mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 19:31:44 +00:00
test/e2e/*: default existing tests to privileged pod security policy
This is to ensure that all existing tests don't break when defaulting the pod security policy to restricted in the e2e test framework.
This commit is contained in:
parent
f578b9a40d
commit
1495c9f2cd
@ -35,6 +35,7 @@ import (
|
|||||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||||
"k8s.io/client-go/util/workqueue"
|
"k8s.io/client-go/util/workqueue"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
func shouldCheckRemainingItem() bool {
|
func shouldCheckRemainingItem() bool {
|
||||||
@ -45,6 +46,7 @@ const numberOfTotalResources = 400
|
|||||||
|
|
||||||
var _ = SIGDescribe("Servers with support for API chunking", func() {
|
var _ = SIGDescribe("Servers with support for API chunking", func() {
|
||||||
f := framework.NewDefaultFramework("chunking")
|
f := framework.NewDefaultFramework("chunking")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
ns := f.Namespace.Name
|
ns := f.Namespace.Name
|
||||||
|
@ -44,6 +44,7 @@ import (
|
|||||||
"k8s.io/kube-openapi/pkg/validation/spec"
|
"k8s.io/kube-openapi/pkg/validation/spec"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/utils/crd"
|
"k8s.io/kubernetes/test/utils/crd"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -52,6 +53,7 @@ var (
|
|||||||
|
|
||||||
var _ = SIGDescribe("CustomResourcePublishOpenAPI [Privileged:ClusterAdmin]", func() {
|
var _ = SIGDescribe("CustomResourcePublishOpenAPI [Privileged:ClusterAdmin]", func() {
|
||||||
f := framework.NewDefaultFramework("crd-publish-openapi")
|
f := framework.NewDefaultFramework("crd-publish-openapi")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release: v1.16
|
Release: v1.16
|
||||||
|
@ -32,10 +32,12 @@ import (
|
|||||||
"k8s.io/apiserver/pkg/storage/names"
|
"k8s.io/apiserver/pkg/storage/names"
|
||||||
"k8s.io/client-go/dynamic"
|
"k8s.io/client-go/dynamic"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("CustomResourceValidationRules [Privileged:ClusterAdmin][Alpha][Feature:CustomResourceValidationExpressions]", func() {
|
var _ = SIGDescribe("CustomResourceValidationRules [Privileged:ClusterAdmin][Alpha][Feature:CustomResourceValidationExpressions]", func() {
|
||||||
f := framework.NewDefaultFramework("crd-validation-expressions")
|
f := framework.NewDefaultFramework("crd-validation-expressions")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var apiExtensionClient *clientset.Clientset
|
var apiExtensionClient *clientset.Clientset
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
|
@ -31,6 +31,7 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/watch"
|
"k8s.io/apimachinery/pkg/watch"
|
||||||
"k8s.io/client-go/dynamic"
|
"k8s.io/client-go/dynamic"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -38,6 +39,7 @@ import (
|
|||||||
var _ = SIGDescribe("CustomResourceDefinition Watch [Privileged:ClusterAdmin]", func() {
|
var _ = SIGDescribe("CustomResourceDefinition Watch [Privileged:ClusterAdmin]", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("crd-watch")
|
f := framework.NewDefaultFramework("crd-watch")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.Context("CustomResourceDefinition Watch", func() {
|
ginkgo.Context("CustomResourceDefinition Watch", func() {
|
||||||
/*
|
/*
|
||||||
|
@ -39,11 +39,13 @@ import (
|
|||||||
"k8s.io/client-go/dynamic"
|
"k8s.io/client-go/dynamic"
|
||||||
"k8s.io/client-go/util/retry"
|
"k8s.io/client-go/util/retry"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("CustomResourceDefinition resources [Privileged:ClusterAdmin]", func() {
|
var _ = SIGDescribe("CustomResourceDefinition resources [Privileged:ClusterAdmin]", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("custom-resource-definition")
|
f := framework.NewDefaultFramework("custom-resource-definition")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.Context("Simple CustomResourceDefinition", func() {
|
ginkgo.Context("Simple CustomResourceDefinition", func() {
|
||||||
/*
|
/*
|
||||||
|
@ -28,6 +28,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/utils/crd"
|
"k8s.io/kubernetes/test/utils/crd"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -35,6 +36,7 @@ import (
|
|||||||
var storageVersionServerVersion = utilversion.MustParseSemantic("v1.13.99")
|
var storageVersionServerVersion = utilversion.MustParseSemantic("v1.13.99")
|
||||||
var _ = SIGDescribe("Discovery", func() {
|
var _ = SIGDescribe("Discovery", func() {
|
||||||
f := framework.NewDefaultFramework("discovery")
|
f := framework.NewDefaultFramework("discovery")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var namespaceName string
|
var namespaceName string
|
||||||
|
|
||||||
|
@ -31,6 +31,7 @@ import (
|
|||||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -38,6 +39,7 @@ import (
|
|||||||
var _ = SIGDescribe("Etcd failure [Disruptive]", func() {
|
var _ = SIGDescribe("Etcd failure [Disruptive]", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("etcd-failure")
|
f := framework.NewDefaultFramework("etcd-failure")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
// This test requires:
|
// This test requires:
|
||||||
|
@ -39,6 +39,7 @@ import (
|
|||||||
"k8s.io/client-go/rest"
|
"k8s.io/client-go/rest"
|
||||||
clientsideflowcontrol "k8s.io/client-go/util/flowcontrol"
|
clientsideflowcontrol "k8s.io/client-go/util/flowcontrol"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -52,6 +53,7 @@ var (
|
|||||||
|
|
||||||
var _ = SIGDescribe("API priority and fairness", func() {
|
var _ = SIGDescribe("API priority and fairness", func() {
|
||||||
f := framework.NewDefaultFramework("apf")
|
f := framework.NewDefaultFramework("apf")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("should ensure that requests can be classified by adding FlowSchema and PriorityLevelConfiguration", func() {
|
ginkgo.It("should ensure that requests can be classified by adding FlowSchema and PriorityLevelConfiguration", func() {
|
||||||
testingFlowSchemaName := "e2e-testing-flowschema"
|
testingFlowSchemaName := "e2e-testing-flowschema"
|
||||||
|
@ -214,6 +214,7 @@ func newTestingCronJob(name string, value string) *batchv1.CronJob {
|
|||||||
|
|
||||||
var _ = SIGDescribe("Generated clientset", func() {
|
var _ = SIGDescribe("Generated clientset", func() {
|
||||||
f := framework.NewDefaultFramework("clientset")
|
f := framework.NewDefaultFramework("clientset")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("should create v1 cronJobs, delete cronJobs, watch cronJobs", func() {
|
ginkgo.It("should create v1 cronJobs, delete cronJobs, watch cronJobs", func() {
|
||||||
cronJobClient := f.ClientSet.BatchV1().CronJobs(f.Namespace.Name)
|
cronJobClient := f.ClientSet.BatchV1().CronJobs(f.Namespace.Name)
|
||||||
|
@ -27,6 +27,7 @@ import (
