Downward API hugepages
This commit is contained in:
Derek Carr
@@ -1307,7 +1307,8 @@ func testValidatePVC(t *testing.T, ephemeral bool) {
|
||||
},
|
||||
},
|
||||
}
|
||||
_, errs = ValidateVolumes(volumes, nil, field.NewPath(""))
|
||||
opts := PodValidationOptions{}
|
||||
_, errs = ValidateVolumes(volumes, nil, field.NewPath(""), opts)
|
||||
} else {
|
||||
errs = ValidatePersistentVolumeClaim(scenario.claim)
|
||||
}
|
||||
@@ -2199,6 +2200,7 @@ func TestValidateVolumes(t *testing.T) {
|
||||
name string
|
||||
vol core.Volume
|
||||
errs []verr
|
||||
opts PodValidationOptions
|
||||
}{
|
||||
// EmptyDir and basic volume names
|
||||
{
|
||||
@@ -3294,6 +3296,79 @@ func TestValidateVolumes(t *testing.T) {
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "hugepages-downwardAPI-enabled",
|
||||
vol: core.Volume{
|
||||
Name: "downwardapi",
|
||||
VolumeSource: core.VolumeSource{
|
||||
DownwardAPI: &core.DownwardAPIVolumeSource{
|
||||
Items: []core.DownwardAPIVolumeFile{
|
||||
{
|
||||
Path: "hugepages_request",
|
||||
ResourceFieldRef: &core.ResourceFieldSelector{
|
||||
ContainerName: "test-container",
|
||||
Resource: "requests.hugepages-2Mi",
|
||||
},
|
||||
},
|
||||
{
|
||||
Path: "hugepages_limit",
|
||||
ResourceFieldRef: &core.ResourceFieldSelector{
|
||||
ContainerName: "test-container",
|
||||
Resource: "limits.hugepages-2Mi",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
opts: PodValidationOptions{AllowDownwardAPIHugePages: true},
|
||||
},
|
||||
{
|
||||
name: "hugepages-downwardAPI-requests-disabled",
|
||||
vol: core.Volume{
|
||||
Name: "downwardapi",
|
||||
VolumeSource: core.VolumeSource{
|
||||
DownwardAPI: &core.DownwardAPIVolumeSource{
|
||||
Items: []core.DownwardAPIVolumeFile{
|
||||
{
|
||||
Path: "hugepages_request",
|
||||
ResourceFieldRef: &core.ResourceFieldSelector{
|
||||
ContainerName: "test-container",
|
||||
Resource: "requests.hugepages-2Mi",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
errs: []verr{{
|
||||
etype: field.ErrorTypeNotSupported,
|
||||
field: "downwardAPI.resourceFieldRef.resource",
|
||||
}},
|
||||
},
|
||||
{
|
||||
name: "hugepages-downwardAPI-limits-disabled",
|
||||
vol: core.Volume{
|
||||
Name: "downwardapi",
|
||||
VolumeSource: core.VolumeSource{
|
||||
DownwardAPI: &core.DownwardAPIVolumeSource{
|
||||
Items: []core.DownwardAPIVolumeFile{
|
||||
{
|
||||
Path: "hugepages_limit",
|
||||
ResourceFieldRef: &core.ResourceFieldSelector{
|
||||
ContainerName: "test-container",
|
||||
Resource: "limits.hugepages-2Mi",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
errs: []verr{{
|
||||
etype: field.ErrorTypeNotSupported,
|
||||
field: "downwardAPI.resourceFieldRef.resource",
|
||||
}},
|
||||
},
|
||||
{
|
||||
name: "downapi valid defaultMode",
|
||||
vol: core.Volume{
|
||||
@@ -3990,7 +4065,7 @@ func TestValidateVolumes(t *testing.T) {
|
||||
|
||||
for _, tc := range testCases {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
names, errs := ValidateVolumes([]core.Volume{tc.vol}, nil, field.NewPath("field"))
|
||||
names, errs := ValidateVolumes([]core.Volume{tc.vol}, nil, field.NewPath("field"), tc.opts)
|
||||
if len(errs) != len(tc.errs) {
|
||||
t.Fatalf("unexpected error(s): got %d, want %d: %v", len(tc.errs), len(errs), errs)
|
||||
}
|
||||
@@ -4016,7 +4091,7 @@ func TestValidateVolumes(t *testing.T) {
|
||||
{Name: "abc", VolumeSource: core.VolumeSource{EmptyDir: &core.EmptyDirVolumeSource{}}},
|
||||
{Name: "abc", VolumeSource: core.VolumeSource{EmptyDir: &core.EmptyDirVolumeSource{}}},
|
||||
}
|
||||
_, errs := ValidateVolumes(dupsCase, nil, field.NewPath("field"))
|
||||
