diff --git a/tests/integration/kubernetes/confidential_common.sh b/tests/integration/kubernetes/confidential_common.sh index b1bc9208aa..8b319f2386 100644 --- a/tests/integration/kubernetes/confidential_common.sh +++ b/tests/integration/kubernetes/confidential_common.sh @@ -52,10 +52,12 @@ function check_hypervisor_for_confidential_tests() { fi } -# Common setup for confidential tests. -function confidential_setup() { +# Common check for confidential tests. +function is_confidential_runtime_class() { ensure_yq - if ! check_hypervisor_for_confidential_tests "${KATA_HYPERVISOR}"; then - return 1 - fi + if check_hypervisor_for_confidential_tests "${KATA_HYPERVISOR}"; then + return 0 + fi + + return 1 } diff --git a/tests/integration/kubernetes/k8s-confidential-attestation.bats b/tests/integration/kubernetes/k8s-confidential-attestation.bats index c2035e1bb7..2be9a37ae0 100644 --- a/tests/integration/kubernetes/k8s-confidential-attestation.bats +++ b/tests/integration/kubernetes/k8s-confidential-attestation.bats @@ -15,7 +15,7 @@ export KATA_HYPERVISOR="${KATA_HYPERVISOR:-qemu}" export AA_KBC="${AA_KBC:-cc_kbc}" setup() { - confidential_setup || skip "Test not supported for ${KATA_HYPERVISOR}." + is_confidential_runtime_class || skip "Test not supported for ${KATA_HYPERVISOR}." if [ "${KBS}" = "false" ]; then skip "Test skipped as KBS not setup" @@ -82,7 +82,7 @@ setup() { } teardown() { - check_hypervisor_for_confidential_tests ${KATA_HYPERVISOR} || skip "Test not supported for ${KATA_HYPERVISOR}." + is_confidential_runtime_class || skip "Test not supported for ${KATA_HYPERVISOR}." if [ "${KBS}" = "false" ]; then skip "Test skipped as KBS not setup" diff --git a/tests/integration/kubernetes/k8s-confidential.bats b/tests/integration/kubernetes/k8s-confidential.bats index 01abec96a0..8fd9b80001 100644 --- a/tests/integration/kubernetes/k8s-confidential.bats +++ b/tests/integration/kubernetes/k8s-confidential.bats @@ -10,7 +10,9 @@ load "${BATS_TEST_DIRNAME}/confidential_common.sh" load "${BATS_TEST_DIRNAME}/tests_common.sh" setup() { - confidential_setup || skip "Test not supported for ${KATA_HYPERVISOR}." + if ! is_confidential_runtime_class; then + skip "Test not supported for ${KATA_HYPERVISOR}." + fi setup_unencrypted_confidential_pod } @@ -41,7 +43,9 @@ setup() { } teardown() { - check_hypervisor_for_confidential_tests ${KATA_HYPERVISOR} || skip "Test not supported for ${KATA_HYPERVISOR}." + if ! is_confidential_runtime_class; then + skip "Test not supported for ${KATA_HYPERVISOR}." + fi kubectl describe "pod/${pod_name}" || true kubectl delete -f "${pod_config_dir}/pod-confidential-unencrypted.yaml" || true diff --git a/tests/integration/kubernetes/k8s-guest-pull-image.bats b/tests/integration/kubernetes/k8s-guest-pull-image.bats index 93d9120a68..a0962a20dc 100644 --- a/tests/integration/kubernetes/k8s-guest-pull-image.bats +++ b/tests/integration/kubernetes/k8s-guest-pull-image.bats @@ -9,7 +9,9 @@ load "${BATS_TEST_DIRNAME}/lib.sh" load "${BATS_TEST_DIRNAME}/confidential_common.sh" setup() { - confidential_setup && skip "Due to issues related to pull-image integration skip tests for ${KATA_HYPERVISOR}." + if is_confidential_runtime_class; then + skip "Due to issues related to pull-image integration skip tests for ${KATA_HYPERVISOR}." + fi [ "${SNAPSHOTTER:-}" = "nydus" ] || skip "None snapshotter was found but this test requires one" @@ -20,7 +22,9 @@ setup() { } @test "Test we can pull an unencrypted image outside the guest with runc and then inside the guest successfully" { - confidential_setup && skip "Due to issues related to pull-image integration skip tests for ${KATA_HYPERVISOR}." + if is_confidential_runtime_class; then + skip "Due to issues related to pull-image integration skip tests for ${KATA_HYPERVISOR}." + fi # 1. Create one runc pod with the $unencrypted_image_1 image # We want to have one runc pod, so we pass a fake runtimeclass "runc" and then delete the runtimeClassName, @@ -216,7 +220,9 @@ setup() { } teardown() { - confidential_setup && skip "Due to issues related to pull-image integration skip tests for ${KATA_HYPERVISOR}." + if is_confidential_runtime_class; then + skip "Due to issues related to pull-image integration skip tests for ${KATA_HYPERVISOR}." + fi [ "${SNAPSHOTTER:-}" = "nydus" ] || skip "None snapshotter was found but this test requires one"