|
|||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
restclient "k8s.io/client-go/rest"
|
restclient "k8s.io/client-go/rest"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -116,6 +117,7 @@ func testPath(client clientset.Interface, path string, requiredChecks sets.Strin
|
|||||||
|
|
||||||
var _ = SIGDescribe("health handlers", func() {
|
var _ = SIGDescribe("health handlers", func() {
|
||||||
f := framework.NewDefaultFramework("health")
|
f := framework.NewDefaultFramework("health")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("should contain necessary checks", func() {
|
ginkgo.It("should contain necessary checks", func() {
|
||||||
ginkgo.By("/health")
|
ginkgo.By("/health")
|
||||||
|
@ -29,12 +29,14 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/fields"
|
"k8s.io/apimachinery/pkg/fields"
|
||||||
"k8s.io/apimachinery/pkg/watch"
|
"k8s.io/apimachinery/pkg/watch"
|
||||||
"k8s.io/client-go/kubernetes"
|
"k8s.io/client-go/kubernetes"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("client-go should negotiate", func() {
|
var _ = SIGDescribe("client-go should negotiate", func() {
|
||||||
f := framework.NewDefaultFramework("protocol")
|
f := framework.NewDefaultFramework("protocol")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
for _, s := range []string{
|
for _, s := range []string{
|
||||||
"application/json",
|
"application/json",
|
||||||
|
@ -24,6 +24,7 @@ import (
|
|||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"k8s.io/client-go/rest"
|
"k8s.io/client-go/rest"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -32,6 +33,7 @@ const (
|
|||||||
|
|
||||||
var _ = SIGDescribe("Server request timeout", func() {
|
var _ = SIGDescribe("Server request timeout", func() {
|
||||||
f := framework.NewDefaultFramework("request-timeout")
|
f := framework.NewDefaultFramework("request-timeout")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("should return HTTP status code 400 if the user specifies an invalid timeout in the request URL", func() {
|
ginkgo.It("should return HTTP status code 400 if the user specifies an invalid timeout in the request URL", func() {
|
||||||
rt := getRoundTripper(f)
|
rt := getRoundTripper(f)
|
||||||
|
@ -21,12 +21,14 @@ import (
|
|||||||
|
|
||||||
"k8s.io/apimachinery/pkg/version"
|
"k8s.io/apimachinery/pkg/version"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("server version", func() {
|
var _ = SIGDescribe("server version", func() {
|
||||||
f := framework.NewDefaultFramework("server-version")
|
f := framework.NewDefaultFramework("server-version")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release: v1.19
|
Release: v1.19
|
||||||
|
@ -25,6 +25,7 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -37,6 +38,7 @@ const (
|
|||||||
// This test requires that --feature-gates=APIServerIdentity=true,StorageVersionAPI=true be set on the apiserver and the controller manager
|
// This test requires that --feature-gates=APIServerIdentity=true,StorageVersionAPI=true be set on the apiserver and the controller manager
|
||||||
var _ = SIGDescribe("StorageVersion resources [Feature:StorageVersionAPI]", func() {
|
var _ = SIGDescribe("StorageVersion resources [Feature:StorageVersionAPI]", func() {
|
||||||
f := framework.NewDefaultFramework("storage-version")
|
f := framework.NewDefaultFramework("storage-version")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("storage version with non-existing id should be GC'ed", func() {
|
ginkgo.It("storage version with non-existing id should be GC'ed", func() {
|
||||||
client := f.ClientSet
|
client := f.ClientSet
|
||||||
|
@ -31,6 +31,7 @@ import (
|
|||||||
cachetools "k8s.io/client-go/tools/cache"
|
cachetools "k8s.io/client-go/tools/cache"
|
||||||
watchtools "k8s.io/client-go/tools/watch"
|
watchtools "k8s.io/client-go/tools/watch"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -47,6 +48,7 @@ const (
|
|||||||
|
|
||||||
var _ = SIGDescribe("Watchers", func() {
|
var _ = SIGDescribe("Watchers", func() {
|
||||||
f := framework.NewDefaultFramework("watch")
|
f := framework.NewDefaultFramework("watch")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release: v1.11
|
Release: v1.11
|
||||||
|
@ -41,6 +41,7 @@ import (
|
|||||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -204,6 +205,7 @@ func getContainerRestarts(c clientset.Interface, ns string, labelSelector labels
|
|||||||
var _ = SIGDescribe("DaemonRestart [Disruptive]", func() {
|
var _ = SIGDescribe("DaemonRestart [Disruptive]", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("daemonrestart")
|
f := framework.NewDefaultFramework("daemonrestart")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
rcName := "daemonrestart" + strconv.Itoa(numPods) + "-" + string(uuid.NewUUID())
|
rcName := "daemonrestart" + strconv.Itoa(numPods) + "-" + string(uuid.NewUUID())
|
||||||
labelSelector := labels.Set(map[string]string{"name": rcName}).AsSelector()
|
labelSelector := labels.Set(map[string]string{"name": rcName}).AsSelector()
|
||||||
existingPods := cache.NewStore(cache.MetaNamespaceKeyFunc)
|
existingPods := cache.NewStore(cache.MetaNamespaceKeyFunc)
|
||||||
|
@ -76,6 +76,7 @@ var _ = SIGDescribe("DisruptionController", func() {
|
|||||||
|
|
||||||
ginkgo.Context("Listing PodDisruptionBudgets for all namespaces", func() {
|
ginkgo.Context("Listing PodDisruptionBudgets for all namespaces", func() {
|
||||||
anotherFramework := framework.NewDefaultFramework("disruption-2")
|
anotherFramework := framework.NewDefaultFramework("disruption-2")
|
||||||
|
anotherFramework.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release : v1.21
|
Release : v1.21
|
||||||
|
@ -23,10 +23,12 @@ import (
|
|||||||
|
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("Conformance Tests", func() {
|
var _ = SIGDescribe("Conformance Tests", func() {
|
||||||
f := framework.NewDefaultFramework("conformance-tests")
|
f := framework.NewDefaultFramework("conformance-tests")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release: v1.23
|
Release: v1.23
|
||||||
|
@ -42,10 +42,12 @@ import (
|
|||||||
"k8s.io/client-go/util/certificate/csr"
|
"k8s.io/client-go/util/certificate/csr"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/utils"
|
"k8s.io/kubernetes/test/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("Certificates API [Privileged:ClusterAdmin]", func() {
|
var _ = SIGDescribe("Certificates API [Privileged:ClusterAdmin]", func() {
|
||||||
f := framework.NewDefaultFramework("certificates")
|
f := framework.NewDefaultFramework("certificates")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release: v1.19
|
Release: v1.19
|
||||||
|
@ -36,6 +36,7 @@ import (
|
|||||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
utilpointer "k8s.io/utils/pointer"
|
utilpointer "k8s.io/utils/pointer"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
