Skip to content

Commit

Permalink
[e2e] Enable_namedport_e2e_tests
Browse files Browse the repository at this point in the history
Add back namedport e2e test cases, but only check Securitypolicy
creation/deletion without traffic check.
  • Loading branch information
timdengyun committed May 12, 2024
1 parent 2713313 commit 0aacc59
Showing 1 changed file with 34 additions and 20 deletions.
54 changes: 34 additions & 20 deletions test/e2e/nsx_security_policy_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -274,17 +274,16 @@ func TestSecurityPolicyNamedPortWithoutPod(t *testing.T) {
assertNil(t, err)
}

/*
// TestSecurityPolicyNamedPort0 verifies that the traffic of security policy when named port applied.
// This test is to verify the named port feature of security policy.
// When appliedTo is in policy level.
func TestSecurityPolicyNamedPort0(t *testing.T) {
nsClient := "client"
nsWeb := "web"
securityPolicyName := "named-port-policy"
clientA := "client"
webA := "web"
labelWeb := "tcp-deployment"
ruleName0 := "all-ingress-isolation"
ruleName1 := "all-egress-isolation"
var err error

testData.deleteNamespace(nsClient, defaultTimeout)
testData.deleteNamespace(nsWeb, defaultTimeout)
Expand All @@ -298,27 +297,39 @@ func TestSecurityPolicyNamedPort0(t *testing.T) {
_ = applyYAML(podPath, "")
defer deleteYAML(podPath, "")

// Wait for pods
ps, err := testData.podWaitForIPs(defaultTimeout, clientA, nsClient)
t.Logf("Pods are %v", ps)
assertNil(t, err, "Error when waiting for IP for Pod %s", clientA)
psb, _, err := testData.deploymentWaitForIPsOrNames(defaultTimeout, nsWeb, labelWeb)
t.Logf("Pods are %v", psb)
assertNil(t, err, "Error when waiting for IP for Pod %s", webA)
err = testData.waitForCRReadyOrDeleted(defaultTimeout, SP, nsWeb, securityPolicyName, Ready)
assertNil(t, err, "Error when waiting for Security Policy %s", securityPolicyName)
// Temporarily disable traffic check
/*
clientA := "client"
webA := "web"
labelWeb := "tcp-deployment"
// Wait for pods
ps, err := testData.podWaitForIPs(defaultTimeout, clientA, nsClient)
t.Logf("Pods are %v", ps)
assertNil(t, err, "Error when waiting for IP for Pod %s", clientA)
psb, _, err := testData.deploymentWaitForIPsOrNames(defaultTimeout, nsWeb, labelWeb)
t.Logf("Pods are %v", psb)
assertNil(t, err, "Error when waiting for IP for Pod %s", webA)
err = testData.waitForCRReadyOrDeleted(defaultTimeout, SP, nsWeb, securityPolicyName, Ready)
assertNil(t, err, "Error when waiting for Security Policy %s", securityPolicyName)
*/

// Check nsx-t resource existing
err = testData.waitForResourceExistOrNot(nsWeb, common.ResourceTypeSecurityPolicy, securityPolicyName, true)
assertNil(t, err)
err = testData.waitForResourceExistOrNot(nsWeb, common.ResourceTypeRule, securityPolicyName, true)
err = testData.waitForResourceExistOrNot(nsWeb, common.ResourceTypeRule, ruleName0, true)
assertNil(t, err)
err = testData.waitForResourceExistOrNot(nsWeb, common.ResourceTypeRule, ruleName1, true)
assertNil(t, err)

// Nc from pod
err = testData.runNetcatCommandFromPod(nsClient, clientA, clientA, psb[0], 80)
assertNil(t, err, "Error when running nc command from Pod %s", clientA)
err = testData.runNetcatCommandFromPod(nsClient, clientA, clientA, psb[1], 80)
assertNil(t, err, "Error when running nc command from Pod %s", clientA)
// Temporarily disable traffic check
/*
// Nc from pod
err = testData.runNetcatCommandFromPod(nsClient, clientA, clientA, psb[0], 80)
assertNil(t, err, "Error when running nc command from Pod %s", clientA)
err = testData.runNetcatCommandFromPod(nsClient, clientA, clientA, psb[1], 80)
assertNil(t, err, "Error when running nc command from Pod %s", clientA)
*/

// Delete all
_ = deleteYAML(podPath, "")
Expand All @@ -328,10 +339,13 @@ func TestSecurityPolicyNamedPort0(t *testing.T) {
// Check nsx-t resource not existing
err = testData.waitForResourceExistOrNot(nsWeb, common.ResourceTypeSecurityPolicy, securityPolicyName, false)
assertNil(t, err)
err = testData.waitForResourceExistOrNot(nsWeb, common.ResourceTypeRule, securityPolicyName, false)
err = testData.waitForResourceExistOrNot(nsWeb, common.ResourceTypeRule, ruleName0, false)
assertNil(t, err)
err = testData.waitForResourceExistOrNot(nsWeb, common.ResourceTypeRule, ruleName1, false)
assertNil(t, err)
}

/*
// TestSecurityPolicyNamedPort1 verifies that the traffic of security policy when named port applied.
// This test is to verify the named port feature of security policy.
// When appliedTo is in rule level.
Expand Down

0 comments on commit 0aacc59

Please sign in to comment.