google.golang.org/grpc@v1.62.1/test/kokoro/psm-security.sh (about)

     1  #!/usr/bin/env bash
     2  # Copyright 2021 gRPC authors.
     3  #
     4  # Licensed under the Apache License, Version 2.0 (the "License");
     5  # you may not use this file except in compliance with the License.
     6  # You may obtain a copy of the License at
     7  #
     8  #     http://www.apache.org/licenses/LICENSE-2.0
     9  #
    10  # Unless required by applicable law or agreed to in writing, software
    11  # distributed under the License is distributed on an "AS IS" BASIS,
    12  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  # See the License for the specific language governing permissions and
    14  # limitations under the License.
    15  
    16  set -eo pipefail
    17  
    18  # Constants
    19  readonly GITHUB_REPOSITORY_NAME="grpc-go"
    20  readonly TEST_DRIVER_INSTALL_SCRIPT_URL="https://raw.githubusercontent.com/${TEST_DRIVER_REPO_OWNER:-grpc}/psm-interop/${TEST_DRIVER_BRANCH:-main}/.kokoro/psm_interop_kokoro_lib.sh"
    21  ## xDS test server/client Docker images
    22  readonly SERVER_IMAGE_NAME="gcr.io/grpc-testing/xds-interop/go-server"
    23  readonly CLIENT_IMAGE_NAME="gcr.io/grpc-testing/xds-interop/go-client"
    24  readonly FORCE_IMAGE_BUILD="${FORCE_IMAGE_BUILD:-0}"
    25  
    26  #######################################
    27  # Builds test app Docker images and pushes them to GCR
    28  # Globals:
    29  #   SERVER_IMAGE_NAME: Test server Docker image name
    30  #   CLIENT_IMAGE_NAME: Test client Docker image name
    31  #   GIT_COMMIT: SHA-1 of git commit being built
    32  #   TESTING_VERSION: version branch under test, f.e. v1.42.x, master
    33  # Arguments:
    34  #   None
    35  # Outputs:
    36  #   Writes the output of `gcloud builds submit` to stdout, stderr
    37  #######################################
    38  build_test_app_docker_images() {
    39    echo "Building Go xDS interop test app Docker images"
    40    docker build -f "${SRC_DIR}/interop/xds/client/Dockerfile" -t "${CLIENT_IMAGE_NAME}:${GIT_COMMIT}" "${SRC_DIR}"
    41    docker build -f "${SRC_DIR}/interop/xds/server/Dockerfile" -t "${SERVER_IMAGE_NAME}:${GIT_COMMIT}" "${SRC_DIR}"
    42    gcloud -q auth configure-docker
    43    docker push "${CLIENT_IMAGE_NAME}:${GIT_COMMIT}"
    44    docker push "${SERVER_IMAGE_NAME}:${GIT_COMMIT}"
    45    if is_version_branch "${TESTING_VERSION}"; then
    46      tag_and_push_docker_image "${CLIENT_IMAGE_NAME}" "${GIT_COMMIT}" "${TESTING_VERSION}"
    47      tag_and_push_docker_image "${SERVER_IMAGE_NAME}" "${GIT_COMMIT}" "${TESTING_VERSION}"
    48    fi
    49  }
    50  
    51  #######################################
    52  # Builds test app and its docker images unless they already exist
    53  # Globals:
    54  #   SERVER_IMAGE_NAME: Test server Docker image name
    55  #   CLIENT_IMAGE_NAME: Test client Docker image name
    56  #   GIT_COMMIT: SHA-1 of git commit being built
    57  #   FORCE_IMAGE_BUILD
    58  # Arguments:
    59  #   None
    60  # Outputs:
    61  #   Writes the output to stdout, stderr
    62  #######################################
    63  build_docker_images_if_needed() {
    64    # Check if images already exist
    65    server_tags="$(gcloud_gcr_list_image_tags "${SERVER_IMAGE_NAME}" "${GIT_COMMIT}")"
    66    printf "Server image: %s:%s\n" "${SERVER_IMAGE_NAME}" "${GIT_COMMIT}"
    67    echo "${server_tags:-Server image not found}"
    68  
    69    client_tags="$(gcloud_gcr_list_image_tags "${CLIENT_IMAGE_NAME}" "${GIT_COMMIT}")"
    70    printf "Client image: %s:%s\n" "${CLIENT_IMAGE_NAME}" "${GIT_COMMIT}"
    71    echo "${client_tags:-Client image not found}"
    72  
    73    # Build if any of the images are missing, or FORCE_IMAGE_BUILD=1
    74    if [[ "${FORCE_IMAGE_BUILD}" == "1" || -z "${server_tags}" || -z "${client_tags}" ]]; then
    75      build_test_app_docker_images
    76    else
    77      echo "Skipping Go test app build"
    78    fi
    79  }
    80  
    81  #######################################
    82  # Executes the test case
    83  # Globals:
    84  #   TEST_DRIVER_FLAGFILE: Relative path to test driver flagfile
    85  #   KUBE_CONTEXT: The name of kubectl context with GKE cluster access
    86  #   TEST_XML_OUTPUT_DIR: Output directory for the test xUnit XML report
    87  #   SERVER_IMAGE_NAME: Test server Docker image name
    88  #   CLIENT_IMAGE_NAME: Test client Docker image name
    89  #   GIT_COMMIT: SHA-1 of git commit being built
    90  #   TESTING_VERSION: version branch under test: used by the framework to determine the supported PSM
    91  #                    features.
