https://git.k8s.io/enhancements/keps/sig-testing/5468-invariant-testing
introduced a mechanism for tests which hook into the test suite run via
ginkgo.ReportAfterSuite. Usage was limited to code in test/e2e/invariants with
stricter reviews.
However, this was not enforced mechanically. With forbidigo we can be sure that
nothing slips through.
ginkgo.ReportBeforeSuite has similar restrictions.
Update the following vendored dependencies:
- github.com/google/cadvisor: v0.55.1 -> v0.56.0
- github.com/containerd/containerd/api: v1.9.0 -> v1.10.0
- github.com/opencontainers/runtime-spec: v1.2.1 -> v1.3.0
- github.com/opencontainers/selinux: v1.13.0 -> v1.13.1
cadvisor v0.56.0 changes:
- Add s390x (IBM Z/mainframe) CPU topology support with NumBooks and
NumDrawers fields in MachineInfo
- Add new Prometheus metrics: machine_cpu_books and machine_cpu_drawers
- Add standard deviation (Std) field to Percentiles for resource statistics
- Add sysfs constants CPUBookID and CPUDrawerID for s390x topology detection
containerd/api v1.10.0 changes:
- Add ActiveMount message type for tracking mounts with timestamps
- Add ActivationInfo message for mount management and lifecycle tracking
runtime-spec v1.3.0 changes (from ChangeLog):
- Add FreeBSD platform support with new Spec.FreeBSD field
- Add netDevices object for moving network devices to container namespaces
- Add memoryPolicy object for NUMA memory policy configuration
- Add hwConfig object for VM-based containers (vcpus, memory, device-tree)
- Add iomems for hardware I/O memory page access in VMs
- Add intelRdt.schemata and intelRdt.enableMonitoring fields
- Change LinuxPids.Limit to pointer type for optional handling
- Clarify intelRdt configuration and pids cgroup settings
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: Davanum Srinivas <davanum@gmail.com>
This is primarily useful in unit tests and therefore supported by
featuregate/testing. Without this, all warnings are emitted to stderr, with no
connection to the test which caused the warning to be emitted.
When a single test fails, `go test` started by showing all warnings triggered by
any test, not just the failed test:
I1121 18:50:28.112284 396950 feature_gate.go:466] feature gates: {map[DRADeviceTaintRules:true DRADeviceTaints:true]}
...
I1121 18:50:29.704907 396950 feature_gate.go:466] feature gates: {map[DRADeviceTaintRules:false DRADeviceTaints:false]}
--- FAIL: TestAll (1.58s)
--- FAIL: TestAll/Eviction (0.02s)
This warning was actually slightly broken: it passed an atomic.Value to Infof,
not the map. This violates the "must not be copied after first use" rule
for atomic.Value (thus wasn't thread-safe) and printed the value in an awkward
way (extra {}).
Now it shows that the feature gates are modified inside TestAll (in this example):
--- FAIL: TestAll (1.56s)
feature_gate.go:170: I1124 17:31:27.245108] Updated featureGates={"DRADeviceTaintRules":true,"DRADeviceTaints":true}
--- FAIL: TestAll/Eviction (0.02s)
--- FAIL: TestAll/Eviction/initial (0.00s)
...
feature_gate.go:170: I1124 17:31:28.821975] Updated featureGates={"DRADeviceTaintRules":false,"DRADeviceTaints":false}
FAIL
FAIL k8s.io/kubernetes/pkg/controller/devicetainteviction 1.602s
klog calls during init are becoming a problem because now test/e2e/framework
depends in test/utils/ktesting which bumps up the default verbosity during init
to make test output more complete when there is no argument parsing.
For cadvisor, an upstream fix is
needed (https://github.com/google/cadvisor/pull/3778). For kubectl we can make
it silently accept the valid (!) LC_ALL=C.
* tested how many errors
* added exceptions
* added scoped exceptions per API group
* added struct.field specification
* improved regex match and included core and resources with the new struct.field format
* condensed exceptions using regex as requested
* fixed the scope kal nomaps exceptions to match existing fields
There was an env variable PARALLEL and a -p command line flag,
but the value then wasn't passed on to "go test".
The new default is to not set any explicit parallelism, which
matches the prior (accidental?) behavior of ignoring PARALLEL.
The script is broken because it relies on grepping the source code.
This has always been fragile (currently it finds the search term
in comments) and stopped working years ago when changing how tests
are labeled.
Instead of fixing the script let's remove it because it's clearly unused.
Verify scripts are run such that stderr is captured and included in the JUnit
files. Stdout is not. Therefore the instructions in case of a failure where
only visible by searching the entire job log file, but not in the Prow summary.
