integration: Adds Windows HostProcess tests

Windows HostProcess containers can run containerized workloads on a Windows host. These containers operate as normal processes but have access to the host network namespace, storage, and devices when given the appropriate user privileges. HostProcess containers support the ability to run as one of the following Windows service accounts: LocalSystem, LocalService, NetworkService. Signed-off-by: Claudiu Belu <cbelu@cloudbasesolutions.com>
2021-08-09 10:03:39 +00:00
parent 024804b1be
commit f42513112f
4 changed files with 133 additions and 9 deletions
--- a/integration/main_test.go
+++ b/integration/main_test.go
@@ -193,6 +193,17 @@ func PodSandboxConfigWithCleanup(t *testing.T, name, ns string, opts ...PodSandb
 	return sb, sbConfig
 }

+// Set Windows HostProcess.
+func WithWindowsHostProcess(p *runtime.PodSandboxConfig) { //nolint:unused
+	if p.Windows == nil {
+		p.Windows = &runtime.WindowsPodSandboxConfig{}
+	}
+	if p.Windows.SecurityContext == nil {
+		p.Windows.SecurityContext = &runtime.WindowsSandboxSecurityContext{}
+	}
+	p.Windows.SecurityContext.HostProcess = true
+}
+
 // ContainerOpts to set any specific attribute like labels,
 // annotations, metadata etc
 type ContainerOpts func(*runtime.ContainerConfig)
@@ -228,6 +239,18 @@ func WithVolumeMount(hostPath, containerPath string) ContainerOpts {
 	}
 }

+func WithWindowsUsername(username string) ContainerOpts { //nolint:unused
+	return func(c *runtime.ContainerConfig) {
+		if c.Windows == nil {
+			c.Windows = &runtime.WindowsContainerConfig{}
+		}
+		if c.Windows.SecurityContext == nil {
+			c.Windows.SecurityContext = &runtime.WindowsContainerSecurityContext{}
+		}
+		c.Windows.SecurityContext.RunAsUsername = username
+	}
+}
+
 // Add container command.
 func WithCommand(cmd string, args ...string) ContainerOpts {
 	return func(c *runtime.ContainerConfig) {