From d0b8d65cdea15ef7fc0a431add4701ac817da5f2 Mon Sep 17 00:00:00 2001 From: Cédric Ollivier Date: Tue, 16 Jan 2024 13:59:48 +0100 Subject: Enforce baseline psp for cnf_testsuite MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It would be better not to change the default namespace. Change-Id: I9fde052d4dd7e0e4f6551213e2028c91c0296e42 Signed-off-by: Cédric Ollivier --- functest_kubernetes/cnf_conformance/conformance.py | 19 ++++++++++++++++++- functest_kubernetes/netperf/netperf.py | 4 +++- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/functest_kubernetes/cnf_conformance/conformance.py b/functest_kubernetes/cnf_conformance/conformance.py index a937ca49..7832e5c8 100644 --- a/functest_kubernetes/cnf_conformance/conformance.py +++ b/functest_kubernetes/cnf_conformance/conformance.py @@ -25,12 +25,14 @@ import subprocess import time import yaml +from kubernetes import client +from kubernetes import config import prettytable - from xtesting.core import testcase class CNFConformance(testcase.TestCase): + # pylint: disable=too-many-instance-attributes """ Implement CNF Conformance driver. https://hackmd.io/@vulk/SkY54QnsU @@ -44,6 +46,8 @@ class CNFConformance(testcase.TestCase): def __init__(self, **kwargs): super().__init__(**kwargs) + config.load_kube_config() + self.corev1 = client.CoreV1Api() self.output_log_name = 'functest-kubernetes.log' self.output_debug_log_name = 'functest-kubernetes.debug.log' @@ -59,6 +63,13 @@ class CNFConformance(testcase.TestCase): """Implement initialization and pre-reqs steps""" if os.path.exists(os.path.join(self.src_dir, "results")): shutil.rmtree(os.path.join(self.src_dir, "results")) + for namespace in ["cnf-testsuite", "default", "litmus"]: + api_response = self.corev1.create_namespace( + client.V1Namespace(metadata=client.V1ObjectMeta( + generate_name=namespace, labels={ + "pod-security.kubernetes.io/enforce": "baseline"}))) + self.__logger.debug( + "create_namespace: %s", api_response.metadata.name) os.chdir(self.src_dir) cmd = ['cnf-testsuite', 'setup', '-l', 'debug'] try: @@ -136,3 +147,9 @@ class CNFConformance(testcase.TestCase): 'cnf-config=cnf-testsuite.yml'] output = subprocess.check_output(cmd, stderr=subprocess.STDOUT) self.__logger.info("%s\n%s", " ".join(cmd), output.decode("utf-8")) + try: + for namespace in ["cnf-testsuite", "litmus"]: + self.corev1.delete_namespace(namespace) + self.__logger.debug("delete_namespace: %s", namespace) + except client.rest.ApiException: + pass diff --git a/functest_kubernetes/netperf/netperf.py b/functest_kubernetes/netperf/netperf.py index 5923cb78..05976325 100644 --- a/functest_kubernetes/netperf/netperf.py +++ b/functest_kubernetes/netperf/netperf.py @@ -25,6 +25,7 @@ from xtesting.core import testcase class Netperf(testcase.TestCase): + # pylint: disable=too-many-instance-attributes """Run Benchmarking Kubernetes Networking Performance""" ns_generate_name = "netperf-" @@ -36,6 +37,7 @@ class Netperf(testcase.TestCase): self.corev1 = client.CoreV1Api() self.output_log_name = 'functest-kubernetes.log' self.output_debug_log_name = 'functest-kubernetes.debug.log' + self.namespace = '' def check_requirements(self): """Check if launch is in $PATH""" @@ -87,7 +89,7 @@ class Netperf(testcase.TestCase): def clean(self): if self.namespace: try: - api_response = self.corev1.delete_namespace(self.namespace) + self.corev1.delete_namespace(self.namespace) self.__logger.debug("delete_namespace: %s", self.namespace) except client.rest.ApiException: pass -- cgit 1.2.3-korg