Add e2e tests

Author: yuanwang04

test/e2e/apps/job.go

@@ -42,6 +42,7 @@ import (
 	"k8s.io/client-go/util/retry"
 	"k8s.io/client-go/util/workqueue"
 	batchinternal "k8s.io/kubernetes/pkg/apis/batch"
+	"k8s.io/kubernetes/pkg/features"
 	"k8s.io/kubernetes/test/e2e/framework"
 	e2ejob "k8s.io/kubernetes/test/e2e/framework/job"
 	e2enode "k8s.io/kubernetes/test/e2e/framework/node"
@@ -1326,6 +1327,51 @@ done`}
 			WithPolling(time.Second).WithTimeout(3 * time.Second).
 			Should(gomega.HaveField("Status", gomega.BeEquivalentTo(batchv1.JobStatus{})))
 	})
+
+	framework.It("containers restarted by container restart policy should not trigger PodFailurePolicy", framework.WithFeature("ContainerRestartRules"), framework.WithFeatureGate(features.ContainerRestartRules), func(ctx context.Context) {
+		parallelism := int32(1)
+		completions := int32(1)
+		backoffLimit := int32(1)
+		containerRestartPolicyOnFailure := v1.ContainerRestartPolicyOnFailure
+
+		ginkgo.By("Looking for a node to schedule job pod")
+		node, err := e2enode.GetRandomReadySchedulableNode(ctx, f.ClientSet)
+		framework.ExpectNoError(err)
+
+		ginkgo.By("Creating a job with container-level RestartPolicy and PodFailurePolicy")
+		job := e2ejob.NewTestJobOnNode("failOnce", "managed-by", v1.RestartPolicyNever, parallelism, completions, nil, backoffLimit, node.Name)
+		container := job.Spec.Template.Spec.Containers[0]
+		container.RestartPolicy = &containerRestartPolicyOnFailure
+		job.Spec.Template.Spec.Containers[0] = container
+		job.Spec.PodFailurePolicy = &batchv1.PodFailurePolicy{
+			Rules: []batchv1.PodFailurePolicyRule{{
+				Action: batchv1.PodFailurePolicyActionFailJob,
+				OnExitCodes: &batchv1.PodFailurePolicyOnExitCodesRequirement{
+					ContainerName: &container.Name,
+					Operator:      batchv1.PodFailurePolicyOnExitCodesOpIn,
+					Values:        []int32{1},
+				},
+			}},
+		}
+		job, err = e2ejob.CreateJob(ctx, f.ClientSet, f.Namespace.Name, job)
+		framework.ExpectNoError(err, "failed to create job in namespace: %s/%s", job.Namespace, job.Name)
+
+		ginkgo.By("Waiting for job to complete")
+		err = e2ejob.WaitForJobComplete(ctx, f.ClientSet, f.Namespace.Name, job.Name, batchv1.JobReasonCompletionsReached, completions)
+		framework.ExpectNoError(err, "failed to ensure job completion in namespace: %s", f.Namespace.Name)
+
+		ginkgo.By("Ensuring job succeeded")
+		job, err = e2ejob.GetJob(ctx, f.ClientSet, f.Namespace.Name, job.Name)
+		framework.ExpectNoError(err, "failed to get job")
+		for _, cond := range job.Status.Conditions {
+			if cond.Type == batchv1.JobComplete {
+				gomega.Expect(cond.Status).Should(gomega.Equal(v1.ConditionTrue))
+			}
+		}
+		gomega.Expect(job.Status.Active).Should(gomega.Equal(int32(0)))
+		gomega.Expect(job.Status.Ready).Should(gomega.Equal(ptr.To[int32](0)))
+		gomega.Expect(job.Status.Terminating).Should(gomega.Equal(ptr.To[int32](0)))
+	})
 })
 
 func updateJobSuspendWithRetries(ctx context.Context, f *framework.Framework, job *batchv1.Job, suspend *bool) error {

test/e2e/feature/feature.go

@@ -75,6 +75,10 @@ var (
 	// TODO: document the feature (owning SIG, when to use this feature for a test)
 	ComprehensiveNamespaceDraining = framework.WithFeature(framework.ValidFeatures.Add("ComprehensiveNamespaceDraining"))
 
