Skip to content

Commit db30def

Browse files
author
Chinmay Gadgil
committed
Updated e2e test runner script to support china regions
1 parent 1532897 commit db30def

File tree

1 file changed

+26
-12
lines changed

1 file changed

+26
-12
lines changed

scripts/run-e2e-test.sh

Lines changed: 26 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -32,14 +32,14 @@ function cleanUp(){
3232

3333
# IAM role and polcies are AWS Account specific, so need to clean them up if any from previous run
3434
echo "detach IAM policy if it exists"
35-
aws iam detach-role-policy --role-name $ROLE_NAME --policy-arn arn:aws:iam::$ACCOUNT_ID:policy/AWSLoadBalancerControllerIAMPolicy || true
35+
aws iam detach-role-policy --role-name $ROLE_NAME --policy-arn arn:${AWS_PARTITION}:iam::$ACCOUNT_ID:policy/AWSLoadBalancerControllerIAMPolicy || true
3636

3737
echo "delete $ROLE_NAME if it exists"
3838
aws iam delete-role --role-name $ROLE_NAME || true
3939

4040
# Need to do this as last step
4141
echo "delete AWSLoadBalancerControllerIAMPolicy if it exists"
42-
aws iam delete-policy --policy-arn arn:aws:iam::$ACCOUNT_ID:policy/AWSLoadBalancerControllerIAMPolicy || true
42+
aws iam delete-policy --policy-arn arn:${AWS_PARTITION}:iam::$ACCOUNT_ID:policy/AWSLoadBalancerControllerIAMPolicy || true
4343
}
4444

4545
echo "cordon off windows nodes"
@@ -49,6 +49,23 @@ echo "fetch OIDC provider"
4949
OIDC_PROVIDER=$(echo $CLUSTER_INFO | jq -r '.cluster.identity.oidc.issuer' | sed -e "s/^https:\/\///")
5050
echo "OIDC Provider: $OIDC_PROVIDER"
5151

52+
AWS_PARTITION="aws"
53+
IAM_POLCIY_FILE="iam_policy.json"
54+
55+
if [[ $REGION == "cn-north-1" || $REGION == "cn-northwest-1" ]];then
56+
AWS_PARTITION="aws-cn"
57+
IAM_POLCIY_FILE="iam_policy_cn.json"
58+
fi
59+
60+
if [[ $REGION == "cn-north-1" ]];then
61+
IMAGE="918309763551.dkr.ecr.cn-north-1.amazonaws.com.cn/amazon/aws-load-balancer-controller"
62+
elif [[ $REGION == "cn-northwest-1" ]];then
63+
IMAGE="961992271922.dkr.ecr.cn-northwest-1.amazonaws.com.cn/amazon/aws-load-balancer-controller"
64+
else
65+
IMAGE="602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon/aws-load-balancer-controller"
66+
fi
67+
68+
echo "IMAGE: $IMAGE"
5269
echo "create IAM policy document file"
5370
cat <<EOF > trust.json
5471
{
@@ -57,7 +74,7 @@ cat <<EOF > trust.json
5774
{
5875
"Effect": "Allow",
5976
"Principal": {
60-
"Federated": "arn:aws:iam::${ACCOUNT_ID}:oidc-provider/${OIDC_PROVIDER}"
77+
"Federated": "arn:${AWS_PARTITION}:iam::${ACCOUNT_ID}:oidc-provider/${OIDC_PROVIDER}"
6178
},
6279
"Action": "sts:AssumeRoleWithWebIdentity",
6380
"Condition": {
@@ -80,27 +97,24 @@ aws iam create-role --role-name $ROLE_NAME --assume-role-policy-document file://
8097
echo "creating AWSLoadbalancerController IAM Policy"
8198
aws iam create-policy \
8299
--policy-name AWSLoadBalancerControllerIAMPolicy \
83-
--policy-document file://"$SCRIPT_DIR"/../docs/install/iam_policy.json || true
100+
--policy-document file://"$SCRIPT_DIR"/../docs/install/${IAM_POLCIY_FILE} || true
84101

85102
echo "attaching AWSLoadbalancerController IAM Policy to $ROLE_NAME"
86-
aws iam attach-role-policy --policy-arn arn:aws:iam::$ACCOUNT_ID:policy/AWSLoadBalancerControllerIAMPolicy --role-name $ROLE_NAME || true
103+
aws iam attach-role-policy --policy-arn arn:${AWS_PARTITION}:iam::$ACCOUNT_ID:policy/AWSLoadBalancerControllerIAMPolicy --role-name $ROLE_NAME || true
87104

88105
echo "create service account"
89106
kubectl create serviceaccount aws-load-balancer-controller -n kube-system || true
90107

91108
echo "annotate service account with $ROLE_NAME"
92-
kubectl annotate serviceaccount -n kube-system aws-load-balancer-controller eks.amazonaws.com/role-arn=arn:aws:iam::"$ACCOUNT_ID":role/"$ROLE_NAME" --overwrite=true || true
109+
kubectl annotate serviceaccount -n kube-system aws-load-balancer-controller eks.amazonaws.com/role-arn=arn:${AWS_PARTITION}:iam::"$ACCOUNT_ID":role/"$ROLE_NAME" --overwrite=true || true
93110

94111
echo "update helm repo eks"
95112
helm repo add eks https://aws.github.io/eks-charts
96113

97114
helm repo update
98115

99-
echo "Install TargetGroupBinding CRDs"
100-
kubectl apply -k "github.com/aws/eks-charts/stable/aws-load-balancer-controller//crds?ref=master"
101-
102116
echo "Install aws-load-balancer-controller"
103-
helm upgrade -i aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=$CLUSTER_NAME --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller --set region=$REGION --set vpcId=$VPC_ID
117+
helm upgrade -i aws-load-balancer-controller eks/aws-load-balancer-controller -n kube-system --set clusterName=$CLUSTER_NAME --set serviceAccount.create=false --set serviceAccount.name=aws-load-balancer-controller --set region=$REGION --set vpcId=$VPC_ID --set image.repository=$IMAGE
104118

105119
echo_time() {
106120
date +"%D %T $*"
@@ -146,7 +160,7 @@ run_ginkgo_test
146160
# tail=-1 is added so that no logs are truncated
147161
# https://github.com/kubernetes/kubectl/issues/812
148162
echo "Fetch most recent aws-load-balancer-controller logs"
149-
kubectl logs -l app.kubernetes.io/name=aws-load-balancer-controller --container aws-load-balancer-controller --tail=-1 -n kube-system
163+
kubectl logs -l app.kubernetes.io/name=aws-load-balancer-controller --container aws-load-balancer-controller --tail=-1 -n kube-system || true
150164

151165
echo "Uncordon windows nodes"
152166
toggle_windows_scheduling "uncordon"
@@ -155,6 +169,6 @@ echo "clean up resources from current run"
155169
cleanUp
156170

157171
echo "Delete TargetGroupBinding CRDs if exists"
158-
kubectl delete -k "github.com/aws/eks-charts/stable/aws-load-balancer-controller//crds?ref=master" --timeout=10m || true
172+
kubectl delete -k "github.com/aws/eks-charts/stable/aws-load-balancer-controller//crds?ref=master" --timeout=30m || true
159173

160174
echo "Successfully finished the test suite $(($SECONDS / 60)) minutes and $(($SECONDS % 60)) seconds"

0 commit comments

Comments
 (0)