From 00eeb7f53a8ac67d6f89543a709af16b6e43f29b Mon Sep 17 00:00:00 2001
From: Pengfei Ni <feiskyer@gmail.com>
Date: Thu, 29 Jun 2017 09:17:14 +0800
Subject: [PATCH] Add node e2e tests for runAsUser

---
 test/e2e_node/security_context_test.go | 41 ++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/test/e2e_node/security_context_test.go b/test/e2e_node/security_context_test.go
index 56676d54de8..d79830f4754 100644
--- a/test/e2e_node/security_context_test.go
+++ b/test/e2e_node/security_context_test.go
@@ -274,4 +274,45 @@ var _ = framework.KubeDescribe("Security Context", func() {
 		})
 	})
 
+	Context("When creating a container with runAsUser", func() {
+		makeUserPod := func(podName, image string, command []string, userid int64) *v1.Pod {
+			return &v1.Pod{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: podName,
+				},
+				Spec: v1.PodSpec{
+					RestartPolicy: v1.RestartPolicyNever,
+					Containers: []v1.Container{
+						{
+							Image:   image,
+							Name:    podName,
+							Command: command,
+							SecurityContext: &v1.SecurityContext{
+								RunAsUser: &userid,
+							},
+						},
+					},
+				},
+			}
+		}
+		createAndWaitUserPod := func(userid int64) {
+			podName := fmt.Sprintf("busybox-user-%d-%s", userid, uuid.NewUUID())
+			podClient.Create(makeUserPod(podName,
+				"gcr.io/google_containers/busybox:1.24",
+				[]string{"sh", "-c", fmt.Sprintf("test $(id -u) -eq %d", userid)},
+				userid,
+			))
+
+			podClient.WaitForSuccess(podName, framework.PodStartTimeout)
+		}
+
+		It("should run the container with uid 65534", func() {
+			createAndWaitUserPod(65534)
+		})
+
+		It("should run the container with uid 0", func() {
+			createAndWaitUserPod(0)
+		})
+
+	})
 })