Skip to content

chore: Remove NPM Windows 2022 Tests from the NPM Conformance Tests #3888

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Aug 7, 2025
Merged

chore: Remove NPM Windows 2022 Tests from the NPM Conformance Tests #3888

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
ad49529
removing windows conformance tests part 1
rayaisaiah Aug 4, 2025
97bb66a
removing windows conformance tests part 2
rayaisaiah Aug 4, 2025
7a32607
removed unused segament
rayaisaiah Aug 4, 2025
a933fd5
typo
rayaisaiah Aug 4, 2025
97fe85a
keep latest release the same
rayaisaiah Aug 4, 2025
9558525
removed 1 of the az aks get-credentials
rayaisaiah Aug 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 0 additions & 4 deletions .pipelines/npm/npm-conformance-tests-latest-release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,10 +80,6 @@ jobs:
AZURE_CLUSTER: "conformance-v2-default"
PROFILE: "v2-default"
IS_STRESS_TEST: "false"
v2-default-ws22:
AZURE_CLUSTER: "conformance-v2-default-ws22"
PROFILE: "v2-default-ws22"
IS_STRESS_TEST: "false"
pool:
name: $(BUILD_POOL_NAME_DEFAULT)
demands:
Expand Down
303 changes: 8 additions & 295 deletions .pipelines/npm/npm-conformance-tests.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,10 +74,6 @@ stages:
arch: amd64
name: npm
os: linux
npm_windows_amd64:
arch: amd64
name: npm
os: windows
steps:
- template: ../containers/container-template.yaml
parameters:
Expand All @@ -102,10 +98,6 @@ stages:
AZURE_CLUSTER: "conformance-v2-background"
PROFILE: "v2-background"
IS_STRESS_TEST: "false"
v2-ws22:
AZURE_CLUSTER: "conformance-v2-ws22"
PROFILE: "v2-default-ws22"
IS_STRESS_TEST: "false"
v2-linux-stress:
AZURE_CLUSTER: "conformance-v2-linux-stress"
PROFILE: "v2-linux-stress"
Expand Down Expand Up @@ -172,63 +164,13 @@ stages:
export PUBLIC_IP_ID=$(az network public-ip show -g $(RESOURCE_GROUP) -n $(PUBLIC_IP_NAME) --query id -o tsv)
echo Public IP ID $PUBLIC_IP_ID

if [[ $(AZURE_CLUSTER) == *ws22 ]] # * is used for pattern matching
then
az extension add --name aks-preview
az extension update --name aks-preview

echo "creating WS22 Cluster";
az aks create \
--resource-group $(RESOURCE_GROUP) \
--name $(AZURE_CLUSTER) \
--generate-ssh-keys \
--windows-admin-username e2eadmin \
--windows-admin-password alpha@numeric!password2 \
--network-plugin azure \
--vm-set-type VirtualMachineScaleSets \
--node-vm-size Standard_D4s_v3 \
--node-count 1 \
--load-balancer-outbound-ips $PUBLIC_IP_ID

if [ $? != 0 ]
then
echo "Failing fast since previous command failed"
exit 1
fi

# don't schedule anything on the linux system pool
echo "Updating $(AZURE_CLUSTER) to not schedule anything on linux pool..."
az aks nodepool update \
--cluster-name $(AZURE_CLUSTER) \
-g $(RESOURCE_GROUP) \
-n nodepool1 \
--node-taints CriticalAddonsOnly=true:NoSchedule

if [ $? != 0 ]
then
echo "Failing fast since previous command failed"
exit 1
fi

echo "Adding Windows nodepool to $(AZURE_CLUSTER) to group $(RESOURCE_GROUP)"
az aks nodepool add \
--resource-group $(RESOURCE_GROUP) \
--cluster-name $(AZURE_CLUSTER) \
--name awin22 \
--os-type Windows \
--os-sku Windows2022 \
--node-vm-size Standard_D4s_v3 \
--node-count 2

if [ $? != 0 ]
then
echo "Failing fast since previous command failed"
exit 1
fi

az aks get-credentials -n $(AZURE_CLUSTER) -g $(RESOURCE_GROUP) --file ./kubeconfig
./kubectl --kubeconfig=./kubeconfig apply -f $(Pipeline.Workspace)/s/npm/examples/windows/azure-npm.yaml
./kubectl --kubeconfig=./kubeconfig set image daemonset/azure-npm-win -n kube-system azure-npm=$IMAGE_REGISTRY/azure-npm:windows-amd64-$(TAG)

