Skip to content

chore(CI): clenaup network flow test #19414

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
janisz wants to merge 4 commits into
base: master
Choose a base branch
from
+31 −31
Open

chore(CI): clenaup network flow test #19414

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
67873ea
chore(CI): clenaup netowrk flow test
janisz Mar 13, 2026
aefbfb4
fix(tests): correct Map iteration and property access in NetworkFlowTest
janisz Mar 13, 2026
703a90f
Merge branch 'master' into cleanup_network_flow_test
janisz Mar 13, 2026
c22c6cb
fix(tests): use values() for spread operator on deployments Map
janisz Mar 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 31 additions & 31 deletions qa-tests-backend/src/test/groovy/NetworkFlowTest.groovy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ class NetworkFlowTest extends BaseSpecification {
}

@Shared
private List<Deployment> deployments
private Map<String, Deployment> deployments

def createDeployments() {
targetDeployments = buildTargetDeployments()
Expand All @@ -203,7 +203,7 @@ class NetworkFlowTest extends BaseSpecification {
for (Deployment d : sourceDeployments) {
assert Services.waitForDeployment(d)
}
deployments = sourceDeployments + targetDeployments
deployments = (sourceDeployments + targetDeployments).collectEntries { [(it.name): it] }
//
// Commenting out ICMP test setup for now
// See ROX-635
Expand Down Expand Up @@ -244,10 +244,10 @@ class NetworkFlowTest extends BaseSpecification {
}

def destroyDeployments() {
for (Deployment deployment : deployments) {
for (Deployment deployment : deployments.values()) {
orchestrator.deleteDeployment(deployment)
}
for (Deployment deployment : deployments) {
for (Deployment deployment : deployments.values()) {
if (deployment.exposeAsService) {
orchestrator.waitForServiceDeletion(new Service(deployment.name, deployment.namespace))
}
Expand All @@ -267,9 +267,9 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify one-time connections show at first and are closed after the afterglow period"() {
given:
"Two deployments, A and B, where B communicates to A a single time during initial deployment"
String targetUid = deployments.find { it.name == NGINXCONNECTIONTARGET }?.deploymentUid
String targetUid = deployments[NGINXCONNECTIONTARGET]?.deploymentUid
assert targetUid != null
String sourceUid = deployments.find { it.name == SINGLECONNECTIONSOURCE }?.deploymentUid
String sourceUid = deployments[SINGLECONNECTIONSOURCE]?.deploymentUid
assert sourceUid != null

when:
Expand Down Expand Up @@ -346,9 +346,9 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify connections can be detected: #protocol"() {
given:
"Two deployments, A and B, where B communicates to A via #protocol"
String targetUid = deployments.find { it.name == targetDeployment }?.deploymentUid
String targetUid = deployments[targetDeployment]?.deploymentUid
assert targetUid != null
String sourceUid = deployments.find { it.name == sourceDeployment }?.deploymentUid
String sourceUid = deployments[sourceDeployment]?.deploymentUid
assert sourceUid != null

expect:
Expand All @@ -358,7 +358,7 @@ class NetworkFlowTest extends BaseSpecification {

assert edges
assert edges.get(0).protocol == protocol
assert deployments.find { it.name == targetDeployment }?.ports?.keySet()?.contains(edges.get(0).port)
assert deployments[targetDeployment]?.ports?.keySet()?.contains(edges.get(0).port)

where:
"Data is:"
Expand All @@ -376,7 +376,7 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify listen port availability matches feature flag: #targetDeployment"() {
given:
"Deployment with listening port"
String targetUid = deployments.find { it.name == targetDeployment }?.deploymentUid
String targetUid = deployments[targetDeployment]?.deploymentUid
assert targetUid

expect:
Expand All @@ -401,9 +401,9 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify connections with short consistent intervals between 2 deployments"() {
given:
"Two deployments, A and B, where B communicates to A in short consistent intervals"
String targetUid = deployments.find { it.name == NGINXCONNECTIONTARGET }?.deploymentUid
String targetUid = deployments[NGINXCONNECTIONTARGET]?.deploymentUid
assert targetUid != null
String sourceUid = deployments.find { it.name == SHORTCONSISTENTSOURCE }?.deploymentUid
String sourceUid = deployments[SHORTCONSISTENTSOURCE]?.deploymentUid
assert sourceUid != null

when:
Expand Down Expand Up @@ -466,9 +466,9 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify network flows with graph filtering"() {
given:
"Two deployments, A and B, where B communicates to A"
String sourceUid = deployments.find { it.name == TCPCONNECTIONSOURCE }?.deploymentUid
String sourceUid = deployments[TCPCONNECTIONSOURCE]?.deploymentUid
assert sourceUid != null
String targetUid = deployments.find { it.name == TCPCONNECTIONTARGET }?.deploymentUid
String targetUid = deployments[TCPCONNECTIONTARGET]?.deploymentUid
assert targetUid != null

when:
Expand All @@ -489,7 +489,7 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify connections to external sources"() {
given:
"Deployment A, where A communicates to an external target"
String deploymentUid = deployments.find { it.name == EXTERNALDESTINATION }?.deploymentUid
String deploymentUid = deployments[EXTERNALDESTINATION]?.deploymentUid
assert deploymentUid != null

