Merge branch 'main' into develop

Changing mizu ent helm name (#859 )
* Changing mizu ent helm name
2026-02-18 03:50:06 +00:00 · 2022-02-27 10:56:43 +02:00 · 2022-02-27 10:49:30 +02:00 · 2022-02-24 18:44:14 +02:00 · 2022-02-24 16:46:51 +02:00 · 2022-02-24 16:08:36 +02:00
19 changed files with 45 additions and 118 deletions
--- a/acceptanceTests/cypress.json
+++ b/acceptanceTests/cypress.json
@@ -24,7 +24,6 @@
    "redactHeaderContent": "User-Header[REDACTED]",
    "redactBodyContent": "{ \"User\": \"[REDACTED]\" }",
    "regexMaskingBodyContent": "[REDACTED]",
-    "minimumEntries": 25,
    "greenFilterColor": "rgb(210, 250, 210)",
    "redFilterColor": "rgb(250, 214, 220)",
    "bodyJsonClass": ".hljs",
--- a/acceptanceTests/cypress/integration/testHelpers/TrafficHelper.js
+++ b/acceptanceTests/cypress/integration/testHelpers/TrafficHelper.js
@@ -25,14 +25,16 @@ export function resizeToNormalMizu() {
 }

 export function verifyMinimumEntries() {
-    const minimumEntries = Cypress.env('minimumEntries');
-    it(`Making sure that mizu shows at least ${minimumEntries} entries`, async function () {
+    const entriesSent = Cypress.env('entriesCount');
+    const minimumEntries = Math.round((0.75 * entriesSent));
+
+    it(`Making sure that mizu shows at least ${minimumEntries} entries`, function () {
        cy.get('#total-entries').then(number => {
            const getNum = () => {
-                const numOfEntries = number.text();
-                return parseInt(numOfEntries);
+                return parseInt(number.text());
            };
-            cy.wrap({there: getNum}).invoke('there').should('be.gte', minimumEntries);
+
+            cy.wrap({num: getNum}).invoke('num').should('be.gt', minimumEntries);
        });
    });
 }
--- a/acceptanceTests/cypress/integration/tests/GuiPort.js
+++ b/acceptanceTests/cypress/integration/tests/GuiPort.js
@@ -1,5 +1,4 @@
 import {findLineAndCheck, getExpectedDetailsDict} from "../testHelpers/StatusBarHelper";
-import {verifyMinimumEntries} from "../testHelpers/TrafficHelper";

 it('check', function () {
    const podName = Cypress.env('name'), namespace = Cypress.env('namespace');
@@ -9,8 +8,6 @@ it('check', function () {
    cy.visit(`http://localhost:${port}`);
    cy.wait('@statusTap').its('response.statusCode').should('match', /^2\d{2}/);

-    verifyMinimumEntries();
-
    cy.get('.podsCount').trigger('mouseover');
    findLineAndCheck(getExpectedDetailsDict(podName, namespace));
 });
--- a/acceptanceTests/cypress/integration/tests/IgnoredUserAgents.js
+++ b/acceptanceTests/cypress/integration/tests/IgnoredUserAgents.js
@@ -2,15 +2,12 @@ import {
    checkThatAllEntriesShown,
    isValueExistsInElement,
    resizeToHugeMizu,
-    verifyMinimumEntries
 } from "../testHelpers/TrafficHelper";

 it('Loading Mizu', function () {
    cy.visit(Cypress.env('testUrl'));
 });

-verifyMinimumEntries();
-
 checkEntries();

 function checkEntries() {
--- a/acceptanceTests/cypress/integration/tests/NoRedact.js
+++ b/acceptanceTests/cypress/integration/tests/NoRedact.js
@@ -1,10 +1,8 @@
-import {isValueExistsInElement, verifyMinimumEntries} from '../testHelpers/TrafficHelper';
+import {isValueExistsInElement} from '../testHelpers/TrafficHelper';

 it('Loading Mizu', function () {
    cy.visit(Cypress.env('testUrl'));
 });