    92  # Arguments:
    93  #   Test case name
    94  # Outputs:
    95  #   Writes the output of test execution to stdout, stderr
    96  #   Test xUnit report to ${TEST_XML_OUTPUT_DIR}/${test_name}/sponge_log.xml
    97  #######################################
    98  run_test() {
    99    # Test driver usage:
   100    # https://github.com/grpc/grpc/tree/master/tools/run_tests/xds_k8s_test_driver#basic-usage
   101    local test_name="${1:?Usage: run_test test_name}"
   102    set -x
   103    local out_dir="${TEST_XML_OUTPUT_DIR}/${test_name}"
   104    mkdir -pv "${out_dir}"
   105    python -m "tests.${test_name}" \
   106      --flagfile="${TEST_DRIVER_FLAGFILE}" \
   107      --kube_context="${KUBE_CONTEXT}" \
   108      --server_image="${SERVER_IMAGE_NAME}:${GIT_COMMIT}" \
   109      --client_image="${CLIENT_IMAGE_NAME}:${GIT_COMMIT}" \
   110      --testing_version="${TESTING_VERSION}" \
   111      --nocheck_local_certs \
   112      --force_cleanup \
   113      --collect_app_logs \
   114      --log_dir="${out_dir}" \
   115      --xml_output_file="${out_dir}/sponge_log.xml" \
   116      |& tee "${out_dir}/sponge_log.log"
   117  }
   118  
   119  #######################################
   120  # Main function: provision software necessary to execute tests, and run them
   121  # Globals:
   122  #   KOKORO_ARTIFACTS_DIR
   123  #   GITHUB_REPOSITORY_NAME
   124  #   SRC_DIR: Populated with absolute path to the source repo
   125  #   TEST_DRIVER_REPO_DIR: Populated with the path to the repo containing
   126  #                         the test driver
   127  #   TEST_DRIVER_FULL_DIR: Populated with the path to the test driver source code
   128  #   TEST_DRIVER_FLAGFILE: Populated with relative path to test driver flagfile
   129  #   TEST_XML_OUTPUT_DIR: Populated with the path to test xUnit XML report
   130  #   GIT_ORIGIN_URL: Populated with the origin URL of git repo used for the build
   131  #   GIT_COMMIT: Populated with the SHA-1 of git commit being built
   132  #   GIT_COMMIT_SHORT: Populated with the short SHA-1 of git commit being built
   133  #   KUBE_CONTEXT: Populated with name of kubectl context with GKE cluster access
   134  # Arguments:
   135  #   None
   136  # Outputs:
   137  #   Writes the output of test execution to stdout, stderr
   138  #######################################
   139  main() {
   140    local script_dir
   141    script_dir="$(dirname "$0")"
   142  
   143    # Source the test driver from the master branch.
   144    echo "Sourcing test driver install script from: ${TEST_DRIVER_INSTALL_SCRIPT_URL}"
   145    source /dev/stdin <<< "$(curl -s "${TEST_DRIVER_INSTALL_SCRIPT_URL}")"
   146  
   147    activate_gke_cluster GKE_CLUSTER_PSM_SECURITY
   148  
   149    set -x
   150    if [[ -n "${KOKORO_ARTIFACTS_DIR}" ]]; then
   151      kokoro_setup_test_driver "${GITHUB_REPOSITORY_NAME}"
   152    else
   153      local_setup_test_driver "${script_dir}"
   154    fi
   155    build_docker_images_if_needed
   156    # Run tests
   157    cd "${TEST_DRIVER_FULL_DIR}"
   158    local failed_tests=0
   159    test_suites=("baseline_test" "security_test" "authz_test")
   160    for test in "${test_suites[@]}"; do
   161      run_test $test || (( ++failed_tests ))
   162    done
   163    echo "Failed test suites: ${failed_tests}"
   164  }
   165  
   166  main "$@"