@ -45,6 +46,7 @@ const nobodyUser = int64(65534)
|
|||||||
|
|
||||||
var _ = SIGDescribe("PodSecurityPolicy [Feature:PodSecurityPolicy]", func() {
|
var _ = SIGDescribe("PodSecurityPolicy [Feature:PodSecurityPolicy]", func() {
|
||||||
f := framework.NewDefaultFramework("podsecuritypolicy")
|
f := framework.NewDefaultFramework("podsecuritypolicy")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
f.SkipPrivilegedPSPBinding = true
|
f.SkipPrivilegedPSPBinding = true
|
||||||
|
|
||||||
// Client that will impersonate the default service account, in order to run
|
// Client that will impersonate the default service account, in order to run
|
||||||
|
@ -27,12 +27,14 @@ import (
|
|||||||
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("[Feature:ClusterSizeAutoscalingScaleUp] [Slow] Autoscaling", func() {
|
var _ = SIGDescribe("[Feature:ClusterSizeAutoscalingScaleUp] [Slow] Autoscaling", func() {
|
||||||
f := framework.NewDefaultFramework("autoscaling")
|
f := framework.NewDefaultFramework("autoscaling")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.Describe("Autoscaling a service", func() {
|
ginkgo.Describe("Autoscaling a service", func() {
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
|
@ -37,6 +37,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -61,6 +62,7 @@ type scaleUpTestConfig struct {
|
|||||||
|
|
||||||
var _ = SIGDescribe("Cluster size autoscaler scalability [Slow]", func() {
|
var _ = SIGDescribe("Cluster size autoscaler scalability [Slow]", func() {
|
||||||
f := framework.NewDefaultFramework("autoscaling")
|
f := framework.NewDefaultFramework("autoscaling")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
var nodeCount int
|
var nodeCount int
|
||||||
var coresPerNode int
|
var coresPerNode int
|
||||||
|
@ -53,6 +53,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/scheduling"
|
"k8s.io/kubernetes/test/e2e/scheduling"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -92,6 +93,7 @@ const (
|
|||||||
|
|
||||||
var _ = SIGDescribe("Cluster size autoscaling [Slow]", func() {
|
var _ = SIGDescribe("Cluster size autoscaling [Slow]", func() {
|
||||||
f := framework.NewDefaultFramework("autoscaling")
|
f := framework.NewDefaultFramework("autoscaling")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
var nodeCount int
|
var nodeCount int
|
||||||
var memAllocatableMb int
|
var memAllocatableMb int
|
||||||
|
@ -33,6 +33,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/instrumentation/monitoring"
|
"k8s.io/kubernetes/test/e2e/instrumentation/monitoring"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"golang.org/x/oauth2/google"
|
"golang.org/x/oauth2/google"
|
||||||
@ -51,6 +52,7 @@ var _ = SIGDescribe("[HPA] Horizontal pod autoscaling (scale resource: Custom Me
|
|||||||
})
|
})
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("horizontal-pod-autoscaling")
|
f := framework.NewDefaultFramework("horizontal-pod-autoscaling")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("should scale down with Custom Metric of type Pod from Stackdriver [Feature:CustomMetricsAutoscaling]", func() {
|
ginkgo.It("should scale down with Custom Metric of type Pod from Stackdriver [Feature:CustomMetricsAutoscaling]", func() {
|
||||||
initialReplicas := 2
|
initialReplicas := 2
|
||||||
|
@ -33,6 +33,7 @@ import (
|
|||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -47,6 +48,7 @@ const (
|
|||||||
|
|
||||||
var _ = SIGDescribe("DNS horizontal autoscaling", func() {
|
var _ = SIGDescribe("DNS horizontal autoscaling", func() {
|
||||||
f := framework.NewDefaultFramework("dns-autoscaling")
|
f := framework.NewDefaultFramework("dns-autoscaling")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
var previousParams map[string]string
|
var previousParams map[string]string
|
||||||
var originDNSReplicasCount int
|
var originDNSReplicasCount int
|
||||||
|
@ -21,12 +21,14 @@ import (
|
|||||||
|
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("[Feature:HPA] [Serial] [Slow] Horizontal pod autoscaling (non-default behavior)", func() {
|
var _ = SIGDescribe("[Feature:HPA] [Serial] [Slow] Horizontal pod autoscaling (non-default behavior)", func() {
|
||||||
f := framework.NewDefaultFramework("horizontal-pod-autoscaling")
|
f := framework.NewDefaultFramework("horizontal-pod-autoscaling")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.Describe("with short downscale stabilization window", func() {
|
ginkgo.Describe("with short downscale stabilization window", func() {
|
||||||
ginkgo.It("should scale down soon after the stabilization period", func() {
|
ginkgo.It("should scale down soon after the stabilization period", func() {
|
||||||
|
@ -35,6 +35,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -217,6 +218,7 @@ var _ = SIGDescribe("Addon update", func() {
|
|||||||
var dir string
|
var dir string
|
||||||
var sshClient *ssh.Client
|
var sshClient *ssh.Client
|
||||||
f := framework.NewDefaultFramework("addon-update-test")
|
f := framework.NewDefaultFramework("addon-update-test")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
// This test requires:
|
// This test requires:
|
||||||
|
@ -23,6 +23,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/upgrades"
|
"k8s.io/kubernetes/test/e2e/upgrades"
|
||||||
"k8s.io/kubernetes/test/e2e/upgrades/apps"
|
"k8s.io/kubernetes/test/e2e/upgrades/apps"
|
||||||
"k8s.io/kubernetes/test/utils/junit"
|
"k8s.io/kubernetes/test/utils/junit"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -35,6 +36,7 @@ var upgradeTests = []upgrades.Test{
|
|||||||
|
|
||||||
var _ = SIGDescribe("stateful Upgrade [Feature:StatefulUpgrade]", func() {
|
var _ = SIGDescribe("stateful Upgrade [Feature:StatefulUpgrade]", func() {
|
||||||
f := framework.NewDefaultFramework("stateful-upgrade")
|
f := framework.NewDefaultFramework("stateful-upgrade")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||||
|
|
||||||
ginkgo.Describe("stateful upgrade", func() {
|
ginkgo.Describe("stateful upgrade", func() {
|
||||||
|
@ -22,6 +22,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/upgrades"
|
"k8s.io/kubernetes/test/e2e/upgrades"
|
||||||
"k8s.io/kubernetes/test/e2e/upgrades/auth"
|
"k8s.io/kubernetes/test/e2e/upgrades/auth"
|
||||||
"k8s.io/kubernetes/test/utils/junit"
|
"k8s.io/kubernetes/test/utils/junit"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -32,6 +33,7 @@ var upgradeTests = []upgrades.Test{
|
|||||||
|
|
||||||
var _ = SIGDescribe("ServiceAccount admission controller migration [Feature:BoundServiceAccountTokenVolume]", func() {
|
var _ = SIGDescribe("ServiceAccount admission controller migration [Feature:BoundServiceAccountTokenVolume]", func() {
|
||||||
f := framework.NewDefaultFramework("serviceaccount-admission-controller-migration")
|
f := framework.NewDefaultFramework("serviceaccount-admission-controller-migration")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||||