_, errs := ValidateVolumes(dupsCase, nil, field.NewPath("field"), PodValidationOptions{})
|
||||
if len(errs) == 0 {
|
||||
t.Errorf("expected error")
|
||||
} else if len(errs) != 1 {
|
||||
@@ -4029,7 +4104,7 @@ func TestValidateVolumes(t *testing.T) {
|
||||
hugePagesCase := core.VolumeSource{EmptyDir: &core.EmptyDirVolumeSource{Medium: core.StorageMediumHugePages}}
|
||||
|
||||
// Enable HugePages
|
||||
if errs := validateVolumeSource(&hugePagesCase, field.NewPath("field").Index(0), "working", nil); len(errs) != 0 {
|
||||
if errs := validateVolumeSource(&hugePagesCase, field.NewPath("field").Index(0), "working", nil, PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("Unexpected error when HugePages feature is enabled.")
|
||||
}
|
||||
|
||||
@@ -4208,7 +4283,7 @@ func TestHugePagesIsolation(t *testing.T) {
|
||||
for tcName, tc := range testCases {
|
||||
t.Run(tcName, func(t *testing.T) {
|
||||
defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.HugePageStorageMediumSize, tc.enableHugePageStorageMediumSize)()
|
||||
errs := ValidatePodCreate(tc.pod, PodValidationOptions{tc.enableHugePageStorageMediumSize})
|
||||
errs := ValidatePodCreate(tc.pod, PodValidationOptions{AllowMultipleHugePageResources: tc.enableHugePageStorageMediumSize})
|
||||
if tc.expectError && len(errs) == 0 {
|
||||
t.Errorf("Unexpected success")
|
||||
}
|
||||
@@ -4359,7 +4434,7 @@ func TestAlphaLocalStorageCapacityIsolation(t *testing.T) {
|
||||
}
|
||||
|
||||
for _, tc := range testCases {
|
||||
if errs := validateVolumeSource(&tc, field.NewPath("spec"), "tmpvol", nil); len(errs) != 0 {
|
||||
if errs := validateVolumeSource(&tc, field.NewPath("spec"), "tmpvol", nil, PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success: %v", errs)
|
||||
}
|
||||
}
|
||||
@@ -4529,12 +4604,55 @@ func TestLocalStorageEnvWithFeatureGate(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for _, testCase := range testCases {
|
||||
if errs := validateEnvVarValueFrom(testCase, field.NewPath("field")); len(errs) != 0 {
|
||||
if errs := validateEnvVarValueFrom(testCase, field.NewPath("field"), PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success, got: %v", errs)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestHugePagesEnv(t *testing.T) {
|
||||
testCases := []core.EnvVar{
|
||||
{
|
||||
Name: "hugepages-limits",
|
||||
ValueFrom: &core.EnvVarSource{
|
||||
ResourceFieldRef: &core.ResourceFieldSelector{
|
||||
ContainerName: "test-container",
|
||||
Resource: "limits.hugepages-2Mi",
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
Name: "hugepages-requests",
|
||||
ValueFrom: &core.EnvVarSource{
|
||||
ResourceFieldRef: &core.ResourceFieldSelector{
|
||||
ContainerName: "test-container",
|
||||
Resource: "requests.hugepages-2Mi",
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
// enable gate
|
||||
for _, testCase := range testCases {
|
||||
t.Run(testCase.Name, func(t *testing.T) {
|
||||
defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.DownwardAPIHugePages, true)()
|
||||
opts := PodValidationOptions{AllowDownwardAPIHugePages: true}
|
||||
if errs := validateEnvVarValueFrom(testCase, field.NewPath("field"), opts); len(errs) != 0 {
|
||||
t.Errorf("expected success, got: %v", errs)
|
||||
}
|
||||
})
|
||||
}
|
||||
// disable gate
|
||||
for _, testCase := range testCases {
|
||||
t.Run(testCase.Name, func(t *testing.T) {
|
||||
defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.DownwardAPIHugePages, false)()
|
||||
opts := PodValidationOptions{AllowDownwardAPIHugePages: false}
|
||||
if errs := validateEnvVarValueFrom(testCase, field.NewPath("field"), opts); len(errs) == 0 {
