From cbe1f5a77cd4841169c10c03a83eb0748d65e3fe Mon Sep 17 00:00:00 2001 From: Jonathan Hess Date: Fri, 21 Mar 2025 13:09:13 -0600 Subject: [PATCH 1/2] test: Fix kubernetes cleanup in the test environment to avoid hanging tests. --- Makefile | 14 ++++++------ infra/permissions/main.tf | 6 ++++++ tools/delete-test-namespaces.sh | 38 +++++++++++++++++++++++++++++++++ tools/e2e_test_job.sh | 5 +++++ 4 files changed, 55 insertions(+), 8 deletions(-) create mode 100644 tools/delete-test-namespaces.sh diff --git a/Makefile b/Makefile index 18a36463..0bfddba9 100644 --- a/Makefile +++ b/Makefile @@ -372,17 +372,15 @@ e2e_test_run_gotest: # Run the golang e2e tests .PHONY: e2e_cleanup_test_namespaces e2e_cleanup_test_namespaces: e2e_project kustomize kubectl # remove e2e test namespaces named "test*" - ( $(E2E_KUBECTL) get ns -o=name | \ - grep namespace/test | \ - $(E2E_KUBECTL_ENV) xargs $(KUBECTL) delete ) || true - ( $(E2E_PRIVATE_KUBECTL) get ns -o=name | \ - grep namespace/test | \ - $(E2E_PRIVATE_KUBECTL_ENV) xargs $(KUBECTL) delete ) || true + $(E2E_PRIVATE_KUBECTL_ENV) KUBECTL=$(KUBECTL) $(PWD)/tools/delete-test-namespaces.sh + $(E2E_KUBECTL_ENV) KUBECTL=$(KUBECTL) $(PWD)/tools/delete-test-namespaces.sh .PHONY: e2e_undeploy e2e_undeploy: e2e_project kustomize kubectl $(E2E_WORK_DIR) # Remove the operator from the GKE cluster - $(E2E_KUBECTL) delete -f $(E2E_WORK_DIR)/operator.yaml - $(E2E_PRIVATE_KUBECTL) delete -f $(E2E_WORK_DIR)/operator.yaml + $(E2E_KUBECTL) delete -f $(E2E_WORK_DIR)/operator.yaml --timeout=30s || true + $(E2E_KUBECTL_ENV) KUBECTL=$(KUBECTL) $(PWD)/tools/delete-test-namespaces.sh namespace/cloud-sql-proxy-operator-system + $(E2E_PRIVATE_KUBECTL) delete -f $(E2E_WORK_DIR)/operator.yaml --timeout=30s || true + $(E2E_PRIVATE_KUBECTL_ENV) KUBECTL=$(KUBECTL) $(PWD)/tools/delete-test-namespaces.sh namespace/cloud-sql-proxy-operator-system ### # Build the operator docker image and push it to the diff --git a/infra/permissions/main.tf b/infra/permissions/main.tf index 856f26fb..a82279a8 100644 --- a/infra/permissions/main.tf +++ b/infra/permissions/main.tf @@ -76,6 +76,12 @@ resource "google_project_iam_member" "allow_image_pull" { role = "roles/artifactregistry.reader" member = "serviceAccount:${google_service_account.node_pool.email}" } +resource "google_project_iam_member" "default_node_service_acct" { + depends_on = [google_project_service.project["iam.googleapis.com"]] + project = var.project_id + role = "roles/container.defaultNodeServiceAccount" + member = "serviceAccount:${google_service_account.node_pool.email}" +} resource "google_project_iam_binding" "cloud_sql_client" { depends_on = [google_project_service.project["iam.googleapis.com"]] diff --git a/tools/delete-test-namespaces.sh b/tools/delete-test-namespaces.sh new file mode 100644 index 00000000..2591bb7b --- /dev/null +++ b/tools/delete-test-namespaces.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash +set -euxo pipefail +KUBECTL=${KUBECTL:-bin/kubectl} +export USE_GKE_E2E_AUTH_PLUGIN=True +export KUBECONFIG=${KUBECONFIG:-bin/e2e-kubeconfig.yaml} + +mkdir -p bin/ns +function remove_ns(){ + # Check that the namespace exists, return if not. + if ! $KUBECTL get namespace "$1" ; then + return + fi + + # Tell kubernetes to delete the namespace, If it times out, force delete. + if ! $KUBECTL delete namespace "$1" --timeout=10s ; then + + # Get the namespace, remove finalizers from the namespace spec. + $KUBECTL get namespace "$1" -o json | \ + jq '.spec.finalizers = []' > "bin/ns/$1.json" + + # Force update the namespace resource, removing finalizers. + # This will allow Kubernetes to continue the deletion of the resource. + $KUBECTL replace --raw "/api/v1/namespaces/$1/finalize" -f "bin/ns/$1.json" + fi + +} + + +if [[ ${#@} -gt 0 ]] ; then + remove_ns "$1" +else + namespaces=( $( $KUBECTL get ns -o=name | grep namespace/test ) ) + for ns in ${namespaces[*]} ; do + ns="${ns#*/}" # remove "namespace/" from the beginning of the string + echo "Deleting $ns" + remove_ns "$ns" + done +fi \ No newline at end of file diff --git a/tools/e2e_test_job.sh b/tools/e2e_test_job.sh index 17b2bb45..5b036ab6 100755 --- a/tools/e2e_test_job.sh +++ b/tools/e2e_test_job.sh @@ -58,6 +58,11 @@ set -x echo "TIME: $(date) Run Tests" echo "Running tests on environment ${ENVIRONMENT_NAME:-undefined}" +# Force cleanup of the existing resources before running tests. +echo "Cleaning