|
|
||||||
ginkgo.Describe("master upgrade", func() {
|
ginkgo.Describe("master upgrade", func() {
|
||||||
|
@ -26,6 +26,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/upgrades/node"
|
"k8s.io/kubernetes/test/e2e/upgrades/node"
|
||||||
"k8s.io/kubernetes/test/e2e/upgrades/storage"
|
"k8s.io/kubernetes/test/e2e/upgrades/storage"
|
||||||
"k8s.io/kubernetes/test/utils/junit"
|
"k8s.io/kubernetes/test/utils/junit"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -50,6 +51,7 @@ var upgradeTests = []upgrades.Test{
|
|||||||
|
|
||||||
var _ = SIGDescribe("Upgrade [Feature:Upgrade]", func() {
|
var _ = SIGDescribe("Upgrade [Feature:Upgrade]", func() {
|
||||||
f := framework.NewDefaultFramework("cluster-upgrade")
|
f := framework.NewDefaultFramework("cluster-upgrade")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||||
|
|
||||||
// Create the frameworks here because we can only create them
|
// Create the frameworks here because we can only create them
|
||||||
@ -88,6 +90,7 @@ var _ = SIGDescribe("Upgrade [Feature:Upgrade]", func() {
|
|||||||
|
|
||||||
var _ = SIGDescribe("Downgrade [Feature:Downgrade]", func() {
|
var _ = SIGDescribe("Downgrade [Feature:Downgrade]", func() {
|
||||||
f := framework.NewDefaultFramework("cluster-downgrade")
|
f := framework.NewDefaultFramework("cluster-downgrade")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||||
|
|
||||||
ginkgo.Describe("cluster downgrade", func() {
|
ginkgo.Describe("cluster downgrade", func() {
|
||||||
|
@ -23,6 +23,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -30,6 +31,7 @@ import (
|
|||||||
var _ = SIGDescribe("GKE node pools [Feature:GKENodePool]", func() {
|
var _ = SIGDescribe("GKE node pools [Feature:GKENodePool]", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("node-pools")
|
f := framework.NewDefaultFramework("node-pools")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
e2eskipper.SkipUnlessProviderIs("gke")
|
e2eskipper.SkipUnlessProviderIs("gke")
|
||||||
|
@ -35,6 +35,7 @@ import (
|
|||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
func addMasterReplica(zone string) error {
|
func addMasterReplica(zone string) error {
|
||||||
@ -161,6 +162,7 @@ func waitForMasters(masterPrefix string, c clientset.Interface, size int, timeou
|
|||||||
|
|
||||||
var _ = SIGDescribe("HA-master [Feature:HAMaster]", func() {
|
var _ = SIGDescribe("HA-master [Feature:HAMaster]", func() {
|
||||||
f := framework.NewDefaultFramework("ha-master")
|
f := framework.NewDefaultFramework("ha-master")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
var ns string
|
var ns string
|
||||||
var additionalReplicaZones []string
|
var additionalReplicaZones []string
|
||||||
|
@ -27,12 +27,14 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2ekubelet "k8s.io/kubernetes/test/e2e/framework/kubelet"
|
e2ekubelet "k8s.io/kubernetes/test/e2e/framework/kubelet"
|
||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("Ports Security Check [Feature:KubeletSecurity]", func() {
|
var _ = SIGDescribe("Ports Security Check [Feature:KubeletSecurity]", func() {
|
||||||
f := framework.NewDefaultFramework("kubelet-security")
|
f := framework.NewDefaultFramework("kubelet-security")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var node *v1.Node
|
var node *v1.Node
|
||||||
var nodeName string
|
var nodeName string
|
||||||
|
@ -25,6 +25,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/upgrades"
|
"k8s.io/kubernetes/test/e2e/upgrades"
|
||||||
"k8s.io/kubernetes/test/e2e/upgrades/network"
|
"k8s.io/kubernetes/test/e2e/upgrades/network"
|
||||||
"k8s.io/kubernetes/test/utils/junit"
|
"k8s.io/kubernetes/test/utils/junit"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -45,6 +46,7 @@ func kubeProxyDaemonSetExtraEnvs(enableKubeProxyDaemonSet bool) []string {
|
|||||||
|
|
||||||
var _ = SIGDescribe("kube-proxy migration [Feature:KubeProxyDaemonSetMigration]", func() {
|
var _ = SIGDescribe("kube-proxy migration [Feature:KubeProxyDaemonSetMigration]", func() {
|
||||||
f := framework.NewDefaultFramework("kube-proxy-ds-migration")
|
f := framework.NewDefaultFramework("kube-proxy-ds-migration")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
upgradeTestFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
upgradeTestFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||||
downgradeTestsFrameworks := upgrades.CreateUpgradeFrameworks(downgradeTests)
|
downgradeTestsFrameworks := upgrades.CreateUpgradeFrameworks(downgradeTests)
|
||||||
|
|
||||||
|
@ -22,6 +22,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/upgrades"
|
"k8s.io/kubernetes/test/e2e/upgrades"
|
||||||
"k8s.io/kubernetes/test/e2e/upgrades/node"
|
"k8s.io/kubernetes/test/e2e/upgrades/node"
|
||||||
"k8s.io/kubernetes/test/utils/junit"
|
"k8s.io/kubernetes/test/utils/junit"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -32,6 +33,7 @@ var upgradeTests = []upgrades.Test{
|
|||||||
|
|
||||||
var _ = SIGDescribe("gpu Upgrade [Feature:GPUUpgrade]", func() {
|
var _ = SIGDescribe("gpu Upgrade [Feature:GPUUpgrade]", func() {
|
||||||
f := framework.NewDefaultFramework("gpu-upgrade")
|
f := framework.NewDefaultFramework("gpu-upgrade")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||||
|
|
||||||
ginkgo.Describe("master upgrade", func() {
|
ginkgo.Describe("master upgrade", func() {
|
||||||
|
@ -29,6 +29,7 @@ import (
|
|||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"github.com/onsi/gomega"
|
"github.com/onsi/gomega"
|
||||||
@ -36,6 +37,7 @@ import (
|
|||||||
|
|
||||||
var _ = SIGDescribe("[Disruptive]NodeLease", func() {
|
var _ = SIGDescribe("[Disruptive]NodeLease", func() {
|
||||||
f := framework.NewDefaultFramework("node-lease-test")
|
f := framework.NewDefaultFramework("node-lease-test")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var systemPodsNo int32
|
var systemPodsNo int32
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
var ns string
|
var ns string
|
||||||
|
@ -35,6 +35,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -91,6 +92,7 @@ var _ = SIGDescribe("Reboot [Disruptive] [Feature:Reboot]", func() {
|
|||||||
})
|
})
|
||||||
|
|
||||||
f = framework.NewDefaultFramework("reboot")
|
f = framework.NewDefaultFramework("reboot")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("each node by ordering clean reboot and ensure they function upon restart", func() {
|
ginkgo.It("each node by ordering clean reboot and ensure they function upon restart", func() {
|
||||||
// clean shutdown and restart
|
// clean shutdown and restart
|
||||||
|
@ -33,6 +33,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework/providers/gce"
|
"k8s.io/kubernetes/test/e2e/framework/providers/gce"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -43,6 +44,7 @@ const (
|
|||||||
|
|
||||||