|
||||
t.Errorf("expected failure")
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestValidateEnv(t *testing.T) {
|
||||
successCase := []core.EnvVar{
|
||||
{Name: "abc", Value: "value"},
|
||||
@@ -4656,7 +4774,7 @@ func TestValidateEnv(t *testing.T) {
|
||||
},
|
||||
},
|
||||
}
|
||||
if errs := ValidateEnv(successCase, field.NewPath("field")); len(errs) != 0 {
|
||||
if errs := ValidateEnv(successCase, field.NewPath("field"), PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success, got: %v", errs)
|
||||
}
|
||||
|
||||
@@ -4920,7 +5038,7 @@ func TestValidateEnv(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for _, tc := range errorCases {
|
||||
if errs := ValidateEnv(tc.envs, field.NewPath("field")); len(errs) == 0 {
|
||||
if errs := ValidateEnv(tc.envs, field.NewPath("field"), PodValidationOptions{}); len(errs) == 0 {
|
||||
t.Errorf("expected failure for %s", tc.name)
|
||||
} else {
|
||||
for i := range errs {
|
||||
@@ -5101,7 +5219,7 @@ func TestValidateVolumeMounts(t *testing.T) {
|
||||
{Name: "abc-123", VolumeSource: core.VolumeSource{PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "testclaim2"}}},
|
||||
{Name: "123", VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/foo/baz", Type: newHostPathType(string(core.HostPathUnset))}}},
|
||||
}
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"))
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"), PodValidationOptions{})
|
||||
if len(v1err) > 0 {
|
||||
t.Errorf("Invalid test volume - expected success %v", v1err)
|
||||
return
|
||||
@@ -5164,7 +5282,7 @@ func TestValidateDisabledSubpath(t *testing.T) {
|
||||
{Name: "abc-123", VolumeSource: core.VolumeSource{PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "testclaim2"}}},
|
||||
{Name: "123", VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/foo/baz", Type: newHostPathType(string(core.HostPathUnset))}}},
|
||||
}
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"))
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"), PodValidationOptions{})
|
||||
if len(v1err) > 0 {
|
||||
t.Errorf("Invalid test volume - expected success %v", v1err)
|
||||
return
|
||||
@@ -5226,7 +5344,7 @@ func TestValidateSubpathMutuallyExclusive(t *testing.T) {
|
||||
{Name: "abc-123", VolumeSource: core.VolumeSource{PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "testclaim2"}}},
|
||||
{Name: "123", VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/foo/baz", Type: newHostPathType(string(core.HostPathUnset))}}},
|
||||
}
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"))
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"), PodValidationOptions{})
|
||||
if len(v1err) > 0 {
|
||||
t.Errorf("Invalid test volume - expected success %v", v1err)
|
||||
return
|
||||
@@ -5307,7 +5425,7 @@ func TestValidateDisabledSubpathExpr(t *testing.T) {
|
||||
{Name: "abc-123", VolumeSource: core.VolumeSource{PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "testclaim2"}}},
|
||||
{Name: "123", VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/foo/baz", Type: newHostPathType(string(core.HostPathUnset))}}},
|
||||
}
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"))
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"), PodValidationOptions{})
|
||||
if len(v1err) > 0 {
|
||||
t.Errorf("Invalid test volume - expected success %v", v1err)
|
||||
return
|
||||
@@ -5501,7 +5619,7 @@ func TestValidateMountPropagation(t *testing.T) {
|
||||
volumes := []core.Volume{
|
||||
{Name: "foo", VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/foo/baz", Type: newHostPathType(string(core.HostPathUnset))}}},
|
||||
}
|
||||
