github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

test/e2e/*: default existing tests to privileged pod security policy

Browse Source 
This is to ensure that all existing tests don't break when defaulting
the pod security policy to restricted in the e2e test framework.
This commit is contained in:
Sergiusz Urbaniak
2022-04-04 14:00:06 +02:00
parent f578b9a40d
commit 1495c9f2cd
168 changed files with 351 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test/e2e_node/container_manager_test.go
View File

@@ -35,6 +35,7 @@ import (
runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1"
"k8s.io/kubernetes/test/e2e/framework"
imageutils "k8s.io/kubernetes/test/utils/image"
admissionapi "k8s.io/pod-security-admission/api"
"github.com/onsi/ginkgo"
"github.com/onsi/gomega"
@@ -76,6 +77,7 @@ func validateOOMScoreAdjSettingIsInRange(pid int, expectedMinOOMScoreAdj, expect
var _ = SIGDescribe("Container Manager Misc [Serial]", func() {
f := framework.NewDefaultFramework("kubelet-container-manager")
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
ginkgo.Describe("Validate OOM score adjustments [NodeFeature:OOMScoreAdj]", func() {
ginkgo.Context("once the node is setup", func() {
ginkgo.It("container runtime's oom-score-adj should be -999", func() {