var _ = SIGDescribe("Recreate [Feature:Recreate]", func() {
|
var _ = SIGDescribe("Recreate [Feature:Recreate]", func() {
|
||||||
f := framework.NewDefaultFramework("recreate")
|
f := framework.NewDefaultFramework("recreate")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var originalNodes []v1.Node
|
var originalNodes []v1.Node
|
||||||
var originalPodNames []string
|
var originalPodNames []string
|
||||||
var ps *testutils.PodStore
|
var ps *testutils.PodStore
|
||||||
|
@ -29,6 +29,7 @@ import (
|
|||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -45,6 +46,7 @@ func resizeRC(c clientset.Interface, ns, name string, replicas int32) error {
|
|||||||
|
|
||||||
var _ = SIGDescribe("Nodes [Disruptive]", func() {
|
var _ = SIGDescribe("Nodes [Disruptive]", func() {
|
||||||
f := framework.NewDefaultFramework("resize-nodes")
|
f := framework.NewDefaultFramework("resize-nodes")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var systemPodsNo int32
|
var systemPodsNo int32
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
var ns string
|
var ns string
|
||||||
|
@ -29,6 +29,7 @@ import (
|
|||||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -43,6 +44,7 @@ func nodeNames(nodes []v1.Node) []string {
|
|||||||
|
|
||||||
var _ = SIGDescribe("Restart [Disruptive]", func() {
|
var _ = SIGDescribe("Restart [Disruptive]", func() {
|
||||||
f := framework.NewDefaultFramework("restart")
|
f := framework.NewDefaultFramework("restart")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var ps *testutils.PodStore
|
var ps *testutils.PodStore
|
||||||
var originalNodes []v1.Node
|
var originalNodes []v1.Node
|
||||||
var originalPodNames []string
|
var originalPodNames []string
|
||||||
|
@ -27,12 +27,14 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("[Feature:CloudProvider][Disruptive] Nodes", func() {
|
var _ = SIGDescribe("[Feature:CloudProvider][Disruptive] Nodes", func() {
|
||||||
f := framework.NewDefaultFramework("cloudprovider")
|
f := framework.NewDefaultFramework("cloudprovider")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
|
@ -30,6 +30,7 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
"k8s.io/apimachinery/pkg/util/strategicpatch"
|
"k8s.io/apimachinery/pkg/util/strategicpatch"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
"k8s.io/utils/pointer"
|
"k8s.io/utils/pointer"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -51,6 +52,7 @@ func getPatchBytes(oldLease, newLease *coordinationv1.Lease) ([]byte, error) {
|
|||||||
|
|
||||||
var _ = SIGDescribe("Lease", func() {
|
var _ = SIGDescribe("Lease", func() {
|
||||||
f := framework.NewDefaultFramework("lease-test")
|
f := framework.NewDefaultFramework("lease-test")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release: v1.17
|
Release: v1.17
|
||||||
|
@ -31,6 +31,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"github.com/onsi/gomega"
|
"github.com/onsi/gomega"
|
||||||
@ -39,6 +40,7 @@ import (
|
|||||||
var _ = SIGDescribe("NodeLease", func() {
|
var _ = SIGDescribe("NodeLease", func() {
|
||||||
var nodeName string
|
var nodeName string
|
||||||
f := framework.NewDefaultFramework("node-lease-test")
|
f := framework.NewDefaultFramework("node-lease-test")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
node, err := e2enode.GetRandomReadySchedulableNode(f.ClientSet)
|
node, err := e2enode.GetRandomReadySchedulableNode(f.ClientSet)
|
||||||
|
@ -31,6 +31,7 @@ import (
|
|||||||
"k8s.io/client-go/util/retry"
|
"k8s.io/client-go/util/retry"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -42,6 +43,7 @@ const (
|
|||||||
|
|
||||||
var _ = SIGDescribe("PodTemplates", func() {
|
var _ = SIGDescribe("PodTemplates", func() {
|
||||||
f := framework.NewDefaultFramework("podtemplate")
|
f := framework.NewDefaultFramework("podtemplate")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
/*
|
/*
|
||||||
Release: v1.19
|
Release: v1.19
|
||||||
Testname: PodTemplate lifecycle
|
Testname: PodTemplate lifecycle
|
||||||
|
@ -27,12 +27,14 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = SIGDescribe("Downward API [Serial] [Disruptive] [NodeFeature:EphemeralStorage]", func() {
|
var _ = SIGDescribe("Downward API [Serial] [Disruptive] [NodeFeature:EphemeralStorage]", func() {
|
||||||
f := framework.NewDefaultFramework("downward-api")
|
f := framework.NewDefaultFramework("downward-api")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.Context("Downward API tests for local ephemeral storage", func() {
|
ginkgo.Context("Downward API tests for local ephemeral storage", func() {
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
|
@ -26,6 +26,7 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/instrumentation/common"
|
"k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
@ -38,6 +39,7 @@ const (
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("Events", func() {
|
var _ = common.SIGDescribe("Events", func() {
|
||||||
f := framework.NewDefaultFramework("events")
|
f := framework.NewDefaultFramework("events")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release: v1.20
|
Release: v1.20
|
||||||
|
@ -32,6 +32,7 @@ import (
|
|||||||
typedeventsv1 "k8s.io/client-go/kubernetes/typed/events/v1"
|
typedeventsv1 "k8s.io/client-go/kubernetes/typed/events/v1"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/instrumentation/common"
|
"k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
@ -75,6 +76,7 @@ func eventExistsInList(client typedeventsv1.EventInterface, namespace, name stri
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("Events API", func() {
|
var _ = common.SIGDescribe("Events API", func() {
|
||||||
f := framework.NewDefaultFramework("events")
|
f := framework.NewDefaultFramework("events")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var coreClient corev1.EventInterface
|
var coreClient corev1.EventInterface
|
||||||
var client typedeventsv1.EventInterface
|
var client typedeventsv1.EventInterface
|
||||||
var clientAllNamespaces typedeventsv1.EventInterface
|
var clientAllNamespaces typedeventsv1.EventInterface
|
||||||
|
@ -29,6 +29,7 @@ import (
|
|||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -42,6 +43,7 @@ var _ = e2econfig.AddOptions(&loggingSoak, "instrumentation.logging.soak")
|
|||||||
var _ = instrumentation.SIGDescribe("Logging soak [Performance] [Slow] [Disruptive]", func() {
|
var _ = instrumentation.SIGDescribe("Logging soak [Performance] [Slow] [Disruptive]", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("logging-soak")
|
f := framework.NewDefaultFramework("logging-soak")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
// Not a global constant (irrelevant outside this test), also not a parameter (if you want more logs, use --scale=).
|
// Not a global constant (irrelevant outside this test), also not a parameter (if you want more logs, use --scale=).