-verifyMinimumEntries();
-
 isValueExistsInElement(false, Cypress.env('redactHeaderContent'), '#tbody-Headers');
 isValueExistsInElement(false, Cypress.env('redactBodyContent'), Cypress.env('bodyJsonClass'));
--- a/acceptanceTests/cypress/integration/tests/Redact.js
+++ b/acceptanceTests/cypress/integration/tests/Redact.js
@@ -1,10 +1,8 @@
-import {isValueExistsInElement, verifyMinimumEntries} from '../testHelpers/TrafficHelper';
+import {isValueExistsInElement} from '../testHelpers/TrafficHelper';

 it('Loading Mizu', function () {
    cy.visit(Cypress.env('testUrl'));
 });

-verifyMinimumEntries();
-
 isValueExistsInElement(true, Cypress.env('redactHeaderContent'), '#tbody-Headers');
 isValueExistsInElement(true, Cypress.env('redactBodyContent'), Cypress.env('bodyJsonClass'));
--- a/acceptanceTests/cypress/integration/tests/RegexMasking.js
+++ b/acceptanceTests/cypress/integration/tests/RegexMasking.js
@@ -1,9 +1,7 @@
-import {isValueExistsInElement, verifyMinimumEntries} from "../testHelpers/TrafficHelper";
+import {isValueExistsInElement} from "../testHelpers/TrafficHelper";

 it('Loading Mizu', function () {
    cy.visit(Cypress.env('testUrl'));
 });

-verifyMinimumEntries();
-
 isValueExistsInElement(true, Cypress.env('regexMaskingBodyContent'), Cypress.env('bodyJsonClass'));
--- a/acceptanceTests/tap_test.go
+++ b/acceptanceTests/tap_test.go
@@ -62,7 +62,7 @@ func TestTap(t *testing.T) {
 				}
 			}

-			runCypressTests(t, "npx cypress run --spec  \"cypress/integration/tests/UiTest.js\"")
+			runCypressTests(t, fmt.Sprintf("npx cypress run --spec  \"cypress/integration/tests/UiTest.js\" --env entriesCount=%d", entriesCount))
 		})
 	}
 }
--- a/cli/cmd/checkRunner.go
+++ b/cli/cmd/checkRunner.go
@@ -2,8 +2,8 @@ package cmd

 import (
 	"context"
+	"embed"
 	"fmt"
-	"github.com/up9inc/mizu/shared"
 	rbac "k8s.io/api/rbac/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/kubernetes/scheme"
@@ -17,6 +17,11 @@ import (
 	"github.com/up9inc/mizu/shared/semver"
 )

+var (
+	//go:embed permissionFiles
+	embedFS embed.FS
+)
+
 func runMizuCheck() {
 	logger.Log.Infof("Mizu checks\n===================")

@@ -34,13 +39,8 @@ func runMizuCheck() {
 			checkPassed = checkK8sTapPermissions(ctx, kubernetesProvider)
 		}
 	} else {
-		var isInstallCommand bool
 		if checkPassed {
-			checkPassed, isInstallCommand = checkMizuMode(ctx, kubernetesProvider)
-		}
-
-		if checkPassed {
-			checkPassed = checkK8sResources(ctx, kubernetesProvider, isInstallCommand)
+			checkPassed = checkK8sResources(ctx, kubernetesProvider)
 		}

 		if checkPassed {
@@ -75,27 +75,6 @@ func checkKubernetesApi() (*kubernetes.Provider, *semver.SemVersion, bool) {
 	return kubernetesProvider, kubernetesVersion, true
 }

