go: downloading github.com/joho/godotenv v1.4.0
go: downloading github.com/pkg/errors v0.9.1
go: downloading github.com/pmezard/go-difflib v1.0.0
go: downloading github.com/sirupsen/logrus v1.8.1
go: downloading golang.org/x/net v0.0.0-20201224014010-6772e930b67b
go: downloading golang.org/x/sys v0.0.0-20201119102817-f84b799fce68
time="2022-10-10T14:21:46Z" level=info msg="Running command oc new-project istio-system"
time="2022-10-10T14:21:46Z" level=info msg="Running command kubectl apply -n istio-system -f /tmp/kubeapply820336753.yaml"
time="2022-10-10T14:21:47Z" level=info msg="Command output: \nWarning: resource servicemeshcontrolplanes/basic is missing the kubectl.kubernetes.io/last-applied-configuration annotation which is required by kubectl apply. kubectl apply should only be used on resources created declaratively by either kubectl create --save-config or kubectl apply. The missing annotation will be patched automatically.\nservicemeshcontrolplane.maistra.io/basic configured"
time="2022-10-10T14:21:47Z" level=info msg="Running command kubectl apply -n istio-system -f /tmp/kubeapply073612572.yaml"
time="2022-10-10T14:21:47Z" level=info msg="Command output: \nservicemeshmemberroll.maistra.io/default created"
=== RUN   T15
time="2022-10-10T14:22:19Z" level=info msg="TestEgressGatewaysTLSOrigination File Mount"
time="2022-10-10T14:22:19Z" level=info msg="Deploying Sleep in namespace bookinfo"
time="2022-10-10T14:22:19Z" level=info msg="Running command kubectl apply -n bookinfo -f ../testdata/examples/x86/sleep/sleep.yaml"
time="2022-10-10T14:22:19Z" level=info msg="Command output: \nserviceaccount/sleep created\nservice/sleep created\nWarning: would violate PodSecurity \"restricted:v1.24\": allowPrivilegeEscalation != false (container \"sleep\" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container \"sleep\" must set securityContext.capabilities.drop=[\"ALL\"]), runAsNonRoot != true (pod or container \"sleep\" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container \"sleep\" must set securityContext.seccompProfile.type to \"RuntimeDefault\" or \"Localhost\")\ndeployment.apps/sleep created"
time="2022-10-10T14:22:19Z" level=info msg="Running command oc -n bookinfo wait --for condition=Available deploy/sleep --timeout 3m0s"
time="2022-10-10T14:22:26Z" level=info msg="Command output: \ndeployment.apps/sleep condition met"
time="2022-10-10T14:22:26Z" level=info msg="Running command kubectl -n bookinfo get pod -l app=sleep -o jsonpath='{.items[0].metadata.name}'"
time="2022-10-10T14:22:26Z" level=info msg="Command output: \nsleep-8445b4fccf-qdjbf"
time="2022-10-10T14:22:26Z" level=info msg="app=sleep pod name: sleep-8445b4fccf-qdjbf"
time="2022-10-10T14:22:26Z" level=info msg="Create Secret"
time="2022-10-10T14:22:26Z" level=info msg="Running command kubectl create secret tls nginx-server-certs -n bookinfo --key ../sampleCerts/nginx.example.com/nginx.example.com.key --cert ../sampleCerts/nginx.example.com/nginx.example.com.crt"
time="2022-10-10T14:22:26Z" level=info msg="Command output: \nsecret/nginx-server-certs created"
time="2022-10-10T14:22:26Z" level=info msg="Running command kubectl create -n bookinfo secret generic nginx-ca-certs --from-file=../sampleCerts/nginx.example.com/example.com.crt"
time="2022-10-10T14:22:26Z" level=info msg="Command output: \nsecret/nginx-ca-certs created"
time="2022-10-10T14:22:26Z" level=info msg="Create ConfigMap"
time="2022-10-10T14:22:26Z" level=info msg="Running command kubectl create configmap nginx-configmap --from-file=nginx.conf=../testdata/examples/x86/nginx/nginx_ssl.conf -n bookinfo"
time="2022-10-10T14:22:26Z" level=info msg="Command output: \nconfigmap/nginx-configmap created"
