From d37cd89d0fdcd4a23ac7e91dfb97d6bdc6e25c55 Mon Sep 17 00:00:00 2001 From: Ruochen Date: Fri, 8 Jul 2022 16:53:32 +0800 Subject: [PATCH] [Multicast] use real external node in multicast e2e --- .github/AREA-OWNERS | 124 ---- .github/ISSUE_TEMPLATE/bug_report.md | 38 - .github/ISSUE_TEMPLATE/feature_request.md | 17 - .github/ISSUE_TEMPLATE/proposal.md | 29 - .github/ISSUE_TEMPLATE/support_request.md | 11 - .github/dependabot.yml | 22 - .github/workflows/benchmark.yml | 27 - .github/workflows/build.yml | 217 ------ .github/workflows/build_tag.yml | 135 ---- .github/workflows/cancel_workflows.yml | 16 - .github/workflows/clair.yml | 37 - .github/workflows/dependabot.yml | 56 -- .github/workflows/docker_update_ethtool.yml | 43 -- .../docker_update_flow_visibility.yml | 52 -- .github/workflows/go.yml | 311 -------- .github/workflows/golicense.yml | 67 -- .github/workflows/kind.yml | 684 ------------------ .github/workflows/lifecycle_management.yml | 32 - .github/workflows/netpol_cyclonus.yml | 30 - .github/workflows/process_release.yml | 310 -------- .github/workflows/reviews.yml | 37 - .github/workflows/update_changelog.yml | 60 -- .github/workflows/verify_docs.yml | 30 - .github/workflows/website.yml | 25 - ci/jenkins/external-hosts-config.yml | 8 + ci/jenkins/test.sh | 68 +- test/e2e/antreapolicy_test.go | 18 +- test/e2e/fixtures.go | 6 + test/e2e/framework.go | 72 +- test/e2e/main_test.go | 7 + test/e2e/multicast_test.go | 238 +++--- 31 files changed, 285 insertions(+), 2542 deletions(-) delete mode 100644 .github/AREA-OWNERS delete mode 100644 .github/ISSUE_TEMPLATE/bug_report.md delete mode 100644 .github/ISSUE_TEMPLATE/feature_request.md delete mode 100644 .github/ISSUE_TEMPLATE/proposal.md delete mode 100644 .github/ISSUE_TEMPLATE/support_request.md delete mode 100644 .github/dependabot.yml delete mode 100644 .github/workflows/benchmark.yml delete mode 100644 .github/workflows/build.yml delete mode 100644 .github/workflows/build_tag.yml delete mode 100644 .github/workflows/cancel_workflows.yml delete mode 100644 .github/workflows/clair.yml delete mode 100644 .github/workflows/dependabot.yml delete mode 100644 .github/workflows/docker_update_ethtool.yml delete mode 100644 .github/workflows/docker_update_flow_visibility.yml delete mode 100644 .github/workflows/go.yml delete mode 100644 .github/workflows/golicense.yml delete mode 100644 .github/workflows/kind.yml delete mode 100644 .github/workflows/lifecycle_management.yml delete mode 100644 .github/workflows/netpol_cyclonus.yml delete mode 100644 .github/workflows/process_release.yml delete mode 100644 .github/workflows/reviews.yml delete mode 100644 .github/workflows/update_changelog.yml delete mode 100644 .github/workflows/verify_docs.yml delete mode 100644 .github/workflows/website.yml create mode 100644 ci/jenkins/external-hosts-config.yml diff --git a/.github/AREA-OWNERS b/.github/AREA-OWNERS deleted file mode 100644 index fdb51d0051d..00000000000 --- a/.github/AREA-OWNERS +++ /dev/null @@ -1,124 +0,0 @@ -maintainers: -- antoninbas -- jianjuns -- tnqn -- salv-orlando - -# Any antrea-io org member can add themselves to this list by opening a PR. -reviewers: - area/api: - - antoninbas - - jianjuns - area/component/octant: - - mengdie-song - area/flow-visibility*: - - dreamtalen - - zyiou - area/grouping: - - Dyanngg - area/ipam: - - annakhm - - gran-vmv - - ksamoray - area/multi-cluster: - - luolanzone - - aravindakidambi - area/network-policy*: - - Dyanngg - - GraysonWu - - qiyueyao - area/network-policy/api: - - antoninbas - - Dyanngg - - GraysonWu - - jianjuns - area/octant: - - mengdie-song - area/ops/traceflow: - - gran-vmv - area/OS/windows: - - lzhecheng - area/ovs*: - - antoninbas - - GraysonWu - area/proxy*: - - hongliangl - area/proxy/nodeport: - - chauhanshubham - - monotosh-avi - area/transit/encryption: - - luolanzone - - xliuxu - area/test/*: - - lzhecheng - area/transit/egress: - - antoninbas - - wenqiq - area/transit/ipv6: - - wenyingd - - lzhecheng - -# Any approver is also a reviewer. -# Maintainers can promote reviewers to approvers. -# If an area has reviewers but no approvers, approver list will default to maintainers. -approvers: - area/api: - - tnqn - area/arch/arm: - - antoninbas - area/build-release: - - antoninbas - area/component/antctl: - - antoninbas - - jianjuns - - tnqn - area/component/cni: - - tnqn - area/flow-visibility*: - - antoninbas - - srikartati - area/grouping: - - abhiraut - - tnqn - area/ipam: - - jianjuns - area/multi-cluster: - - abhiraut - area/network-policy*: - - abhiraut - - tnqn - area/network-policy/api: - - abhiraut - - tnqn - area/ops/traceflow: - - antoninbas - - jianjuns - area/OS/windows: - - wenyingd - - tnqn - area/ovs*: - - jianjuns - - tnqn - - wenyingd - area/proxy*: - - tnqn - area/proxy/nodeport: - - antoninbas - area/test/*: - - antoninbas - area/test/infra: - - antoninbas - - edwardbadboy - area/test/jenkins: - - antoninbas - - edwardbadboy - - lzhecheng - area/transit/egress: - - jianjuns - - tnqn - kind/release: - - abhiraut - - antoninbas - - jianjuns - - tnqn - - salv-orlando diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md deleted file mode 100644 index e745495e3ae..00000000000 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -name: Bug report -about: Create a report to help us improve -title: '' -labels: kind/bug -assignees: '' - ---- - -**Describe the bug** - - -**To Reproduce** - - -**Expected** - - -**Actual behavior** - - -**Versions:** - - -**Additional context** - - - diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md deleted file mode 100644 index 03610f1a169..00000000000 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ /dev/null @@ -1,17 +0,0 @@ ---- -name: Feature request -about: Suggest an idea for this project -title: '' -labels: kind/feature -assignees: '' - ---- - -**Describe the problem/challenge you have** - - -**Describe the solution you'd like** - - -**Anything else you would like to add?** - diff --git a/.github/ISSUE_TEMPLATE/proposal.md b/.github/ISSUE_TEMPLATE/proposal.md deleted file mode 100644 index 50322b2227e..00000000000 --- a/.github/ISSUE_TEMPLATE/proposal.md +++ /dev/null @@ -1,29 +0,0 @@ ---- -name: Proposal -about: Describe a feature you are planning to implement -title: '' -labels: kind/design -assignees: '' - ---- - -**Describe what you are trying to solve** - - -**Describe the solution you have in mind** - - -**Describe how your solution impacts user flows** - - -**Describe the main design/architecture of your solution** - - -**Alternative solutions that you considered** - - -**Test plan** - - -**Additional context** - diff --git a/.github/ISSUE_TEMPLATE/support_request.md b/.github/ISSUE_TEMPLATE/support_request.md deleted file mode 100644 index 06c2de13f05..00000000000 --- a/.github/ISSUE_TEMPLATE/support_request.md +++ /dev/null @@ -1,11 +0,0 @@ ---- -name: Support request -about: You are trying to use Antrea and need help -title: '' -labels: kind/support -assignees: '' - ---- - -**Describe what you are trying to do** - diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index c90c7c6b185..00000000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,22 +0,0 @@ -version: 2 -updates: - - package-ecosystem: "gomod" - directory: "/" # Location of package manifests - schedule: - interval: "daily" - open-pull-requests-limit: 5 - ignore: - - dependency-name: "k8s.io/*" - - dependency-name: "sigs.k8s.io/*" - - dependency-name: "github.com/containernetworking/*" - - dependency-name: "github.com/vmware/go-ipfix" - - dependency-name: "github.com/TomCodeLV/OVSDB-golang-lib" - - dependency-name: "github.com/vmware-tanzu/octant" - update-types: ["version-update:semver-major", "version-update:semver-minor"] # ignore all except for patch updates - - dependency-name: "github.com/Microsoft/hcsshim" # we use a replace directive for this dependency - - package-ecosystem: "github-actions" - # Workflow files stored in the default location of `.github/workflows` - directory: "/" - schedule: - interval: "daily" - open-pull-requests-limit: 5 diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml deleted file mode 100644 index 2ff0fba4217..00000000000 --- a/.github/workflows/benchmark.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: Go Benchmark Test - -on: - push: - branches: - - main - -jobs: - go-benchmark-checks: - name: GoBenchmark - runs-on: ubuntu-latest - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - - name: Check out code into the Go module directory - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - - name: Install benchci - run: curl -sfL https://raw.githubusercontent.com/antrea-io/benchci/main/install.sh | sudo sh -s -- -b /usr/local/bin - - - name: Run benchmark - run: benchci -config test/performance/benchmark.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index ad31cfeef8c..00000000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,217 +0,0 @@ -name: Build and push latest image if needed - -on: - pull_request: - branches: - - main - - release-* - - feature/* - push: - branches: - - main - - release-* - - feature/* - -jobs: - check-changes: - name: Check whether tests need to be run based on diff - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: antrea-io/has-changes@v2 - id: check_diff - with: - paths-ignore: docs/* ci/jenkins/* *.md hack/.notableofcontents - outputs: - has_changes: ${{ steps.check_diff.outputs.has_changes }} - - build: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - name: Build Antrea amd64 Docker image without pushing to registry - if: ${{ github.repository != 'antrea-io/antrea' || github.event_name != 'push' || github.ref != 'refs/heads/main' }} - run: | - ./hack/build-antrea-linux-all.sh --pull - - name: Build and push Antrea amd64 Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - ./hack/build-antrea-linux-all.sh --pull --push-base-images - docker tag antrea/antrea-ubuntu:latest antrea/antrea-ubuntu-amd64:latest - docker push antrea/antrea-ubuntu-amd64:latest - - name: Trigger Antrea arm builds and multi-arch manifest update - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - uses: benc-uk/workflow-dispatch@v1 - with: - repo: vmware-tanzu/antrea-build-infra - ref: refs/heads/main - workflow: Build Antrea ARM images and push manifest - token: ${{ secrets.ANTREA_BUILD_INFRA_WORKFLOW_DISPATCH_PAT }} - inputs: ${{ format('{{ "antrea-repository":"antrea-io/antrea", "antrea-ref":"{0}", "docker-tag":"{1}" }}', github.ref, 'latest') }} - - build-ubi: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - name: Build Antrea UBI8 Docker image without pushing to registry - if: ${{ github.repository != 'antrea-io/antrea' || github.event_name != 'push' || github.ref != 'refs/heads/main' }} - run: | - ./hack/build-antrea-linux-all.sh --pull --distro ubi - - name: Build and push Antrea UBI8 Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - ./hack/build-antrea-linux-all.sh --pull --push-base-images --distro ubi - docker push antrea/antrea-ubi:latest - - build-scale: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - name: Build Antrea Agent Simulator Docker image - run: make build-scale-simulator - - name: Push Antrea Agent Simulator Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/antrea-ubuntu-simulator:latest - - build-windows: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [windows-2019] - steps: - - uses: actions/checkout@v3 - - name: Build Antrea Windows Docker image - run: make build-windows - - name: Push Antrea Windows Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/antrea-windows:latest - shell: bash - - build-octant-antrea-ubuntu: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - name: Build octant-antrea-ubuntu Docker