Run e2e,integration tests against supported kubernetes versions (kube…

…-rs#924) * Run e2e tests against supported kubernetes versions As part of Kubernetes version policies proposed in kube-rs/website#19 for kube-rs#684 Signed-off-by: clux <[email protected]> * add integration tests as specific job to run it against mk8sv Signed-off-by: clux <[email protected]> * rename tests and try to fix integration Signed-off-by: clux <[email protected]> * fix k3d args? Signed-off-by: clux <[email protected]> * fix e2e Signed-off-by: clux <[email protected]> * test against v1.19 Signed-off-by: clux <[email protected]> * badge update Signed-off-by: clux <[email protected]> * s/MINK8SV/MK8SV Signed-off-by: clux <[email protected]> * Big e2e rework (WIP) Now two e2e tests, and more feature combinations. Signed-off-by: clux <[email protected]> * avoid rustls local due to the issues Signed-off-by: clux <[email protected]> * split e2e tests into own file and clean up when to matrix Signed-off-by: clux <[email protected]> * running bump-k8s also bumps mk8sv Signed-off-by: clux <[email protected]> * avoid illegal anchors and add badge bumping Signed-off-by: clux <[email protected]> * better version checks for mk8sv and msrv on ci Signed-off-by: clux <[email protected]> * move some ci around for consistency in naming Signed-off-by: clux <[email protected]> * stray command Signed-off-by: clux <[email protected]> * fix syntax errors? Signed-off-by: clux <[email protected]> * fix test warning from kube-derive after apiext removal Signed-off-by: clux <[email protected]> * evars from tests Signed-off-by: clux <[email protected]> * better run description on integration jobs Signed-off-by: clux <[email protected]> * better output for flaky integration test Signed-off-by: clux <[email protected]> * fmt + give test more time? Signed-off-by: clux <[email protected]> * sanity after timeout. seems likely cause. Signed-off-by: clux <[email protected]> * no need for an agent in k3d cmd Signed-off-by: clux <[email protected]> * how slow is this actions cluster? Signed-off-by: clux <[email protected]> * re-trigger once more to check * apiserver, are you ok? Signed-off-by: clux <[email protected]> * another empty commit to retrigger Signed-off-by: clux <[email protected]> * remove duplicate changes from kube-rs#924 (won't build until that is merged) Signed-off-by: clux <[email protected]>
Danil-Grigorev · Jun 19, 2022 · f99140e · f99140e
1 parent 4bb19fb
commit f99140e
Show file tree

Hide file tree

Showing 18 changed files with 363 additions and 200 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,9 +1,12 @@
-name: CI
+name: test
 on:
   pull_request:
 
+env:
+  RUST_BACKTRACE: 1
+
 jobs:
-  cargo-test:
+  unit:
     strategy:
       # Prevent GitHub from cancelling all in-progress jobs when a matrix job fails.
       fail-fast: false
@@ -66,7 +69,7 @@ jobs:
         run: cargo test -p kube-examples --example crd_derive_no_schema --no-default-features --features=openssl-tls,latest
         if: matrix.os == 'ubuntu-latest'
 
-  check-msrv:
+  msrv:
     # Run `cargo check` on our minimum supported Rust version
     runs-on: ubuntu-latest
     steps:
@@ -89,6 +92,18 @@ jobs:
         command: check
         args: --all
 
+    - name: Check rust-version keys matches MSRV consistently
+      run: |
+        if [[ $(cat ./*/Cargo.toml | grep "rust-version" | uniq | wc -l) -gt 1 ]]; then
+          echo "inconsistent rust-version keys set in various kube-crates:"
+          rg "rust-version" ./*/Cargo.toml
+          exit 1
+        fi
+        if ! cat kube/Cargo.toml | grep "rust-version" | grep "${{ steps.msrv.outputs.msrv }}"; then
+          echo "msrv policy inconsistent with rust-version key"
+          exit 1
+        fi
+
     - name: Check devcontainer matches MSRV
       run: |
         versions=$(sed -nE 's|^FROM (.*/)?rust:([^ ]+)|\2|p' .devcontainer/Dockerfile)
@@ -100,86 +115,170 @@ jobs:
           exit 1
         fi
 