|
||||||
kbRateInSeconds := 1 * time.Second
|
kbRateInSeconds := 1 * time.Second
|
||||||
|
@ -31,6 +31,7 @@ import (
|
|||||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||||
"k8s.io/kubernetes/test/e2e/scheduling"
|
"k8s.io/kubernetes/test/e2e/scheduling"
|
||||||
"k8s.io/kubernetes/test/utils/image"
|
"k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"golang.org/x/oauth2/google"
|
"golang.org/x/oauth2/google"
|
||||||
@ -52,6 +53,7 @@ var _ = instrumentation.SIGDescribe("Stackdriver Monitoring", func() {
|
|||||||
})
|
})
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("should have accelerator metrics [Feature:StackdriverAcceleratorMonitoring]", func() {
|
ginkgo.It("should have accelerator metrics [Feature:StackdriverAcceleratorMonitoring]", func() {
|
||||||
testStackdriverAcceleratorMonitoring(f)
|
testStackdriverAcceleratorMonitoring(f)
|
||||||
|
@ -35,6 +35,7 @@ import (
|
|||||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||||
customclient "k8s.io/metrics/pkg/client/custom_metrics"
|
customclient "k8s.io/metrics/pkg/client/custom_metrics"
|
||||||
externalclient "k8s.io/metrics/pkg/client/external_metrics"
|
externalclient "k8s.io/metrics/pkg/client/external_metrics"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"golang.org/x/oauth2/google"
|
"golang.org/x/oauth2/google"
|
||||||
@ -53,6 +54,7 @@ var _ = instrumentation.SIGDescribe("Stackdriver Monitoring", func() {
|
|||||||
})
|
})
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("should run Custom Metrics - Stackdriver Adapter for old resource model [Feature:StackdriverCustomMetrics]", func() {
|
ginkgo.It("should run Custom Metrics - Stackdriver Adapter for old resource model [Feature:StackdriverCustomMetrics]", func() {
|
||||||
kubeClient := f.ClientSet
|
kubeClient := f.ClientSet
|
||||||
|
@ -30,10 +30,12 @@ import (
|
|||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = instrumentation.SIGDescribe("MetricsGrabber", func() {
|
var _ = instrumentation.SIGDescribe("MetricsGrabber", func() {
|
||||||
f := framework.NewDefaultFramework("metrics-grabber")
|
f := framework.NewDefaultFramework("metrics-grabber")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var c, ec clientset.Interface
|
var c, ec clientset.Interface
|
||||||
var grabber *e2emetrics.Grabber
|
var grabber *e2emetrics.Grabber
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
|
@ -28,6 +28,7 @@ import (
|
|||||||
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"golang.org/x/oauth2/google"
|
"golang.org/x/oauth2/google"
|
||||||
@ -65,6 +66,7 @@ var _ = instrumentation.SIGDescribe("Stackdriver Monitoring", func() {
|
|||||||
})
|
})
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.It("should have cluster metrics [Feature:StackdriverMonitoring]", func() {
|
ginkgo.It("should have cluster metrics [Feature:StackdriverMonitoring]", func() {
|
||||||
testStackdriverMonitoring(f, 1, 100, 200)
|
testStackdriverMonitoring(f, 1, 100, 200)
|
||||||
|
@ -31,6 +31,7 @@ import (
|
|||||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"golang.org/x/oauth2/google"
|
"golang.org/x/oauth2/google"
|
||||||
@ -50,6 +51,7 @@ var _ = instrumentation.SIGDescribe("Stackdriver Monitoring", func() {
|
|||||||
})
|
})
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var kubeClient clientset.Interface
|
var kubeClient clientset.Interface
|
||||||
|
|
||||||
ginkgo.It("should run Stackdriver Metadata Agent [Feature:StackdriverMetadataAgent]", func() {
|
ginkgo.It("should run Stackdriver Metadata Agent [Feature:StackdriverMetadataAgent]", func() {
|
||||||
|
@ -26,6 +26,7 @@ import (
|
|||||||
bootstrapapi "k8s.io/cluster-bootstrap/token/api"
|
bootstrapapi "k8s.io/cluster-bootstrap/token/api"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/lifecycle"
|
"k8s.io/kubernetes/test/e2e/lifecycle"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -41,6 +42,7 @@ var _ = lifecycle.SIGDescribe("[Feature:BootstrapTokens]", func() {
|
|||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("bootstrap-signer")
|
f := framework.NewDefaultFramework("bootstrap-signer")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.AfterEach(func() {
|
ginkgo.AfterEach(func() {
|
||||||
if len(secretNeedClean) > 0 {
|
if len(secretNeedClean) > 0 {
|
||||||
ginkgo.By("delete the bootstrap token secret")
|
ginkgo.By("delete the bootstrap token secret")
|
||||||
|
@ -27,6 +27,7 @@ import (
|
|||||||
bootstrapapi "k8s.io/cluster-bootstrap/token/api"
|
bootstrapapi "k8s.io/cluster-bootstrap/token/api"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/lifecycle"
|
"k8s.io/kubernetes/test/e2e/lifecycle"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var secretNeedClean string
|
var secretNeedClean string
|
||||||
@ -35,6 +36,7 @@ var _ = lifecycle.SIGDescribe("[Feature:BootstrapTokens]", func() {
|
|||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("bootstrap-token-cleaner")
|
f := framework.NewDefaultFramework("bootstrap-token-cleaner")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
c = f.ClientSet
|
c = f.ClientSet
|
||||||
|
@ -36,6 +36,7 @@ import (
|
|||||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
dnsclient "k8s.io/kubernetes/third_party/forked/golang/net"
|
dnsclient "k8s.io/kubernetes/third_party/forked/golang/net"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"github.com/onsi/gomega"
|
"github.com/onsi/gomega"
|
||||||
@ -59,8 +60,10 @@ type dnsTestCommon struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func newDNSTestCommon() dnsTestCommon {
|
func newDNSTestCommon() dnsTestCommon {
|
||||||
|
framework := framework.NewDefaultFramework("dns-config-map")
|
||||||
|
framework.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
return dnsTestCommon{
|
return dnsTestCommon{
|
||||||
f: framework.NewDefaultFramework("dns-config-map"),
|
f: framework,
|
||||||
ns: "kube-system",
|
ns: "kube-system",
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -30,6 +30,7 @@ import (
|
|||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -43,6 +44,7 @@ const (
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("[Feature:PerformanceDNS][Serial]", func() {
|
var _ = common.SIGDescribe("[Feature:PerformanceDNS][Serial]", func() {
|
||||||
f := framework.NewDefaultFramework("performancedns")
|
f := framework.NewDefaultFramework("performancedns")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
framework.ExpectNoError(framework.WaitForAllNodesSchedulable(f.ClientSet, framework.TestContext.NodeSchedulableTimeout))
|
framework.ExpectNoError(framework.WaitForAllNodesSchedulable(f.ClientSet, framework.TestContext.NodeSchedulableTimeout))
|
||||||
|
@ -38,12 +38,14 @@ import (
|
|||||||
e2eservice "k8s.io/kubernetes/test/e2e/framework/service"
|
e2eservice "k8s.io/kubernetes/test/e2e/framework/service"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
netutils "k8s.io/utils/net"
|
netutils "k8s.io/utils/net"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Tests for ipv4-ipv6 dual-stack feature
|
