From 01c8e0c3a3203ba32437ce0a871169efcaa99083 Mon Sep 17 00:00:00 2001 From: Todd Malsbary Date: Thu, 18 Nov 2021 15:32:16 -0800 Subject: [PATCH] Temporarily remove kubevirt from addons self-test The kubevirt self-test requires AllowTcpForwarding to be enabled in sshd's config, which is not compatible with the OS hardening required by Bluval. The test needs to be rewritten to run in-cluster. In the meantime, kubevirt will be tested indirectly with the plugin_fw_v2.sh test. Signed-off-by: Todd Malsbary Change-Id: Ia2de90bd6e740b66b6a0a71fd53a1b52d784d80c --- deploy/addons/addons.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/deploy/addons/addons.sh b/deploy/addons/addons.sh index c3fefe9..33f5d80 100755 --- a/deploy/addons/addons.sh +++ b/deploy/addons/addons.sh @@ -80,11 +80,15 @@ function test_addons { pushd ${KUDPATH}/kud/tests failed_kud_tests="" container_runtime=$(KUBECONFIG=${cluster_kubeconfig} kubectl get nodes -o jsonpath='{.items[].status.nodeInfo.containerRuntimeVersion}') + # TODO Temporarily remove kubevirt from kud_tests below. The + # kubevirt self-test needs AllowTcpForwarding yes in + # /etc/ssh/sshd_config which is currently disabled by the OS + # security hardening. if [[ "${container_runtime}" == "containerd://1.2.13" ]]; then # With containerd 1.2.13, the qat test container image fails to unpack. - kud_tests="topology-manager-sriov kubevirt multus ovn4nfv nfd sriov-network cmk" + kud_tests="topology-manager-sriov multus ovn4nfv nfd sriov-network cmk" else - kud_tests="topology-manager-sriov kubevirt multus ovn4nfv nfd sriov-network qat cmk" + kud_tests="topology-manager-sriov multus ovn4nfv nfd sriov-network qat cmk" fi for test in ${kud_tests}; do KUBECONFIG=${cluster_kubeconfig} bash ${test}.sh || failed_kud_tests="${failed_kud_tests} ${test}" -- 2.16.6