-  e2e:
-    # e2e tests are docker on linux
+  integration:
     runs-on: ubuntu-latest
+    strategy:
+      # Prevent GitHub from cancelling all in-progress jobs when a matrix job fails.
+      fail-fast: false
+      matrix:
+        # Run these tests against older clusters as well
+        k8s: [v1.19, latest]
     steps:
       - uses: actions/checkout@v2
+      - uses: actions-rs/toolchain@v1
+        with:
+          override: true
+          toolchain: stable
+          profile: minimal
+      # Smart caching for Rust projects.
+      # Includes workaround for macos cache corruption.
+      # - https://github.com/rust-lang/cargo/issues/8603
+      # - https://github.com/actions/cache/issues/403
+      - uses: Swatinem/rust-cache@v1
+
+      - uses: nolar/setup-k3d-k3s@v1
+        with:
+          version: ${{matrix.k8s}}
+          # k3d-kube
+          k3d-name: kube
+          # Used to avoid rate limits when fetching the releases from k3s repo.
+          # Anonymous access is limited to 60 requests / hour / worker
+          # github-token: ${{ secrets.GITHUB_TOKEN }}
+          k3d-args: "--no-lb --k3s-arg --no-deploy=traefik,servicelb,metrics-server@server:*"
+
+      # Real CI work starts here
+      - name: Build workspace
+        run: cargo build
+
+      # Run the equivalent of `just integration`
+      - name: Run all default features integration library tests
+        run: cargo test --lib --all -- --ignored
+      - name: Run all facade integration library tests with extra features
+        run: cargo test -p kube --lib --features=derive,runtime -- --ignored --nocapture
+      - name: Run all client integration library tests with rustls and ws
+        run: cargo test -p kube-client --lib --features=rustls-tls,ws -- --ignored
+      - name: Run derive example tests
+        run: cargo run -p kube-examples --example crd_derive
+      - name: Run crd example tests
+        run: cargo run -p kube-examples --example crd_api
+
+
+  mk8sv:
+    # comile check e2e tests against mk8sv
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Find MK8SV
+        id: mk8sv
+        run: |
+          MK8SV=$(grep MK8SV README.md | grep -oE "[[:digit:]]+\.[[:digit:]]+" | head -n 1)
+          echo $MK8SV
+          echo ::set-output name=mk8sv::${MK8SV}
+          echo ::set-output name=mk8svdash::v${MK8SV/\./_}
+
+      - name: Check ci jobs run against advertised MK8SV
+        run: |
+          if ! grep "${{ steps.mk8sv.outputs.mk8sv }}" -q .github/workflows/ci.yml; then
+            echo "mk8sv not set correctly in tests"
+            exit 1
+          fi
+          if ! grep "${{ steps.mk8sv.outputs.mk8svdash }}" e2e/Cargo.toml | grep mk8sv; then
+            echo "mk8sv not set correctly in e2e features"
+            exit 1
+          fi
+
+      - uses: actions-rs/toolchain@v1
+        with:
+          override: true
+          toolchain: stable
+          profile: minimal
+      # Smart caching for Rust projects.
+      # Includes workaround for macos cache corruption.
+      # - https://github.com/rust-lang/cargo/issues/8603
+      # - https://github.com/actions/cache/issues/403
+      - uses: Swatinem/rust-cache@v1
 