// Tests for ipv4-ipv6 dual-stack feature
|
||||||
var _ = common.SIGDescribe("[Feature:IPv6DualStack]", func() {
|
var _ = common.SIGDescribe("[Feature:IPv6DualStack]", func() {
|
||||||
f := framework.NewDefaultFramework("dualstack")
|
f := framework.NewDefaultFramework("dualstack")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var cs clientset.Interface
|
var cs clientset.Interface
|
||||||
var podClient *framework.PodClient
|
var podClient *framework.PodClient
|
||||||
|
@ -29,10 +29,12 @@ import (
|
|||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = common.SIGDescribe("EndpointSliceMirroring", func() {
|
var _ = common.SIGDescribe("EndpointSliceMirroring", func() {
|
||||||
f := framework.NewDefaultFramework("endpointslicemirroring")
|
f := framework.NewDefaultFramework("endpointslicemirroring")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var cs clientset.Interface
|
var cs clientset.Interface
|
||||||
|
|
||||||
|
@ -38,6 +38,7 @@ import (
|
|||||||
e2eservice "k8s.io/kubernetes/test/e2e/framework/service"
|
e2eservice "k8s.io/kubernetes/test/e2e/framework/service"
|
||||||
e2etestfiles "k8s.io/kubernetes/test/e2e/framework/testfiles"
|
e2etestfiles "k8s.io/kubernetes/test/e2e/framework/testfiles"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -57,6 +58,7 @@ except:
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("ClusterDns [Feature:Example]", func() {
|
var _ = common.SIGDescribe("ClusterDns [Feature:Example]", func() {
|
||||||
f := framework.NewDefaultFramework("cluster-dns")
|
f := framework.NewDefaultFramework("cluster-dns")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
|
@ -39,6 +39,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
gcecloud "k8s.io/legacy-cloud-providers/gce"
|
gcecloud "k8s.io/legacy-cloud-providers/gce"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -53,6 +54,7 @@ const (
|
|||||||
var _ = common.SIGDescribe("Firewall rule", func() {
|
var _ = common.SIGDescribe("Firewall rule", func() {
|
||||||
var firewallTestName = "firewall-test"
|
var firewallTestName = "firewall-test"
|
||||||
f := framework.NewDefaultFramework(firewallTestName)
|
f := framework.NewDefaultFramework(firewallTestName)
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var cs clientset.Interface
|
var cs clientset.Interface
|
||||||
var cloudConfig framework.CloudConfig
|
var cloudConfig framework.CloudConfig
|
||||||
|
@ -537,6 +537,7 @@ func detectNegAnnotation(f *framework.Framework, jig *e2eingress.TestJig, gceCon
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("Ingress API", func() {
|
var _ = common.SIGDescribe("Ingress API", func() {
|
||||||
f := framework.NewDefaultFramework("ingress")
|
f := framework.NewDefaultFramework("ingress")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
/*
|
/*
|
||||||
Release: v1.19
|
Release: v1.19
|
||||||
Testname: Ingress API
|
Testname: Ingress API
|
||||||
|
@ -21,6 +21,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
"k8s.io/kubernetes/test/e2e/network/scale"
|
"k8s.io/kubernetes/test/e2e/network/scale"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -31,6 +32,7 @@ var _ = common.SIGDescribe("Loadbalancing: L7 Scalability", func() {
|
|||||||
ns string
|
ns string
|
||||||
)
|
)
|
||||||
f := framework.NewDefaultFramework("ingress-scale")
|
f := framework.NewDefaultFramework("ingress-scale")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
ns = f.Namespace.Name
|
ns = f.Namespace.Name
|
||||||
|
@ -31,6 +31,7 @@ import (
|
|||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
utilpointer "k8s.io/utils/pointer"
|
utilpointer "k8s.io/utils/pointer"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
@ -38,6 +39,7 @@ import (
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("IngressClass [Feature:Ingress]", func() {
|
var _ = common.SIGDescribe("IngressClass [Feature:Ingress]", func() {
|
||||||
f := framework.NewDefaultFramework("ingressclass")
|
f := framework.NewDefaultFramework("ingressclass")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var cs clientset.Interface
|
var cs clientset.Interface
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
cs = f.ClientSet
|
cs = f.ClientSet
|
||||||
@ -181,6 +183,7 @@ func deleteIngressClass(cs clientset.Interface, name string) {
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("IngressClass API", func() {
|
var _ = common.SIGDescribe("IngressClass API", func() {
|
||||||
f := framework.NewDefaultFramework("ingressclass")
|
f := framework.NewDefaultFramework("ingressclass")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var cs clientset.Interface
|
var cs clientset.Interface
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
cs = f.ClientSet
|
cs = f.ClientSet
|
||||||
|
@ -1733,6 +1733,7 @@ var _ = common.SIGDescribe("NetworkPolicy [Feature:SCTPConnectivity][LinuxOnly][
|
|||||||
var podServer *v1.Pod
|
var podServer *v1.Pod
|
||||||
var podServerLabelSelector string
|
var podServerLabelSelector string
|
||||||
f := framework.NewDefaultFramework("sctp-network-policy")
|
f := framework.NewDefaultFramework("sctp-network-policy")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
// Windows does not support network policies.
|
// Windows does not support network policies.
|
||||||
@ -2186,6 +2187,7 @@ func cleanupNetworkPolicy(f *framework.Framework, policy *networkingv1.NetworkPo
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("NetworkPolicy API", func() {
|
var _ = common.SIGDescribe("NetworkPolicy API", func() {
|
||||||
f := framework.NewDefaultFramework("networkpolicies")
|
f := framework.NewDefaultFramework("networkpolicies")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
/*
|
/*
|
||||||
Release: v1.20
|
Release: v1.20
|
||||||
Testname: NetworkPolicies API
|
Testname: NetworkPolicies API
|
||||||
|
@ -33,6 +33,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
utilnet "k8s.io/utils/net"
|
utilnet "k8s.io/utils/net"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -116,6 +117,7 @@ and what is happening in practice:
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("Netpol", func() {
|
var _ = common.SIGDescribe("Netpol", func() {
|
||||||
f := framework.NewDefaultFramework("netpol")
|
f := framework.NewDefaultFramework("netpol")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var model *Model
|
var model *Model
|
||||||
|
|
||||||
ginkgo.Context("NetworkPolicy between server and client", func() {
|
ginkgo.Context("NetworkPolicy between server and client", func() {
|
||||||
@ -1254,6 +1256,7 @@ var _ = common.SIGDescribe("Netpol", func() {
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("Netpol [LinuxOnly]", func() {
|
var _ = common.SIGDescribe("Netpol [LinuxOnly]", func() {
|
||||||
f := framework.NewDefaultFramework("udp-network-policy")
|
f := framework.NewDefaultFramework("udp-network-policy")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var model *Model
|
var model *Model
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
// Windows does not support UDP testing via agnhost.