else
echo "Creating Linux Cluster";
Expand Down Expand Up @@ -324,46 +266,6 @@ stages:
# there can't be a command after e2e.test/policy-assistant because the exit code is important
}

runConformanceWindows () {
# full suite of ~32 test cases is taking too long...
# nomatch1="should enforce policy based on PodSelector or NamespaceSelector"
# nomatch2="should enforce policy based on NamespaceSelector with MatchExpressions using default ns label"
# nomatch3="should enforce policy based on PodSelector and NamespaceSelector"
# nomatch4="should enforce policy based on Multiple PodSelectors and NamespaceSelectors"
# cidrExcept1="should ensure an IP overlapping both IPBlock.CIDR and IPBlock.Except is allowed"
# cidrExcept2="should enforce except clause while egress access to server in CIDR block"
# namedPorts="named port"
# wrongK8sVersion="Netpol API"
# toSkip="\[LinuxOnly\]|$nomatch1|$nomatch2|$nomatch3|$nomatch4|$cidrExcept1|$cidrExcept2|$namedPorts|$wrongK8sVersion|SCTP"

# slimmed down to 14 tests like npm-cni-integration-test.yaml
# NetworkPolicy between server and...
f1="client should enforce policy to allow traffic only from a different namespace, based on NamespaceSelector"
f2="client should deny egress from pods based on PodSelector"
f3="client should enforce multiple, stacked policies with overlapping podSelectors"
f4="client should enforce egress policy allowing traffic to a server in a different namespace based on PodSelector and NamespaceSelector"
f5="client should work with Ingress, Egress specified together"
f6="client should enforce ingress policy allowing any port traffic to a server on a specific protocol"
f7="client should not allow access by TCP when a policy specifies only UDP"
f8="client should allow egress access to server in CIDR block"
f9="client should enforce policy based on Ports"
f10="client should support allow-all policy"
f11="client should enforce updated policy"
f12="client should support denying of egress traffic on the client side"
f13="client should stop enforcing policies after they are deleted"
f14="client should support a 'default-deny-ingress' policy"
focus="$f1|$f2|$f3|$f4|$f5|$f6|$f7|$f8|$f9|$f10|$f11|$f12|$f13|$f14"
KUBERNETES_SERVICE_HOST="$FQDN" KUBERNETES_SERVICE_PORT=443 \
./e2e.test \
--provider=local \
--ginkgo.focus="$focus" \
--ginkgo.skip="\[LinuxOnly\]|NetworkPolicyLegacy|SCTP" \
--node-os-distro=windows \
--allowed-not-ready-nodes=1 \
--kubeconfig=./kubeconfig \
--ginkgo.timeout="2h"
}

exitCode=0
if [ $(IS_STRESS_TEST) == "true" ]; then
echo "Running $NUM_PARALLEL_JOBS_FOR_STRESS_TEST conformance tests at once and writing outputs to files"
Expand All @@ -372,20 +274,11 @@ stages:
# for each iteration, run the conformance test and echos in the background, and write the output of the conformance test to a file

# run the conformance test in the foreground and write the output to stdout and a file
if [[ $(AZURE_CLUSTER) == *ws22 ]] # * is used for pattern matching
then
echo "starting conformance test #$round" && \
runConformanceWindows | tee $npmLogsFolder/conformance-results-$round && \
echo "finished conformance test #$round" &
pidOfConformanceTest=$!
conformancePIDs+=($pidOfConformanceTest)
else
echo "starting windows conformance test #$round" && \
runConformance > $npmLogsFolder/conformance-results-$round && \
echo "finished conformance test #$round" &
pidOfConformanceTest=$!
conformancePIDs+=($pidOfConformanceTest)
fi
echo "starting windows conformance test #$round" && \
runConformance > $npmLogsFolder/conformance-results-$round && \
echo "finished conformance test #$round" &
pidOfConformanceTest=$!
conformancePIDs+=($pidOfConformanceTest)
done

