[ci/e2e] Uninstall Tetragon after each e2e test

In the case of Kind e2e tests we create a new kind cluster for each test (which is inside docker), install cilium, tetragon, and tracing policies. At the end of each test, we used to just destroy the kind cluster. But the issue here is that eBPF programs are not removed from the host. This commit uninstalls tetragon explicitly to remove all eBPF programs and avoid interference between e2e tests. This does not seem to be an issue when creating a kind cluster locally, installing Tetragon and then deleting the kind cluster without unistalling Tetragon. In that case, all programs seems to be removed. This seems to be only an issue related to kind + lvh + e2e framework and not on real production clusters. Signed-off-by: Anastasios Papagiannis <[email protected]>
lambdanis · Jun 17, 2024 · dd602b0 · dd602b0
1 parent e3dd9f6
commit dd602b0
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 0 deletions.
diff --git a/tests/e2e/install/tetragon/tetragon.go b/tests/e2e/install/tetragon/tetragon.go
@@ -87,6 +87,49 @@ func processOpts(opts ...Option) *flags.HelmOptions {
 	return &defaultOpts
 }
 
+func Uninstall(opts ...Option) env.Func {
+	return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+		o := processOpts(opts...)
+		klog.InfoS("Uninstalling Tetragon...", "opts", o)
+
+		manager := helm.New(cfg.KubeconfigFile())
+
+		klog.InfoS("Uninstalling Tetragon...", "namespace", o.Namespace, "daemonset", o.DaemonSetName)
+
+		helmOpts := []helm.Option{
+			helm.WithName(o.DaemonSetName),
+			helm.WithNamespace(o.Namespace),
+			helm.WithWait(),
+		}
+
+		if err := manager.RunUninstall(helmOpts...); err != nil {
+			return ctx, fmt.Errorf("failed to uninstall via helm chart: %w", err)
+		}
+
+		if o.Wait {
+			client, err := cfg.NewClient()
+			if err != nil {
+				return ctx, err
+			}
+			r := client.Resources(o.Namespace)
+
+			ds := v1.DaemonSet{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      o.DaemonSetName,
+					Namespace: o.Namespace,
+				},
+			}
+
+			// Wait for Tetragon daemon set to be ready
+			klog.Info("Waiting for Tetragon DaemonSet to be removed...")
+			wait.For(conditions.New(r).ResourceDeleted(&ds))
+			klog.Info("Tetragon DaemonSet is removed!")
+		}
+
+		return context.WithValue(ctx, state.InstallOpts, o), nil
+	}
+}
+
 func Install(opts ...Option) env.Func {
 	return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
 		o := processOpts(opts...)
@@ -170,6 +213,8 @@ func Install(opts ...Option) env.Func {
 
 		helmArgs.WriteString(" --install")
 
+		klog.InfoS("Installing Tetragon...", "namespace", o.Namespace, "daemonset", o.DaemonSetName)
+
 		helmOpts := []helm.Option{
 			helm.WithName(o.DaemonSetName),
 			helm.WithNamespace(o.Namespace),

diff --git a/tests/e2e/runners/runners.go b/tests/e2e/runners/runners.go
@@ -38,6 +38,7 @@ type Runner struct {
 	setupCluster        SetupClusterFunc
 	installCilium       env.Func
 	installTetragon     env.Func
+	uninstallTetragon   env.Func
 	tetragonPortForward PortForwardFunc
 	hasCalledInit       bool
 	keepExportFiles     bool
@@ -65,6 +66,7 @@ var DefaultRunner = Runner{
 		"tetragon.exportAllowList":    "",
 		"tetragon.enablePolicyFilter": "true",
 	})),
+	uninstallTetragon: tetragon.Uninstall(tetragon.WithHelmOptions(map[string]string{})),
 	tetragonPortForward: func(testenv env.Environment) env.Func {
 		return helpers.PortForwardTetragonPods(testenv)
 	},
@@ -205,6 +207,10 @@ func (r *Runner) Init() *Runner {
 		r.Setup(r.tetragonPortForward(r.Environment))
 	}
 
+	if r.uninstallTetragon != nil {
+		r.Finish(r.uninstallTetragon)
+	}
+
 	return r
 }