upstream/kubernetes
1
0
Fork 0
mirror of https://github.com/kubernetes/kubernetes.git synced 2026-06-09 08:55:55 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #132478 from pohly/test-verify-images

Browse source 
verify-e2e-images.sh enhancements
This commit is contained in:
Kubernetes Prow Robot 2025-09-01 22:43:19 -07:00 committed by GitHub
commit 47bbe32cb6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 26 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
hack/verify-e2e-images.sh
View file

@ -22,6 +22,7 @@ KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/..
cd "${KUBE_ROOT}"
source hack/lib/init.sh
ret=0
# NOTE: Please do NOT add any to this list!!
#
@ -34,16 +35,37 @@ kube::util::read-array PERMITTED_IMAGES < <(sed '/^#/d' ./test/images/.permitted
echo "Getting e2e image list ..."
make WHAT=test/e2e/e2e.test
e2e_test="$(kube::util::find-binary e2e.test)"
kube::util::read-array IMAGES < <("${e2e_test}" --list-images | sed -E 's/^(.+):[^:]+$/\1/' | LC_ALL=C sort -u)
# validate "e2e.test --list-images":
# - no unexpected output (whether it's on stderr or stdout)
# - zero exit code (indirectly ensures that tests are set up properly)
output=$("${e2e_test}" --list-images 2>&1) || ret=$?
if [[ $ret -ne 0 ]]; then
>&2 echo "FAIL: '${e2e_test} --list-images' failed:"
>&2 echo "${output}"
exit 1
fi
unexpected_output=$(echo "${output}" | grep -v -E '^([[:alnum:]/.-]+):[^:]+$' || true)
if [[ -n "${unexpected_output}" ]]; then
>&2 echo "FAIL: '${e2e_test} --list-images' printed unexpected output:"
>&2 echo "${unexpected_output}"
exit 1
fi
# extract image names without the version
kube::util::read-array IMAGES < <(echo "${output}" | sed -E 's/^([[:alnum:]/.-]+):[^:]+$/\1/' | LC_ALL=C sort -u)
# diff versus known permitted images
ret=0
>&2 echo "Diffing e2e image list ..."
diff -Naupr <(printf '%s\n' "${IMAGES[@]}") <(printf '%s\n' "${PERMITTED_IMAGES[@]}") || ret=$?
# diff context is irrelevant here because of sorting.
# Instead we want to know about old images (no longer in use, need to be removed)
# and new images (should not get added).
diff <(printf '%s\n' "${PERMITTED_IMAGES[@]}") <(printf '%s\n' "${IMAGES[@]}") | sed -E -e '/^---$/d' -e '/^[[:digit:]]+[acd][[:digit:]]+$/d' -e 's/^</obsolete image:/' -e 's/^>/forbidden image:/' >&2 || ret=$?
if [[ $ret -eq 0 ]]; then
>&2 echo "PASS: e2e images used are OK."
else
>&2 echo "FAIL: e2e images do not match the approved list!"
>&2 echo "FAIL: current e2e images do not match the approved list in test/images/.permitted-images!"
>&2 echo ""
>&2 echo "Please use registry.k8s.io/e2e-test-images/agnhost wherever possible, we are consolidating test images."
>&2 echo "See: test/images/agnhost/README.md"