image - run: make octant-antrea-ubuntu - - name: Push octant-antrea-ubuntu Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/octant-antrea-ubuntu:latest - - build-antrea-mc-controller: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - name: Build antrea-mc-controller Docker image - run: make antrea-mc-controller - - name: Push antrea-mc-controller Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/antrea-mc-controller:latest - - build-netpol-tmp: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - name: Build netpol Docker image - working-directory: hack/netpol - run: make build - - name: Push netpol Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - working-directory: hack/netpol - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - make push - make push-release - - build-flow-aggregator: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - name: Build flow-aggregator Docker image - run: make flow-aggregator-image - - name: Check flow-aggregator Docker image - run: docker run projects.registry.vmware.com/antrea/flow-aggregator --version - - name: Push flow-aggregator Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/flow-aggregator:latest - - check-clickhouse-monitor-changes: - name: Check whether flow-visibility-clickhouse-monitor image needs to be built based on diff - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: antrea-io/has-changes@v2 - id: check_diff - with: - paths-ignore: build/yamls/* ci/* cmd/* docs/* hack/* multicluster/* pkg/* test/* third_party/* plugins/octant/* plugins/grafana-sankey-plugin/* *.md - outputs: - has_changes: ${{ steps.check_diff.outputs.has_changes }} - - build-flow-visibility-clickhouse-monitor: - needs: check-clickhouse-monitor-changes - if: ${{ needs.check-clickhouse-monitor-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v2 - - name: Build flow-visibility-clickhouse-monitor Docker image - run: make flow-visibility-clickhouse-monitor - - name: Push flow-visibility-clickhouse-monitor Docker image to registry - if: ${{ github.repository == 'antrea-io/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/main' }} - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/flow-visibility-clickhouse-monitor:latest diff --git a/.github/workflows/build_tag.yml b/.github/workflows/build_tag.yml deleted file mode 100644 index 5e12b6e8480..00000000000 --- a/.github/workflows/build_tag.yml +++ /dev/null @@ -1,135 +0,0 @@ -name: Build and push a release image - -on: - push: - tags: - - v* - -jobs: - get-version: - runs-on: [ubuntu-latest] - outputs: - version: ${{ steps.get-version.outputs.version }} - steps: - - name: Extract version from Github ref - id: get-version - env: - TAG: ${{ github.ref }} - run: | - version=${TAG:10} - echo "::set-output name=version::$version" - - build: - runs-on: [ubuntu-latest] - needs: get-version - steps: - - uses: actions/checkout@v3 - - name: Build and push Antrea Ubuntu amd64 Docker image to registry - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - VERSION: ${{ needs.get-version.outputs.version }} - run: | - ./hack/build-antrea-linux-all.sh --pull - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker tag antrea/antrea-ubuntu:"${VERSION}" antrea/antrea-ubuntu-amd64:"${VERSION}" - docker push antrea/antrea-ubuntu-amd64:"${VERSION}" - - name: Trigger Antrea arm builds and multi-arch manifest update - uses: benc-uk/workflow-dispatch@v1 - with: - repo: vmware-tanzu/antrea-build-infra - ref: refs/heads/main - workflow: Build Antrea ARM images and push manifest - token: ${{ secrets.ANTREA_BUILD_INFRA_WORKFLOW_DISPATCH_PAT }} - inputs: ${{ format('{{ "antrea-repository":"antrea-io/antrea", "antrea-ref":"{0}", "docker-tag":"{1}" }}', github.ref, needs.get-version.outputs.version) }} - - build-ubi: - runs-on: [ubuntu-latest] - needs: get-version - steps: - - uses: actions/checkout@v3 - - name: Build and push Antrea UBI8 amd64 Docker image to registry - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - VERSION: ${{ needs.get-version.outputs.version }} - run: | - ./hack/build-antrea-linux-all.sh --pull --distro ubi - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/antrea-ubi:"${VERSION}" - - build-windows: - runs-on: [windows-2019] - needs: get-version - steps: - - uses: actions/checkout@v3 - - name: Build Antrea Windows Docker image and push to registry - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - VERSION: ${{ needs.get-version.outputs.version }} - run: | - make build-windows - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/antrea-windows:"${VERSION}" - shell: bash - - build-octant-antrea-ubuntu: - runs-on: [ubuntu-latest] - needs: get-version - steps: - - uses: actions/checkout@v3 - - name: Build octant-antrea-ubuntu Docker image and push to registry - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - VERSION: ${{ needs.get-version.outputs.version }} - run: | - make octant-antrea-ubuntu - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/octant-antrea-ubuntu:"${VERSION}" - - build-antrea-mc-controller: - runs-on: [ubuntu-latest] - needs: get-version - steps: - - uses: actions/checkout@v3 - - name: Build antrea-mc-controller Docker image and push to registry - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - VERSION: ${{ needs.get-version.outputs.version }} - run: | - make antrea-mc-controller - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/antrea-mc-controller:"${VERSION}" - - build-flow-aggregator: - runs-on: [ubuntu-latest] - needs: get-version - steps: - - uses: actions/checkout@v3 - - name: Build flow-aggregator Docker image and push to registry - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - VERSION: ${{ needs.get-version.outputs.version }} - run: | - make flow-aggregator-image - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/flow-aggregator:"${VERSION}" - - build-flow-visibility-clickhouse-monitor: - runs-on: [ubuntu-latest] - needs: get-version - steps: - - uses: actions/checkout@v2 - - name: Build flow-visibility-clickhouse-monitor Docker image and push to registry - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - VERSION: ${{ needs.get-version.outputs.version }} - run: | - make flow-visibility-clickhouse-monitor - echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin - docker push antrea/flow-visibility-clickhouse-monitor:"${VERSION}" diff --git a/.github/workflows/cancel_workflows.yml b/.github/workflows/cancel_workflows.yml deleted file mode 100644 index 76f0289f273..00000000000 --- a/.github/workflows/cancel_workflows.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Cancel Workflows -on: - workflow_run: - workflows: ["Go", "Golicense", "Kind", "Build and push latest image if needed", "Antrea upgrade"] - types: - - requested -jobs: - cancel: - name: Cancel workflows - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.event == 'pull_request' }} - steps: - - uses: styfle/cancel-workflow-action@0.10.0 - with: - all_but_latest: true - workflow_id: ${{ github.event.workflow.id }} diff --git a/.github/workflows/clair.yml b/.github/workflows/clair.yml deleted file mode 100644 index beb632c02be..00000000000 --- a/.github/workflows/clair.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: Scan Antrea Docker image for vulnerabilities every day - -on: - schedule: - # every day at 10am - - cron: '0 10 * * *' - -jobs: - build: - if: github.repository == 'antrea-io/antrea' - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Scan Antrea Docker image for vulnerabilities - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_SES }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_SES }} - run: | - mkdir clair-reports - ./ci/clair-scan/run.sh ./clair-reports - - name: Upload Clair scan reports - if: ${{ always() }} - uses: actions/upload-artifact@v3 - with: - name: clair-scan-reports - path: clair-reports/*.json - retention-days: 90 # max value - skip: - if: github.repository != 'antrea-io/antrea' - runs-on: [ubuntu-latest] - steps: - - name: Skip - run: | - echo "Skipping image scan because workflow cannot be run from fork" diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml deleted file mode 100644 index 8baeffeacc3..00000000000 --- a/.github/workflows/dependabot.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: Dependabot Workflow - -# This workflow commits to Dependabot branches to ensure that the corresponding -# PRs can satisfy all status checks. - -# WARNING: Combining pull_request_target workflow trigger with an explicit -# checkout of an untrusted PR is a dangerous practice that may lead to -# repository compromise. -# See https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ -# To prevent repository compromise, the workflow jobs must only execute on PRs -# opened by Dependabot and which are labelled correctly (note that these two -# checks are somewhat redundant since labelling PRs require write access to the -# repository). -# An alternative is to use the "two-workflow method" (see -# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/automating-dependabot-with-github-actions#handling-push-events), -# but that is more tedious to configure and should not be required here. - -on: - pull_request_target: - types: [labeled, synchronize] - -permissions: - contents: write - -jobs: - # This job ensures that "go mod tidy" is run for all Go modules included in - # this repository. - tidy: - name: Go tidiness for Dependabot PR - # 'dependencies' and 'go' are the default labels used by Dependabot when updating Go dependencies - if: ${{ github.actor == 'dependabot[bot]' && contains(github.event.pull_request.labels.*.name, 'dependencies') && contains(github.event.pull_request.labels.*.name, 'go') }} - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - uses: actions/checkout@v3 - with: - # Check out the pull request HEAD - ref: ${{ github.event.pull_request.head.sha }} - token: ${{ secrets.ANTREA_BOT_WRITE_PAT }} - - name: Run go mod tidy - # the checks above (Github actor and PR labels) ensure that a malicious - # actor cannot open a PR with a modified "tidy" Makefile target and - # execute arbitrary code with write access and access to secrets. In - # particular, someone would need write access to the repo to add the - # "dependencies" and "go" labels. - run: make tidy - - name: Commit changes - uses: stefanzweifel/git-auto-commit-action@v4 - with: - commit_message: Go tidiness for Dependabot PR - commit_options: '--no-verify' - file_pattern: '**/go.mod **/go.sum' - disable_globbing: false diff --git a/.github/workflows/docker_update_ethtool.yml b/.github/workflows/docker_update_ethtool.yml deleted file mode 100644 index 0d7bbdd713a..00000000000 --- a/.github/workflows/docker_update_ethtool.yml +++ /dev/null @@ -1,43 +0,0 @@ -# Anyone with write permissions to the antrea-io/antrea Github repository can -# trigger this workflow manually, but please check with a maintainer first. The -# workflow will build and push the antrea/ethtool image, with multi-platform -# support. -name: Manually update antrea/ethtool Docker image - -on: - workflow_dispatch: - # It is unlikely that anyone will need to use non-default values for these inputs. - inputs: - antrea-ref: - description: 'The Git ref to use when checking-out the Antrea repository' - required: false - default: 'main' - docker-tag: - description: 'Tag for built Docker image' - required: false - default: 'latest' - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Check-out code - uses: actions/checkout@v3 - with: - ref: ${{ github.event.inputs.antrea-ref }} - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Build and push Docker image - uses: docker/build-push-action@v3 - with: - context: build/images/ethtool - platforms: linux/amd64,linux/arm64,linux/arm/v7 - push: true - tags: antrea/ethtool:${{ github.event.inputs.docker-tag }} diff --git a/.github/workflows/docker_update_flow_visibility.yml b/.github/workflows/docker_update_flow_visibility.yml deleted file mode 100644 index 95e81832508..00000000000 --- a/.github/workflows/docker_update_flow_visibility.yml +++ /dev/null @@ -1,52 +0,0 @@ -# Anyone with write permissions to the antrea-io/antrea Github repository can -# trigger this workflow manually, but please check with a maintainer first. The -# workflow will tag and push flow visibility related external images into Antrea -# Docker hub. -name: Manually update flow visibility Docker images - -on: - workflow_dispatch: - inputs: - ch-operator-tag: - description: 'Tag for clickhouse-operator and metrics-exporter Docker image' - required: true - grafana-tag: - description: 'Tag for grafana Docker image' - required: true - ch-server-tag: - description: 'Tag for clickhouse-server Docker image' - required: true - -jobs: - build: - runs-on: ubuntu-latest - steps: - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Push antrea/flow-visibility-clickhouse-operator - uses: akhilerm/tag-push-action@v2.0.0 - with: - src: docker.io/altinity/clickhouse-operator:${{ github.event.inputs.ch-operator-tag }} - dst: | - docker.io/antrea/flow-visibility-clickhouse-operator:${{ github.event.inputs.ch-operator-tag }} - - name: Push antrea/flow-visibility-metrics-exporter - uses: akhilerm/tag-push-action@v2.0.0 - with: - src: docker.io/altinity/metrics-exporter:${{ github.event.inputs.ch-operator-tag }} - dst: | - docker.io/antrea/flow-visibility-metrics-exporter:${{ github.event.inputs.ch-operator-tag }} - - name: Push antrea/flow-visibility-grafana - uses: akhilerm/tag-push-action@v2.0.0 - with: - src: docker.io/grafana/grafana:${{ github.event.inputs.grafana-tag }} - dst: | - docker.io/antrea/flow-visibility-grafana:${{ github.event.inputs.grafana-tag }} - - name: Push antrea/flow-visibility-clickhouse-server - uses: akhilerm/tag-push-action@v2.0.0 - with: - src: docker.io/yandex/clickhouse-server:${{ github.event.inputs.ch-server-tag }} - dst: | - docker.io/antrea/flow-visibility-clickhouse-server:${{ github.event.inputs.ch-server-tag }} diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml deleted file mode 100644 index 0cff40dc22a..00000000000 --- a/.github/workflows/go.yml +++ /dev/null @@ -1,311 +0,0 @@ -name: Go -on: - pull_request: - branches: - - main - - release-* - - feature/* - push: - branches: - - main - - release-* - - feature/* - -env: - go-cache-name: go - -jobs: - check-changes: - name: Check whether tests need to be run based on diff - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: antrea-io/has-changes@v2 - id: check_diff - with: - paths-ignore: docs/* ci/jenkins/* *.md hack/.notableofcontents - outputs: - has_changes: ${{ steps.check_diff.outputs.has_changes }} - - # test-unit-ubuntu and test-unit-windows are intentionally not merged into one job with os matrix, otherwise the job - # wouldn't be expanded if it's skipped and the report of the required check would be missing. - # See https://github.com/antrea-io/antrea/issues/3563. - test-unit-ubuntu: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - name: Unit test (ubuntu-latest) - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - # * Build cache (Mac) - path: | - ~/go/pkg/mod - ~/.cache/go-build - ~/Library/Caches/go-build - %LocalAppData%\go-build - key: ${{ runner.os }}-${{ env.go-cache-name }}-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-${{ env.go-cache-name }}- - - name: Run unit tests - run: make test-unit - - name: Codecov - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: .coverage/coverage-unit.txt - flags: unit-tests - name: codecov-unit-test - - test-unit-windows: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - name: Unit test (windows-2019) - runs-on: [windows-2019] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - # * Build cache (Mac) - path: | - ~/go/pkg/mod - ~/.cache/go-build - ~/Library/Caches/go-build - %LocalAppData%\go-build - key: ${{ runner.os }}-${{ env.go-cache-name }}-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-${{ env.go-cache-name }}- - - name: Run unit tests - run: make test-unit - - name: Codecov - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: .coverage/coverage-unit.txt - flags: unit-tests - name: codecov-unit-test - - # golangci-lint-ubuntu and golangci-lint-macos are intentionally not merged into one job with os matrix, otherwise the - # job wouldn't be expanded if it's skipped and the report of the required check would be missing. - # See https://github.com/antrea-io/antrea/issues/3563. - golangci-lint-ubuntu: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - name: Golangci-lint (ubuntu-latest) - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - # * Build cache (Mac) - path: | - ~/go/pkg/mod - ~/.cache/go-build - ~/Library/Caches/go-build - %LocalAppData%\go-build - key: ${{ runner.os }}-${{ env.go-cache-name }}-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-${{ env.go-cache-name }}- - - name: Run golangci-lint - run: make golangci - - name: Run golangci-lint for netpol - working-directory: hack/netpol - run: make golangci - - golangci-lint-macos: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - name: Golangci-lint (macos-latest) - runs-on: [macos-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - # * Build cache (Mac) - path: | - ~/go/pkg/mod - ~/.cache/go-build - ~/Library/Caches/go-build - %LocalAppData%\go-build - key: ${{ runner.os }}-${{ env.go-cache-name }}-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-${{ env.go-cache-name }}- - - name: Run golangci-lint - run: make golangci - - name: Run golangci-lint for netpol - working-directory: hack/netpol - run: make golangci - - bin: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - name: Build Antrea and antctl binaries - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - # * Build cache (Mac) - path: | - ~/go/pkg/mod - ~/.cache/go-build - ~/Library/Caches/go-build - %LocalAppData%\go-build - key: ${{ runner.os }}-${{ env.go-cache-name }}-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-${{ env.go-cache-name }}- - - name: Build Antrea binaries for amd64 - run: GOARCH=amd64 make bin - - name: Build Antrea binaries for arm64 - run: GOARCH=arm64 make bin - - name: Build Antrea binaries for arm - run: GOARCH=arm make bin - - name: Build antctl binaries - run: make antctl - - name: Build Multi-cluster binaries - run: | - cd multicluster - make build - - windows-bin: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - name: Build Antrea Windows binaries - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - # * Build cache (Mac) - path: | - ~/go/pkg/mod - ~/.cache/go-build - ~/Library/Caches/go-build - %LocalAppData%\go-build - key: ${{ runner.os }}-${{ env.go-cache-name }}-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-${{ env.go-cache-name }}- - - name: Build Antrea windows binaries - run: make windows-bin - - tidy-codegen-manifest: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - name: Check tidy, code generation and manifest - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - # tidy check need to be run before code generation which will regenerate codes. - - name: Check tidy - run: make test-tidy - - name: Check code generation - run: ./ci/check-codegen.sh - - name: Check manifest - run: ./ci/check-manifest.sh - - name: Check copyright - run: ./ci/check-copyright.sh - - verify: - name: Verify docs and spelling - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - name: Run verify scripts - run: make verify - - name: Checking for broken Markdown links - if: ${{ github.event_name == 'pull_request' }} - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: - # Check modified files only for pull requests. Cronjob "Verify docs" takes care of checking all markdown files. - check-modified-files-only: yes - base-branch: ${{ github.base_ref }} - config-file: 'hack/.md_links_config.json' - - name: Markdownlint - run: | - sudo npm install -g markdownlint-cli@0.31.1 - make markdownlint - - name: Checking whether autogenerated Helm chart documentation is up-to-date - working-directory: build/charts/ - run: | - make helm-docs - DIFF=$(git diff .) - if [ -n "$DIFF" ]; then - echo "The Helm chart documentation is out-of-date; please run 'make helm-docs' in 'build/charts/' and commit the changes" - exit 1 - fi - - benchmark: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - name: Go benchmark test - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - name: Run Go benchmark test - run: go test -run '^$' -bench . -benchtime 1x -timeout 10m -cpu 4 -v -benchmem ./pkg/... diff --git a/.github/workflows/golicense.yml b/.github/workflows/golicense.yml deleted file mode 100644 index 114c9df64b0..00000000000 --- a/.github/workflows/golicense.yml +++ /dev/null @@ -1,67 +0,0 @@ -name: Golicense -on: - pull_request: - branches: - - main - - release-* - - feature/* - push: - branches: - - main - - release-* - - feature/* - release: - types: [published] - -jobs: - check-changes: - name: Check whether tests need to be run based on diff - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: antrea-io/has-changes@v2 - id: check_diff - with: - paths-ignore: docs/* ci/jenkins/* *.md hack/.notableofcontents - outputs: - has_changes: ${{ steps.check_diff.outputs.has_changes }} - - golicense: - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name != 'pull_request' }} - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - uses: actions/checkout@v3 - - name: Cache licensing information for dependencies - uses: actions/cache@v3 - id: cache - env: - cache-name: cache-lichen-deps-licensing-info - with: - path: license-reports - key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('**/go.sum', 'ci/golicense/**') }} - - run: mkdir antrea-bins - - name: Build assets - run: | - export VERSION="$(head VERSION)" - ./hack/release/prepare-assets.sh ./antrea-bins - - name: Build Linux binaries - run: BINDIR=./antrea-bins make bin - - name: Run lichen - if: steps.cache.outputs.cache-hit != 'true' - run: | - mkdir license-reports - ./ci/golicense/run.sh ./antrea-bins ./license-reports - - name: Upload licensing information - if: ${{ always() }} - uses: actions/upload-artifact@v3 - with: - name: licenses.deps - path: license-reports/ALL.deps.txt - retention-days: 90 # max value diff --git a/.github/workflows/kind.yml b/.github/workflows/kind.yml deleted file mode 100644 index 0dda180c560..00000000000 --- a/.github/workflows/kind.yml +++ /dev/null @@ -1,684 +0,0 @@ -name: Kind -on: - pull_request: - branches: - - main - - release-* - - feature/* - push: - branches: - - main - - release-* - - feature/* - -env: - KIND_VERSION: v0.12.0 - -jobs: - check-changes: - name: Check whether tests need to be run based on diff - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: antrea-io/has-changes@v2 - id: check_diff - with: - paths-ignore: docs/* ci/jenkins/* *.md hack/.notableofcontents plugins/* - outputs: - has_changes: ${{ steps.check_diff.outputs.has_changes }} - - build-antrea-coverage-image: - name: Build Antrea image to be used for Kind e2e tests - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v3 - - name: Build Antrea Docker image with code coverage support - run: | - ./hack/build-antrea-linux-all.sh --pull --coverage - - name: Save Antrea image to tarball - run: docker save -o antrea-ubuntu.tar antrea/antrea-ubuntu-coverage:latest - - name: Upload Antrea image for subsequent jobs - uses: actions/upload-artifact@v3 - with: - name: antrea-ubuntu-cov - path: antrea-ubuntu.tar - retention-days: 1 # minimum value, in