time="2022-10-10T14:22:31Z" level=info msg="Deploy Nginx"
time="2022-10-10T14:22:31Z" level=info msg="Running command kubectl apply -n bookinfo -f ../testdata/examples/x86/nginx/nginx.yaml"
time="2022-10-10T14:22:31Z" level=info msg="Command output: \nservice/my-nginx created\nWarning: would violate PodSecurity \"restricted:v1.24\": allowPrivilegeEscalation != false (container \"my-nginx\" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container \"my-nginx\" must set securityContext.capabilities.drop=[\"ALL\"]), runAsNonRoot != true (pod or container \"my-nginx\" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container \"my-nginx\" must set securityContext.seccompProfile.type to \"RuntimeDefault\" or \"Localhost\")\ndeployment.apps/my-nginx created"
time="2022-10-10T14:22:36Z" level=info msg="Running command kubectl -n bookinfo get pod -l run=my-nginx -o jsonpath='{.items[0].metadata.name}'"
time="2022-10-10T14:22:37Z" level=info msg="Command output: \nmy-nginx-7946875f47-mgsqx"
time="2022-10-10T14:22:37Z" level=info msg="run=my-nginx pod name: my-nginx-7946875f47-mgsqx"
time="2022-10-10T14:22:37Z" level=info msg="Running command kubectl -n bookinfo get pods my-nginx-7946875f47-mgsqx --no-headers"
time="2022-10-10T14:22:37Z" level=info msg="Command output: \nmy-nginx-7946875f47-mgsqx   0/2   ContainerCreating   0     5s"
time="2022-10-10T14:22:37Z" level=info msg="my-nginx-7946875f47-mgsqx in namespace bookinfo is not running: ContainerCreating"
time="2022-10-10T14:23:07Z" level=info msg="Running command kubectl -n bookinfo get pod -l run=my-nginx -o jsonpath='{.items[0].metadata.name}'"
time="2022-10-10T14:23:07Z" level=info msg="Command output: \nmy-nginx-7946875f47-mgsqx"
time="2022-10-10T14:23:07Z" level=info msg="run=my-nginx pod name: my-nginx-7946875f47-mgsqx"
time="2022-10-10T14:23:07Z" level=info msg="Running command kubectl -n bookinfo get pods my-nginx-7946875f47-mgsqx --no-headers"
time="2022-10-10T14:23:07Z" level=info msg="Command output: \nmy-nginx-7946875f47-mgsqx   2/2   Running   0     35s"
time="2022-10-10T14:23:07Z" level=info msg="Got the pod name=run=my-nginx running!"
=== RUN   T15/TrafficManagement_egress_gateway_perform_TLS_origination
time="2022-10-10T14:23:17Z" level=info msg="Perform TLS origination with an egress gateway"
time="2022-10-10T14:23:17Z" level=info msg="Running command kubectl apply -n bookinfo -f /tmp/kubeapply153292235.yaml"
time="2022-10-10T14:23:17Z" level=info msg="Command output: \nserviceentry.networking.istio.io/istio-io created"
time="2022-10-10T14:23:27Z" level=info msg="Running command kubectl exec sleep-8445b4fccf-qdjbf -n bookinfo -c sleep -- curl -sSL -o /dev/null -D - http://istio.io "
time="2022-10-10T14:23:28Z" level=info msg="Command output: \nHTTP/1.1 301 Moved Permanently\r\nlocation: https://istio.io/\r\nserver: envoy\r\nx-nf-request-id: 01GF14EZ98FBEPVKJS43XD6Y74\r\ndate: Mon, 10 Oct 2022 14:23:28 GMT\r\ncontent-length: 32\r\ncontent-type: text/plain; charset=utf-8\r\nx-envoy-upstream-service-time: 20\r\n\r\nHTTP/2 200 \r\naccess-control-allow-origin: *\r\nage: 91768\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 09 Oct 2022 12:54:00 GMT\r\netag: \"6f09296083ef846cdd9e7ac00639cbe4-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-frame-options: SAMEORIGIN\r\nx-nf-request-id: 01GF14EZAHJXSWCCZW65D4HSFT\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 30344\r\n\r"
time="2022-10-10T14:23:28Z" level=info msg="Success. Get http://istio.io response"
time="2022-10-10T14:23:28Z" level=info msg="Create a Gateway to external istio.io"
time="2022-10-10T14:23:28Z" level=info msg="Running command kubectl apply -n bookinfo -f /tmp/kubeapply102314670.yaml"