-func checkMizuMode(ctx context.Context, kubernetesProvider *kubernetes.Provider) (bool, bool) {
-	logger.Log.Infof("\nmode\n--------------------")
-
-	if exist, err := kubernetesProvider.DoesDeploymentExist(ctx, config.Config.MizuResourcesNamespace, kubernetes.ApiServerPodName); err != nil {
-		logger.Log.Errorf("%v can't check mizu command, err: %v", fmt.Sprintf(uiUtils.Red, "✗"), err)
-		return false, false
-	} else if exist {
-		logger.Log.Infof("%v mizu running with install command", fmt.Sprintf(uiUtils.Green, "√"))
-		return true, true
-	} else if exist, err = kubernetesProvider.DoesPodExist(ctx, config.Config.MizuResourcesNamespace, kubernetes.ApiServerPodName); err != nil {
-		logger.Log.Errorf("%v can't check mizu command, err: %v", fmt.Sprintf(uiUtils.Red, "✗"), err)
-		return false, false
-	} else if exist {
-		logger.Log.Infof("%v mizu running with tap command", fmt.Sprintf(uiUtils.Green, "√"))
-		return true, false
-	} else {
-		logger.Log.Infof("%v mizu is not running", fmt.Sprintf(uiUtils.Red, "✗"))
-		return false, false
-	}
-}
-
 func checkKubernetesVersion(kubernetesVersion *semver.SemVersion) bool {
 	logger.Log.Infof("\nkubernetes-version\n--------------------")

@@ -179,7 +158,7 @@ func checkPortForward(serverUrl string, kubernetesProvider *kubernetes.Provider)
 	return nil
 }

-func checkK8sResources(ctx context.Context, kubernetesProvider *kubernetes.Provider, isInstallCommand bool) bool {
+func checkK8sResources(ctx context.Context, kubernetesProvider *kubernetes.Provider) bool {
 	logger.Log.Infof("\nk8s-components\n--------------------")

 	exist, err := kubernetesProvider.DoesNamespaceExist(ctx, config.Config.MizuResourcesNamespace)
@@ -208,52 +187,27 @@ func checkK8sResources(ctx context.Context, kubernetesProvider *kubernetes.Provi
 	exist, err = kubernetesProvider.DoesServiceExist(ctx, config.Config.MizuResourcesNamespace, kubernetes.ApiServerPodName)
 	allResourcesExist = checkResourceExist(kubernetes.ApiServerPodName, "service", exist, err) && allResourcesExist

-	if isInstallCommand {
-		allResourcesExist = checkInstallResourcesExist(ctx, kubernetesProvider) && allResourcesExist
-	} else {
-		allResourcesExist = checkTapResourcesExist(ctx, kubernetesProvider) && allResourcesExist
-	}
+	allResourcesExist = checkPodResourcesExist(ctx, kubernetesProvider) && allResourcesExist

 	return allResourcesExist
 }

-func checkInstallResourcesExist(ctx context.Context, kubernetesProvider *kubernetes.Provider) bool {
-	exist, err := kubernetesProvider.DoesRoleExist(ctx, config.Config.MizuResourcesNamespace, kubernetes.DaemonRoleName)
-	installResourcesExist := checkResourceExist(kubernetes.DaemonRoleName, "role", exist, err)
-
-	exist, err = kubernetesProvider.DoesRoleBindingExist(ctx, config.Config.MizuResourcesNamespace, kubernetes.DaemonRoleBindingName)
-	installResourcesExist = checkResourceExist(kubernetes.DaemonRoleBindingName, "role binding", exist, err) && installResourcesExist
-
-	exist, err = kubernetesProvider.DoesPersistentVolumeClaimExist(ctx, config.Config.MizuResourcesNamespace, kubernetes.PersistentVolumeClaimName)
-	installResourcesExist = checkResourceExist(kubernetes.PersistentVolumeClaimName, "persistent volume claim", exist, err) && installResourcesExist
-
-	exist, err = kubernetesProvider.DoesDeploymentExist(ctx, config.Config.MizuResourcesNamespace, kubernetes.ApiServerPodName)
-	installResourcesExist = checkResourceExist(kubernetes.ApiServerPodName, "deployment", exist, err) && installResourcesExist
-
-	return installResourcesExist
-}
-
-func checkTapResourcesExist(ctx context.Context, kubernetesProvider *kubernetes.Provider) bool {
-	exist, err := kubernetesProvider.DoesPodExist(ctx, config.Config.MizuResourcesNamespace, kubernetes.ApiServerPodName)
-	tapResourcesExist := checkResourceExist(kubernetes.ApiServerPodName, "pod", exist, err)
-
-	if !tapResourcesExist {
+func checkPodResourcesExist(ctx context.Context, kubernetesProvider *kubernetes.Provider) bool {
+	if pods, err := kubernetesProvider.ListPodsByAppLabel(ctx, config.Config.MizuResourcesNamespace, kubernetes.ApiServerPodName); err != nil {
+		logger.Log.Errorf("%v error checking if '%v' pod is running, err: %v", fmt.Sprintf(uiUtils.Red, "✗"), kubernetes.ApiServerPodName, err)
 		return false
-	}
-
-	if pod, err := kubernetesProvider.GetPod(ctx, config.Config.MizuResourcesNamespace, kubernetes.ApiServerPodName); err != nil {
-		logger.Log.Errorf("%v error checking if '%v' pod exists, err: %v", fmt.Sprintf(uiUtils.Red, "✗"), kubernetes.ApiServerPodName, err)
+	} else if len(pods) == 0 {
+		logger.Log.Errorf("%v '%v' pod doesn't exist", fmt.Sprintf(uiUtils.Red, "✗"), kubernetes.ApiServerPodName)
 		return false
-	} else if kubernetes.IsPodRunning(pod) {
-		logger.Log.Infof("%v '%v' pod running", fmt.Sprintf(uiUtils.Green, "√"), kubernetes.ApiServerPodName)
-	} else {
+	} else if !kubernetes.IsPodRunning(&pods[0]) {
 		logger.Log.Errorf("%v '%v' pod not running", fmt.Sprintf(uiUtils.Red, "✗"), kubernetes.ApiServerPodName)
 		return false
 	}