case artifact deletion by 'artifact-cleanup' job fails - - build-flow-aggregator-coverage-image: - name: Build Flow Aggregator image to be used for Kind e2e tests - needs: check-changes - if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} - runs-on: [ ubuntu-latest ] - steps: - - uses: actions/checkout@v3 - - run: make flow-aggregator-ubuntu-coverage - - name: Save Flow Aggregator image to tarball - run: docker save -o flow-aggregator.tar antrea/flow-aggregator-coverage:latest - - name: Upload Flow Aggregator image for subsequent jobs - uses: actions/upload-artifact@v3 - with: - name: flow-aggregator-cov - path: flow-aggregator.tar - retention-days: 1 # minimum value, in case artifact deletion by 'artifact-cleanup' job fails - - test-e2e-encap: - name: E2e tests on a Kind cluster on Linux - needs: [build-antrea-coverage-image] - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea images from previous jobs - uses: actions/download-artifact@v3 - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run e2e tests - run: | - mkdir log - mkdir test-e2e-encap-coverage - ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-encap-coverage ./ci/kind/test-e2e-kind.sh --encap-mode encap --coverage - - name: Tar coverage files - run: tar -czf test-e2e-encap-coverage.tar.gz test-e2e-encap-coverage - - name: Upload coverage for test-e2e-encap-coverage - uses: actions/upload-artifact@v3 - with: - name: test-e2e-encap-coverage - path: test-e2e-encap-coverage.tar.gz - retention-days: 30 - - name: Codecov - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: '*.cov.out*' - flags: kind-e2e-tests - name: codecov-test-e2e-encap - directory: test-e2e-encap-coverage - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: e2e-kind-encap.tar.gz - path: log.tar.gz - retention-days: 30 - - test-e2e-encap-no-proxy: - name: E2e tests on a Kind cluster on Linux with AntreaProxy disabled - needs: [build-antrea-coverage-image] - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea images from previous jobs - uses: actions/download-artifact@v3 - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run e2e tests - run: | - mkdir log - mkdir test-e2e-encap-no-proxy-coverage - ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-encap-no-proxy-coverage ./ci/kind/test-e2e-kind.sh --encap-mode encap --feature-gates AntreaProxy=false --coverage --skip mode-irrelevant - - name: Tar coverage files - run: tar -czf test-e2e-encap-no-proxy-coverage.tar.gz test-e2e-encap-no-proxy-coverage - - name: Upload coverage for test-e2e-encap-no-proxy-coverage - uses: actions/upload-artifact@v3 - with: - name: test-e2e-encap-no-proxy-coverage - path: test-e2e-encap-no-proxy-coverage.tar.gz - retention-days: 30 - - name: Codecov - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: '*.cov.out*' - flags: kind-e2e-tests - name: codecov-test-e2e-encap-no-proxy - directory: test-e2e-encap-no-proxy-coverage - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: e2e-kind-encap-no-proxy.tar.gz - path: log.tar.gz - retention-days: 30 - - test-e2e-encap-all-features-enabled: - name: E2e tests on a Kind cluster on Linux with all features enabled - needs: [build-antrea-coverage-image] - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea images from previous jobs - uses: actions/download-artifact@v3 - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run e2e tests - run: | - mkdir log - mkdir test-e2e-encap-all-features-enabled-coverage - # Currently multicast tests require specific testbeds, exclude it for now. - ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-encap-all-features-enabled-coverage ./ci/kind/test-e2e-kind.sh --encap-mode encap --coverage --feature-gates AllAlpha=true,AllBeta=true,Multicast=false --proxy-all - - name: Tar coverage files - run: tar -czf test-e2e-encap-all-features-enabled-coverage.tar.gz test-e2e-encap-all-features-enabled-coverage - - name: Upload coverage for test-e2e-encap-all-features-enabled-coverage - uses: actions/upload-artifact@v3 - with: - name: test-e2e-encap-all-features-enabled-coverage - path: test-e2e-encap-all-features-enabled-coverage.tar.gz - retention-days: 30 - - name: Codecov - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: '*.cov.out*' - flags: kind-e2e-tests - name: codecov-test-e2e-encap-all-features-enabled - directory: test-e2e-encap-all-features-enabled-coverage - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: e2e-kind-encap-all-features-enabled.tar.gz - path: log.tar.gz - retention-days: 30 - - test-e2e-noencap: - name: E2e tests on a Kind cluster on Linux (noEncap) - needs: [build-antrea-coverage-image] - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea images from previous jobs - uses: actions/download-artifact@v3 - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run e2e tests - run: | - mkdir log - mkdir test-e2e-noencap-coverage - ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-noencap-coverage ./ci/kind/test-e2e-kind.sh --encap-mode noEncap --coverage --skip mode-irrelevant - - name: Tar coverage files - run: tar -czf test-e2e-noencap-coverage.tar.gz test-e2e-noencap-coverage - - name: Upload coverage for test-e2e-noencap-coverage - uses: actions/upload-artifact@v3 - with: - name: test-e2e-noencap-coverage - path: test-e2e-noencap-coverage.tar.gz - retention-days: 30 - - name: Codecov - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: '*.cov.out*' - flags: kind-e2e-tests - name: codecov-test-e2e-noencap - directory: test-e2e-noencap-coverage - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: e2e-kind-noencap.tar.gz - path: log.tar.gz - retention-days: 30 - - test-e2e-hybrid: - name: E2e tests on a Kind cluster on Linux (hybrid) - needs: [build-antrea-coverage-image] - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea images from previous jobs - uses: actions/download-artifact@v3 - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run e2e tests - run: | - mkdir log - mkdir test-e2e-hybrid-coverage - ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-hybrid-coverage ./ci/kind/test-e2e-kind.sh --encap-mode hybrid --coverage --skip mode-irrelevant - - name: Tar coverage files - run: tar -czf test-e2e-hybrid-coverage.tar.gz test-e2e-hybrid-coverage - - name: Upload coverage for test-e2e-hybrid-coverage - uses: actions/upload-artifact@v3 - with: - name: test-e2e-hybrid-coverage - path: test-e2e-hybrid-coverage.tar.gz - retention-days: 30 - - name: Codecov - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: '*.cov.out*' - flags: kind-e2e-tests - name: codecov-test-e2e-hybrid - directory: test-e2e-hybrid-coverage - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: e2e-kind-hybrid.tar.gz - path: log.tar.gz - retention-days: 30 - - test-e2e-flow-visibility: - name: E2e tests on a Kind cluster on Linux for Flow Visibility - needs: [build-antrea-coverage-image, build-flow-aggregator-coverage-image] - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea images from previous jobs - uses: actions/download-artifact@v3 - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - docker load -i flow-aggregator-cov/flow-aggregator.tar - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run e2e tests - run: | - mkdir log - mkdir test-e2e-fa-coverage - ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-fa-coverage ./ci/kind/test-e2e-kind.sh --encap-mode encap --coverage --flow-visibility - - name: Tar coverage files - run: tar -czf test-e2e-fa-coverage.tar.gz test-e2e-fa-coverage - - name: Upload coverage for test-e2e-fa-coverage - uses: actions/upload-artifact@v3 - with: - name: test-e2e-fa-coverage - path: test-e2e-fa-coverage.tar.gz - retention-days: 30 - - name: Codecov - uses: codecov/codecov-action@v3 - with: - token: ${{ secrets.CODECOV_TOKEN }} - file: '*.cov.out*' - flags: kind-e2e-tests - name: codecov-test-e2e-fa - directory: test-e2e-fa-coverage - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: e2e-kind-fa.tar.gz - path: log.tar.gz - retention-days: 30 - - test-upgrade-from-N-1: - name: Upgrade from Antrea version N-1 - needs: build-antrea-coverage-image - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea image from previous job - uses: actions/download-artifact@v3 - with: - name: antrea-ubuntu-cov - path: antrea-ubuntu-cov - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - docker tag antrea/antrea-ubuntu-coverage:latest antrea/antrea-ubuntu:latest - docker tag antrea/antrea-ubuntu-coverage:latest projects.registry.vmware.com/antrea/antrea-ubuntu:latest - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run test - run: | - mkdir log - ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-upgrade-antrea.sh --from-version-n-minus 1 - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: upgrade-from-antrea-version-n-1.tar.gz - path: log.tar.gz - retention-days: 30 - - test-upgrade-from-N-2: - name: Upgrade from Antrea version N-2 - needs: build-antrea-coverage-image - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea image from previous job - uses: actions/download-artifact@v3 - with: - name: antrea-ubuntu-cov - path: antrea-ubuntu-cov - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - docker tag antrea/antrea-ubuntu-coverage:latest antrea/antrea-ubuntu:latest - docker tag antrea/antrea-ubuntu-coverage:latest projects.registry.vmware.com/antrea/antrea-ubuntu:latest - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run test - run: | - mkdir log - ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-upgrade-antrea.sh --from-version-n-minus 2 - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: upgrade-from-antrea-version-n-2.tar.gz - path: log.tar.gz - retention-days: 30 - - test-compatible-N-1: - name: API compatible with client version N-1 - needs: build-antrea-coverage-image - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea image from previous job - uses: actions/download-artifact@v3 - with: - name: antrea-ubuntu-cov - path: antrea-ubuntu-cov - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - docker tag antrea/antrea-ubuntu-coverage:latest antrea/antrea-ubuntu:latest - docker tag antrea/antrea-ubuntu-coverage:latest projects.registry.vmware.com/antrea/antrea-ubuntu:latest - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run test - run: | - mkdir log - ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-upgrade-antrea.sh --from-version-n-minus 1 --controller-only - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: api-compatible-with-client-version-n-1.tar.gz - path: log.tar.gz - retention-days: 30 - - test-compatible-N-2: - name: API compatible with client version N-2 - needs: build-antrea-coverage-image - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea image from previous job - uses: actions/download-artifact@v3 - with: - name: antrea-ubuntu-cov - path: antrea-ubuntu-cov - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - docker tag antrea/antrea-ubuntu-coverage:latest antrea/antrea-ubuntu:latest - docker tag antrea/antrea-ubuntu-coverage:latest projects.registry.vmware.com/antrea/antrea-ubuntu:latest - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run test - run: | - mkdir log - ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-upgrade-antrea.sh --from-version-n-minus 2 --controller-only - - name: Tar log files - if: ${{ failure() }} - run: tar -czf log.tar.gz log - - name: Upload test log - uses: actions/upload-artifact@v3 - if: ${{ failure() }} - with: - name: api-compatible-with-client-version-n-2.tar.gz - path: log.tar.gz - retention-days: 30 - - test-netpol-tmp: - name: Run experimental network policy tests (netpol) on Kind cluster - needs: build-antrea-coverage-image - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea image from