istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/ambient/cnirepair/main_test.go (about)

     1  //go:build integ
     2  // +build integ
     3  
     4  // Copyright Istio Authors
     5  //
     6  // Licensed under the Apache License, Version 2.0 (the "License");
     7  // you may not use this file except in compliance with the License.
     8  // You may obtain a copy of the License at
     9  //
    10  //     http://www.apache.org/licenses/LICENSE-2.0
    11  //
    12  // Unless required by applicable law or agreed to in writing, software
    13  // distributed under the License is distributed on an "AS IS" BASIS,
    14  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    15  // See the License for the specific language governing permissions and
    16  // limitations under the License.
    17  
    18  package cnirepair
    19  
    20  import (
    21  	"testing"
    22  
    23  	"istio.io/istio/pkg/config/constants"
    24  	"istio.io/istio/pkg/test/framework"
    25  	"istio.io/istio/pkg/test/framework/components/echo"
    26  	common_deploy "istio.io/istio/pkg/test/framework/components/echo/common/deployment"
    27  	"istio.io/istio/pkg/test/framework/components/echo/common/ports"
    28  	"istio.io/istio/pkg/test/framework/components/echo/deployment"
    29  	"istio.io/istio/pkg/test/framework/components/echo/match"
    30  	"istio.io/istio/pkg/test/framework/components/istio"
    31  	"istio.io/istio/pkg/test/framework/components/namespace"
    32  	"istio.io/istio/pkg/test/framework/label"
    33  	"istio.io/istio/pkg/test/framework/resource"
    34  	"istio.io/istio/pkg/test/scopes"
    35  	"istio.io/istio/tests/integration/pilot/common"
    36  	"istio.io/istio/tests/integration/security/util/cert"
    37  )
    38  
    39  var (
    40  	i istio.Instance
    41  
    42  	// Below are various preconfigured echo deployments. Whenever possible, tests should utilize these
    43  	// to avoid excessive creation/tear down of deployments. In general, a test should only deploy echo if
    44  	// its doing something unique to that specific test.
    45  	apps = &EchoDeployments{}
    46  )
    47  
    48  type EchoDeployments struct {
    49  	// Namespace echo apps will be deployed
    50  	Namespace namespace.Instance
    51  	// Captured echo service
    52  	Captured echo.Instances
    53  	// Uncaptured echo Service
    54  	Uncaptured echo.Instances
    55  	// SidecarCaptured echo services with sidecar and ambient capture
    56  	SidecarCaptured echo.Instances
    57  	// SidecarUncaptured echo services with sidecar and no ambient capture
    58  	SidecarUncaptured echo.Instances
    59  
    60  	// All echo services
    61  	All echo.Instances
    62  }
    63  
    64  // TestMain defines the entrypoint for pilot tests using a standard Istio installation.
    65  // If a test requires a custom install it should go into its own package, otherwise it should go
    66  // here to reuse a single install across tests.
    67  func TestMain(m *testing.M) {
    68  	// nolint: staticcheck
    69  	framework.
    70  		NewSuite(m).
    71  		RequireMinVersion(24).
    72  		Label(label.IPv4). // https://github.com/istio/istio/issues/41008
    73  		Setup(func(t resource.Context) error {
    74  			t.Settings().Ambient = true
    75  			return nil
    76  		}).
    77  		Setup(istio.Setup(&i, func(ctx resource.Context, cfg *istio.Config) {
    78  			// can't deploy VMs without eastwest gateway
    79  			ctx.Settings().SkipVMs()
    80  			cfg.EnableCNI = true
    81  			cfg.DeployEastWestGW = false
    82  			cfg.ControlPlaneValues = `
    83  values:
    84    cni:
    85      repair:
    86        enabled: true
    87    ztunnel:
    88      terminationGracePeriodSeconds: 5
    89      env:
    90        SECRET_TTL: 5m
    91  `
    92  		}, cert.CreateCASecretAlt)).
    93  		Setup(func(t resource.Context) error {
    94  			return SetupApps(t, i, apps)
    95  		}).