-	tapperRegex := regexp.MustCompile(fmt.Sprintf("^%s.*", kubernetes.TapperPodName))
-	if pods, err := kubernetesProvider.ListAllPodsMatchingRegex(ctx, tapperRegex, []string{config.Config.MizuResourcesNamespace}); err != nil {
-		logger.Log.Errorf("%v error listing '%v' pods, err: %v", fmt.Sprintf(uiUtils.Red, "✗"), kubernetes.TapperPodName, err)
+	logger.Log.Infof("%v '%v' pod running", fmt.Sprintf(uiUtils.Green, "√"), kubernetes.ApiServerPodName)
+
+	if pods, err := kubernetesProvider.ListPodsByAppLabel(ctx, config.Config.MizuResourcesNamespace, kubernetes.TapperPodName); err != nil {
+		logger.Log.Errorf("%v error checking if '%v' pods are running, err: %v", fmt.Sprintf(uiUtils.Red, "✗"), kubernetes.TapperPodName, err)
 		return false
 	} else {
 		tappers := 0
@@ -294,12 +248,12 @@ func checkK8sTapPermissions(ctx context.Context, kubernetesProvider *kubernetes.

 	var filePath string
 	if config.Config.IsNsRestrictedMode() {
-		filePath = "./examples/roles/permissions-ns-tap.yaml"
+		filePath = "permissionFiles/permissions-ns-tap.yaml"
 	} else {
-		filePath = "./examples/roles/permissions-all-namespaces-tap.yaml"
+		filePath = "permissionFiles/permissions-all-namespaces-tap.yaml"
 	}

-	data, err := shared.ReadFromFile(filePath)
+	data, err := embedFS.ReadFile(filePath)
 	if err != nil {
 		logger.Log.Errorf("%v error while checking kubernetes permissions, err: %v", fmt.Sprintf(uiUtils.Red, "✗"), err)
 		return false
--- a/cli/cmd/install.go
+++ b/cli/cmd/install.go
@@ -14,10 +14,10 @@ var installCmd = &cobra.Command{
 		logger.Log.Infof("This command has been deprecated, please use helm as described below.\n\n")

 		logger.Log.Infof("To install stable build of Mizu on your cluster using helm, run the following command:")
-		logger.Log.Infof("    helm install mizu mizu --repo https://static.up9.com/mizu/helm --namespace=mizu --create-namespace\n\n")
+		logger.Log.Infof("    helm install mizu up9mizu --repo https://static.up9.com/mizu/helm --namespace=mizu --create-namespace\n\n")

 		logger.Log.Infof("To install development build of Mizu on your cluster using helm, run the following command:")
-		logger.Log.Infof("    helm install mizu mizu --repo https://static.up9.com/mizu/helm-develop --namespace=mizu --create-namespace\n")
+		logger.Log.Infof("    helm install mizu up9mizu --repo https://static.up9.com/mizu/helm-develop --namespace=mizu --create-namespace\n")