previous job - uses: actions/download-artifact@v3 - with: - name: antrea-ubuntu-cov - path: antrea-ubuntu-cov - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - docker tag antrea/antrea-ubuntu-coverage:latest antrea/antrea-ubuntu:latest - docker tag antrea/antrea-ubuntu-coverage:latest projects.registry.vmware.com/antrea/antrea-ubuntu:latest - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Build netpol Docker image - working-directory: hack/netpol - run: make - - name: Run netpol tests - working-directory: hack/netpol - run: ./test-kind.sh - - validate-prometheus-metrics-doc: - name: Validate metrics in Prometheus document match running deployment's - needs: build-antrea-coverage-image - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Download Antrea image from previous job - uses: actions/download-artifact@v3 - with: - name: antrea-ubuntu-cov - path: antrea-ubuntu-cov - - name: Load Antrea image - run: | - docker load -i antrea-ubuntu-cov/antrea-ubuntu.tar - docker tag antrea/antrea-ubuntu-coverage:latest antrea/antrea-ubuntu:latest - docker tag antrea/antrea-ubuntu-coverage:latest projects.registry.vmware.com/antrea/antrea-ubuntu:latest - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Validate document - run: | - ./ci/kind/validate-metrics-doc.sh - - # Runs after all other jobs in the workflow succeed and deletes Antrea Docker images uploaded as temporary - # artifacts. It uses a third-party, MIT-licensed action (geekyeggo/delete-artifact). While Github - # exposes an API for deleting artifacts, they do not support an official delete-artifact action - # yet. - artifact-cleanup: - name: Delete uploaded images - needs: - - build-antrea-coverage-image - - build-flow-aggregator-coverage-image - - test-e2e-encap - - test-e2e-encap-no-proxy - - test-e2e-encap-all-features-enabled - - test-e2e-noencap - - test-e2e-hybrid - - test-upgrade-from-N-1 - - test-upgrade-from-N-2 - - test-compatible-N-1 - - test-compatible-N-2 - - test-netpol-tmp - - validate-prometheus-metrics-doc - - test-e2e-flow-visibility - runs-on: [ubuntu-latest] - steps: - - name: Delete antrea-ubuntu-cov - if: ${{ needs.build-antrea-coverage-image.result == 'success' }} - uses: geekyeggo/delete-artifact@v1 - with: - name: antrea-ubuntu-cov - - name: Delete flow-aggregator - if: ${{ needs.build-flow-aggregator-coverage-image.result == 'success' }} - uses: geekyeggo/delete-artifact@v1 - with: - name: flow-aggregator-cov - failOnError: false diff --git a/.github/workflows/lifecycle_management.yml b/.github/workflows/lifecycle_management.yml deleted file mode 100644 index 81685e06fba..00000000000 --- a/.github/workflows/lifecycle_management.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: "Issues and PRs lifecycle management" -on: - schedule: - # every day at midnight - - cron: "0 0 * * *" - -jobs: - stale: - if: github.repository == 'antrea-io/antrea' - runs-on: ubuntu-latest - steps: - - uses: actions/stale@v5 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - stale-issue-message: 'This issue is stale because it has been open 90 days with no activity. Remove stale label or comment, or this will be closed in 90 days' - stale-pr-message: 'This PR is stale because it has been open 90 days with no activity. Remove stale label or comment, or this will be closed in 90 days' - stale-issue-label: 'lifecycle/stale' - stale-pr-label: 'lifecycle/stale' - days-before-stale: 90 - days-before-close: 90 - exempt-issue-labels: 'lifecycle/frozen' - exempt-pr-labels: 'lifecycle/frozen' - remove-stale-when-updated: true - debug-only: false - operations-per-run: 200 - skip: - if: github.repository != 'antrea-io/antrea' - runs-on: ubuntu-latest - steps: - - name: Skip - run: | - echo "Skipping lifecyle management because workflow cannot be run from fork" diff --git a/.github/workflows/netpol_cyclonus.yml b/.github/workflows/netpol_cyclonus.yml deleted file mode 100644 index a0cad16436c..00000000000 --- a/.github/workflows/netpol_cyclonus.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Kind Netpol Cyclonus -on: - schedule: - # run once a day at midnight - - cron: '0 0 * * *' - -env: - KIND_VERSION: v0.12.0 - -jobs: - - test-netpol-cyclonus: - name: Run Cyclonus network policy generator tests on Kind cluster - runs-on: [ubuntu-latest] - steps: - - name: Free disk space - # https://github.com/actions/virtual-environments/issues/709 - run: | - sudo apt-get clean - df -h - - uses: actions/checkout@v3 - - run: make - - name: Install Kind - run: | - curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 - chmod +x ./kind - sudo mv kind /usr/local/bin - - name: Run cyclonus tests - working-directory: hack/netpol-generator - run: ./test-kind.sh diff --git a/.github/workflows/process_release.yml b/.github/workflows/process_release.yml deleted file mode 100644 index 47f95d5e631..00000000000 --- a/.github/workflows/process_release.yml +++ /dev/null @@ -1,310 +0,0 @@ -name: Process new release - -on: - release: - types: [published] - -jobs: - upload-release-assets: - runs-on: ubuntu-latest - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - uses: actions/checkout@v3 - - name: Build assets - env: - TAG: ${{ github.ref }} - PRERELEASE: ${{ github.event.release.prerelease }} - run: | - mkdir assets - VERSION="${TAG:10}" ./hack/release/prepare-assets.sh ./assets - - name: Upload antctl-darwin-x86_64 - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antctl-darwin-x86_64 - asset_name: antctl-darwin-x86_64 - asset_content_type: application/octet-stream - - name: Upload antctl-linux-arm - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antctl-linux-arm - asset_name: antctl-linux-arm - asset_content_type: application/octet-stream - - name: Upload antctl-linux-arm64 - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antctl-linux-arm64 - asset_name: antctl-linux-arm64 - asset_content_type: application/octet-stream - - name: Upload antctl-linux-x86_64 - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antctl-linux-x86_64 - asset_name: antctl-linux-x86_64 - asset_content_type: application/octet-stream - - name: Upload antctl-windows-x86_64.exe - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antctl-windows-x86_64.exe - asset_name: antctl-windows-x86_64.exe - asset_content_type: application/octet-stream - - name: Upload antrea-octant-plugin-darwin-x86_64 - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-octant-plugin-darwin-x86_64 - asset_name: antrea-octant-plugin-darwin-x86_64 - asset_content_type: application/octet-stream - - name: Upload antrea-octant-plugin-linux-arm - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-octant-plugin-linux-arm - asset_name: antrea-octant-plugin-linux-arm - asset_content_type: application/octet-stream - - name: Upload antrea-octant-plugin-linux-arm64 - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-octant-plugin-linux-arm64 - asset_name: antrea-octant-plugin-linux-arm64 - asset_content_type: application/octet-stream - - name: Upload antrea-octant-plugin-linux-x86_64 - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-octant-plugin-linux-x86_64 - asset_name: antrea-octant-plugin-linux-x86_64 - asset_content_type: application/octet-stream - - name: Upload antrea-octant-plugin-windows-x86_64.exe - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-octant-plugin-windows-x86_64.exe - asset_name: antrea-octant-plugin-windows-x86_64.exe - asset_content_type: application/octet-stream - - name: Upload antrea.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea.yml - asset_name: antrea.yml - asset_content_type: application/octet-stream - - name: Upload antrea-crds.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-crds.yml - asset_name: antrea-crds.yml - asset_content_type: application/octet-stream - - name: Upload antrea-ipsec.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-ipsec.yml - asset_name: antrea-ipsec.yml - asset_content_type: application/octet-stream - - name: Upload antrea-eks.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-eks.yml - asset_name: antrea-eks.yml - asset_content_type: application/octet-stream - - name: Upload antrea-gke.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-gke.yml - asset_name: antrea-gke.yml - asset_content_type: application/octet-stream - - name: Upload antrea-aks.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-aks.yml - asset_name: antrea-aks.yml - asset_content_type: application/octet-stream - - name: Upload antrea-octant.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-octant.yml - asset_name: antrea-octant.yml - asset_content_type: application/octet-stream - - name: Upload antrea-windows.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-windows.yml - asset_name: antrea-windows.yml - asset_content_type: application/octet-stream - - name: Upload flow-aggregator.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/flow-aggregator.yml - asset_name: flow-aggregator.yml - asset_content_type: application/octet-stream - - name: Upload flow-visibility.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/flow-visibility.yml - asset_name: flow-visibility.yml - asset_content_type: application/octet-stream - - name: Upload antrea-multicluster-leader-global.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-multicluster-leader-global.yml - asset_name: antrea-multicluster-leader-global.yml - asset_content_type: application/octet-stream - - name: Upload antrea-multicluster-leader-namespaced.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-multicluster-leader-namespaced.yml - asset_name: antrea-multicluster-leader-namespaced.yml - asset_content_type: application/octet-stream - - name: Upload antrea-multicluster-member.yml - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-multicluster-member.yml - asset_name: antrea-multicluster-member.yml - asset_content_type: application/octet-stream - - name: Upload antrea-agent-windows-x86_64.exe - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-agent.exe - asset_name: antrea-agent-windows-x86_64.exe - asset_content_type: application/octet-stream - - name: Upload antrea-cni-windows-x86_64.exe - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-cni.exe - asset_name: antrea-cni-windows-x86_64.exe - asset_content_type: application/octet-stream - - name: Upload Start-AntreaAgent.ps1 - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/Start-AntreaAgent.ps1 - asset_name: Start-AntreaAgent.ps1 - asset_content_type: application/octet-stream - - name: Upload Antrea Helm chart archive - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/antrea-chart.tgz - asset_name: antrea-chart.tgz - asset_content_type: application/octet-stream - - name: Upload Flow Aggregator Helm chart archive - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ github.event.release.upload_url }} - asset_path: ./assets/flow-aggregator-chart.tgz - asset_name: flow-aggregator-chart.tgz - asset_content_type: application/octet-stream - - update-website: - name: Trigger website update for release - needs: upload-release-assets - runs-on: ubuntu-latest - steps: - - id: get-version - env: - TAG: ${{ github.ref }} - run: | - version=${TAG:10} - echo "::set-output name=version::$version" - - name: Update website source - uses: benc-uk/workflow-dispatch@v1 - with: - repo: antrea-io/website - ref: refs/heads/main - workflow: Update website source - token: ${{ secrets.ANTREA_WEBSITE_WORKFLOW_DISPATCH_PAT }} - inputs: ${{ format('{{ "antrea-repository":"antrea-io/antrea", "antrea-ref":"{0}" }}', steps.get-version.outputs.version) }} - - name: Update Helm index with Antrea archive - uses: benc-uk/workflow-dispatch@v1 - with: - repo: antrea-io/website - ref: refs/heads/main - workflow: Update Helm index - token: ${{ secrets.ANTREA_WEBSITE_WORKFLOW_DISPATCH_PAT }} - inputs: ${{ format('{{ "archive-url":"https://github.com/antrea-io/antrea/releases/download/{0}/antrea-chart.tgz" }}', steps.get-version.outputs.version) }} - - name: Update Helm index with Flow Aggregator archive - uses: benc-uk/workflow-dispatch@v1 - with: - repo: antrea-io/website - ref: refs/heads/main - workflow: Update Helm index - token: ${{ secrets.ANTREA_WEBSITE_WORKFLOW_DISPATCH_PAT }} - inputs: ${{ format('{{ "archive-url":"https://github.com/antrea-io/antrea/releases/download/{0}/flow-aggregator-chart.tgz" }}', steps.get-version.outputs.version) }} diff --git a/.github/workflows/reviews.yml b/.github/workflows/reviews.yml deleted file mode 100644 index 45fe42a79a1..00000000000 --- a/.github/workflows/reviews.