mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
|
|
||
|---|---|---|
| .. | ||
| .gitignore | ||
| PRODUCT.yaml | ||
| README.md | ||
Reproducing Conformance Test Results
Prerequisites
Install & configure gcloud CLI for access to GCP.
Install WireGuard for connecting to your cluster
Install kubectl for working with Kubernetes
For more information follow our documentation.
Additionally, Sonobuoy CLI is required. These tests results were produced using Sonobuoy v0.56.4.
Provision Constellation Cluster
constellation create gcp 1 2 n2d-standard-2 -y
constellation init
wg-quick up ./wg0.conf
export KUBECONFIG="$PWD/constellation-admin.conf"
Run Conformance Tests
# Runs for ~2 hours.
sonobuoy run --mode certified-conformance
# Once status shows tests have completed...
sonobuoy status
# ... download & display results.
outfile=$(sonobuoy retrieve)
sonobuoy results $outfile
Fetch Test Log & Report
The provided e2e.log & junit_01.xml were fetched like this:
tar -xvf $outfile
cat plugins/e2e/results/global/e2e.log
cat plugins/e2e/results/global/junit_01.xml
Cleanup
# Remove test deployments
sonobuoy delete --wait
# Or, shutdown cluster
wg-quick down ./wg0.conf
./constellation terminate
rm constellation-mastersecret.base64
Run CIS Benchmark Tests
# Runs for <1 min.
sonobuoy run --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml --wait
# ... download & display results.
outfile=$(sonobuoy retrieve)
sonobuoy results $outfiles