when: "External IPs is disabled"
Expand Down Expand Up @@ -562,15 +562,15 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify connections from external sources"() {
given:
"Deployment A, where an external source communicates to A"
String deploymentUid = deployments.find { it.name == NGINXCONNECTIONTARGET }?.deploymentUid
String deploymentUid = deployments[NGINXCONNECTIONTARGET]?.deploymentUid
assert deploymentUid != null
String targetUrl
if (Env.mustGetOrchestratorType() == OrchestratorTypes.K8S) {
String deploymentIP = deployments.find { it.name == NGINXCONNECTIONTARGET }?.loadBalancerIP
String deploymentIP = deployments[NGINXCONNECTIONTARGET]?.loadBalancerIP
assert deploymentIP != null
targetUrl = "http://${deploymentIP}"
} else if (Env.mustGetOrchestratorType() == OrchestratorTypes.OPENSHIFT) {
String routeHost = deployments.find { it.name == NGINXCONNECTIONTARGET }?.routeHost
String routeHost = deployments[NGINXCONNECTIONTARGET]?.routeHost
assert routeHost != null
targetUrl = "http://${routeHost}"
} else {
Expand Down Expand Up @@ -667,9 +667,9 @@ class NetworkFlowTest extends BaseSpecification {
Assume.assumeFalse(Env.mustGetOrchestratorType() == OrchestratorTypes.OPENSHIFT)
given:
"Deployment A, exposed via LB"
String deploymentUid = deployments.find { it.name == NGINXCONNECTIONTARGET }?.deploymentUid
String deploymentUid = deployments[NGINXCONNECTIONTARGET]?.deploymentUid
assert deploymentUid != null
String deploymentIP = deployments.find { it.name == NGINXCONNECTIONTARGET }?.loadBalancerIP
String deploymentIP = deployments[NGINXCONNECTIONTARGET]?.loadBalancerIP
assert deploymentIP != null

when:
Expand Down Expand Up @@ -706,9 +706,9 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify no connections between 2 deployments"() {
given:
"Two deployments, A and B, where neither communicates to the other"
String targetUid = deployments.find { it.name == NGINXCONNECTIONTARGET }?.deploymentUid
String targetUid = deployments[NGINXCONNECTIONTARGET]?.deploymentUid
assert targetUid != null
String sourceUid = deployments.find { it.name == NOCONNECTIONSOURCE }?.deploymentUid
String sourceUid = deployments[NOCONNECTIONSOURCE]?.deploymentUid
assert sourceUid != null

expect:
Expand All @@ -721,9 +721,9 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify connections between two deployments on 2 separate ports shows both edges in the graph"() {
given:
"Two deployments, A and B, where B communicates to A on 2 different ports"
String targetUid = deployments.find { it.name == TCPCONNECTIONTARGET }?.deploymentUid
String targetUid = deployments[TCPCONNECTIONTARGET]?.deploymentUid
assert targetUid != null
String sourceUid = deployments.find { it.name == MULTIPLEPORTSCONNECTION }?.deploymentUid
String sourceUid = deployments[MULTIPLEPORTSCONNECTION]?.deploymentUid
assert sourceUid != null

when:
Expand All @@ -748,9 +748,9 @@ class NetworkFlowTest extends BaseSpecification {

given:
"Two deployments, A and B, where B communicates to A"
String targetUid = deployments.find { it.name == NGINXCONNECTIONTARGET }?.deploymentUid
String targetUid = deployments[NGINXCONNECTIONTARGET]?.deploymentUid
assert targetUid != null
String sourceUid = deployments.find { it.name == SHORTCONSISTENTSOURCE }?.deploymentUid
String sourceUid = deployments[SHORTCONSISTENTSOURCE]?.deploymentUid
assert sourceUid != null

and:
Expand Down Expand Up @@ -791,7 +791,7 @@ class NetworkFlowTest extends BaseSpecification {
def "Verify edge timestamps are never in the future, or before start of flow tests"() {
given:
"Get current state of edges and current timestamp"
def queryString = "Deployment:" + deployments.name.join(",")
String queryString = "Deployment:" + deployments.keySet().join(",")
NetworkGraph currentGraph = NetworkGraphService.getNetworkGraph(null, queryString)
long currentTime = System.currentTimeMillis()

Expand All @@ -812,11 +812,11 @@ class NetworkFlowTest extends BaseSpecification {

given:
"Get current state of deployed namespaces"
List<String> deployedNamespaces = deployments*.namespace
List<String> deployedNamespaces = deployments.values()*.namespace

and:
"delete a deployment"
Deployment delete = deployments.find { it.name == NOCONNECTIONSOURCE }
Deployment delete = deployments[NOCONNECTIONSOURCE]
orchestrator.deleteDeployment(delete)
Services.waitForSRDeletion(delete)

Expand All @@ -841,7 +841,7 @@ class NetworkFlowTest extends BaseSpecification {
List<NetworkNode> outNodes = currentGraph.nodesList.findAll { node ->
node.outEdgesMap.containsKey(index)
}
def allowAllIngress = deployments.find { it.name == deploymentName }?.createLoadBalancer ||
boolean allowAllIngress = deployments[deploymentName]?.createLoadBalancer ||
currentGraph.nodesList.find { it.entity.type == Type.INTERNET }.outEdgesMap.containsKey(index)
if (allowAllIngress) {
log.info "${deploymentName} has LB/External incoming traffic - ensure All Ingress allowed"
Expand Down Expand Up @@ -880,7 +880,7 @@ class NetworkFlowTest extends BaseSpecification {
assert yaml."metadata"."labels"."network-policy-generator.stackrox.io/generated"
assert yaml."metadata"."namespace"
def index = currentGraph.nodesList.findIndexOf { node -> node.deploymentName == deploymentName }
def allowAllIngress = deployments.find { it.name == deploymentName }?.createLoadBalancer ||
boolean allowAllIngress = deployments[deploymentName]?.createLoadBalancer ||
currentGraph.nodesList.find { it.entity.type == Type.INTERNET }.outEdgesMap.containsKey(index)
List<NetworkNode> outNodes = currentGraph.nodesList.findAll { node ->
node.outEdgesMap.containsKey(index)
Expand Down
Loading