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: Review manager -on: - # The pull_request_target workflow trigger presents a security risk when - # combined with an explicit checkout of an untrusted PR. This is not the case - # here: actions/checkout will checkout the code in the PR base branch. - pull_request_target: - branches: - - main - types: ["opened", "synchronize", "reopened", "labeled", "unlabeled", "ready_for_review", "review_request_removed"] - pull_request_review: - branches: - - main - -permissions: - pull-requests: write - -jobs: - test: - runs-on: [ubuntu-latest] - steps: - - name: Check-out code - uses: actions/checkout@v3 - - uses: antrea-io/review-manager@v0.3.1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - area_ownership_file: '.github/AREA-OWNERS' - min_approving_reviews_total: 2 - min_approving_reviews_per_area: 1 - fail_if_cannot_be_merged: false # temporary for initial testing - label_on_success: '' # cannot use a label as pull_request_review workflows do not have a write token - require_area_label: false - succeed_if_maintainer_approves: false - maintainers_are_universal_approvers: true - ignore_if_not_labelled_with: 'review-manager-test' # temporary for initial testing - require_enough_available_approvers_for_area: false - support_label_regex: true - request_reviews_from_maintainers_if_needed: true diff --git a/.github/workflows/update_changelog.yml b/.github/workflows/update_changelog.yml deleted file mode 100644 index 919dccac557..00000000000 --- a/.github/workflows/update_changelog.yml +++ /dev/null @@ -1,60 +0,0 @@ -name: Update CHANGELOG after release - -on: - push: - tags: - - v* - -jobs: - check-version: - runs-on: [ubuntu-latest] - outputs: - version: ${{ steps.get-version.outputs.version }} - steps: - - name: Extract version from Github ref - id: get-version - env: - TAG: ${{ github.ref }} - shell: bash - run: | - version=${TAG:10} - if [[ "$version" == *-* ]]; then - echo "$version is a release candidate or a pre-release" - exit 0 - fi - echo "::set-output name=version::$version" - - pr-update-changelog: - runs-on: [ubuntu-latest] - needs: check-version - if: ${{ needs.check-version.outputs.version != '' }} - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - ref: main - - name: Cherry-pick changelog commit - env: - VERSION: ${{ needs.check-version.outputs.version }} - shell: bash - run: | - git config user.name github-actions - git config user.email github-actions@github.com - commit_hash=$(git log "$VERSION" --format="%H" --grep="Update CHANGELOG for $VERSION release") - if [[ -z "$commit_hash" ]]; then - echo "Cannot find commit" - exit 1 - fi - git cherry-pick "$commit_hash" - - name: Create Pull Request - uses: peter-evans/create-pull-request@v4 - with: - token: ${{ secrets.ANTREA_BOT_WRITE_PAT }} - delete-branch: true - title: "Update CHANGELOG for ${{ needs.check-version.outputs.version }} release" - body: | - PR was opened automatically from Github Actions - - name: Check outputs - run: | - echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}" - echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" diff --git a/.github/workflows/verify_docs.yml b/.github/workflows/verify_docs.yml deleted file mode 100644 index 50dbf839cca..00000000000 --- a/.github/workflows/verify_docs.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Verify docs - -on: - schedule: - # every day at 9am - - cron: '0 9 * * *' - -jobs: - verify: - name: Verify docs and spelling - runs-on: [ubuntu-latest] - steps: - - name: Set up Go 1.17 - uses: actions/setup-go@v3 - with: - go-version: 1.17 - - name: Check-out code - uses: actions/checkout@v3 - - name: Run verify scripts - run: make verify - - name: Checking for broken Markdown links for main branch - uses: gaurav-nelson/github-action-markdown-link-check@v1 - with: - folder-path: './docs' - file-path: './README.md, ./CHANGELOG.md, ./CONTRIBUTING.md, ./GOVERNANCE.md, ./MAINTAINERS.md, ./ROADMAP.md, ./SECURITY.md' - config-file: 'hack/.md_links_config.json' - - name: Markdownlint - run: | - sudo npm install -g markdownlint-cli@0.31.1 - make markdownlint diff --git a/.github/workflows/website.yml b/.github/workflows/website.yml deleted file mode 100644 index 8703b4065ef..00000000000 --- a/.github/workflows/website.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Update antrea.io website for main branch - -on: - push: - branches: - - main - paths: - - '**.md' - - 'docs/**' - - 'pkg/apis/**' - - 'hack/**' - -jobs: - update-website: - name: Trigger website update for main - runs-on: ubuntu-latest - steps: - - name: Update website source - uses: benc-uk/workflow-dispatch@v1 - with: - repo: antrea-io/website - ref: refs/heads/main - workflow: Update website source - token: ${{ secrets.ANTREA_WEBSITE_WORKFLOW_DISPATCH_PAT }} - inputs: ${{ format('{{ "antrea-repository":"antrea-io/antrea", "antrea-ref":"main" }}') }} diff --git a/ci/jenkins/external-hosts-config.yml b/ci/jenkins/external-hosts-config.yml new file mode 100644 index 00000000000..051db8bb626 --- /dev/null +++ b/ci/jenkins/external-hosts-config.yml @@ -0,0 +1,8 @@ +externalHosts: + - sshIP: 10.1.10.10 + name: antrea-multicast-external + interfaces: + - name: ens224 + ipv4: 10.1.10.10 + clusterInterfaces: + antrea-multicast-0-0: [ens224] diff --git a/ci/jenkins/test.sh b/ci/jenkins/test.sh index a92e79f643a..e0ee3f2c2be 100755 --- a/ci/jenkins/test.sh +++ b/ci/jenkins/test.sh @@ -53,13 +53,14 @@ _usage="Usage: $0 [--kubeconfig ] [--workdir ] Run K8s e2e community tests (Conformance & Network Policy) or Antrea e2e tests on a remote (Jenkins) Windows or Linux cluster. - --kubeconfig Path of cluster kubeconfig. - --workdir Home path for Go, vSphere information and antrea_logs during cluster setup. Default is $WORKDIR. - --testcase Windows install OVS, Conformance and Network Policy or Antrea e2e testcases on a Windows or Linux cluster. It can also be flexible ipam or multicast e2e test. - --registry The docker registry to use instead of dockerhub. - --proxyall Enable proxyAll to test AntreaProxy. - --testbed-type The testbed type to run tests. It can be flexible-ipam, jumper or legacy. - --ip-mode IP mode for flexible-ipam e2e test. Default is $DEFAULT_IP_MODE. It can also be ipv6 or ds." + --kubeconfig Path of cluster kubeconfig. + --workdir Home path for Go, vSphere information and antrea_logs during cluster setup. Default is $WORKDIR. + --testcase Windows install OVS, Conformance and Network Policy or Antrea e2e testcases on a Windows or Linux cluster. It can also be flexible ipam or multicast e2e test. + --registry The docker registry to use instead of dockerhub. + --proxyall Enable proxyAll to test AntreaProxy. + --testbed-type The testbed type to run tests. It can be flexible-ipam, jumper or legacy. + --ip-mode IP mode for flexible-ipam e2e test. Default is $DEFAULT_IP_MODE. It can also be ipv6 or ds. + --external-hosts-config-path The path of external host configuration file." function print_usage { echoerr "$_usage" @@ -78,6 +79,10 @@ case $key in KUBECONFIG_PATH="$2" shift 2 ;; + --external-hosts-config-path) + EXTERNAL_HOSTS_CONFIG_PATH="$2" + shift 2 + ;; --workdir) WORKDIR="$2" shift 2 @@ -120,6 +125,9 @@ if [[ "${IP_MODE}" != "${DEFAULT_IP_MODE}" && "${IP_MODE}" != "ipv6" && "${IP_MO echoerr "--ip-mode must be ipv4, ipv6 or ds" exit 1 fi + +EXTERNAL_HOSTS_CONFIG_PATH="ci/jenkins/external-hosts-config.yml" + if [[ "$WORKDIR" != "$DEFAULT_WORKDIR" && "$KUBECONFIG_PATH" == "$DEFAULT_KUBECONFIG_PATH" ]]; then KUBECONFIG_PATH=${WORKDIR}/.kube/config fi @@ -516,6 +524,21 @@ function deliver_antrea { fi } +function add_sshconfig_entry { + sshconfig_nodeip="$1" + sshconfig_nodename="$2" + cp ci/jenkins/ssh-config "${SSH_CONFIG_DST}.new" + sed -i "s/SSHCONFIGNODEIP/${sshconfig_nodeip}/g" "${SSH_CONFIG_DST}.new" + sed -i "s/SSHCONFIGNODENAME/${sshconfig_nodename}/g" "${SSH_CONFIG_DST}.new" + if [[ "${sshconfig_nodename}" =~ "win" ]]; then + sed -i "s/capv/administrator/g" "${SSH_CONFIG_DST}.new" + else + sed -i "s/capv/jenkins/g" "${SSH_CONFIG_DST}.new" + fi + echo " IdentityFile ${WORKDIR}/.ssh/id_rsa" >> "${SSH_CONFIG_DST}.new" + cat "${SSH_CONFIG_DST}.new" >> "${SSH_CONFIG_DST}" +} + function generate_ssh_config { echo "=== Generate ssh-config ===" SSH_CONFIG_DST="${WORKDIR}/.ssh/config" @@ -527,17 +550,14 @@ function generate_ssh_config { if [[ ! "${sshconfig_nodeip}" =~ ^[0-9]+(\.[0-9]+){3}$ ]];then sshconfig_nodeip="[${sshconfig_nodeip}]" fi - cp ci/jenkins/ssh-config "${SSH_CONFIG_DST}.new" - sed -i "s/SSHCONFIGNODEIP/${sshconfig_nodeip}/g" "${SSH_CONFIG_DST}.new" - sed -i "s/SSHCONFIGNODENAME/${sshconfig_nodename}/g" "${SSH_CONFIG_DST}.new" - if [[ "${sshconfig_nodename}" =~ "win" ]]; then - sed -i "s/capv/administrator/g" "${SSH_CONFIG_DST}.new" - else - sed -i "s/capv/jenkins/g" "${SSH_CONFIG_DST}.new" - fi - echo " IdentityFile ${WORKDIR}/.ssh/id_rsa" >> "${SSH_CONFIG_DST}.new" - cat "${SSH_CONFIG_DST}.new" >> "${SSH_CONFIG_DST}" + add_sshconfig_entry "$sshconfig_nodeip" "${sshconfig_nodename}" done + if [[ -n ${EXTERNAL_HOSTS_CONFIG_PATH} ]]; then + yq -r '.externalHosts.[] | {.name:.sshIP}' "$EXTERNAL_HOSTS_CONFIG_PATH" | while IFS=' :' read -r ssh_hostname ssh_ip; do + echo "adding ssh config for external host with hostname:$ssh_hostname and IP:$ssh_ip" + add_sshconfig_entry "$ssh_ip" "$ssh_hostname" + done + fi } function run_e2e { @@ -552,15 +572,17 @@ function run_e2e { mkdir -p "${WORKDIR}/.ssh" cp -f "${WORKDIR}/kube.conf" "${WORKDIR}/.kube/config" generate_ssh_config - + if [[ -n ${EXTERNAL_HOSTS_CONFIG_PATH} ]]; then + EXTERNAL_HOSTS_CONFIG_PATH="../../${EXTERNAL_HOSTS_CONFIG_PATH}" + fi set +e mkdir -p `pwd`/antrea-test-logs # HACK: see https://github.com/antrea-io/antrea/issues/2292 go mod edit -replace github.com/moby/spdystream=github.com/antoninbas/spdystream@v0.2.1 && go mod tidy if [[ $TESTBED_TYPE == "flexible-ipam" ]]; then - go test -v antrea.io/antrea/test/e2e --logs-export-dir `pwd`/antrea-test-logs --provider remote -timeout=100m --prometheus --antrea-ipam + go test -v antrea.io/antrea/test/e2e --logs-export-dir `pwd`/antrea-test-logs --external-hosts-config-path "$EXTERNAL_HOSTS_CONFIG_PATH" --provider remote -timeout=100m --prometheus --antrea-ipam else - go test -v antrea.io/antrea/test/e2e --logs-export-dir `pwd`/antrea-test-logs --provider remote -timeout=100m --prometheus + go test -run=TestMulticast -v antrea.io/antrea/test/e2e --logs-export-dir `pwd`/antrea-test-logs --external-hosts-config-path "$EXTERNAL_HOSTS_CONFIG_PATH" --provider remote -timeout=20m --prometheus fi if [[ "$?" != "0" ]]; then TEST_FAILURE=true @@ -614,10 +636,12 @@ function run_e2e_windows { mkdir -p "${WORKDIR}/.ssh" cp -f "${WORKDIR}/kube.conf" "${WORKDIR}/.kube/config" generate_ssh_config - + if [[ -n ${EXTERNAL_HOSTS_CONFIG_PATH} ]]; then + EXTERNAL_HOSTS_CONFIG_PATH="../../${EXTERNAL_HOSTS_CONFIG_PATH}" + fi set +e mkdir -p `pwd`/antrea-test-logs - go