e2e: create and delete namespaces using labels #2050
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Replace --timeout=5m with --wait=false in the kubectl delete command to ensure that DeleteDiscoveredApps returns immediately after initiating deletion instead of waiting for resources to be fully deleted. This change makes the function's behavior consistent with other delete operations that separately handle deletion initiation and waiting for completion, improving control flow. Signed-off-by: Parikshith <parikshithb@gmail.com>
This commit adds infra to wait for resources are fully deleted before tests continue, preventing conditions where subsequent tests might be affected by lingering resources. - Add WaitForResourceDelete generic function to wait for resources to be fully deleted - Implement wait funcs for different resource types: - ApplicationSet - ConfigMap - Placement - ManagedClusterSetBinding Signed-off-by: Parikshith <parikshithb@gmail.com>
This change updates the undeploy function for the ApplicationSet by adding wait for all resource deleted with a deadline part of the context. Signed-off-by: Parikshith <parikshithb@gmail.com>
This separation infra allows for more control over the namespace deletion process to explicitly wait for namespace deletion after initiating namespace deletion. Updated undeploy functions of Disapp, Subscription and the EnsureChannelDeleted function by adding the separate wait for namespace with a shared deadline from context. Signed-off-by: Parikshith <parikshithb@gmail.com>
Since we are doing common delete ops on both clusters current comment needs to updated to indicate same. Signed-off-by: Parikshith <parikshithb@gmail.com>
This change replace waitDRPCDeleted with WaitForDRPCDelete with the shared deadline to DRPC and other related resource deletion like placement and mcsb. Signed-off-by: Parikshith <parikshithb@gmail.com>
This update ensures only namespaces created by ramen e2e can be deleted safely using "ramen-e2e" label. - Implemented adding ramen-e2e label (app.kubernetes.io/managed-by=ramen-e2e) during ns creation to prevent accidental deletion by checking whether the lable exist. - Add CreateAppNamespaces/DeleteAppNamespaces functions to delete ns on both drclusters - Consolidate volsync annotation logic into AddVolsyncAnnotation function - Add WaitForAppNamespacesDelete for consistent ns cleanup waiting on both drclusters Signed-off-by: Parikshith <parikshithb@gmail.com>
nirs
reviewed
May 22, 2025
| const ( | ||
| // Namespace annotation for volsync to grant elevated permissions for mover pods | ||
| // More info: https://volsync.readthedocs.io/en/stable/usage/permissionmodel.html#controlling-mover-permissions | ||
| volsyncPrivilegedMovers = "volsync.backube/privileged-movers" |
There was a problem hiding this comment.
Lets raname this to "volsyncPrivilegedMoversAnnotation" to make the code more clear.
8000
| volsyncPrivilegedMovers = "volsync.backube/privileged-movers" | ||
|
|
||
| // Label to identify namespaces created by ramen e2e | ||
| ramenE2EManagedLabel = "app.kubernetes.io/managed-by" |
There was a problem hiding this comment.
This is not ramen label, let's call it managedByLabel
|
|
||
| // Label to identify namespaces created by ramen e2e | ||
| ramenE2EManagedLabel = "app.kubernetes.io/managed-by" | ||
| ramenE2EManagedValue = "ramen-e2e" |
There was a problem hiding this comment.
This can be just "ramenE2e" - it can be used in many places.
|
|
||
| func CreateNamespace(ctx types.Context, cluster types.Cluster, namespace string) error { | ||
| log := ctx.Logger() | ||
|
|
| ns := &corev1.Namespace{ | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Name: namespace, | ||
| Labels: map[string]string{ | ||
| ramenE2EManagedLabel: ramenE2EManagedValue, |
There was a problem hiding this comment.
With the new names this will be much more clear:
managedByLabel: ramenE2e
| @@ -32,56 +41,86 @@ func CreateNamespace(ctx types.Context, cluster types.Cluster, namespace string) | |||
| return err | |||
| } | |||
|
|
|||
| log.Debugf("Namespace %q already exist in cluster %q", namespace, cluster.Name) | |||
| log.Debugf("Namespace %q already exists in cluster %q", namespace, cluster.Name) | |||
There was a problem hiding this comment.
If the namespace exists, we want to check if it is using our laebl (so we will delete it later.
If not, we are running a test in a user created namespace which is problematic, but we cannot avoid this (e.g. leftover namespace created by older version of ramen-e2e or ramenctl). Let's log a warning about this.
| log.Debugf("Namespace %q in cluster %q is not managed by ramen-e2e, skipping deletion", | ||
| namespace, cluster.Name) | ||
|
|
||
| return nil | ||
| } |
There was a problem hiding this comment.
Lets extract a function for checking if the namespace is managed by ramen:
isManagedByRamenE2e(types.Context, types.Cluster, client.Obj) (bool, error)
It should return true/false based on the label, or fail if the object does not exist or the check failed. The caller will use k8serrors.IsNotFound(err) so don't need to check internally.
| // CreateAppNamespaces creates a namespace on both drclusters with ramen-e2e label. | ||
| // The label ensure safe deletion by allowing only ramen-e2e managed namespaces to be removed. | ||
| // This prevents accidental deletion of namespaces not created by the e2e test framework. | ||
| func CreateAppNamespaces(ctx types.Context, namespace string) error { |
There was a problem hiding this comment.
If we can, lets split these changes, so we have 2 commits:
- First adding the infra for creating a namespace with our label and deleting only the namespaces we created
- Second using the infra to create, delete, and wait for namespaces in all deployers
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This update ensures only namespaces created by ramen e2e can be deleted
safely using label.
during ns creation to prevent accidental deletion by checking
whether the lable exist.
both drclusters
both drclusters
Testing:
Based on #2035
Fixes #1958