# wait until all conformance tests finish and take note of any failed tests
Expand All @@ -399,15 +292,9 @@ stages:
fi
done
else
# run the conformance test in the foreground and write the output to stdout and a file
if [[ $(AZURE_CLUSTER) == *ws22 ]] # * is used for pattern matching
then
runConformanceWindows | tee $npmLogsFolder/conformance-results
exitCode=$?
else
runConformance | tee $npmLogsFolder/conformance-results
exitCode=$?
fi
# run the conformance test in the foreground and write the output to stdout and a file
runConformance | tee $npmLogsFolder/conformance-results
exitCode=$?
fi

# get all current npm pods
Expand Down Expand Up @@ -461,177 +348,3 @@ stages:
inlineScript: |
echo Deleting $(RESOURCE_GROUP)
az group delete -n $(RESOURCE_GROUP) --yes

# - stage: cyclonus_win
# displayName: Windows Cyclonus
# dependsOn: [setup, build]
# jobs:
# - job: Create_Windows_Cluster_and_Run_Test
# timeoutInMinutes: 360
# displayName: "Run Windows Cyclonus"
# pool:
# name: $(BUILD_POOL_NAME_DEFAULT)
# demands:
# - agent.os -equals Linux
# - Role -equals Build
# variables:
# RESOURCE_GROUP: $[ stagedependencies.setup.setup.outputs['EnvironmentalVariables.RESOURCE_GROUP'] ]
# TAG: $[ stagedependencies.setup.setup.outputs['EnvironmentalVariables.TAG'] ]
# FQDN: empty
# strategy:
# matrix:
# v2-windows:
# PROFILE: "cyc-ws22"
# steps:
# - checkout: self
# - task: AzureCLI@2
# displayName: "Create AKS Cluster"
# inputs:
# azureSubscription: $(BUILD_VALIDATIONS_SERVICE_CONNECTION)
# scriptType: "bash"
# scriptLocation: "inlineScript"
# failOnStderr: true
# inlineScript: |
# az extension add --name aks-preview
# az extension update --name aks-preview

# export CLUSTER_NAME=$(RESOURCE_GROUP)-$(PROFILE)

# echo "Creating resource group named $CLUSTER_NAME"
# az group create --name $CLUSTER_NAME -l $(LOCATION) -o table

# echo "Creating resource group named $CLUSTER_NAME"
# az aks create \
# --resource-group $CLUSTER_NAME \
# --name $CLUSTER_NAME \
# --generate-ssh-keys \
# --windows-admin-username e2eadmin \
# --windows-admin-password alpha@numeric!password2 \
# --network-plugin azure \
# --vm-set-type VirtualMachineScaleSets \
# --node-vm-size Standard_D8s_v3 \
# --node-count 1 \
# --uptime-sla

# # don't schedule anything on the linux system pool
# echo "Updating $CLUSTER_NAME to not schedule anything on linux pool..."
# az aks nodepool update \
# --cluster-name $CLUSTER_NAME \
# -g $CLUSTER_NAME \
# -n nodepool1 \
# --node-taints CriticalAddonsOnly=true:NoSchedule

# echo "Adding Windows nodepool to $CLUSTER_NAME"
# az aks nodepool add \
# --resource-group $CLUSTER_NAME \
# --cluster-name $CLUSTER_NAME \
# --name awin22 \
# --os-type Windows \
# --os-sku Windows2022 \
# --node-vm-size Standard_D4s_v3 \
# --node-count 3

# echo "Getting credentials to $CLUSTER_NAME"
# az aks get-credentials -g $CLUSTER_NAME -n $CLUSTER_NAME --overwrite-existing --file ./kubeconfig
# mkdir -p ~/.kube/
# cp ./kubeconfig ~/.kube/config

# - task: AzureCLI@2
# displayName: "Deploy NPM to Test Cluster"
# inputs:
# azureSubscription: $(BUILD_VALIDATIONS_SERVICE_CONNECTION)
# scriptType: "bash"
# scriptLocation: "inlineScript"
# failOnStderr: true
# inlineScript: |
# export CLUSTER_NAME=$(RESOURCE_GROUP)-$(PROFILE)

# curl -LO https://dl.k8s.io/release/v1.23.0/bin/linux/amd64/kubectl
# chmod +x kubectl

# # deploy azure-npm
# ./kubectl --kubeconfig=./kubeconfig apply -f $(Pipeline.Workspace)/s/npm/examples/windows/azure-npm.yaml

