Merge pull request #120968 from borg-land/remove-kubeup-tests-1

Remove an e2e test specific to kubeup clusters - Part One
2023-10-06 19:20:11 +02:00
parent 57144165f7 243ba5fb6b
commit 9af7096c89
2 changed files with 0 additions and 169 deletions
--- a/test/e2e/framework/providers/gce/firewall.go
+++ b/test/e2e/framework/providers/gce/firewall.go
@@ -90,165 +90,6 @@ func ConstructHealthCheckFirewallForLBService(clusterID string, svc *v1.Service,
 	return &fw
 }
 // GetInstancePrefix returns the INSTANCE_PREFIX env we set for e2e cluster.
 // From cluster/gce/config-test.sh, master name is set up using below format:
 // MASTER_NAME="${INSTANCE_PREFIX}-master"
 func GetInstancePrefix(masterName string) (string, error) {
 	if !strings.HasSuffix(masterName, "-master") {
 		return "", fmt.Errorf("unexpected master name format: %v", masterName)
 	}
 	return masterName[:len(masterName)-7], nil
 }
 // GetClusterName returns the CLUSTER_NAME env we set for e2e cluster.
 // From cluster/gce/config-test.sh, cluster name is set up using below format:
 // CLUSTER_NAME="${CLUSTER_NAME:-${INSTANCE_PREFIX}}"
 func GetClusterName(instancePrefix string) string {
 	return instancePrefix
 }
 // GetE2eFirewalls returns all firewall rules we create for an e2e cluster.
 // From cluster/gce/util.sh, all firewall rules should be consistent with the ones created by startup scripts.
 func GetE2eFirewalls(masterName, masterTag, nodeTag, network, clusterIPRange string) []*compute.Firewall {
 	instancePrefix, err := GetInstancePrefix(masterName)
 	framework.ExpectNoError(err)
 	clusterName := GetClusterName(instancePrefix)
 	fws := []*compute.Firewall{}
 	fws = append(fws, &compute.Firewall{
 		Name:         clusterName + "-default-internal-master",
 		SourceRanges: []string{"10.0.0.0/8"},
 		TargetTags:   []string{masterTag},
 		Allowed: []*compute.FirewallAllowed{
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"1-2379"},
 			},
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"2382-65535"},
 			},
 			{
 				IPProtocol: "udp",
 				Ports:      []string{"1-65535"},
 			},
 			{
 				IPProtocol: "icmp",
 			},
 		},
 	})
 	fws = append(fws, &compute.Firewall{
 		Name:         clusterName + "-default-internal-node",
 		SourceRanges: []string{"10.0.0.0/8"},
 		TargetTags:   []string{nodeTag},
 		Allowed: []*compute.FirewallAllowed{
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"1-65535"},
 			},
 			{
 				IPProtocol: "udp",
 				Ports:      []string{"1-65535"},
 			},
 			{
 				IPProtocol: "icmp",
 			},
 		},
 	})
 	fws = append(fws, &compute.Firewall{
 		Name:         network + "-default-ssh",
 		SourceRanges: []string{"0.0.0.0/0"},
 		Allowed: []*compute.FirewallAllowed{
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"22"},
 			},
 		},
 	})
 	fws = append(fws, &compute.Firewall{
 		Name:       masterName + "-etcd",
 		SourceTags: []string{masterTag},
 		TargetTags: []string{masterTag},
 		Allowed: []*compute.FirewallAllowed{
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"2380"},
 			},
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"2381"},
 			},
 		},
 	})
 	fws = append(fws, &compute.Firewall{
 		Name:         masterName + "-https",
 		SourceRanges: []string{"0.0.0.0/0"},
 		TargetTags:   []string{masterTag},
 		Allowed: []*compute.FirewallAllowed{
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"443"},
 			},
 		},
 	})
 	fws = append(fws, &compute.Firewall{
 		Name:         nodeTag + "-all",
 		SourceRanges: []string{clusterIPRange},
 		TargetTags:   []string{nodeTag},
 		Allowed: []*compute.FirewallAllowed{
 			{
 				IPProtocol: "tcp",
 			},
 			{
 				IPProtocol: "udp",
 			},
 			{
 				IPProtocol: "icmp",
 			},
 			{
 				IPProtocol: "esp",
 			},
 			{
 				IPProtocol: "ah",
 			},
 			{
 				IPProtocol: "sctp",
 			},
 		},
 	})
 	fws = append(fws, &compute.Firewall{
 		Name:         nodeTag + "-http-alt",
 		SourceRanges: []string{"0.0.0.0/0"},
 		TargetTags:   []string{nodeTag},
 		Allowed: []*compute.FirewallAllowed{
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"80"},
 			},
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"8080"},
 			},
 		},
 	})
 	fws = append(fws, &compute.Firewall{
 		Name:         nodeTag + "-nodeports",
 		SourceRanges: []string{"0.0.0.0/0"},
 		TargetTags:   []string{nodeTag},
 		Allowed: []*compute.FirewallAllowed{
 			{
 				IPProtocol: "tcp",
 				Ports:      []string{"30000-32767"},
 			},
 			{
 				IPProtocol: "udp",
 				Ports:      []string{"30000-32767"},
 			},
 		},
 	})
 	return fws
 }
 // PackProtocolsPortsFromFirewall packs protocols and ports in an unified way for verification.
 func PackProtocolsPortsFromFirewall(alloweds []*compute.FirewallAllowed) []string {
 	protocolPorts := []string{}
--- a/test/e2e/network/firewall.go
+++ b/test/e2e/network/firewall.go
@@ -204,16 +204,6 @@ var _ = common.SIGDescribe("Firewall rule", func() {
 		framework.ExpectNoError(err)
 	})
 	ginkgo.It("should have correct firewall rules for e2e cluster", func(ctx context.Context) {
 		ginkgo.By("Checking if e2e firewall rules are correct")
 		for _, expFw := range gce.GetE2eFirewalls(cloudConfig.MasterName, cloudConfig.MasterTag, cloudConfig.NodeTag, cloudConfig.Network, cloudConfig.ClusterIPRange) {
 			fw, err := gceCloud.GetFirewall(expFw.Name)
 			framework.ExpectNoError(err)
 			err = gce.VerifyFirewallRule(fw, expFw, cloudConfig.Network, false)
 			framework.ExpectNoError(err)
 		}
 	})
 	ginkgo.It("control plane should not expose well-known ports", func(ctx context.Context) {
 		nodes, err := e2enode.GetReadySchedulableNodes(ctx, cs)
 		framework.ExpectNoError(err)