Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 17ad63fa0b09d3dfe461ac237cd5db5eaeefc2ed^! / . / go.mod
commit17ad63fa0b09d3dfe461ac237cd5db5eaeefc2ed[log] [tgz]
authorJan Schär <jan@monogon.tech>Thu Feb 27 14:43:56 2025 +0100
committerJan Schär <jan@monogon.tech>Thu Feb 27 17:33:51 2025 +0000
treeaa133f4b89c91044047c902dad5b752696098b14
parent12e4b549f88c91e5eccb2abe1631793c879a66c6 [diff] [blame]
m/n/kubernetes/networkpolicy: add Cyclonus test suite

This adds a test for the network policy controller, based on the
Cyclonus test suite. Running Cyclonus on a real cluster takes multiple
hours, as there are over 200 test cases, each of which takes around 1
minute. The test implemented here uses a fake Kubernetes API and pods,
which allows running all tests in around 15 seconds.

IPv6 is partially implemented but disabled. The tests pass, but each
test takes around 2 seconds, because some ICMPv6 replies for blocked TCP
connections seem to get lost somewhere and are only processed when the
TCP SYN is resent one second later.

Change-Id: Id77f2dd4d884b6d156e238e07e88c222e3bbe9a2
Reviewed-on: https://review.monogon.dev/c/monogon/+/3905
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI

diff --git a/go.mod b/go.mod
index b02c7b3..aba53ba 100644
--- a/go.mod
+++ b/go.mod

@@ -90,6 +90,7 @@
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
 	github.com/klauspost/compress v1.17.11
 	github.com/lib/pq v1.10.9
+	github.com/mattfenwick/cyclonus v0.5.6
 	github.com/mattn/go-shellwords v1.0.12
 	github.com/mdlayher/arp v0.0.0-20220512170110-6706a2966875
 	github.com/mdlayher/ethernet v0.0.0-20220221185849-529eae5b6118
@@ -253,7 +254,9 @@
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
+	github.com/go-resty/resty/v2 v2.7.0 // indirect
 	github.com/go-sql-driver/mysql v1.7.1 // indirect
+	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
 	github.com/godbus/dbus/v5 v5.1.0 // indirect
 	github.com/gofrs/flock v0.8.1 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
@@ -265,6 +268,7 @@
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-dap v0.12.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db // indirect
 	github.com/google/s2a-go v0.1.8 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/subcommands v1.0.2-0.20190508160503-636abe8753b8 // indirect
@@ -298,6 +302,7 @@
 	github.com/jpillora/backoff v1.0.0 // indirect
 	github.com/jsimonetti/rtnetlink v1.4.1 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/jstemmer/go-junit-report v0.9.1 // indirect
 	github.com/karrick/godirwalk v1.17.0 // indirect
 	github.com/kr/fs v0.1.0 // indirect
 	github.com/kr/pty v1.1.8 // indirect
@@ -308,6 +313,7 @@
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/lufia/iostat v1.2.1 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattfenwick/collections v0.3.2 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-runewidth v0.0.15 // indirect
@@ -338,6 +344,9 @@
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f // indirect
 	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
+	github.com/olekukonko/tablewriter v0.0.5 // indirect
+	github.com/onsi/ginkgo/v2 v2.22.0 // indirect
+	github.com/onsi/gomega v1.36.0 // indirect
 	github.com/opencontainers/image-spec v1.1.0 // indirect
 	github.com/opencontainers/runtime-spec v1.2.0 // indirect
 	github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626 // indirect