vols2, v2err := ValidateVolumes(volumes, nil, field.NewPath("field"))
|
||||
vols2, v2err := ValidateVolumes(volumes, nil, field.NewPath("field"), PodValidationOptions{})
|
||||
if len(v2err) > 0 {
|
||||
t.Errorf("Invalid test volume - expected success %v", v2err)
|
||||
return
|
||||
@@ -5524,7 +5642,7 @@ func TestAlphaValidateVolumeDevices(t *testing.T) {
|
||||
{Name: "def", VolumeSource: core.VolumeSource{HostPath: &core.HostPathVolumeSource{Path: "/foo/baz", Type: newHostPathType(string(core.HostPathUnset))}}},
|
||||
}
|
||||
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"))
|
||||
vols, v1err := ValidateVolumes(volumes, nil, field.NewPath("field"), PodValidationOptions{})
|
||||
if len(v1err) > 0 {
|
||||
t.Errorf("Invalid test volumes - expected success %v", v1err)
|
||||
return
|
||||
@@ -5737,7 +5855,7 @@ func TestValidateEphemeralContainers(t *testing.T) {
|
||||
},
|
||||
},
|
||||
} {
|
||||
if errs := validateEphemeralContainers(ephemeralContainers, containers, initContainers, vols, field.NewPath("ephemeralContainers")); len(errs) != 0 {
|
||||
if errs := validateEphemeralContainers(ephemeralContainers, containers, initContainers, vols, field.NewPath("ephemeralContainers"), PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success for '%s' but got errors: %v", title, errs)
|
||||
}
|
||||
}
|
||||
@@ -5901,7 +6019,7 @@ func TestValidateEphemeralContainers(t *testing.T) {
|
||||
}
|
||||
|
||||
for _, tc := range tcs {
|
||||
errs := validateEphemeralContainers(tc.ephemeralContainers, containers, initContainers, vols, field.NewPath("ephemeralContainers"))
|
||||
errs := validateEphemeralContainers(tc.ephemeralContainers, containers, initContainers, vols, field.NewPath("ephemeralContainers"), PodValidationOptions{})
|
||||
|
||||
if len(errs) == 0 {
|
||||
t.Errorf("for test %q, expected error but received none", tc.title)
|
||||
@@ -6070,7 +6188,7 @@ func TestValidateContainers(t *testing.T) {
|
||||
},
|
||||
{Name: "abc-1234", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: "File", SecurityContext: fakeValidSecurityContext(true)},
|
||||
}
|
||||
if errs := validateContainers(successCase, false, volumeDevices, field.NewPath("field")); len(errs) != 0 {
|
||||
if errs := validateContainers(successCase, false, volumeDevices, field.NewPath("field"), PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success: %v", errs)
|
||||
}
|
||||
|
||||
@@ -6310,7 +6428,7 @@ func TestValidateContainers(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for k, v := range errorCases {
|
||||
if errs := validateContainers(v, false, volumeDevices, field.NewPath("field")); len(errs) == 0 {
|
||||
if errs := validateContainers(v, false, volumeDevices, field.NewPath("field"), PodValidationOptions{}); len(errs) == 0 {
|
||||
t.Errorf("expected failure for %s", k)
|
||||
}
|
||||
}
|
||||
@@ -6344,7 +6462,7 @@ func TestValidateInitContainers(t *testing.T) {
|
||||
TerminationMessagePolicy: "File",
|
||||
},
|
||||
}
|
||||
if errs := validateContainers(successCase, true, volumeDevices, field.NewPath("field")); len(errs) != 0 {
|
||||
if errs := validateContainers(successCase, true, volumeDevices, field.NewPath("field"), PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success: %v", errs)
|
||||
}
|
||||
|
||||
@@ -6370,7 +6488,7 @@ func TestValidateInitContainers(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for k, v := range errorCases {
|
||||
if errs := validateContainers(v, true, volumeDevices, field.NewPath("field")); len(errs) == 0 {
|
||||
if errs := validateContainers(v, true, volumeDevices, field.NewPath("field"), PodValidationOptions{}); len(errs) == 0 {
|
||||
