[clean] only install istiod when kmesh run e2e test

[LiZhenCheng9527]

What type of PR is this?
/kind cleanup

What this PR does / why we need it:

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

[gemini-code-assist]

Summary of Changes

Hello @LiZhenCheng9527, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the Istio installation process within the Kmesh end-to-end test suite. The primary goal is to streamline the test environment setup by transitioning from istioctl to helm for deploying Istio components, ensuring that only necessary parts like istiod are installed and properly initialized. This change aims to make the e2e tests more efficient and reliable by providing a more controlled and explicit Istio deployment.

Highlights

• Istio Installation Method Change: The method for installing Istio components in the e2e test environment has been updated, transitioning from using istioctl to helm for deployment.
• Explicit Istiod Readiness Check: A new mechanism has been introduced to explicitly wait for the istiod pod to reach a 'Running' state before proceeding with further test setup, enhancing test reliability.
• Streamlined Istio Setup: The setup_istio function now focuses specifically on installing istiod with ambient mode enabled, removing previous configurations for gateway-api CRDs and ingress gateways, aligning with a more targeted test environment.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

---

Helm charts now deploy, Istiod waits, running free, Tests run smooth and fast.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request refactors the Istio installation in the e2e test script to use Helm instead of istioctl. The changes are a good cleanup, but I've found a couple of critical issues in the new implementation that could cause the script to fail or hang. My review includes suggestions to make the script more robust and idempotent.

[gemini-code-assist]

The kubectl create namespace command will fail if the istio-system namespace already exists, as set -e is enabled at the top of the script. This will cause the script to exit prematurely. Instead of creating the namespace manually, you can use the --create-namespace flag with helm install, which will create the namespace if it doesn't exist and do nothing if it does. This is a more idempotent and robust approach.

Suggested change

	helm repo add istio https://istio-release.storage.googleapis.com/charts
	helm repo update
	helm install istio-base istio/base -n istio-system --create-namespace

[gemini-code-assist]

This while loop has a few issues:

1. No Timeout: It could loop indefinitely if the istiod pod fails to start, causing the script to hang. It's crucial to have a timeout.
2. Incorrect State Check: It checks for the Running status, but a pod can be Running without being ready to serve traffic (e.g., if readiness probes are failing). It's more reliable to wait for the Ready condition.
3. Misleading Log Message: The log message on line 141 is incorrect. It refers to Kmesh daemon instead of istiod.

Using kubectl wait is a much more robust and idiomatic way to wait for a pod to be ready. It addresses all these points.

Suggested change

	helm install istiod istio/istiod --namespace istio-system --version $ISTIO_VERSION --set pilot.env.PILOT_ENABLE_AMBIENT=true
	while true; do
	pod_info=$(kubectl get pods -n istio-system -l app=istiod -o jsonpath='{range .items[*]}{.metadata.name}{" "}{.status.phase}{"\n"}{end}')
	if [ -z "$pod_info" ]; then
	echo "No istiod pod found yet, waiting..."
	sleep 1
	continue
	fi
	read -r pod_name pod_status <<< "$pod_info";
	if [ "$pod_status" = "Running" ]; then
	echo "Istiod pod $pod_name is in Running state."
	break
	fi
	istioctl install --set profile=ambient --set meshConfig.accessLogFile="/dev/stdout" --set components.ingressGateways[0].enabled=true --set components.ingressGateways[0].name=istio-ingressgateway --skip-confirmation
	echo "Waiting for pods of Kmesh daemon to enter Running state..."
	if ! kubectl wait pod --for=condition=Ready -l app=istiod -n istio-system --timeout=5m; then
	echo "Error: istiod pod failed to become ready in time."
	kubectl logs -n istio-system -l app=istiod
	exit 1
	fi
	echo "Istiod pod is ready."

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 37.84%. Comparing base (3af835f) to head (fe941b3).
⚠️ Report is 6 commits behind head on main.
see 1 file with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 18ccbeb...fe941b3. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[hzxuzhonghu]

Our document should also be updated

[hzxuzhonghu]

/lgtm
/approve

[kmesh-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hzxuzhonghu

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• test/OWNERS [hzxuzhonghu]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment