Add Azure Defender to E2E testing (Azure#28)

* Add azure defender testing to e2e * Remove the debug flag
trstringer · Apr 28, 2021 · 9de1e4e · 9de1e4e
1 parent e8651f2
commit 9de1e4e
Show file tree

Hide file tree

Showing 5 changed files with 96 additions and 3 deletions.
diff --git a/testing/.gitignore b/testing/.gitignore
@@ -2,7 +2,7 @@ settings.json
 tmp/
 bin/*
 !bin/connectedk8s-1.0.0-py3-none-any.whl
-!bin/k8s_extension-0.2.0-py3-none-any.whl
+!bin/k8s_extension-0.3.0-py3-none-any.whl
 !bin/k8s_extension_private-0.1.0-py3-none-any.whl
 !bin/connectedk8s-values.yaml
 *.xml
diff --git a/testing/bin/k8s_extension-0.2.0-py3-none-any.whl b/testing/bin/k8s_extension-0.2.0-py3-none-any.whl
diff --git a/testing/bin/k8s_extension-0.3.0-py3-none-any.whl b/testing/bin/k8s_extension-0.3.0-py3-none-any.whl
diff --git a/testing/settings.template.json b/testing/settings.template.json
@@ -5,8 +5,8 @@
     "arcClusterName": "<arcClusterName>",
 
     "extensionVersion": {
-        "k8s-extension": "0.2.0",
+        "k8s-extension": "0.3.0",
         "k8s-extension-private": "0.1.0",
-        "connectedk8s": "0.3.5"
+        "connectedk8s": "1.0.0"
     }
 }
diff --git a/testing/test/extensions/public/AzureDefender.Tests.ps1 b/testing/test/extensions/public/AzureDefender.Tests.ps1
@@ -0,0 +1,93 @@
+Describe 'Azure Defender Testing' {
+    BeforeAll {
+        $extensionType = "microsoft.azuredefender.kubernetes"
+        $extensionName = "microsoft.azuredefender.kubernetes"
+        $extensionAgentNamespace = "azuredefender"
+
+        . $PSScriptRoot/../../helper/Constants.ps1
+        . $PSScriptRoot/../../helper/Helper.ps1
+    }
+
+    It 'Creates the extension and checks that it onboards correctly' {
+        $output = az $Env:K8sExtensionName create -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters --extension-type $extensionType -n $extensionName
+        $? | Should -BeTrue
+
+        $output = az $Env:K8sExtensionName show -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters -n $extensionName
+        $? | Should -BeTrue
+
+        $isAutoUpgradeMinorVersion = ($output | ConvertFrom-Json).autoUpgradeMinorVersion 
+        $isAutoUpgradeMinorVersion.ToString() -eq "True" | Should -BeTrue
+
+        # Loop and retry until the extension installs
+        $n = 0
+        do 
+        {
+            # Only check the extension config, not the pod since this doesn't bring up pods
+            if (Get-ExtensionStatus $extensionName -eq $SUCCESS_MESSAGE) {
+                break
+            }
+            Start-Sleep -Seconds 10
+            $n += 1
+        } while ($n -le $MAX_RETRY_ATTEMPTS)
+        $n | Should -BeLessOrEqual $MAX_RETRY_ATTEMPTS
+    }
+
+    It "Performs a show on the extension" {
+        $output = az $Env:K8sExtensionName show -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters -n $extensionName
+        $? | Should -BeTrue
+        $output | Should -Not -BeNullOrEmpty
+    }
+
+    It "Runs an update on the extension on the cluster" {
+        Set-ItResult -Skipped -Because "Update is not a valid scenario for now"
+
+        # az $Env:K8sExtensionName update -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters -n $extensionName --auto-upgrade-minor-version false
+        # $? | Should -BeTrue
+
+        # $output = az $Env:K8sExtensionName show -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters -n $extensionName
+        # $? | Should -BeTrue
+
+        # $isAutoUpgradeMinorVersion = ($output | ConvertFrom-Json).autoUpgradeMinorVersion 
+        # $isAutoUpgradeMinorVersion.ToString() -eq "False" | Should -BeTrue
+
+        # # Loop and retry until the extension config updates
+        # $n = 0
+        # do 
+        # {
+        #     $isAutoUpgradeMinorVersion = (Get-ExtensionData $extensionName).spec.autoUpgradeMinorVersion
+        #     if (!$isAutoUpgradeMinorVersion) {  #autoUpgradeMinorVersion doesn't exist in ExtensionConfig CRD if false
+        #         if (Get-ExtensionStatus $extensionName -eq $SUCCESS_MESSAGE) {
+        #             if (Get-PodStatus $extensionAgentName -Namespace $extensionAgentNamespace -eq $POD_RUNNING) {
+        #                 break
+        #             }
+        #         }
+        #     }
+        #     Start-Sleep -Seconds 10
+        #     $n += 1
+        # } while ($n -le $MAX_RETRY_ATTEMPTS)
+        # $n | Should -BeLessOrEqual $MAX_RETRY_ATTEMPTS
+    }
+
+    It "Lists the extensions on the cluster" {
+        $output = az $Env:K8sExtensionName list -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters
+        $? | Should -BeTrue
+
+        $extensionExists = $output | ConvertFrom-Json | Where-Object { $_.extensionType -eq $extensionType }
+        $extensionExists | Should -Not -BeNullOrEmpty
+    }
+
+    It "Deletes the extension from the cluster" {
+        az $Env:K8sExtensionName delete -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters -n $extensionName
+        $? | Should -BeTrue
+
+        # Extension should not be found on the cluster
+        az $Env:K8sExtensionName show -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters -n $extensionName
+        $? | Should -BeFalse
+    }
+
+    It "Performs another list after the delete" {
+        $output = az $Env:K8sExtensionName list -c $ENVCONFIG.arcClusterName -g $ENVCONFIG.resourceGroup --cluster-type connectedClusters
+        $extensionExists = $output | ConvertFrom-Json | Where-Object { $_.extensionType -eq $extensionName }
+        $extensionExists | Should -BeNullOrEmpty
+    }
+}