Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve system test coverage and practices for KubeArmor #1749

Open
16 tasks
DelusionalOptimist opened this issue May 8, 2024 · 3 comments
Open
16 tasks

Improve system test coverage and practices for KubeArmor #1749

DelusionalOptimist opened this issue May 8, 2024 · 3 comments
Labels
enhancement New feature or request mentorship

Comments

@DelusionalOptimist
Copy link
Member

DelusionalOptimist commented May 8, 2024
edited

Description

Currently our Ginkgo based test suite for running system tests is lacking behind. We are not testing all of KubeArmor's features in different important supported environments.

Goals

The main goals of this are going to be as given below, please see attached issues for more details

Extended Goals (to be pursued only if enough time left)

  • Understand and implement fuzz testing in context of KubeArmor (any one of the modules)

Test Matrix Tracker

Provider Environment Type AppArmor BPF LSM Arch Runtime Frequency
Onprem k3s Kubernetes Container ✔️, Host ❌ Container ✔️, Host ❌ amd64 ✔️, arm ❌ Docker ✔️ , Containerd ✔️, CRI-O ✔️, Push, PRs, Release
Linux Ubuntu, Fedora Non-k8s Container ❌, Host ❌ Container ❌, Host ❌ amd64 ❌ Docker ❌ , Systemd ❌ Push, PRs, Release
Onprem KinD/Minikube, kubeadm Kubernetes Container ❌, Host ❌ Container ❌, Host ❌ amd64 ❌ Virtualbox ❌, Containerd ❌ Release
Managed TBD Kubernetes Container ❌, Host ❌ Container ❌, Host ❌ amd64 ❌ arm64 ❌ TBD Release

NOTES

  • Non-k8s test suite would work with both KubeArmor running in container mode as well as systemd mode.
  • For each of the above testing of the below aspects will be considered to mark it as complete
    • Observability
    • Enforcement
    • Alerts

Prerequisite Task

Create at least one new and unique test case for KubeArmor (can be in any mode) using the ginkgo framework and show the total improvement in coverage. The test coverage tool doesn't have to be run as part of the CI.

Deadline - 31 May 2024 11:59 PM UTC

Please don't share your task solutions publicly, prefer e-mailing a link to your fork/branch to mentors.

References
@DelusionalOptimist DelusionalOptimist added enhancement New feature or request mentorship labels May 8, 2024
@DelusionalOptimist DelusionalOptimist changed the title Improve system test coverage for KubeArmor Improve system test coverage and pratices for KubeArmor May 8, 2024
@DelusionalOptimist DelusionalOptimist changed the title Improve system test coverage and pratices for KubeArmor Improve system test coverage and practices for KubeArmor May 8, 2024
@officialasishkumar
Copy link

are there any pretasks?

cc: @DelusionalOptimist

@Ayush9026
Copy link

Ayush9026 commented May 12, 2024
edited

@DelusionalOptimist sir is there any pretask?

@DelusionalOptimist
Copy link
Member Author

Hey @officialasishkumar @Ayush9026, the issue description has been updated with the prerequisite task.

@navin772 navin772 mentioned this issue May 25, 2024
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request mentorship
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DelusionalOptimist @officialasishkumar @Ayush9026