time="2022-10-10T14:23:28Z" level=info msg="Command output: \ngateway.networking.istio.io/istio-egressgateway created\ndestinationrule.networking.istio.io/egressgateway-for-istio-io created\nvirtualservice.networking.istio.io/direct-istio-io-through-egress-gateway created\ndestinationrule.networking.istio.io/originate-tls-for-edition-istio-io created"
time="2022-10-10T14:23:48Z" level=info msg="Running command kubectl exec sleep-8445b4fccf-qdjbf -n bookinfo -c sleep -- curl -sSL -o /dev/null -D - http://istio.io "
time="2022-10-10T14:23:49Z" level=info msg="Command output: \nHTTP/1.1 200 OK\r\naccess-control-allow-origin: *\r\nage: 91789\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-length: 30344\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 09 Oct 2022 12:54:00 GMT\r\netag: \"6f09296083ef846cdd9e7ac00639cbe4-ssl\"\r\nserver: envoy\r\nstrict-transport-security: max-age=31536000\r\nx-frame-options: SAMEORIGIN\r\nx-nf-request-id: 01GF14FKMJSTQH8K2XSZ3RMM3E\r\nx-xss-protection: 1; mode=block\r\nx-envoy-upstream-service-time: 40\r\n\r"
time="2022-10-10T14:23:49Z" level=info msg="Success. Get http://istio.io response"
time="2022-10-10T14:23:49Z" level=info msg="Cleanup the TLS origination example"
time="2022-10-10T14:23:49Z" level=info msg="Running command kubectl delete -n bookinfo -f /tmp/kubedelete505299509.yaml"
time="2022-10-10T14:23:49Z" level=info msg="Running command kubectl delete -n bookinfo -f /tmp/kubedelete442081296.yaml"
=== RUN   T15/TrafficManagement_egress_gateway_perform_MTLS_origination
time="2022-10-10T14:24:09Z" level=info msg="Redeploy the egress gateway with the client certs"
time="2022-10-10T14:24:09Z" level=info msg="Running command kubectl create -n istio-system secret tls nginx-client-certs --key ../sampleCerts/nginx.example.com/nginx-client.example.com.key --cert ../sampleCerts/nginx.example.com/nginx-client.example.com.crt"
time="2022-10-10T14:24:09Z" level=info msg="Command output: \nsecret/nginx-client-certs created"
time="2022-10-10T14:24:09Z" level=info msg="Running command kubectl create -n istio-system secret generic nginx-ca-certs --from-file=../sampleCerts/nginx.example.com/example.com.crt"
time="2022-10-10T14:24:09Z" level=info msg="Command output: \nsecret/nginx-ca-certs created"
time="2022-10-10T14:24:09Z" level=info msg="Patch egress gateway"
time="2022-10-10T14:24:09Z" level=info msg="Running command kubectl -n istio-system rollout history deploy istio-egressgateway"
time="2022-10-10T14:24:09Z" level=info msg="Command output: \ndeployment.apps/istio-egressgateway \nREVISION  CHANGE-CAUSE\n1         <none>\n"
time="2022-10-10T14:24:09Z" level=info msg="Running command kubectl -n istio-system patch --type=json deploy istio-egressgateway -p='[{\"op\": \"add\",\"path\": \"/spec/template/spec/containers/0/volumeMounts/0\",\"value\": {\"mountPath\": \"/etc/istio/nginx-client-certs\",\"name\": \"nginx-client-certs\",\"readOnly\": true}},{\"op\": \"add\",\"path\": \"/spec/template/spec/volumes/0\",\"value\": {\"name\": \"nginx-client-certs\",\"secret\": {\"secretName\": \"nginx-client-certs\",\"optional\": true}}},{\"op\": \"add\",\"path\": \"/spec/template/spec/containers/0/volumeMounts/1\",\"value\": {\"mountPath\": \"/etc/istio/nginx-ca-certs\",\"name\": \"nginx-ca-certs\",\"readOnly\": true}},{\"op\": \"add\",\"path\": \"/spec/template/spec/volumes/1\",\"value\": {\"name\": \"nginx-ca-certs\",\"secret\": {\"secretName\": \"nginx-ca-certs\",\"optional\": true}}}]'"
