bottlerocket-test-system
bottlerocket-test-system copied to clipboard
bottlerocket-os
A system for testing Bottlerocket
This seems like another thing to fix - we should strive to have VMware testing not require any AWS credentials or resources. _Originally posted by @bcressey in https://github.com/bottlerocket-os/bottlerocket/pull/2594#discussion_r1042825641_
To better support downstream users of the vmware variant of Bottlerocket, we need to make sure to test EKS-A's vSphere provisioning process as much as possible. This involves importing OVAs...
Given a test yaml that looks like: ```yaml --- apiVersion: testsys.bottlerocket.aws/v1 kind: Test metadata: name: hello-bones namespace: testsys-bottlerocket-aws spec: agent: name: hello-agent image: "example-test-agent:demo" keep_running: false configuration: mode: Fast person:...
Adding as a reminder for myself: `TestManager` provides and interface for managing a testsys cluster. _Originally posted by @ecpullen in https://github.com/bottlerocket-os/bottlerocket-test-system/pull/480#discussion_r927100106_
We want to try nefarious things in an unpriviledged container an make sure selinux blocks them. This cannot happen at the same time as #432 depends on: - #419 -...
When running a normal container workload we want to check and make sure no selinux avc denials occur. This probably needs to be modeled as a workload test, and it...
Right now we have the ability to use plain Kubernetes secrets in our test and resource agents. This is not sufficiently secure for long-lived testsys clusters. We need a stronger...
There is a fairly substantial breaking change in 0.5.4. I tried and it breaks our eks-provider. We might have to replace v1alpha1 with v1beta1 in our kubeconfigs or something. -...
I'd like to be able to specify a custom AWS service endpoint for a particular AWS service like EKS in our testing and resource agents. https://docs.aws.amazon.com/general/latest/gr/rande.html
For the following providers, we should document/provide the minimal set of policies that allows it to function. For example, the first thing that happens in the EKS provider is: ```...