test -v antrea.io/antrea/test/e2e --logs-export-dir `pwd`/antrea-test-logs --provider remote -timeout=50m --prometheus + go test -v antrea.io/antrea/test/e2e --logs-export-dir `pwd`/antrea-test-logs --external-hosts-config-path "$EXTERNAL_HOSTS_CONFIG_PATH" --provider remote -timeout=50m --prometheus if [[ "$?" != "0" ]]; then TEST_FAILURE=true fi diff --git a/test/e2e/antreapolicy_test.go b/test/e2e/antreapolicy_test.go index 98f45b124c5..777fee43897 100644 --- a/test/e2e/antreapolicy_test.go +++ b/test/e2e/antreapolicy_test.go @@ -2987,12 +2987,11 @@ func testACNPIGMPQuery(t *testing.T, data *TestData, acnpName, caseName, groupAd testNamespace := data.testNamespace mc := multicastTestcase{ name: caseName, - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: false}, - receiverConfigs: []multicastTestPodConfig{{1, false}}, + receiverIndices: []int{1}, port: 3457, group: net.ParseIP(groupAddress), } - senderName, _, cleanupFunc := createAndWaitForPod(t, data, data.createMcJoinPodOnNode, "test-sender-", nodeName(mc.senderConfig.nodeIdx), testNamespace, mc.senderConfig.isHostNetwork) + senderName, _, cleanupFunc := createAndWaitForPod(t, data, data.createMcJoinPodOnNode, "test-sender-", nodeName(0), testNamespace, false) defer cleanupFunc() var wg sync.WaitGroup receiverNames, cleanupFuncs := setupReceivers(t, data, mc, mcjoinWaitTimeout, &wg) @@ -3006,11 +3005,11 @@ func testACNPIGMPQuery(t *testing.T, data *TestData, acnpName, caseName, groupAd data.RunCommandFromPod(testNamespace, senderName, mcjoinContainerName, sendMulticastCommand) }() - tcpdumpName, _, cleanupFunc := createAndWaitForPod(t, data, data.createNetshootPodOnNode, "test-tcpdump-", nodeName(mc.receiverConfigs[0].nodeIdx), testNamespace, true) + tcpdumpName, _, cleanupFunc := createAndWaitForPod(t, data, data.createNetshootPodOnNode, "test-tcpdump-", nodeName(mc.receiverIndices[0]), testNamespace, true) defer cleanupFunc() queryGroupAddress := "224.0.0.1" - cmd, err := generatePacketCaptureCmd(t, data, 15, queryGroupAddress, nodeName(mc.receiverConfigs[0].nodeIdx), receiverNames[0]) + cmd, err := generatePacketCaptureCmd(t, data, 15, queryGroupAddress, nodeName(mc.receiverIndices[0]), receiverNames[0]) if err != nil { t.Fatalf("failed to call generateConnCheckCmd: %v", err) } @@ -3073,12 +3072,11 @@ func testACNPMulticastEgress(t *testing.T, data *TestData, acnpName, caseName, g testNamespace := data.testNamespace mc := multicastTestcase{ name: caseName, - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: false}, - receiverConfigs: []multicastTestPodConfig{{1, false}}, + receiverIndices: []int{1}, port: 3457, group: net.ParseIP(groupAddress), } - senderName, _, cleanupFunc := createAndWaitForPod(t, data, data.createMcJoinPodOnNode, "test-sender-", nodeName(mc.senderConfig.nodeIdx), testNamespace, mc.senderConfig.isHostNetwork) + senderName, _, cleanupFunc := createAndWaitForPod(t, data, data.createMcJoinPodOnNode, "test-sender-", nodeName(0), testNamespace, false) defer cleanupFunc() var wg sync.WaitGroup receiverNames, cleanupFuncs := setupReceivers(t, data, mc, mcjoinWaitTimeout, &wg) @@ -3093,9 +3091,9 @@ func testACNPMulticastEgress(t *testing.T, data *TestData, acnpName, caseName, g data.RunCommandFromPod(testNamespace, senderName, mcjoinContainerName, sendMulticastCommand) }() // check if receiver can receive multicast packet - tcpdumpName, _, cleanupFunc := createAndWaitForPod(t, data, data.createNetshootPodOnNode, "test-tcpdump-", nodeName(mc.receiverConfigs[0].nodeIdx), testNamespace, true) + tcpdumpName, _, cleanupFunc := createAndWaitForPod(t, data, data.createNetshootPodOnNode, "test-tcpdump-", nodeName(mc.receiverIndices[0]), testNamespace, true) defer cleanupFunc() - cmd, err := generatePacketCaptureCmd(t, data, 5, mc.group.String(), nodeName(mc.receiverConfigs[0].nodeIdx), receiverNames[0]) + cmd, err := generatePacketCaptureCmd(t, data, 5, mc.group.String(), nodeName(mc.receiverIndices[0]), receiverNames[0]) if err != nil { t.Fatalf("failed to call generateConnCheckCmd: %v", err) } diff --git a/test/e2e/fixtures.go b/test/e2e/fixtures.go index 4c5b3e62b8e..d7ab58754a4 100644 --- a/test/e2e/fixtures.go +++ b/test/e2e/fixtures.go @@ -93,6 +93,12 @@ func skipIfNotIPv4Cluster(tb testing.TB) { } } +func skipIfNoExternalHosts(tb testing.TB) { + if len(externalHostInfo.hosts) == 0 { + tb.Skipf("Skipping test as it requires external hosts info but the external hosts info is not set") + } +} + func skipIfIPv6Cluster(tb testing.TB) { if clusterInfo.podV6NetworkCIDR != "" { tb.Skipf("Skipping test as it is not supported in IPv6 cluster") diff --git a/test/e2e/framework.go b/test/e2e/framework.go index ea5c97218c1..37acff12111 100644 --- a/test/e2e/framework.go +++ b/test/e2e/framework.go @@ -19,6 +19,7 @@ import ( "context" "encoding/json" "fmt" + "io/ioutil" "math/rand" "net" "os" @@ -154,6 +155,15 @@ type ClusterNode struct { os string } +type ExternalHost struct { + Name string `yaml:"name"` + Interfaces []ExternalHostInterface `yaml:"interfaces,flow"` +} + +type ExternalHostInterface struct { + Name string `name` +} + func (n ClusterNode) ip() string { if n.ipv4Addr != "" { return n.ipv4Addr @@ -180,17 +190,28 @@ type ClusterInfo struct { var clusterInfo ClusterInfo +type ExternalHostsConfig struct { + ExternalHosts []ExternalHost `yaml:"externalHosts,flow"` +} + +var externalHostInfo ExternalHostInfo + +type ExternalHostInfo struct { + hosts map[int]ExternalHost +} + type TestOptions struct { - providerName string - providerConfigPath string - logsExportDir string - logsExportOnSuccess bool - withBench bool - enableCoverage bool - enableAntreaIPAM bool - flowVisibility bool - coverageDir string - skipCases string + providerName string + providerConfigPath string + logsExportDir string + logsExportOnSuccess bool + withBench bool + enableCoverage bool + enableAntreaIPAM bool + flowVisibility bool + coverageDir string + skipCases string + externalHostsConfigPath string } var testOptions TestOptions @@ -359,6 +380,14 @@ func nodeName(idx int) string { return node.name } +func externalHostName(idx int) string { + host, ok := externalHostInfo.hosts[idx] + if !ok { + return "" + } + return host.Name +} + // nodeIP returns an empty string if there is no Node with the provided idx. If idx is 0, the IP // of the control-plane Node will be returned. func nodeIP(idx int) string { @@ -425,6 +454,29 @@ func (data *TestData) RunCommandOnNodeExt(nodeName, cmd string, envs map[string] return data.provider.RunCommandOnNodeExt(nodeName, cmd, envs, stdin, sudo) } +func (data *TestData) collectExternalHostsInfo(path string) error { + externalHostInfo = ExternalHostInfo{} + externalHostInfo.hosts = make(map[int]ExternalHost) + filePath, _ := filepath.Abs(path) + yamlFile, err := ioutil.ReadFile(filePath) + + if err != nil { + panic(err) + } + + var config ExternalHostsConfig + + err = yaml.Unmarshal(yamlFile, &config) + if err != nil { + panic(err) + } + for i, v := range config.ExternalHosts { + externalHostInfo.hosts[i] = v + fmt.Printf("The information of external host index %d is: %+v\n", i, externalHostInfo.hosts[i]) + } + return nil +} + func (data *TestData) collectClusterInfo() error { // retrieve K8s server version // this needs to be done first, as there may be dependencies on the diff --git a/test/e2e/main_test.go b/test/e2e/main_test.go index cad7fc67f0b..d05f8360990 100644 --- a/test/e2e/main_test.go +++ b/test/e2e/main_test.go @@ -75,6 +75,7 @@ func (tOptions *TestOptions) setupCoverage() func() { // testMain is meant to be called by TestMain and enables the use of defer statements. func testMain(m *testing.M) int { flag.StringVar(&testOptions.providerName, "provider", "vagrant", "K8s test cluster provider") + flag.StringVar(&testOptions.externalHostsConfigPath, "external-hosts-config-path", "", "Path of external hosts config file") flag.StringVar(&testOptions.providerConfigPath, "provider-cfg-path", "", "Optional config file for provider") flag.StringVar(&testOptions.logsExportDir, "logs-export-dir", "", "Export directory for test logs") flag.BoolVar(&testOptions.logsExportOnSuccess, "logs-export-on-success", false, "Export logs even when a test is successful") @@ -105,6 +106,12 @@ func testMain(m *testing.M) int { if err := testData.collectClusterInfo(); err != nil { log.Fatalf("Error when collecting information about K8s cluster: %v", err) } + if testOptions.externalHostsConfigPath != "" { + log.Println("Collecting external information about K8s cluster") + if err := testData.collectExternalHostsInfo(testOptions.externalHostsConfigPath); err != nil { + log.Fatalf("Error when collecting information about external hosts: %v", err) + } + } if clusterInfo.podV4NetworkCIDR != "" { log.Printf("Pod IPv4 network: '%s'", clusterInfo.podV4NetworkCIDR) } diff --git a/test/e2e/multicast_test.go b/test/e2e/multicast_test.go index 136e9e43d6f..66b9999b951 100644 --- a/test/e2e/multicast_test.go +++ b/test/e2e/multicast_test.go @@ -40,6 +40,8 @@ func skipIfMulticastDisabled(tb testing.TB) { } var igmpQueryType = int32(0x11) +var externalHostIdx = 0 +var externalHostIface string func TestMulticast(t *testing.T) { skipIfHasWindowsNodes(t) @@ -56,86 +58,115 @@ func TestMulticast(t *testing.T) { if err != nil { t.Fatalf("Error computing multicast interfaces: %v", err) } - t.Run("testMulticastBetweenPodsInTwoNodes", func(t *testing.T) { + externalHostIface, err = getMulticastExternalHostIface(externalHostIdx) + if err != nil { + t.Fatalf("Error getting external host interface: %v", err) + } + t.Run("testMulticastWithNoEncap", func(t *testing.T) { + runMulticastTestCases(t, data, nodeMulticastInterfaces) + }) +} + +func runMulticastTestCases(t *testing.T, data *TestData, nodeMulticastInterfaces map[int][]string) { + t.Run("testMulticastBetweenPodsInTwoNodesWithExternalHost", func(t *testing.T) { + skipIfNoExternalHosts(t) + skipIfNumNodesLessThan(t, 2) + testcases := []multicastTestcase{ + { + name: "testMulticastTrafficFromExternal", + receiverIndices: []int{0}, + externalReceiver: false, + externalSender: true, + port: 3458, + group: net.ParseIP("224.3.4.7"), + }, + { + name: "testMulticastTrafficToExternal", + receiverIndices: []int{0}, + externalReceiver: true, + externalSender: false, + port: 3459, + group: net.ParseIP("224.3.4.8"), + }, + } + for _, mc := range testcases { + mc := mc + t.Run(mc.name, func(t *testing.T) { + // t.Parallel() + runTestMulticastBetweenPods(t, data, mc, nodeMulticastInterfaces) + }) + } + }) + t.Run("testMulticastBetweenPodsInThreeNodesWithExternalHost", func(t *testing.T) { + skipIfNoExternalHosts(t) + skipIfNumNodesLessThan(t, 3) + testcases := []multicastTestcase{ + { + name: "testMulticastMultipleReceiversTrafficToExternal", + receiverIndices: []int{1, 2}, + externalReceiver: true, + externalSender: false, + port: 3463, + group: net.ParseIP("224.3.4.12"), + }, + } + for _, mc := range testcases { + mc := mc + t.Run(mc.name, func(t *testing.T) { + // t.Parallel() + runTestMulticastBetweenPods(t, data, mc, nodeMulticastInterfaces) + }) + } + }) + t.Run("testMulticastBetweenPodsInTwoNodesInCluster", func(t *testing.T) { skipIfNumNodesLessThan(t, 2) testcases := []multicastTestcase{ { name: "testMulticastForLocalPods", - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: false}, - receiverConfigs: []multicastTestPodConfig{{0, false}}, + receiverIndices: []int{0}, port: 3456, group: net.ParseIP("224.3.4.5"), }, { name: "testMulticastForInterNodePods", - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: false}, - receiverConfigs: []multicastTestPodConfig{{1, false}}, + receiverIndices: []int{1}, port: 3457, group: net.ParseIP("224.3.4.6"), }, - { - name: "testMulticastTrafficFromExternal", - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: true}, - receiverConfigs: []multicastTestPodConfig{{1, false}}, - port: 3458, - group: net.ParseIP("224.3.4.7"), - }, - { - name: "testMulticastTrafficToExternal", - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: false}, - receiverConfigs: []multicastTestPodConfig{{1, true}}, - port: 3459, - group: net.ParseIP("224.3.4.8"), - }, } for _, mc := range testcases { mc := mc t.Run(mc.name, func(t *testing.T) { - t.Parallel() + // t.Parallel() runTestMulticastBetweenPods(t, data, mc, nodeMulticastInterfaces) }) } }) - t.Run("testMulticastBetweenPodsInThreeNodes", func(t *testing.T) { + t.Run("testMulticastBetweenPodsInThreeNodesInCluster", func(t *testing.T) { skipIfNumNodesLessThan(t, 3) testcases := []multicastTestcase{ { name: "testMulticastMultipleReceiversOnSameNode", - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: false}, - receiverConfigs: []multicastTestPodConfig{{0, false}, {0, false}}, + receiverIndices: []int{0, 0}, port: 3460, group: net.ParseIP("224.3.4.9"), }, { name: "testMulticastMultipleReceiversForInterNodePods", - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: false}, - receiverConfigs: []multicastTestPodConfig{{1, false}, {2, false}}, + receiverIndices: []int{1, 2}, port: 3461, group: net.ParseIP("224.3.4.10"), }, - { - name: "testMulticastMultipleReceiversTrafficFromExternal", - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: true}, - receiverConfigs: []multicastTestPodConfig{{1, false}, {2, true}}, - port: 3462, - group: net.ParseIP("224.3.4.11"), - }, - { - name: "testMulticastMultipleReceiversTrafficToExternal", - senderConfig: multicastTestPodConfig{nodeIdx: 0, isHostNetwork: false}, - receiverConfigs: []multicastTestPodConfig{{1, true}, {2, false}}, - port: 3463, - group: net.ParseIP("224.3.4.12"), - }, } for _, mc := range testcases { mc := mc t.Run(mc.name, func(t *testing.T) { - t.Parallel() + // t.Parallel() runTestMulticastBetweenPods(t, data, mc, nodeMulticastInterfaces) }) } }) + t.Run("testMulticastForwardToMultipleInterfaces", func(t *testing.T) { multipleInterfacesFound := false var nodeIdx int @@ -264,17 +295,13 @@ func TestMulticast(t *testing.T) { }) } -type multicastTestPodConfig struct { - nodeIdx int - isHostNetwork bool -} - type multicastTestcase struct { - name string - senderConfig multicastTestPodConfig - receiverConfigs []multicastTestPodConfig - port int - group net.IP + name string + receiverIndices []int + port int + externalReceiver bool + externalSender bool + group net.IP } type multicastStatsTestcase struct { @@ -365,6 +392,8 @@ func testMulticastStatsWithSendersReceivers(t *testing.T, data *TestData, mc mul if err != nil { t.Fatalf("Error when waiting for ANP %s to be realized: %v", np.Name, err) } + defer data.DeleteANP(data.testNamespace, np.Name) + } for _, anp := range mc.igmpANPConfigs { @@ -403,6 +432,7 @@ func testMulticastStatsWithSendersReceivers(t *testing.T, data *TestData, mc mul if err != nil { t.Fatalf("Error when waiting for ANP %s released: %v", np.Name, err) } + defer data.DeleteANP(data.testNamespace, np.Name) } for _, receiverConfig := range mc.receiverConfigs { @@ -556,59 +586,56 @@ func testMulticastForwardToMultipleInterfaces(t *testing.T, data *TestData, send } } +// This test assumes there is only one multicast sender in the network, +// which can be a pod sender located in a node with multiple multicast interfaces(if no node has more than one external interface, it defaults to the first node) +// or a sender from an external host. func runTestMulticastBetweenPods(t *testing.T, data *TestData, mc multicastTestcase, nodeMulticastInterfaces map[int][]string) { + var multipleMcastIfaceNodeIdx = 0 + for nodeIdx, iface := range nodeMulticastInterfaces { + if len(iface) > 1 { + multipleMcastIfaceNodeIdx = nodeIdx + } + } mcjoinWaitTimeout := defaultTimeout / time.Second gatewayInterface, err := data.GetGatewayInterfaceName(antreaNamespace) failOnError(err, t) - senderName, _, cleanupFunc := createAndWaitForPod(t, data, data.createMcJoinPodOnNode, "test-sender-", nodeName(mc.senderConfig.nodeIdx), data.testNamespace, mc.senderConfig.isHostNetwork) - defer cleanupFunc() + var wg sync.WaitGroup _, cleanupFuncs := setupReceivers(t, data, mc, mcjoinWaitTimeout, &wg) for _, cleanupFunc := range cleanupFuncs { defer cleanupFunc() } - // Wait 2 seconds(-w 2) before sending multicast traffic. - // It sends two multicast packets for every second(-f 500 means it takes 500 milliseconds for sending one packet). - sendMulticastCommand := []string{"/bin/sh", "-c", fmt.Sprintf("mcjoin -f 500 -o -p %d -s -t 3 -w 2 -W %d %s", mc.port, mcjoinWaitTimeout, mc.group.String())} - go func() { - data.RunCommandFromPod(data.testNamespace, senderName, mcjoinContainerName, sendMulticastCommand) - }() + cleanupFunc := setupSender(t, data, mc, mcjoinWaitTimeout, multipleMcastIfaceNodeIdx) + defer cleanupFunc() readyReceivers := sets.NewInt() - senderReady := false if err := wait.Poll(3*time.Second, defaultTimeout, func() (bool, error) { - if !senderReady { + if !mc.externalSender { + _, mrouteResult, _, err := data.RunCommandOnNode(nodeName(multipleMcastIfaceNodeIdx), fmt.Sprintf("ip mroute show to %s iif %s | grep '%s'", mc.group.String(), gatewayInterface, strings.Join(nodeMulticastInterfaces[multipleMcastIfaceNodeIdx], " "))) // Sender pods should add an outbound multicast route except running as HostNetwork. - _, mrouteResult, _, err := data.RunCommandOnNode(nodeName(mc.senderConfig.nodeIdx), fmt.Sprintf("ip mroute show to %s iif %s | grep '%s'", mc.group.String(), gatewayInterface, strings.Join(nodeMulticastInterfaces[mc.senderConfig.nodeIdx], " "))) if err != nil { return false, err } - if !mc.senderConfig.isHostNetwork { - if len(mrouteResult) == 0 { - return false, nil - } - } else { - if len(mrouteResult) != 0 { - return false, nil - } + if len(mrouteResult) == 0 { + return false, nil } - senderReady = true } - // Check inbound multicast route and whether multicast interfaces has joined the multicast group. - for _, receiver := range mc.receiverConfigs { - if readyReceivers.Has(receiver.nodeIdx) { + for _, receiverIdx := range mc.receiverIndices { + if readyReceivers.Has(receiverIdx) { continue } - for _, receiverMulticastInterface := range nodeMulticastInterfaces[receiver.nodeIdx] { - _, mRouteResult, _, err := data.RunCommandOnNode(nodeName(receiver.nodeIdx), fmt.Sprintf("ip mroute show to %s iif %s ", mc.group.String(), receiverMulticastInterface)) + for _, receiverMulticastInterface := range nodeMulticastInterfaces[receiverIdx] { + + _, mRouteResult, _, err := data.RunCommandOnNode(nodeName(receiverIdx), fmt.Sprintf("ip mroute show to %s iif %s ", mc.group.String(), receiverMulticastInterface)) if err != nil { return false, err } - // If multicast traffic is sent from non-HostNetwork pods and senders-receivers are located in different nodes, - // the receivers should configure corresponding inbound multicast routes. - if mc.senderConfig.nodeIdx != receiver.nodeIdx && !receiver.isHostNetwork { + // If multicast traffic is sent from an external host, the multicast route will be configured on the sender node because the sender node + // and external host connect to the same gateway. + // If sender-receivers are located in different nodes, the receivers should configure corresponding inbound multicast routes. + if (mc.externalSender && receiverIdx == multipleMcastIfaceNodeIdx && receiverMulticastInterface == externalHostIface) || (!mc.externalSender && receiverIdx != multipleMcastIfaceNodeIdx) { if len(mRouteResult) == 0 { return false, nil } @@ -617,24 +644,18 @@ func runTestMulticastBetweenPods(t *testing.T, data *TestData, mc multicastTestc return false, nil } } - _, mAddrResult, _, err := data.RunCommandOnNode(nodeName(receiver.nodeIdx), fmt.Sprintf("ip maddr show %s | grep %s", receiverMulticastInterface, mc.group.String())) + _, mAddrResult, _, err := data.RunCommandOnNode(nodeName(receiverIdx), fmt.Sprintf("ip maddr show %s | grep %s", receiverMulticastInterface, mc.group.String())) if err != nil { return false, err } // The receivers should also join multicast group. // Note that in HostNetwork mode, the "join multicast" action is taken by mcjoin, // which will not persist after mcjoin exits. - if !receiver.isHostNetwork { - if len(mAddrResult) == 0 { - return false, nil - } - } else { - if len(mAddrResult) != 0 { - return false, nil - } + if len(mAddrResult) == 0 { + return false, nil } } - readyReceivers = readyReceivers.Insert(receiver.nodeIdx) + readyReceivers = readyReceivers.Insert(receiverIdx) } return true, nil }); err != nil { @@ -643,11 +664,28 @@ func runTestMulticastBetweenPods(t *testing.T, data *TestData, mc multicastTestc wg.Wait() } +func setupSender(t *testing.T, data *TestData, mc multicastTestcase, mcjoinWaitTimeout time.Duration, senderNodeIdx int) func() { + senderName, _, cleanupFunc := createAndWaitForPod(t, data, data.createMcJoinPodOnNode, "test-sender-", nodeName(senderNodeIdx), data.testNamespace, false) + + go func() { + if mc.externalSender { + // Wait 2 seconds(-w 2) before sending multicast traffic. + // It sends two multicast packets for every second(-f 500 means it takes 500 milliseconds for sending one packet). + data.RunCommandOnNode(externalHostName(externalHostIdx), fmt.Sprintf("mcjoin -i %s -f 500 -o -p %d -s -t 30 -w 2 -W %d %s", externalHostIface, mc.port, mcjoinWaitTimeout, mc.group.String())) + } else { + sendMulticastCommand := []string{"/bin/sh", "-c", fmt.Sprintf("mcjoin -f 500 -o -p %d -s -t 30 -w 2 -W %d %s", mc.port, mcjoinWaitTimeout, mc.group.String())} + data.RunCommandFromPod(data.testNamespace, senderName, mcjoinContainerName, sendMulticastCommand) + } + }() + + return cleanupFunc +} + func setupReceivers(t *testing.T, data *TestData, mc multicastTestcase, mcjoinWaitTimeout time.Duration, wg *sync.WaitGroup) ([]string, []func()) { receiverNames := make([]string, 0) cleanupFuncs := []func(){} - for _, receiver := range mc.receiverConfigs { - receiverName, _, cleanupFunc := createAndWaitForPod(t, data, data.createMcJoinPodOnNode, "test-receiver-", nodeName(receiver.nodeIdx), data.testNamespace, receiver.isHostNetwork) + for _, receiverIdx := range mc.receiverIndices { + receiverName, _, cleanupFunc := createAndWaitForPod(t, data, data.createMcJoinPodOnNode, "test-receiver-", nodeName(receiverIdx), data.testNamespace, false) receiverNames = append(receiverNames, receiverName) cleanupFuncs = append(cleanupFuncs, cleanupFunc) } @@ -665,6 +703,15 @@ func setupReceivers(t *testing.T, data *TestData, mc multicastTestcase, mcjoinWa assert.Contains(t, res, "Total: 10 packets") }() } + if mc.externalReceiver { + wg.Add(1) + go func() { + defer wg.Done() + _, res, _, err := data.RunCommandOnNode(externalHostName(externalHostIdx), fmt.Sprintf("mcjoin -i %s -c 10 -o -p %d -W %d %s", externalHostIface, mc.port, mcjoinWaitTimeout, mc.group.String())) + failOnError(err, t) + assert.Contains(t, res, "Total: 10 packets") + }() + } return receiverNames, cleanupFuncs } @@ -707,3 +754,14 @@ func checkAntctlResult(t *testing.T, data *TestData, antreaPodName, containerPod match, _ := regexp.MatchString(fmt.Sprintf("%s[[:space:]]+%s[[:space:]]+%d[[:space:]]+%d", data.testNamespace, containerPodName, inbound, outbound), strings.TrimSpace(stdout)) return match, nil } + +func getMulticastExternalHostIface(externalHostIdx int) (string, error) { + host, ok := externalHostInfo.hosts[externalHostIdx] + if !ok { + return "", fmt.Errorf("cannot find external host with index %d", externalHostIdx) + } + for _, i := range host.Interfaces { + return i.Name, nil + } + return "", fmt.Errorf("failed to get interface for external host %s", host.Name) +}