 		return nil
 	},
--- a/cli/cmd/permissionFiles/permissions-all-namespaces-debug-optional.yaml
+++ b/cli/cmd/permissionFiles/permissions-all-namespaces-debug-optional.yaml
--- a/cli/cmd/permissionFiles/permissions-all-namespaces-ip-resolution-optional.yaml
+++ b/cli/cmd/permissionFiles/permissions-all-namespaces-ip-resolution-optional.yaml
--- a/cli/cmd/permissionFiles/permissions-all-namespaces-tap.yaml
+++ b/cli/cmd/permissionFiles/permissions-all-namespaces-tap.yaml
--- a/cli/cmd/permissionFiles/permissions-ns-debug-optional.yaml
+++ b/cli/cmd/permissionFiles/permissions-ns-debug-optional.yaml
--- a/cli/cmd/permissionFiles/permissions-ns-ip-resolution-optional.yaml
+++ b/cli/cmd/permissionFiles/permissions-ns-ip-resolution-optional.yaml
--- a/cli/cmd/permissionFiles/permissions-ns-tap.yaml
+++ b/cli/cmd/permissionFiles/permissions-ns-tap.yaml
--- a/docs/PERMISSIONS.md
+++ b/docs/PERMISSIONS.md
@@ -85,4 +85,4 @@ By default Mizu requires cluster-wide permissions.
 If these are not available to the user, it is possible to run Mizu in namespace-restricted mode which has a reduced set of requirements.
 This is done by by setting the `mizu-resources-namespace` config option. See [configuration](CONFIGURATION.md) for instructions.

-The different requirements are listed in [the example roles dir](../examples/roles)
+The different requirements are listed in [the permission templates dir](../cli/cmd/permissionFiles)
--- a/shared/fileUtils.go
+++ b/shared/fileUtils.go
@@ -1,20 +0,0 @@
-package shared
-
-import (
-	"io/ioutil"
-	"os"
-)
-
-func ReadFromFile(path string) ([]byte, error) {
-	reader, err := os.Open(path)
-	if err != nil {
-		return nil, err
-	}
-
-	data, err := ioutil.ReadAll(reader)
-	if err != nil {
-		return nil, err
-	}
-
-	return data, nil
-}
--- a/shared/kubernetes/provider.go
+++ b/shared/kubernetes/provider.go
@@ -489,11 +489,6 @@ func (provider *Provider) DoesDeploymentExist(ctx context.Context, namespace str
 	return provider.doesResourceExist(deploymentResource, err)
 }

-func (provider *Provider) DoesPodExist(ctx context.Context, namespace string, name string) (bool, error) {
-	podResource, err := provider.clientSet.CoreV1().Pods(namespace).Get(ctx, name, metav1.GetOptions{})
-	return provider.doesResourceExist(podResource, err)
-}
-
 func (provider *Provider) DoesServiceExist(ctx context.Context, namespace string, name string) (bool, error) {
 	serviceResource, err := provider.clientSet.CoreV1().Services(namespace).Get(ctx, name, metav1.GetOptions{})
 	return provider.doesResourceExist(serviceResource, err)
@@ -1043,6 +1038,15 @@ func (provider *Provider) ListAllRunningPodsMatchingRegex(ctx context.Context, r
 	return matchingPods, nil
 }

+func(provider *Provider) ListPodsByAppLabel(ctx context.Context, namespaces string, labelName string) ([]core.Pod, error) {
+	pods, err := provider.clientSet.CoreV1().Pods(namespaces).List(ctx, metav1.ListOptions{LabelSelector: fmt.Sprintf("app=%s", labelName)})
+	if err != nil {
+		return nil, err
+	}
+
+	return pods.Items, err
+}
+
 func (provider *Provider) ListAllNamespaces(ctx context.Context) ([]core.Namespace, error) {
 	namespaces, err := provider.clientSet.CoreV1().Namespaces().List(ctx, metav1.ListOptions{})
 	if err != nil {