    96  		Run()
    97  }
    98  
    99  const (
   100  	Captured          = "captured"
   101  	Uncaptured        = "uncaptured"
   102  	SidecarCaptured   = "sidecar-captured"
   103  	SidecarUncaptured = "sidecar-uncaptured"
   104  )
   105  
   106  func SetupApps(t resource.Context, i istio.Instance, apps *EchoDeployments) error {
   107  	var err error
   108  	apps.Namespace, err = namespace.New(t, namespace.Config{
   109  		Prefix: "echo",
   110  		Inject: false,
   111  		Labels: map[string]string{
   112  			constants.DataplaneModeLabel: "ambient",
   113  		},
   114  	})
   115  	if err != nil {
   116  		return err
   117  	}
   118  
   119  	builder := deployment.New(t).
   120  		WithClusters(t.Clusters()...).
   121  		WithConfig(echo.Config{
   122  			Service:        Captured,
   123  			Namespace:      apps.Namespace,
   124  			Ports:          ports.All(),
   125  			ServiceAccount: true,
   126  			Subsets: []echo.SubsetConfig{
   127  				{
   128  					Replicas: 1,
   129  					Version:  "v1",
   130  				},
   131  				{
   132  					Replicas: 1,
   133  					Version:  "v2",
   134  				},
   135  			},
   136  		}).
   137  		WithConfig(echo.Config{
   138  			Service:        Uncaptured,
   139  			Namespace:      apps.Namespace,
   140  			Ports:          ports.All(),
   141  			ServiceAccount: true,
   142  			Subsets: []echo.SubsetConfig{
   143  				{
   144  					Replicas: 1,
   145  					Version:  "v1",
   146  					Labels:   map[string]string{constants.DataplaneModeLabel: constants.DataplaneModeNone},
   147  				},
   148  				{
   149  					Replicas: 1,
   150  					Version:  "v2",
   151  					Labels:   map[string]string{constants.DataplaneModeLabel: constants.DataplaneModeNone},
   152  				},
   153  			},
   154  		}).
   155  		WithConfig(echo.Config{
   156  			Service:        SidecarUncaptured,
   157  			Namespace:      apps.Namespace,
   158  			Ports:          ports.All(),
   159  			ServiceAccount: true,
   160  			Subsets: []echo.SubsetConfig{
   161  				{
   162  					Replicas: 1,
   163  					Version:  "v1",
   164  					Labels: map[string]string{
   165  						"sidecar.istio.io/inject":    "true",
   166  						constants.DataplaneModeLabel: constants.DataplaneModeNone,
   167  					},
   168  				},
   169  				{
   170  					Replicas: 1,
   171  					Version:  "v2",
   172  					Labels: map[string]string{
   173  						"sidecar.istio.io/inject":    "true",
   174  						constants.DataplaneModeLabel: constants.DataplaneModeNone,
   175  					},
   176  				},
   177  			},
   178  		})
   179  
   180  	// Build the applications
   181  	echos, err := builder.Build()
   182  	if err != nil {
   183  		return err
   184  	}
   185  	for _, b := range echos {
   186  		scopes.Framework.Infof("built %v", b.Config().Service)
   187  	}
   188  
   189  	apps.All = echos
   190  	apps.Uncaptured = match.ServiceName(echo.NamespacedName{Name: Uncaptured, Namespace: apps.Namespace}).GetMatches(echos)
   191  	apps.Captured = match.ServiceName(echo.NamespacedName{Name: Captured, Namespace: apps.Namespace}).GetMatches(echos)
   192  	apps.SidecarUncaptured = match.ServiceName(echo.NamespacedName{Name: SidecarUncaptured, Namespace: apps.Namespace}).GetMatches(echos)
   193  	apps.SidecarCaptured = match.ServiceName(echo.NamespacedName{Name: SidecarCaptured, Namespace: apps.Namespace}).GetMatches(echos)
   194  
   195  	return nil
   196  }
   197  
   198  func TestTrafficWithCNIRepair(t *testing.T) {
   199  	framework.NewTest(t).
   200  		TopLevel().
   201  		Run(func(t framework.TestContext) {
   202  			apps := common_deploy.NewOrFail(t, t, common_deploy.Config{
   203  				NoExternalNamespace: true,
   204  				IncludeExtAuthz:     false,
   205  			})
   206  			common.RunAllTrafficTests(t, i, apps.SingleNamespaceView())
   207  		})
   208  }