t.Errorf("expected failure for %s", k)
|
||||
}
|
||||
}
|
||||
@@ -6881,7 +6999,7 @@ func TestValidatePodSpec(t *testing.T) {
|
||||
}
|
||||
for k, v := range successCases {
|
||||
t.Run(k, func(t *testing.T) {
|
||||
if errs := ValidatePodSpec(&v, nil, field.NewPath("field")); len(errs) != 0 {
|
||||
if errs := ValidatePodSpec(&v, nil, field.NewPath("field"), PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success: %v", errs)
|
||||
}
|
||||
})
|
||||
@@ -7085,7 +7203,7 @@ func TestValidatePodSpec(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for k, v := range failureCases {
|
||||
if errs := ValidatePodSpec(&v, nil, field.NewPath("field")); len(errs) == 0 {
|
||||
if errs := ValidatePodSpec(&v, nil, field.NewPath("field"), PodValidationOptions{}); len(errs) == 0 {
|
||||
t.Errorf("expected failure for %q", k)
|
||||
}
|
||||
}
|
||||
@@ -9875,7 +9993,7 @@ func TestValidatePodEphemeralContainersUpdate(t *testing.T) {
|
||||
for _, test := range tests {
|
||||
new := core.Pod{Spec: core.PodSpec{EphemeralContainers: test.new}}
|
||||
old := core.Pod{Spec: core.PodSpec{EphemeralContainers: test.old}}
|
||||
errs := ValidatePodEphemeralContainersUpdate(&new, &old)
|
||||
errs := ValidatePodEphemeralContainersUpdate(&new, &old, PodValidationOptions{})
|
||||
if test.err == "" {
|
||||
if len(errs) != 0 {
|
||||
t.Errorf("unexpected invalid: %s (%+v)\nA: %+v\nB: %+v", test.test, errs, test.new, test.old)
|
||||
@@ -11508,7 +11626,7 @@ func TestValidateReplicationControllerUpdate(t *testing.T) {
|
||||
for _, successCase := range successCases {
|
||||
successCase.old.ObjectMeta.ResourceVersion = "1"
|
||||
successCase.update.ObjectMeta.ResourceVersion = "1"
|
||||
if errs := ValidateReplicationControllerUpdate(&successCase.update, &successCase.old); len(errs) != 0 {
|
||||
if errs := ValidateReplicationControllerUpdate(&successCase.update, &successCase.old, PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success: %v", errs)
|
||||
}
|
||||
}
|
||||
@@ -11583,7 +11701,7 @@ func TestValidateReplicationControllerUpdate(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for testName, errorCase := range errorCases {
|
||||
if errs := ValidateReplicationControllerUpdate(&errorCase.update, &errorCase.old); len(errs) == 0 {
|
||||
if errs := ValidateReplicationControllerUpdate(&errorCase.update, &errorCase.old, PodValidationOptions{}); len(errs) == 0 {
|
||||
t.Errorf("expected failure: %s", testName)
|
||||
}
|
||||
}
|
||||
@@ -11653,7 +11771,7 @@ func TestValidateReplicationController(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for _, successCase := range successCases {
|
||||
if errs := ValidateReplicationController(&successCase); len(errs) != 0 {
|
||||
if errs := ValidateReplicationController(&successCase, PodValidationOptions{}); len(errs) != 0 {
|
||||
t.Errorf("expected success: %v", errs)
|
||||
}
|
||||
}
|
||||
@@ -11803,7 +11921,7 @@ func TestValidateReplicationController(t *testing.T) {
|
||||
},
|
||||
}
|
||||
for k, v := range errorCases {
|
||||
errs := ValidateReplicationController(&v)
|
||||
errs := ValidateReplicationController(&v, PodValidationOptions{})
|
||||
if len(errs) == 0 {
|
||||
t.Errorf("expected failure for %s", k)
|
||||
}
|
||||
@@ -16919,7 +17037,7 @@ func TestValidatePodTemplateSpecSeccomp(t *testing.T) {
|
||||
}
|
||||
|
||||
for i, test := range tests {
|
||||
err := ValidatePodTemplateSpec(test.spec, rootFld)
|
||||
err := ValidatePodTemplateSpec(test.spec, rootFld, PodValidationOptions{})
|
||||
asserttestify.Equal(t, test.expectedErr, err, "TestCase[%d]: %s", i, test.description)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user