Add automated security policy test scripts#1194
Add automated security policy test scripts#1194MichaelEizaguirre wants to merge 2 commits intoistio:masterfrom
Conversation
googlebot
added
the
cla: yes
istio-testing
added
the
size/L
|
Hi @MichaelEizaguirre. Thanks for your PR. I'm waiting for a istio member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/ok-to-test |
istio-testing
added
ok-to-test
nmittler
left a comment
nmittler
left a comment
There was a problem hiding this comment.
Why are these not standard go-based tests?
|
The name of these scripts may be slightly misleading as they are rather scripts that run the performance tests on certain security policies. |
| } | ||
| }' > authZPath1000.json | ||
| go run ../generate_policies.go ../generate.go ../jwt.go -configFile="authZPath1000.json" > authZPath1000.yaml | ||
| echo "Generated a single authZ policy with 1000 paths" |
There was a problem hiding this comment.
there are a lot of duplicate here, can we put the common part into a function?
| kubectl apply -f authZPath10.yaml | ||
| echo "Running variable number of path rules" | ||
| echo "Running perf test with conn=8 and qps=100" | ||
| pipenv run python3 ../../../runner/runner.py --conn 8 --qps 100 --baseline --duration 240 --load_gen_type=nighthawk --telemetry_mode=none |
There was a problem hiding this comment.
please make this load_gen_type configurable, not hard coded here.
| bokeh = "*" | ||
| pandas = "==0.24.2" | ||
| numpy = "*" | ||
| pyyaml = "*" |
There was a problem hiding this comment.
why do we need put a Pipfile in this repo? since all test was trigger under runner/ folder. Just add the dependencies on the existing Pipfile there?
|
Hey guys, I've put a temporary hold on this PR. It's not clear to me why we're not creating standard Golang tests for security. Can someone explain the use of test scripts instead? Are these load/stability tests? FYI @howardjohn |
|
@nmittler yep this is to add tests to run with the performance benchmark pipeline |
Hi @nmittler
|
This PR is really just adding some shell scripts to make it easier to run the existing perf tests, not adding any new tests for security. |
|
@MichaelEizaguirre: PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
istio-testing
added
the
needs-rebase
|
@MichaelEizaguirre: The following tests failed, say
DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
8 participants
These new files added allow for users to run some pre-defined security policy tests. The READ.md also reflects the changes