+      - uses: nolar/setup-k3d-k3s@v1
+        with:
+          version: v1.19
+          # k3d-kube
+          k3d-name: kube
+          # Used to avoid rate limits when fetching the releases from k3s repo.
+          # Anonymous access is limited to 60 requests / hour / worker
+          # github-token: ${{ secrets.GITHUB_TOKEN }}
+          k3d-args: "--no-lb --k3s-arg --no-deploy=traefik,servicelb,metrics-server@server:*"
+
+      # Real CI work starts here
+      - name: Build workspace
+        run: cargo build
+
+      - name: boot openssl, latest k8s
+        run: cargo run -p e2e --bin boot --features=openssl,latest
+      - name: boot openssl, minimum supported k8s
+        run: cargo run -p e2e --bin boot --features=openssl,mk8sv
+      # no rustls local yet: https://github.com/kube-rs/kube-rs/issues/153
+      # we could edit kubeconfig and /etc/hosts to have the following lines:
+      # /etc/hosts: 127.0.0.1       k3d.local
+      # kubeconfig:     server: https://k3d.local:36729 (e.g. swap out 0.0.0.0 under cluster)
+      # Together, that makes it work locally. Maybe that can be done with some k3d-args to host-aliases.
+      #- name: boot rustls, latest k8s
+      #  run: cargo run -p e2e --bin boot --features=rustls,latest
+      #- name: boot rustls, minimum supported k8s
+      #  run: cargo run -p e2e --bin boot --features=rustls,mk8sv
+
+  in-cluster:
+    # in-cluster e2e via docker on linux
+    runs-on: ubuntu-latest
+    strategy:
+      # Prevent GitHub from cancelling all in-progress jobs when a matrix job fails.
+      fail-fast: false
+      matrix:
+        tls: [openssl, rustls]
+    steps:
+      - uses: actions/checkout@v2
       - uses: actions/cache@v2
         with:
           path: |
             ~/.cargo/registry/index
             ~/.cargo/registry/cache
             ~/.cargo/git
             target
-          key: musl-cargo-${{ hashFiles('**/Cargo.toml') }}
+          key: musl-cargo-${{ hashFiles('**/Cargo.toml') }}-${{matrix.tls}}
 
       - uses: nolar/setup-k3d-k3s@v1
         with:
-          version: v1.20
+          version: latest
           # k3d-kube
           k3d-name: kube
           # Used to avoid rate limits when fetching the releases from k3s repo.
           # Anonymous access is limited to 60 requests / hour / worker
           # github-token: ${{ secrets.GITHUB_TOKEN }}
+          k3d-args: "--no-lb --k3s-arg --no-deploy=traefik,servicelb,metrics-server@server:*"
 
-      - name: Compile dapp
+      - name: Compile e2e job against ${{matrix.tls}}
         run: |
           mkdir -p ~/.cargo/{git,registry}
           docker run --rm -t \
               --mount type=bind,source=${{ github.workspace }},target=/volume \
               --mount type=bind,source=$HOME/.cargo/registry,target=/root/.cargo/registry \
               --mount type=bind,source=$HOME/.cargo/git,target=/root/.cargo/git \
               clux/muslrust:stable \
-              cargo build -p e2e --release -v
-          cp target/x86_64-unknown-linux-musl/release/dapp e2e/
+              cargo build -p e2e --release --bin=job --features=latest,${{matrix.tls}} -v
+          cp target/x86_64-unknown-linux-musl/release/job e2e/
 
       - name: Build image
-        run: "docker build -t clux/kube-dapp:${{ github.sha }} e2e/"
+        run: "docker build -t clux/kube-e2e:${{ github.sha }} e2e/"
       - name: Import image
-        run: "k3d image import clux/kube-dapp:${{ github.sha }} --cluster kube"
+        run: "k3d image import clux/kube-e2e:${{ github.sha }} --cluster kube"
       - run: sed -i 's/latest/${{ github.sha }}/g' e2e/deployment.yaml
 