+	// Onwer: sig-node
+	// Enables configuring per-container restart policy and restart policy rules.
+	ContainerRestartRules = framework.WithFeature(framework.ValidFeatures.Add("ContainerRestartRules"))
+
 	// Owner: sig-node
 	// Enables configuring custom stop signals for containers from container lifecycle
 	ContainerStopSignals = framework.WithFeature(framework.ValidFeatures.Add("ContainerStopSignals"))

test/e2e/node/pods.go

@@ -718,6 +718,179 @@ var _ = SIGDescribe("Pods Extended (pod generation)", feature.PodObservedGenerat
 	})
 })
 
+var _ = SIGDescribe("Pod Extended (container restart policy)", feature.ContainerRestartRules, framework.WithFeatureGate(features.ContainerRestartRules), func() {
+	f := framework.NewDefaultFramework("pods")
+	f.NamespacePodSecurityLevel = admissionapi.LevelBaseline
+
+	ginkgo.Describe("Container Restart Rules", func() {
+		var (
+			containerRestartPolicyAlways = v1.ContainerRestartPolicyAlways
+			containerRestartPolicyNever  = v1.ContainerRestartPolicyNever
+		)
+
+		ginkgo.It("should restart container on rule match", func(ctx context.Context) {
+			podName := "restart-rules-exit-code-" + string(uuid.NewUUID())
+			pod := &v1.Pod{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: podName,
+				},
+				Spec: v1.PodSpec{
+					RestartPolicy: v1.RestartPolicyNever,
+					Containers: []v1.Container{
+						{
+							Name:          "main-container",
+							Image:         imageutils.GetE2EImage(imageutils.BusyBox),
+							Command:       []string{"/bin/sh", "-c", "exit 42"},
+							RestartPolicy: &containerRestartPolicyNever,
+							RestartPolicyRules: []v1.ContainerRestartRule{
+								{
+									Action: v1.ContainerRestartRuleActionRestart,
+									ExitCodes: &v1.ContainerRestartRuleOnExitCodes{
+										Operator: v1.ContainerRestartRuleOnExitCodesOpIn,
+										Values:   []int32{42},
+									},
+								},
+							},
+						},
+					},
+				},
+			}
+
+			createAndValidateRestartableContainer(ctx, f, pod, podName, "main-container")
+		})
+
+		ginkgo.It("should not restart container on rule mismatch, container restart policy Never", func(ctx context.Context) {
+			podName := "restart-rules-no-restart-" + string(uuid.NewUUID())
+			pod := &v1.Pod{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: podName,
+				},
+				Spec: v1.PodSpec{
+					RestartPolicy: v1.RestartPolicyNever,
+					Containers: []v1.Container{
+						{
+							Name:          "main-container",
+							Image:         imageutils.GetE2EImage(imageutils.BusyBox),
+							Command:       []string{"/bin/sh", "-c", "exit 1"},
+							RestartPolicy: &containerRestartPolicyNever,
+							RestartPolicyRules: []v1.ContainerRestartRule{
+								{
+									Action: v1.ContainerRestartRuleActionRestart,
+									ExitCodes: &v1.ContainerRestartRuleOnExitCodes{
+										Operator: v1.ContainerRestartRuleOnExitCodesOpIn,
+										Values:   []int32{42},
+									},
+								},
+							},
+						},
+					},
+				},
+			}
+
+			createAndValidateNonRestartableContainer(ctx, f, pod, podName, "main-container")
+		})
+
+		ginkgo.It("should restart container on container-level restart policy Never", func(ctx context.Context) {
+			podName := "restart-rules-no-restart-" + string(uuid.NewUUID())
+			pod := &v1.Pod{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: podName,
+				},
+				Spec: v1.PodSpec{
+					RestartPolicy: v1.RestartPolicyAlways,
