Skip to content

✨OPRUN-3873: Add e2e tests for NetworkPolicies #2013

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

✨OPRUN-3873: Add e2e tests for NetworkPolicies #2013

wants to merge 1 commit into from

Conversation

anik120
Copy link
Contributor

@anik120 anik120 commented Jun 5, 2025

Description

Reviewer Checklist

  • API Go Documentation
  • Tests: Unit Tests (and E2E Tests, if appropriate)
  • Comprehensive Commit Messages
  • Links to related GitHub Issue(s)

@anik120 anik120 requested a review from a team as a code owner June 5, 2025 14:56
@netlify Netlify
Copy link

netlify bot commented Jun 5, 2025
edited
Loading

Deploy Preview for olmv1 ready!

Name Link
🔨 Latest commit ec22c0a
🔍 Latest deploy log https://app.netlify.com/projects/olmv1/deploys/68430ddf3fc6850007f167fd
😎 Deploy Preview https://deploy-preview-2013--olmv1.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jun 5, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign perdasilva for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

joelanford
joelanford reviewed Jun 5, 2025
View reviewed changes
test/e2e/network_policy_test.go Outdated
},
{
Ports: []networkingv1.NetworkPolicyPort{{Protocol: ptr.To(corev1.ProtocolTCP), Port: intOrStrPtr(9443)}},
Justification: "Permits Kubernetes API server to reach catalogd's admission webhook for CRD validation, ensuring integrity of catalog resources.",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a mutating webhook that sets a label for the metadata.name that can be used by selectors in ClusterExtension objects to choose specific catalogs by name.

Suggested change
Justification: "Permits Kubernetes API server to reach catalogd's admission webhook for CRD validation, ensuring integrity of catalog resources.",
Justification: "Permits Kubernetes API server to reach catalogd's mutating admission webhook, ensuring integrity of catalog resources.",

joelanford
joelanford reviewed Jun 5, 2025
View reviewed changes
test/e2e/network_policy_test.go Outdated
},
{
Ports: []networkingv1.NetworkPolicyPort{{Protocol: ptr.To(corev1.ProtocolTCP), Port: intOrStrPtr(8443)}},
Justification: "Enables operator-controller to query catalog metadata from catalogd. This is a core function for bundle resolution and operator discovery.",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Justification: "Enables operator-controller to query catalog metadata from catalogd. This is a core function for bundle resolution and operator discovery.",
Justification: "Enables clients (e.g. operator-controller) to query catalog metadata from catalogd. This is a core function for bundle resolution and operator discovery.",

joelanford
joelanford reviewed Jun 5, 2025
View reviewed changes
test/e2e/network_policy_test.go Outdated
EgressRules: []EgressRule{
{
// Empty Ports and To means allow all egress
Justification: "Permits catalogd to fetch catalog images from various container registries and communicate with the Kubernetes API server for its operational needs.",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Justification: "Permits catalogd to fetch catalog images from various container registries and communicate with the Kubernetes API server for its operational needs.",
Justification: "Permits catalogd to fetch catalog images from arbitrary container registries and communicate with the Kubernetes API server for its operational needs.",

joelanford
joelanford reviewed Jun 5, 2025
View reviewed changes
test/e2e/network_policy_test.go Outdated
EgressRules: []EgressRule{
{
// Empty Ports and To means allow all egress
Justification: "Enables operator-controller to pull bundle images, connect to catalogd's HTTPS server for metadata, and interact with the Kubernetes API server.",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Justification: "Enables operator-controller to pull bundle images, connect to catalogd's HTTPS server for metadata, and interact with the Kubernetes API server.",
Justification: "Enables operator-controller to pull bundle images from arbitrary image registries, connect to catalogd's HTTPS server for metadata, and interact with the Kubernetes API server.",

@anik120
Copy link
Contributor Author

anik120 commented Jun 5, 2025

@joelanford incorporated your suggestions..also fyi had to change the struct definitions a bit because I realized the policies are defined as a single ingress/egress policy with multiple ports, instead of multiple ingress/egress policies, for each NetworkPolicy object. PTAL, thanks!

@codecov Codecov
Copy link

codecov bot commented Jun 5, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 69.17%. Comparing base (8f81c23) to head (ec22c0a).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2013   +/-   ##
=======================================
  Coverage   69.17%   69.17%           
=======================================
  Files          79       79           
  Lines        7037     7037           
=======================================
  Hits         4868     4868           
  Misses       1887     1887           
  Partials      282      282
Flag Coverage Δ
e2e 43.00% <ø> (ø)
unit 60.06% <ø> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joelanford joelanford joelanford left review comments

@gallettilance gallettilance Awaiting requested review from gallettilance

@rashmigottipati rashmigottipati Awaiting requested review from rashmigottipati

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anik120 @joelanford