `gcloud builds submit` to stdout, stderr
    36  #######################################
    37  build_test_app_docker_images() {
    38    echo "Building Go xDS interop test app Docker images"
    39    docker build -f "${SRC_DIR}/interop/xds/client/Dockerfile" -t "${CLIENT_IMAGE_NAME}:${GIT_COMMIT}" "${SRC_DIR}"
    40    docker build -f "${SRC_DIR}/interop/xds/server/Dockerfile" -t "${SERVER_IMAGE_NAME}:${GIT_COMMIT}" "${SRC_DIR}"
    41    gcloud -q auth configure-docker
    42    docker push "${CLIENT_IMAGE_NAME}:${GIT_COMMIT}"
    43    docker push "${SERVER_IMAGE_NAME}:${GIT_COMMIT}"
    44    if [[ -n $KOKORO_JOB_NAME ]]; then
    45      branch_name=$(echo "$KOKORO_JOB_NAME" | sed -E 's|^grpc/go/([^/]+)/.*|\1|')
    46      tag_and_push_docker_image "${CLIENT_IMAGE_NAME}" "${GIT_COMMIT}" "${branch_name}"
    47      tag_and_push_docker_image "${SERVER_IMAGE_NAME}" "${GIT_COMMIT}" "${branch_name}"
    48    fi
    49  }
    50  
    51  #######################################
    52  # Builds test app and its docker images unless they already exist
    53  # Globals:
    54  #   SERVER_IMAGE_NAME: Test server Docker image name
    55  #   CLIENT_IMAGE_NAME: Test client Docker image name
    56  #   GIT_COMMIT: SHA-1 of git commit being built
    57  #   FORCE_IMAGE_BUILD
    58  # Arguments:
    59  #   None
    60  # Outputs:
    61  #   Writes the output to stdout, stderr
    62  #######################################
    63  build_docker_images_if_needed() {
    64    # Check if images already exist
    65    server_tags="$(gcloud_gcr_list_image_tags "${SERVER_IMAGE_NAME}" "${GIT_COMMIT}")"
    66    printf "Server image: %s:%s\n" "${SERVER_IMAGE_NAME}" "${GIT_COMMIT}"
    67    echo "${server_tags:-Server image not found}"
    68  
    69    client_tags="$(gcloud_gcr_list_image_tags "${CLIENT_IMAGE_NAME}" "${GIT_COMMIT}")"
    70    printf "Client image: %s:%s\n" "${CLIENT_IMAGE_NAME}" "${GIT_COMMIT}"
    71    echo "${client_tags:-Client image not found}"
    72  
    73    # Build if any of the images are missing, or FORCE_IMAGE_BUILD=1
    74    if [[ "${FORCE_IMAGE_BUILD}" == "1" || -z "${server_tags}" || -z "${client_tags}" ]]; then
    75      build_test_app_docker_images
    76    else
    77      echo "Skipping Go test app build"
    78    fi
    79  }
    80  
    81  #######################################
    82  # Executes the test case
    83  # Globals:
    84  #   TEST_DRIVER_FLAGFILE: Relative path to test driver flagfile
    85  #   KUBE_CONTEXT: The name of kubectl context with GKE cluster access
    86  #   TEST_XML_OUTPUT_DIR: Output directory for the test xUnit XML report
    87  #   SERVER_IMAGE_NAME: Test server Docker image name
    88  #   CLIENT_IMAGE_NAME: Test client Docker image name
    89  #   GIT_COMMIT: SHA-1 of git commit being built
    90  # Arguments:
    91  #   Test case name
    92  # Outputs:
    93  #   Writes the output of test execution to stdout, stderr
    94  #   Test xUnit report to ${TEST_XML_OUTPUT_DIR}/${test_name}/sponge_log.xml
    95  #######################################
    96  run_test() {
    97    # Test driver usage:
    98    # https://github.com/grpc/grpc/tree/master/tools/run_tests/xds_k8s_test_driver#basic-usage
    99    local test_name="${1:?Usage: run_test test_name}"
   100    set -x
   101    python -m "tests.${test_name}" \
   102      --flagfile="${TEST_DRIVER_FLAGFILE}" \
   103      --kube_context="${KUBE_CONTEXT}" \
   104      --server_image="${SERVER_IMAGE_NAME}:${GIT_COMMIT}" \
   105      --client_image="${CLIENT_IMAGE_NAME}:${GIT_COMMIT}" \
   106      --xml_output_file="${TEST_XML_OUTPUT_DIR}/${test_name}/sponge_log.xml" \
   107      --force_cleanup \
   108      --nocheck_local_certs
   109    set +x
   110  }
   111  
   112  #######################################
   113  # Main function: provision software necessary to execute tests, and run them
   114  # Globals:
   115  #   KOKORO_ARTIFACTS_DIR
   116  #   GITHUB_REPOSITORY_NAME
   117  #   SRC_DIR: Populated with absolute path to the source repo
   118  #   TEST_DRIVER_REPO_DIR: Populated with the path to the repo containing
   119  #                         the test driver
   120  #   TEST_DRIVER_FULL_DIR: Populated with the path to the test driver source code
   121  #   TEST_DRIVER_FLAGFILE: Populated with relative path to test driver flagfile
   122  #   TEST_XML_OUTPUT_DIR: Populated with the path to test xUnit XML report
   123  #   GIT_ORIGIN_URL: Populated with the origin URL of git repo used for the build
   124  #   GIT_COMMIT: Populated with the SHA-1 of git commit being built
   125  #   GIT_COMMIT_SHORT: Populated with the short SHA-1 of git commit being built
   126  #   KUBE_CONTEXT: Populated with name of kubectl context with GKE cluster access
   127  # Arguments:
   128  #   None
   129  # Outputs:
   130  #   Writes the output of test execution to stdout, stderr
   131  #######################################
   132  main() {
   133    local script_dir
   134    script_dir="$(dirname "$0")"
   135  
   136    # Source the test driver from the master branch.
   137    echo "Sourcing test driver install script from: ${TEST_DRIVER_INSTALL_SCRIPT_URL}"
   138    source /dev/stdin <<< "$(curl -s "${TEST_DRIVER_INSTALL_SCRIPT_URL}")"
   139  
   140    activate_gke_cluster GKE_CLUSTER_PSM_SECURITY
   141  
   142    set -x
   143    if [[ -n "${KOKORO_ARTIFACTS_DIR}" ]]; then
   144      kokoro_setup_test_driver "${GITHUB_REPOSITORY_NAME}"
   145    else
   146      local_setup_test_driver "${script_dir}"
   147    fi
   148    build_docker_images_if_needed
   149    # Run tests
   150    cd "${TEST_DRIVER_FULL_DIR}"
   151    run_test baseline_test
   152    run_test security_test
   153    run_test authz_test
   154  }
   155  
   156  main "$@"