time="2022-10-10T14:24:09Z" level=info msg="Command output: \nWarning: spec.template.spec.containers[0].env[17].name: duplicate name \"ISTIO_META_UNPRIVILEGED_POD\"\nWarning: spec.template.spec.containers[0].env[18].name: duplicate name \"ISTIO_META_DNS_AUTO_ALLOCATE\"\nWarning: spec.template.spec.containers[0].env[19].name: duplicate name \"ISTIO_META_DNS_CAPTURE\"\nWarning: spec.template.spec.containers[0].env[20].name: duplicate name \"PROXY_XDS_VIA_AGENT\"\nWarning: would violate PodSecurity \"restricted:v1.24\": seccompProfile (pod or container \"istio-proxy\" must set securityContext.seccompProfile.type to \"RuntimeDefault\" or \"Localhost\")\ndeployment.apps/istio-egressgateway patched"
time="2022-10-10T14:24:29Z" level=info msg="Running command oc wait --for condition=Ready -n istio-system smcp/basic --timeout 180s"
time="2022-10-10T14:24:29Z" level=info msg="Command output: \nservicemeshcontrolplane.maistra.io/basic condition met"
time="2022-10-10T14:24:29Z" level=info msg="Verify the istio-egressgateway pod"
time="2022-10-10T14:24:29Z" level=info msg="Running command kubectl exec -n istio-system \"$(kubectl -n istio-system get pods -l istio=egressgateway -o jsonpath='{.items[0].metadata.name}')\" -- ls -al /etc/istio/nginx-client-certs /etc/istio/nginx-ca-certs"
time="2022-10-10T14:24:30Z" level=info msg="Command output: \n/etc/istio/nginx-ca-certs:\ntotal 0\ndrwxrwsrwt. 3 root 1000780000 100 Oct 10 14:24 .\ndrwxr-xr-x. 1 root root       136 Oct 10 14:24 ..\ndrwxr-sr-x. 2 root 1000780000  60 Oct 10 14:24 ..2022_10_10_14_24_10.1275609245\nlrwxrwxrwx. 1 root 1000780000  32 Oct 10 14:24 ..data -> ..2022_10_10_14_24_10.1275609245\nlrwxrwxrwx. 1 root 1000780000  22 Oct 10 14:24 example.com.crt -> ..data/example.com.crt\n\n/etc/istio/nginx-client-certs:\ntotal 0\ndrwxrwsrwt. 3 root 1000780000 120 Oct 10 14:24 .\ndrwxr-xr-x. 1 root root       136 Oct 10 14:24 ..\ndrwxr-sr-x. 2 root 1000780000  80 Oct 10 14:24 ..2022_10_10_14_24_10.1260605777\nlrwxrwxrwx. 1 root 1000780000  32 Oct 10 14:24 ..data -> ..2022_10_10_14_24_10.1260605777\nlrwxrwxrwx. 1 root 1000780000  14 Oct 10 14:24 tls.crt -> ..data/tls.crt\nlrwxrwxrwx. 1 root 1000780000  14 Oct 10 14:24 tls.key -> ..data/tls.key"
time="2022-10-10T14:24:30Z" level=info msg="Running command kubectl -n istio-system rollout history deploy istio-egressgateway"
time="2022-10-10T14:24:30Z" level=info msg="Command output: \ndeployment.apps/istio-egressgateway \nREVISION  CHANGE-CAUSE\n1         <none>\n2         <none>\n"
time="2022-10-10T14:24:30Z" level=info msg="Configure MTLS origination for egress traffic"
time="2022-10-10T14:24:30Z" level=info msg="Running command kubectl apply -n bookinfo -f /tmp/kubeapply305306159.yaml"
time="2022-10-10T14:24:30Z" level=info msg="Command output: \ngateway.networking.istio.io/istio-egressgateway created\ndestinationrule.networking.istio.io/egressgateway-for-nginx created\nvirtualservice.networking.istio.io/direct-nginx-through-egress-gateway created"
time="2022-10-10T14:24:50Z" level=info msg="Running command kubectl apply -n istio-system -f /tmp/kubeapply836350914.yaml"
time="2022-10-10T14:24:51Z" level=info msg="Command output: \ndestinationrule.networking.istio.io/originate-mtls-for-nginx created"
time="2022-10-10T14:25:01Z" level=info msg="Verify NGINX server"
    egress_gateways_tls_file_mount.go:174: Expected Welcome to nginx; Got unexpected response: upstream connect error or disconnect/reset before headers. retried and the latest reset reason: connection failure, transport failure reason: TLS error: 337047686:SSL routines:tls_process_server_certificate:certificate verify failed
time="2022-10-10T14:25:01Z" level=error msg="Expected Welcome to nginx; Got unexpected response: upstream connect error or disconnect/reset before headers. retried and the latest reset reason: connection failure, transport failure reason: TLS error: 337047686:SSL routines:tls_process_server_certificate:certificate verify failed"
time="2022-10-10T14:25:01Z" level=info msg=Cleanup