# # swap azure-npm image with one built during run
# ./kubectl --kubeconfig=./kubeconfig set image daemonset/azure-npm-win -n kube-system azure-npm=$IMAGE_REGISTRY/azure-npm:windows-amd64-$(TAG)

# echo "sleeping and waiting for NPM pods to be ready..."
# sleep 1m
# ./kubectl --kubeconfig=./kubeconfig wait --for=condition=Ready pod -n kube-system -l k8s-app=azure-npm --timeout=5m
# echo "sleeping 3 more minutes to let windows NPM finish bootup phase"

# ./kubectl --kubeconfig=./kubeconfig get po -n kube-system -owide -A

# echo "Showing cluster status for $CLUSTER_NAME"
# FQDN=`az aks show -n $CLUSTER_NAME -g $CLUSTER_NAME --query fqdn -o tsv`
# echo "##vso[task.setvariable variable=FQDN]$FQDN"

# - script: |
# cat ~/.kube/config
# curl -fsSL github.com/mattfenwick/cyclonus/releases/latest/download/cyclonus_linux_amd64.tar.gz | tar -zxv
# name: download_cyclonus
# displayName: "Download Cyclonus"
# failOnStderr: false
# condition: always()

# - script: |
# ./test/cyclonus/test-cyclonus-windows.sh
# name: cyclonus
# displayName: "Run Cyclonus Test"
# failOnStderr: false
# condition: succeeded()

# - bash: |
# export CLUSTER_NAME=$(RESOURCE_GROUP)-$(PROFILE)
# cp cyclonus-$CLUSTER_NAME $(System.DefaultWorkingDirectory)/$CLUSTER_NAME/cyclonus-$CLUSTER_NAME
# echo "Getting cluster state for $CLUSTER_NAME"
# mkdir -p $(System.DefaultWorkingDirectory)/$CLUSTER_NAME
# kubectl get pods -n kube-system | grep npm
# kubectl logs -n kube-system -l k8s-app=azure-npm --tail -1 --prefix > $(System.DefaultWorkingDirectory)/$CLUSTER_NAME/npm-logs_$(PROFILE).txt
# # capture any previous logs in case there was a crash
# npmPodList=`kubectl get pods -n kube-system | grep npm | awk '{print $1}'`
# for npmPod in $npmPodList; do
# previousLogFile=$(System.DefaultWorkingDirectory)/$CLUSTER_NAME/previous-npm-logs_$(PROFILE).txt
# kubectl logs -n kube-system $npmPod -p > $previousLogFile
# if [[ $? -ne 0 ]]; then
# # remove the empty file if kubectl logs failed (e.g. there was no previous terminated container)
# rm $previousLogFile
# fi
# done
# cp ./kubeconfig $(System.DefaultWorkingDirectory)/$CLUSTER_NAME/.kubeconfig
# condition: always()

# - publish: $(System.DefaultWorkingDirectory)/$(RESOURCE_GROUP)-$(PROFILE)
# condition: always()
# artifact: NpmLogs-$(RESOURCE_GROUP)-$(PROFILE)

# - stage: clean_up_cyclonus_win
# displayName: Cleanup Cyclonus
# dependsOn: [setup, cyclonus_win]
# condition: always()
# jobs:
# - job: clean_up
# displayName: "Cleanup"
# pool:
# name: $(BUILD_POOL_NAME_DEFAULT)
# demands:
# - agent.os -equals Linux
# - Role -equals Build
# variables:
# RESOURCE_GROUP: $[ stagedependencies.setup.setup.outputs['EnvironmentalVariables.RESOURCE_GROUP'] ]
# strategy:
# matrix:
# v2-windows:
# PROFILE: "cyc-ws22"
# steps:
# - checkout: none
# - task: AzureCLI@2
# displayName: "Delete Test Cluster Resource Group"
# inputs:
# azureSubscription: $(BUILD_VALIDATIONS_SERVICE_CONNECTION)
# scriptType: "bash"
# scriptLocation: "inlineScript"
# inlineScript: |
# echo Deleting $(RESOURCE_GROUP)-$(PROFILE)
# az group delete -n $(RESOURCE_GROUP)-$(PROFILE) --yes

Loading