Merge pull request #9576 from microsoft/saulparedes/support_env_from

genpolicy: Add support for envFrom
2025-09-09 04:39:17 +00:00 · 2024-07-24 13:39:54 -07:00
parent 79edf2ca7d 2681fc7eb0
commit f08b594733
6 changed files with 147 additions and 1 deletions
--- a/tests/integration/kubernetes/k8s-policy-pod.bats
+++ b/tests/integration/kubernetes/k8s-policy-pod.bats
@@ -15,6 +15,11 @@ setup() {
 	pod_name="policy-pod"

 	get_pod_config_dir
+	policy_settings_dir="$(create_tmp_policy_settings_dir "${pod_config_dir}")"
+	
+	exec_command="printenv data-3"
+	add_exec_to_policy_settings "${policy_settings_dir}" "${exec_command}"
+	add_requests_to_policy_settings "${policy_settings_dir}" "ReadStreamRequest"

 	correct_configmap_yaml="${pod_config_dir}/k8s-policy-configmap.yaml"
 	pre_generate_configmap_yaml="${pod_config_dir}/k8s-policy-configmap-pre-generation.yaml"
@@ -34,7 +39,7 @@ setup() {
 		cp "${correct_pod_yaml}" "${pre_generate_pod_yaml}"

 		# Add policy to the correct pod yaml file
-		auto_generate_policy "${pod_config_dir}" "${correct_pod_yaml}" "${correct_configmap_yaml}"
+		auto_generate_policy "${policy_settings_dir}" "${correct_pod_yaml}" "${correct_configmap_yaml}"
 	fi

    # Start each test case with a copy of the correct yaml files.
@@ -57,6 +62,14 @@ wait_for_pod_ready() {
 	wait_for_pod_ready
 }

+@test "Able to read env variables sourced from configmap using envFrom" {
+	kubectl create -f "${correct_configmap_yaml}"
+	kubectl create -f "${correct_pod_yaml}"
+	kubectl wait --for=condition=Ready "--timeout=${timeout}" pod "${pod_name}"
+	expected_env_var=$(kubectl exec "${pod_name}" -- printenv data-3)
+	[ "$expected_env_var" = "value-3" ] || fail "expected_env_var is not equal to value-3"
+}
+
@test "Successful pod with auto-generated policy and runtimeClassName filter" {
 	runtime_class_name=$(yq ".spec.runtimeClassName" < "${testcase_pre_generate_pod_yaml}")

--- a/tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-configmap.yaml
+++ b/tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-configmap.yaml
@@ -10,3 +10,4 @@ metadata:
 data:
  data-1: value-1
  data-2: value-2
+  data-3: value-3
--- a/tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-pod.yaml
+++ b/tests/integration/kubernetes/runtimeclass_workloads/k8s-policy-pod.yaml
@@ -49,6 +49,9 @@ spec:
            - echo
            - startupProbe
            - test
+      envFrom:
+      - configMapRef:
+          name: policy-configmap
  topologySpreadConstraints:
    - maxSkew: 2
      topologyKey: kubernetes.io/hostname