time="2022-10-10T14:25:01Z" level=info msg="Running command kubectl delete -n istio-system -f /tmp/kubedelete938378809.yaml"
time="2022-10-10T14:25:01Z" level=info msg="Running command kubectl delete -n bookinfo -f /tmp/kubedelete157985860.yaml"
time="2022-10-10T14:25:02Z" level=info msg="Running command kubectl -n istio-system rollout undo deploy istio-egressgateway"
time="2022-10-10T14:25:02Z" level=info msg="Command output: \nWarning: spec.template.spec.containers[0].env[17].name: duplicate name \"ISTIO_META_UNPRIVILEGED_POD\"\nWarning: spec.template.spec.containers[0].env[18].name: duplicate name \"ISTIO_META_DNS_AUTO_ALLOCATE\"\nWarning: spec.template.spec.containers[0].env[19].name: duplicate name \"ISTIO_META_DNS_CAPTURE\"\nWarning: spec.template.spec.containers[0].env[20].name: duplicate name \"PROXY_XDS_VIA_AGENT\"\nWarning: would violate PodSecurity \"restricted:v1.24\": seccompProfile (pod or container \"istio-proxy\" must set securityContext.seccompProfile.type to \"RuntimeDefault\" or \"Localhost\")\ndeployment.apps/istio-egressgateway rolled back"
time="2022-10-10T14:25:22Z" level=info msg="Running command oc wait --for condition=Ready -n istio-system smcp/basic --timeout 180s"
time="2022-10-10T14:25:22Z" level=info msg="Command output: \nservicemeshcontrolplane.maistra.io/basic condition met"
time="2022-10-10T14:25:22Z" level=info msg="Running command kubectl -n istio-system rollout history deploy istio-egressgateway"
time="2022-10-10T14:25:22Z" level=info msg="Command output: \ndeployment.apps/istio-egressgateway \nREVISION  CHANGE-CAUSE\n2         <none>\n3         <none>\n"
time="2022-10-10T14:25:22Z" level=info msg="Running command kubectl delete -n istio-system secret nginx-client-certs"
time="2022-10-10T14:25:22Z" level=info msg="Command output: \nsecret \"nginx-client-certs\" deleted"
time="2022-10-10T14:25:22Z" level=info msg="Running command kubectl delete -n istio-system secret nginx-ca-certs"
time="2022-10-10T14:25:22Z" level=info msg="Command output: \nsecret \"nginx-ca-certs\" deleted"
time="2022-10-10T14:25:22Z" level=info msg="Running command kubectl delete -n bookinfo -f /tmp/kubedelete838922451.yaml"
time="2022-10-10T14:25:22Z" level=info msg="Running command kubectl delete -n bookinfo -f /tmp/kubedelete078110230.yaml"
time="2022-10-10T14:25:22Z" level=info msg="Cleanup Nginx"
time="2022-10-10T14:25:22Z" level=info msg="Running command kubectl delete -n bookinfo -f ../testdata/examples/x86/nginx/nginx.yaml"
time="2022-10-10T14:25:23Z" level=info msg="Running command kubectl delete configmap nginx-configmap -n bookinfo"
time="2022-10-10T14:25:23Z" level=info msg="Command output: \nconfigmap \"nginx-configmap\" deleted"
time="2022-10-10T14:25:23Z" level=info msg="Running command kubectl delete secret nginx-server-certs -n bookinfo"
time="2022-10-10T14:25:23Z" level=info msg="Command output: \nsecret \"nginx-server-certs\" deleted"
time="2022-10-10T14:25:23Z" level=info msg="Running command kubectl delete secret nginx-ca-certs -n bookinfo"
time="2022-10-10T14:25:23Z" level=info msg="Command output: \nsecret \"nginx-ca-certs\" deleted"
time="2022-10-10T14:25:33Z" level=info msg="Removing Sleep on namespace bookinfo"
time="2022-10-10T14:25:33Z" level=info msg="Running command kubectl delete -n bookinfo -f ../testdata/examples/x86/sleep/sleep.yaml"
time="2022-10-10T14:25:33Z" level=info msg="Running command oc -n bookinfo wait --for=delete -l app=sleep pods --timeout=30s"
--- FAIL: T15 (214.43s)
    --- PASS: T15/TrafficManagement_egress_gateway_perform_TLS_origination (51.80s)
    --- FAIL: T15/TrafficManagement_egress_gateway_perform_MTLS_origination (52.44s)
FAIL
exit status 1
FAIL	github.com/maistra/maistra-test-tool/tests	247.251s