       - name: Create resource
         run: kubectl apply -f e2e/deployment.yaml -n apps
       - run: kubectl get all -n apps
-      - run: kubectl describe jobs/dapp -n apps
+      - run: kubectl describe jobs/e2e -n apps
       - name: Wait for job to complete
         run: |
-          kubectl wait --for=condition=complete job/dapp -n apps --timeout=50s || kubectl logs -f job/dapp -n apps
+          kubectl wait --for=condition=complete job/e2e -n apps --timeout=50s || kubectl logs -f job/e2e -n apps
           kubectl get all -n apps
-          kubectl wait --for=condition=complete job/dapp -n apps --timeout=10s || kubectl get pods -n apps | grep dapp | grep Completed
-
-  cargo-deny:
-    name: Run cargo deny
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        checks:
-          - advisories
-          - bans licenses sources
-
-    # Prevent sudden announcement of a new advisory from failing ci:
-    continue-on-error: ${{ matrix.checks == 'advisories' }}
-
-    steps:
-      - uses: actions/checkout@v2
-      - uses: EmbarkStudios/cargo-deny-action@v1
-        with:
-          command: check ${{ matrix.checks }}
-
-  rustfmt:
-    name: Run rustfmt
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions-rs/[email protected]
-        with:
-          profile: minimal
-          toolchain: nightly
-          components: rustfmt
-          override: true
-      - name: Run rustfmt
-        id: rustfmt
-        run: rustfmt +nightly --edition 2018 --check $(find . -type f -iname *.rs)
+          kubectl wait --for=condition=complete job/e2e -n apps --timeout=10s || kubectl get pods -n apps | grep e2e | grep Completed
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
@@ -1,4 +1,4 @@
-name: Coverage
+name: coverage
 
 on:
   push:
@@ -7,7 +7,7 @@ on:
   pull_request:
 
 jobs:
-  rust:
+  tarpaulin-codecov:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout

diff --git a/.github/workflows/devcontainer.yml b/.github/workflows/devcontainer.yml
@@ -1,4 +1,4 @@
-name: Devcontainer
+name: devcontainer
 
 # When a pull request is opened that changes the Devcontainer configuration,
 # ensure that the container continues to build properly.

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -0,0 +1,37 @@
+name: lint
+on:
+  pull_request:
+
+jobs:
+  cargo-deny:
+    name: cargo deny
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        checks:
+          - advisories
+          - bans licenses sources
+
+    # Prevent sudden announcement of a new advisory from failing ci:
+    continue-on-error: ${{ matrix.checks == 'advisories' }}
+
+    steps:
+      - uses: actions/checkout@v2
+      - uses: EmbarkStudios/cargo-deny-action@v1
+        with:
+          command: check ${{ matrix.checks }}
+
+  rustfmt:
+    name: rustfmt
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions-rs/[email protected]
+        with:
+          profile: minimal
+          toolchain: nightly
+          components: rustfmt
+          override: true
+      - name: Run rustfmt
+        id: rustfmt
+        run: rustfmt +nightly --edition 2018 --check $(find . -type f -iname *.rs)
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,4 +1,4 @@
-name: Release
+name: release
 
 on:
   push:
@@ -8,6 +8,7 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
+    if: ${{ github.repository_owner == 'kube-rs' }}
     steps:
       - name: Checkout
         uses: actions/checkout@v2

diff --git a/.gitignore b/.gitignore
@@ -3,7 +3,8 @@
 /target
 **/*.rs.bk
 Cargo.lock
-integration/dapp
+e2e/boot
+e2e/job
 examples/admission-controller-tls*
 examples/admission_extfile.cnf
 examples/ca.*