up the test resources from past runs" +make e2e_test_clean >> bin/e2e_test.log || true + +echo "Starting the tests" # Run e2e test, filtering the stdout so that it only logs go test results. if make e2e_test_job > bin/e2e_test.log 2>&1 ; then echo "STATUS: E2E Test Passed" From 071b02ef028230bb967a5abd0071963bd413060a Mon Sep 17 00:00:00 2001 From: Jonathan Hess Date: Fri, 21 Mar 2025 13:09:13 -0600 Subject: [PATCH 2/2] deps: Update go to 1.23.0 --- .github/workflows/codeql.yml | 2 +- .github/workflows/tests-main.yaml | 4 ++-- .github/workflows/tests.yaml | 4 ++-- Makefile | 2 +- go.mod | 2 +- tools/delete-test-namespaces.sh | 17 ++++++++++++++++- tools/e2e_test_job.sh | 4 ---- 7 files changed, 23 insertions(+), 12 deletions(-) mode change 100644 => 100755 tools/delete-test-namespaces.sh diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5d83b337..ca6bcd38 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -47,7 +47,7 @@ jobs: - name: Setup Go uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: "1.22" + go-version: "1.23" if: ${{ matrix.language == 'go' }} # Initializes the CodeQL tools for scanning. diff --git a/.github/workflows/tests-main.yaml b/.github/workflows/tests-main.yaml index a0a8efd5..44bdd9d7 100644 --- a/.github/workflows/tests-main.yaml +++ b/.github/workflows/tests-main.yaml @@ -40,7 +40,7 @@ jobs: - name: Setup Go uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: "1.22" + go-version: "1.23" - name: Set up build.env with phony secrets. run: cp build.sample.env build.env - name: make test @@ -90,7 +90,7 @@ jobs: - name: "Setup Go" uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: "1.22" + go-version: "1.23" - name: Set up QEMU uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index edc6ac57..21913528 100644 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -28,7 +28,7 @@ jobs: - name: Setup Go uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: "1.22" + go-version: "1.23" - name: Checkout code uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: @@ -69,7 +69,7 @@ jobs: - name: Setup Go uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: - go-version: "1.22" + go-version: "1.23" - name: Set up QEMU uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx diff --git a/Makefile b/Makefile index 0bfddba9..e398d5b8 100644 --- a/Makefile +++ b/Makefile @@ -293,7 +293,7 @@ e2e_test_clean: e2e_cleanup_test_namespaces e2e_undeploy ## Remove all operator e2e_teardown: e2e_cluster_destroy ## Remove the test infrastructure for e2e tests from the Google Cloud Project .PHONY: e2e_test_job -e2e_test_job: e2e_setup_job e2e_build_deploy e2e_test_run +e2e_test_job: e2e_setup_job e2e_test_clean e2e_build_deploy e2e_test_run .PHONY: e2e_setup_job e2e_setup_job: e2e_project e2e_cluster_job e2e_cert_manager_deploy diff --git a/go.mod b/go.mod index 7d91cea8..6e736c18 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/GoogleCloudPlatform/cloud-sql-proxy-operator -go 1.22 +go 1.23.0 require ( github.com/go-logr/logr v1.4.1 diff --git a/tools/delete-test-namespaces.sh b/tools/delete-test-namespaces.sh old mode 100644 new mode 100755 index 2591bb7b..b6c61b85 --- a/tools/delete-test-namespaces.sh +++ b/tools/delete-test-namespaces.sh @@ -1,4 +1,18 @@ #!/usr/bin/env bash +# Copyright 2025 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + set -euxo pipefail KUBECTL=${KUBECTL:-bin/kubectl} export USE_GKE_E2E_AUTH_PLUGIN=True @@ -29,7 +43,8 @@ function remove_ns(){ if [[ ${#@} -gt 0 ]] ; then remove_ns "$1" else - namespaces=( $( $KUBECTL get ns -o=name | grep namespace/test ) ) + ( $KUBECTL get ns -o=name | grep namespace/test > bin/ns/list.txt ) || true + namespaces=( $( cat bin/ns/list.txt ) ) for ns in ${namespaces[*]} ; do ns="${ns#*/}" # remove "namespace/" from the beginning of the string echo "Deleting $ns" diff --git a/tools/e2e_test_job.sh b/tools/e2e_test_job.sh index 5b036ab6..563432ad 100755 --- a/tools/e2e_test_job.sh +++ b/tools/e2e_test_job.sh @@ -58,10 +58,6 @@ set -x echo "TIME: $(date) Run Tests" echo "Running tests on environment ${ENVIRONMENT_NAME:-undefined}" -# Force cleanup of the existing resources before running tests. -echo "Cleaning up the test resources from past runs" -make e2e_test_clean >> bin/e2e_test.log || true - echo "Starting the tests" # Run e2e test, filtering the stdout so that it only logs go test results. if make e2e_test_job > bin/e2e_test.log 2>&1 ; then