+					Containers: []v1.Container{
+						{
+							Name:          "main-container",
+							Image:         imageutils.GetE2EImage(imageutils.BusyBox),
+							Command:       []string{"/bin/sh", "-c", "exit 1"},
+							RestartPolicy: &containerRestartPolicyNever,
+						},
+					},
+				},
+			}
+
+			createAndValidateNonRestartableContainer(ctx, f, pod, podName, "main-container")
+		})
+
+		ginkgo.It("should restart container on container-level restart policy Always", func(ctx context.Context) {
+			podName := "restart-rules-no-restart-" + string(uuid.NewUUID())
+			pod := &v1.Pod{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: podName,
+				},
+				Spec: v1.PodSpec{
+					RestartPolicy: v1.RestartPolicyNever,
+					Containers: []v1.Container{
+						{
+							Name:          "main-container",
+							Image:         imageutils.GetE2EImage(imageutils.BusyBox),
+							Command:       []string{"/bin/sh", "-c", "exit 1"},
+							RestartPolicy: &containerRestartPolicyAlways,
+						},
+					},
+				},
+			}
+
+			createAndValidateRestartableContainer(ctx, f, pod, podName, "main-container")
+		})
+
+		ginkgo.It("should restart container on pod-level restart policy Always when no container-level restart policy", func(ctx context.Context) {
+			podName := "restart-rules-no-match-" + string(uuid.NewUUID())
+			pod := &v1.Pod{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: podName,
+				},
+				Spec: v1.PodSpec{
+					RestartPolicy: v1.RestartPolicyAlways,
+					Containers: []v1.Container{
+						{
+							Name:    "main-container",
+							Image:   imageutils.GetE2EImage(imageutils.BusyBox),
+							Command: []string{"/bin/sh", "-c", "exit 1"},
+						},
+					},
+				},
+			}
+
+			createAndValidateRestartableContainer(ctx, f, pod, podName, "main-container")
+		})
+	})
+})
+
+func createAndValidateRestartableContainer(ctx context.Context, f *framework.Framework, pod *v1.Pod, podName, containerName string) {
+	ginkgo.By("Creating the pod")
+	e2epod.NewPodClient(f).Create(ctx, pod)
+
+	ginkgo.By("Waiting for the container to restart")
+	err := e2epod.WaitForPodCondition(ctx, f.ClientSet, f.Namespace.Name, podName, "container restarted", 10*time.Minute, func(pod *v1.Pod) (bool, error) {
+		for _, status := range pod.Status.ContainerStatuses {
+			if status.Name == containerName && status.RestartCount > 0 {
+				return true, nil
+			}
+		}
+		return false, nil
+	})
+	framework.ExpectNoError(err, "failed to see container restart")
+}
+
+func createAndValidateNonRestartableContainer(ctx context.Context, f *framework.Framework, pod *v1.Pod, podName, containerName string) {
+	ginkgo.By("Creating the pod")
+	e2epod.NewPodClient(f).Create(ctx, pod)
+
+	ginkgo.By("Waiting for the pod to terminate")
+	err := e2epod.WaitTimeoutForPodNoLongerRunningInNamespace(ctx, f.ClientSet, podName, f.Namespace.Name, 10*time.Minute)
+	framework.ExpectNoError(err, "failed to wait for pod terminate")
+
+	ginkgo.By("Checking container restart count")
+	p, err := e2epod.NewPodClient(f).Get(ctx, podName, metav1.GetOptions{})
+	framework.ExpectNoError(err, "failed to get pod")
+	for _, status := range p.Status.ContainerStatuses {
+		if status.Name == containerName {
+			gomega.Expect(status.RestartCount).To(gomega.BeZero())
+		}
+	}
+}
+
 func createAndTestPodRepeatedly(ctx context.Context, workers, iterations int, scenario podScenario, podClient v1core.PodInterface) {
 	var (
 		lock sync.Mutex