diff --git a/README.md b/README.md
@@ -2,10 +2,9 @@
 
 [![Crates.io](https://img.shields.io/crates/v/kube.svg)](https://crates.io/crates/kube)
 [![Rust 1.60](https://img.shields.io/badge/MSRV-1.60-dea584.svg)](https://github.com/rust-lang/rust/releases/tag/1.60.0)
-[![Discord chat](https://img.shields.io/discord/500028886025895936.svg?logo=discord&style=plastic)](https://discord.gg/tokio)
-[![Client Capabilities](https://img.shields.io/badge/Kubernetes%20client-Silver-blue.svg?style=plastic&colorB=C0C0C0&colorA=306CE8)](https://github.com/kubernetes/design-proposals-archive/blob/main/api-machinery/csi-new-client-library-procedure.md#client-capabilities)
-[![Client Support Level](https://img.shields.io/badge/kubernetes%20client-beta-green.svg?style=plastic&colorA=306CE8)](https://github.com/kubernetes/design-proposals-archive/blob/main/api-machinery/csi-new-client-library-procedure.md#client-support-level)
+[![Tested against Kubernetes 1.19 and above](https://img.shields.io/badge/MK8SV-1.19-326ce5.svg)](https://kube.rs/kubernetes-version)
 [![Best Practices](https://bestpractices.coreinfrastructure.org/projects/5413/badge)](https://bestpractices.coreinfrastructure.org/projects/5413)
+[![Discord chat](https://img.shields.io/discord/500028886025895936.svg?logo=discord&style=plastic)](https://discord.gg/tokio)
 
 A [Rust](https://rust-lang.org/) client for [Kubernetes](http://kubernetes.io) in the style of a more generic [client-go](https://github.com/kubernetes/client-go), a runtime abstraction inspired by [controller-runtime](https://github.com/kubernetes-sigs/controller-runtime), and a derive macro for [CRDs](https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/) inspired by [kubebuilder](https://book.kubebuilder.io/reference/generating-crd.html). Hosted by [CNCF](https://cncf.io/) as a [Sandbox Project](https://www.cncf.io/sandbox-projects/)
 
@@ -149,7 +148,7 @@ Here `reconcile` and `error_policy` refer to functions you define. The first wil
 
 ## Rustls
 
-Kube has basic support ([with caveats](https://github.com/kube-rs/kube-rs/issues?q=is%3Aissue+is%3Aopen+rustls)) for [rustls](https://github.com/ctz/rustls) as a replacement for the `openssl` dependency. To use this, turn off default features, and enable `rustls-tls`:
+Kube has basic support ([with caveats](https://github.com/kube-rs/kube-rs/issues?q=is%3Aopen+is%3Aissue+label%3Arustls)) for [rustls](https://github.com/ctz/rustls) as a replacement for the `openssl` dependency. To use this, turn off default features, and enable `rustls-tls`:
 
 ```toml
 [dependencies]

diff --git a/e2e/Cargo.toml b/e2e/Cargo.toml
@@ -10,15 +10,25 @@ license = "Apache-2.0"
 release = false
 
 [[bin]]
-name = "dapp"
-path = "dapp.rs"
+name = "job"
+path = "job.rs"
+
+[[bin]]
+name = "boot"
+path = "boot.rs"
+
+[features]
+latest = ["k8s-openapi/v1_24"]
+mk8sv = ["k8s-openapi/v1_19"]
+rustls = ["kube/rustls-tls"]
+openssl = ["kube/openssl-tls"]
 
 [dependencies]
 anyhow = "1.0.44"
-env_logger = "0.9.0"
+tracing = "0.1.29"
+tracing-subscriber = "0.3.3"
 futures = "0.3.17"
-kube = { path = "../kube", version = "^0.73.0", default-features = false, features = ["client", "rustls-tls"] }
-k8s-openapi = { version = "0.15.0", features = ["v1_24"], default-features = false }
-log = "0.4.11"
+kube = { path = "../kube", version = "^0.73.0", default-features = false, features = ["client", "runtime", "ws", "admission", "gzip"] }
+k8s-openapi = { version = "0.15.0", default-features = false }
 serde_json = "1.0.68"
 tokio = { version = "1.14.0", features = ["full"] }