github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pod terminationGracePeriodSeconds is always valid (#124461)

Browse Source 
* Pod terminationGracePeriodSeconds is always valid

Validation of a pod spec will always use the pod's
TerminationGracePeriodSeconds value.

A set of pod test-helpers have been created to help construct Pods.

* remove unused func

* reduction

* reduce 2

* simplify test

* report invalid grace period

* update SupplementalGroupPolicy tests
This commit is contained in:
Michael Fraenkel
2024-06-29 19:09:29 -06:00
committed by GitHub
parent a9c156baef
commit a7264f95ff
22 changed files with 3137 additions and 5558 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
pkg/apis/batch/validation/validation_test.go
View File

@@ -30,6 +30,7 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
"k8s.io/apimachinery/pkg/util/validation/field"
podtest "k8s.io/kubernetes/pkg/api/pod/testing"
"k8s.io/kubernetes/pkg/apis/batch"
api "k8s.io/kubernetes/pkg/apis/core"
corevalidation "k8s.io/kubernetes/pkg/apis/core/validation"
@@ -61,11 +62,7 @@ func getValidPodTemplateSpecForManual(selector *metav1.LabelSelector) api.PodTem
ObjectMeta: metav1.ObjectMeta{
Labels: selector.MatchLabels,
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure),
}
}
@@ -80,12 +77,8 @@ func getValidPodTemplateSpecForGenerated(selector *metav1.LabelSelector) api.Pod
ObjectMeta: metav1.ObjectMeta{
Labels: selector.MatchLabels,
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
InitContainers: []api.Container{{Name: "def", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure,
podtest.SetInitContainers(podtest.MakeContainer("def"))),
}
}
@@ -165,7 +158,7 @@ func TestValidateJob(t *testing.T) {
}, {
Action: batch.PodFailurePolicyActionCount,
OnExitCodes: &batch.PodFailurePolicyOnExitCodesRequirement{
ContainerName: pointer.String("abc"),
ContainerName: pointer.String("ctr"),
Operator: batch.PodFailurePolicyOnExitCodesOpIn,
Values: []int32{1, 2, 3},
},
@@ -395,12 +388,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: map[string]string{batch.LegacyControllerUidLabel: "1a2b3c", batch.LegacyJobNameLabel: "myjob"},
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
InitContainers: []api.Container{{Name: "def", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure),
},
},
},
@@ -819,7 +807,7 @@ func TestValidateJob(t *testing.T) {
Rules: []batch.PodFailurePolicyRule{{
Action: batch.PodFailurePolicyActionFailJob,
OnExitCodes: &batch.PodFailurePolicyOnExitCodesRequirement{
ContainerName: pointer.String("abc"),
ContainerName: pointer.String("ctr"),
Operator: batch.PodFailurePolicyOnExitCodesOpIn,
Values: []int32{1, 2, 3},
},
@@ -862,7 +850,7 @@ func TestValidateJob(t *testing.T) {
Rules: []batch.PodFailurePolicyRule{{
Action: batch.PodFailurePolicyActionIgnore,
OnExitCodes: &batch.PodFailurePolicyOnExitCodesRequirement{
ContainerName: pointer.String("abc"),
ContainerName: pointer.String("ctr"),
Operator: batch.PodFailurePolicyOnExitCodesOpIn,
Values: []int32{1, 2, 3},
},
@@ -889,7 +877,7 @@ func TestValidateJob(t *testing.T) {
Rules: []batch.PodFailurePolicyRule{{
Action: "UnknownAction",
OnExitCodes: &batch.PodFailurePolicyOnExitCodesRequirement{
ContainerName: pointer.String("abc"),
ContainerName: pointer.String("ctr"),
Operator: batch.PodFailurePolicyOnExitCodesOpIn,
Values: []int32{1, 2, 3},
},
@@ -1033,11 +1021,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: validGeneratedSelector.MatchLabels,
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure),
},
PodFailurePolicy: &batch.PodFailurePolicy{
Rules: []batch.PodFailurePolicyRule{},
@@ -1251,11 +1235,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: map[string]string{"y": "z"},
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure),
},
},
},
@@ -1275,11 +1255,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: map[string]string{"controller-uid": "4d5e6f"},
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure),
},
},
},
@@ -1299,11 +1275,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: validManualSelector.MatchLabels,
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyAlways),
},
},
},
@@ -1323,11 +1295,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: validManualSelector.MatchLabels,
},
Spec: api.PodSpec{
RestartPolicy: "Invalid",
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec("Invalid"),
},
},
},
@@ -1395,12 +1363,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: map[string]string{batch.LegacyJobNameLabel: "myjob"},
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
InitContainers: []api.Container{{Name: "def", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure),
},
},
},
@@ -1420,12 +1383,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: map[string]string{batch.LegacyJobNameLabel: "myjob"},
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
InitContainers: []api.Container{{Name: "def", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure),
},
},
},
@@ -1462,12 +1420,7 @@ func TestValidateJob(t *testing.T) {
ObjectMeta: metav1.ObjectMeta{
Labels: map[string]string{batch.JobNameLabel: "myjob", batch.LegacyControllerUidLabel: "1a2b3c", batch.LegacyJobNameLabel: "myjob"},
},
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyOnFailure,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
InitContainers: []api.Container{{Name: "def", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyOnFailure),
},
},
},
@@ -2882,11 +2835,7 @@ func TestValidateCronJob(t *testing.T) {
JobTemplate: batch.JobTemplateSpec{
Spec: batch.JobSpec{
Template: api.PodTemplateSpec{
Spec: api.PodSpec{
RestartPolicy: api.RestartPolicyAlways,
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec(api.RestartPolicyAlways),
},
},
},
@@ -2904,11 +2853,7 @@ func TestValidateCronJob(t *testing.T) {
JobTemplate: batch.JobTemplateSpec{
Spec: batch.JobSpec{
Template: api.PodTemplateSpec{
Spec: api.PodSpec{
RestartPolicy: "Invalid",
DNSPolicy: api.DNSClusterFirst,
Containers: []api.Container{{Name: "abc", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: api.TerminationMessageReadFile}},
},
Spec: podtest.MakePodSpec("Invalid"),
},
},
},