From f002448856cd57d96050763a6b2f444d05176bb8 Mon Sep 17 00:00:00 2001 From: Casper Guldbech Nielsen Date: Tue, 19 Mar 2024 17:53:06 +0100 Subject: [PATCH 1/3] Correct test-case --- .../test/spec_containerSecurityContext_test.go | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/internal/test/spec_containerSecurityContext_test.go b/internal/test/spec_containerSecurityContext_test.go index 8eb3c7a..23a60b7 100644 --- a/internal/test/spec_containerSecurityContext_test.go +++ b/internal/test/spec_containerSecurityContext_test.go @@ -21,7 +21,7 @@ import ( var _ = Describe("Setting Kubegres spec 'containerSecurityContext'", func() { var test = SpeccontainerSecurityContextTest{} BeforeEach(func() { - Skip("Temporarily skipping test") + //Skip("Temporarily skipping test") namespace := resourceConfigs2.DefaultNamespace test.resourceRetriever = util2.CreateTestResourceRetriever(k8sClientTest, namespace) @@ -65,8 +65,9 @@ var _ = Describe("Setting Kubegres spec 'containerSecurityContext'", func() { log.Print("START OF: Test 'GIVEN new Kubegres is created with spec 'containerSecurityContext' set to a value and spec 'replica' set to 3") securityContext := test.givencontainerSecurityContext1() + podSecurityContext := &v12.PodSecurityContext{RunAsUser: pointer.Int64Ptr(1000)} - test.givenNewKubegresSpecIsSetTo(securityContext, 3) + test.givenNewKubegresSpecIsSetTo(securityContext, podSecurityContext, 3) test.whenKubegresIsCreated() @@ -119,7 +120,7 @@ func (r *SpeccontainerSecurityContextTest) givencontainerSecurityContext1() *v12 AllowPrivilegeEscalation: pointer.BoolPtr(false), Capabilities: &v12.Capabilities{Drop: []v12.Capability{"ALL"}}, SeccompProfile: &v12.SeccompProfile{Type: v12.SeccompProfileTypeRuntimeDefault}, - ReadOnlyRootFilesystem: pointer.BoolPtr(true), + ReadOnlyRootFilesystem: pointer.BoolPtr(false), Privileged: pointer.BoolPtr(false), } } @@ -140,9 +141,10 @@ func (r *SpeccontainerSecurityContextTest) givenNewKubegresSpecIsWithoutcontaine r.kubegresResource.Spec.Replicas = &replicaCount } -func (r *SpeccontainerSecurityContextTest) givenNewKubegresSpecIsSetTo(securityContext *v12.SecurityContext, specNbreReplicas int32) { +func (r *SpeccontainerSecurityContextTest) givenNewKubegresSpecIsSetTo(securityContext *v12.SecurityContext, podSecurityContext *v12.PodSecurityContext, specNbreReplicas int32) { r.kubegresResource = resourceConfigs2.LoadKubegresYaml() r.kubegresResource.Spec.ContainerSecurityContext = securityContext + r.kubegresResource.Spec.SecurityContext = podSecurityContext r.kubegresResource.Spec.Replicas = &specNbreReplicas } @@ -181,7 +183,7 @@ func (r *SpeccontainerSecurityContextTest) thenStatefulSetStatesShouldBeWithoutc emptyResources := &v12.SecurityContext{} if !reflect.DeepEqual(currentContainerSecurityContext, emptyResources) { log.Println("StatefulSet '" + resource.StatefulSet.Name + "' has not the expected containerSecurityContext which should be nil" + - "Current valye: '" + currentContainerSecurityContext.String() + "'. Waiting...") + "Current value: '" + currentContainerSecurityContext.String() + "'. Waiting...") return false } @@ -190,7 +192,7 @@ func (r *SpeccontainerSecurityContextTest) thenStatefulSetStatesShouldBeWithoutc currentInitContainerSecurityContext := resource.StatefulSet.Spec.Template.Spec.InitContainers[0].SecurityContext if !reflect.DeepEqual(currentInitContainerSecurityContext, emptyResources) { log.Println("StatefulSet '" + resource.StatefulSet.Name + "' has not the expected initContainerSecurityContext which should be nil" + - "Current valye: '" + currentInitContainerSecurityContext.String() + "'. Waiting...") + "Current value: '" + currentInitContainerSecurityContext.String() + "'. Waiting...") return false } } @@ -263,7 +265,7 @@ func (r *SpeccontainerSecurityContextTest) thenDeployedKubegresSpecShouldWithout return } - Expect(r.kubegresResource.Spec.SecurityContext).Should(Equal(emptyResources)) + Expect(r.kubegresResource.Spec.ContainerSecurityContext).Should(Equal(emptyResources)) } func (r *SpeccontainerSecurityContextTest) thenDeployedKubegresSpecShouldBeSetTo(expectedcontainerSecurityContext *v12.SecurityContext) { From 970c8edc2e7553a07ee9f9e7b6ca98839e538f15 Mon Sep 17 00:00:00 2001 From: Casper Guldbech Nielsen Date: Tue, 19 Mar 2024 21:38:53 +0100 Subject: [PATCH 2/3] Correct value spelling --- internal/test/spec_containerSecurityContext_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/test/spec_containerSecurityContext_test.go b/internal/test/spec_containerSecurityContext_test.go index 23a60b7..7327ffc 100644 --- a/internal/test/spec_containerSecurityContext_test.go +++ b/internal/test/spec_containerSecurityContext_test.go @@ -235,7 +235,7 @@ func (r *SpeccontainerSecurityContextTest) thenStatefulSetStatesShouldBe(expecte currentInitContainerSecurityContext := resource.StatefulSet.Spec.Template.Spec.InitContainers[0].SecurityContext if !reflect.DeepEqual(currentInitContainerSecurityContext, expectedContainerSecurityContext) { log.Println("StatefulSet '" + resource.StatefulSet.Name + "' has not the expected initContainerSecurityContext which should be nil" + - "Current valye: '" + currentInitContainerSecurityContext.String() + "'. Waiting...") + "Current value: '" + currentInitContainerSecurityContext.String() + "'. Waiting...") return false } } From deef59df6a50bdc9ed2354de549122685801bdcb Mon Sep 17 00:00:00 2001 From: Casper Guldbech Nielsen Date: Tue, 19 Mar 2024 21:39:31 +0100 Subject: [PATCH 3/3] Remove commented skip to ensure run --- internal/test/spec_containerSecurityContext_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/internal/test/spec_containerSecurityContext_test.go b/internal/test/spec_containerSecurityContext_test.go index 7327ffc..bfa98ff 100644 --- a/internal/test/spec_containerSecurityContext_test.go +++ b/internal/test/spec_containerSecurityContext_test.go @@ -21,8 +21,6 @@ import ( var _ = Describe("Setting Kubegres spec 'containerSecurityContext'", func() { var test = SpeccontainerSecurityContextTest{} BeforeEach(func() { - //Skip("Temporarily skipping test") - namespace := resourceConfigs2.DefaultNamespace test.resourceRetriever = util2.CreateTestResourceRetriever(k8sClientTest, namespace) test.resourceCreator = util2.CreateTestResourceCreator(k8sClientTest, test.resourceRetriever, namespace)