cilium-cli
cilium-cli copied to clipboard
cilium
Add DNS over TCP tests
Add a new dns-tcp test to the suite that tests DNS proxy forwarding over TCP to external address used in the test suite. No payload protocol is used or tested, so this is a bare DNS test.
Plenty of other test cases cover DNS proxying for UDP, so this new test is specific to TCP.
Flow validation is extended to work on tests without payload protocol and for DNS validation on a UDP or TCP only, or both.
@jrajahalme there is a legitimate failure in the Go static checks: https://github.com/cilium/cilium-cli/actions/runs/7038093191?pr=2135
@jrajahalme there is a legitimate failure in the Go static checks: https://github.com/cilium/cilium-cli/actions/runs/7038093191?pr=2135
Thanks for noting, fixed.
@jrajahalme the newly introduced test seems to be failing in the external workloads CI workflow:
2023-12-01T01:37:10.182657701Z ❌ 1/48 tests failed (2/314 actions), 11 tests skipped, 0 scenarios skipped:
2023-12-01T01:37:10.182662275Z Test [dns-tcp]:
2023-12-01T01:37:10.182676662Z ❌ dns-tcp/pod-to-world/dns-tcp-google.com: cilium-test/client-75bff5f5b9-mrhr5 (10.0.1.230) -> google.com-dns-tcp (google.com:0)
2023-12-01T01:37:10.182681730Z ❌ dns-tcp/pod-to-world/dns-tcp-google.com: cilium-test/client2-88575dbb7-flmx9 (10.0.1.232) -> google.com-dns-tcp (google.com:0)
Added hubble flow forwarding to external workload install to see what it going on with the test failure.
@jrajahalme any progress on this? Should we move this PR to draft while you're investigating or just exclude the DNS over TCP tests on external workloads?
@jrajahalme any progress on this? Should we move this PR to draft while you're investigating or just exclude the DNS over TCP tests on external workloads?
I‘ve moved this to draft for now to avoid this PR from showing up in reviewer‘s queues. Please feel free to move it out of draft once the external workloads failure is resolved.