|
// Windows does not support UDP testing via agnhost.
|
||||||
@ -1339,6 +1342,7 @@ var _ = common.SIGDescribe("Netpol [LinuxOnly]", func() {
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("Netpol [Feature:SCTPConnectivity][LinuxOnly][Disruptive]", func() {
|
var _ = common.SIGDescribe("Netpol [Feature:SCTPConnectivity][LinuxOnly][Disruptive]", func() {
|
||||||
f := framework.NewDefaultFramework("sctp-network-policy")
|
f := framework.NewDefaultFramework("sctp-network-policy")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var model *Model
|
var model *Model
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
// Windows does not support network policies.
|
// Windows does not support network policies.
|
||||||
|
@ -25,6 +25,7 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/util/intstr"
|
"k8s.io/apimachinery/pkg/util/intstr"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
"k8s.io/apimachinery/pkg/watch"
|
"k8s.io/apimachinery/pkg/watch"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
networkingv1 "k8s.io/api/networking/v1"
|
networkingv1 "k8s.io/api/networking/v1"
|
||||||
@ -35,6 +36,7 @@ import (
|
|||||||
|
|
||||||
var _ = common.SIGDescribe("Netpol API", func() {
|
var _ = common.SIGDescribe("Netpol API", func() {
|
||||||
f := framework.NewDefaultFramework("netpol")
|
f := framework.NewDefaultFramework("netpol")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
/*
|
/*
|
||||||
Release: v1.20
|
Release: v1.20
|
||||||
Testname: NetworkPolicies API
|
Testname: NetworkPolicies API
|
||||||
|
@ -34,12 +34,14 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
gcecloud "k8s.io/legacy-cloud-providers/gce"
|
gcecloud "k8s.io/legacy-cloud-providers/gce"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = common.SIGDescribe("Services GCE [Slow]", func() {
|
var _ = common.SIGDescribe("Services GCE [Slow]", func() {
|
||||||
f := framework.NewDefaultFramework("services")
|
f := framework.NewDefaultFramework("services")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var cs clientset.Interface
|
var cs clientset.Interface
|
||||||
serviceLBNames := []string{}
|
serviceLBNames := []string{}
|
||||||
|
@ -26,6 +26,7 @@ import (
|
|||||||
v1 "k8s.io/api/core/v1"
|
v1 "k8s.io/api/core/v1"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
@ -63,6 +64,7 @@ var (
|
|||||||
// We use the [Feature:NoSNAT] tag so that most jobs will skip this test by default.
|
// We use the [Feature:NoSNAT] tag so that most jobs will skip this test by default.
|
||||||
var _ = common.SIGDescribe("NoSNAT [Feature:NoSNAT] [Slow]", func() {
|
var _ = common.SIGDescribe("NoSNAT [Feature:NoSNAT] [Slow]", func() {
|
||||||
f := framework.NewDefaultFramework("no-snat-test")
|
f := framework.NewDefaultFramework("no-snat-test")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.It("Should be able to send traffic between Pods without SNAT", func() {
|
ginkgo.It("Should be able to send traffic between Pods without SNAT", func() {
|
||||||
cs := f.ClientSet
|
cs := f.ClientSet
|
||||||
pc := cs.CoreV1().Pods(f.Namespace.Name)
|
pc := cs.CoreV1().Pods(f.Namespace.Name)
|
||||||
|
@ -37,10 +37,12 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/network/common"
|
"k8s.io/kubernetes/test/e2e/network/common"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = common.SIGDescribe("[Feature:Topology Hints]", func() {
|
var _ = common.SIGDescribe("[Feature:Topology Hints]", func() {
|
||||||
f := framework.NewDefaultFramework("topology-hints")
|
f := framework.NewDefaultFramework("topology-hints")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
// filled in BeforeEach
|
// filled in BeforeEach
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
|
@ -33,6 +33,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/perftype"
|
"k8s.io/kubernetes/test/e2e/perftype"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -196,6 +197,7 @@ func verifyCPULimits(expected e2ekubelet.ContainersCPUSummary, actual e2ekubelet
|
|||||||
var _ = SIGDescribe("Kubelet [Serial] [Slow]", func() {
|
var _ = SIGDescribe("Kubelet [Serial] [Slow]", func() {
|
||||||
var nodeNames sets.String
|
var nodeNames sets.String
|
||||||
f := framework.NewDefaultFramework("kubelet-perf")
|
f := framework.NewDefaultFramework("kubelet-perf")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var om *e2ekubelet.RuntimeOperationMonitor
|
var om *e2ekubelet.RuntimeOperationMonitor
|
||||||
var rm *e2ekubelet.ResourceMonitor
|
var rm *e2ekubelet.ResourceMonitor
|
||||||
|
|
||||||
|
@ -34,6 +34,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||||
testutils "k8s.io/kubernetes/test/utils"
|
testutils "k8s.io/kubernetes/test/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"github.com/onsi/gomega"
|
"github.com/onsi/gomega"
|
||||||
@ -48,6 +49,7 @@ var _ = SIGDescribe("NodeProblemDetector", func() {
|
|||||||
maxNodesToProcess = 10
|
maxNodesToProcess = 10
|
||||||
)
|
)
|
||||||
f := framework.NewDefaultFramework("node-problem-detector")
|
f := framework.NewDefaultFramework("node-problem-detector")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
e2eskipper.SkipUnlessSSHKeyPresent()
|
e2eskipper.SkipUnlessSSHKeyPresent()
|
||||||
|
@ -29,6 +29,7 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
// This test requires that --terminated-pod-gc-threshold=100 be set on the controller manager
|
// This test requires that --terminated-pod-gc-threshold=100 be set on the controller manager
|
||||||
@ -36,6 +37,7 @@ import (
|
|||||||
// Slow by design (7 min)
|
// Slow by design (7 min)
|
||||||
var _ = SIGDescribe("Pod garbage collector [Feature:PodGarbageCollector] [Slow]", func() {
|
var _ = SIGDescribe("Pod garbage collector [Feature:PodGarbageCollector] [Slow]", func() {
|
||||||
f := framework.NewDefaultFramework("pod-garbage-collector")
|
f := framework.NewDefaultFramework("pod-garbage-collector")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.It("should handle the creation of 1000 pods", func() {
|
ginkgo.It("should handle the creation of 1000 pods", func() {
|
||||||
var count int
|
var count int
|
||||||
for count < 1000 {
|
for count < 1000 {
|
||||||
|
@ -23,6 +23,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -32,6 +33,7 @@ const maxNodes = 100
|
|||||||
var _ = SIGDescribe("SSH", func() {
|
var _ = SIGDescribe("SSH", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("ssh")
|
f := framework.NewDefaultFramework("ssh")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
// When adding more providers here, also implement their functionality in e2essh.GetSigner(...).
|
// When adding more providers here, also implement their functionality in e2essh.GetSigner(...).
|
||||||
|
@ -39,6 +39,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
e2etestfiles "k8s.io/kubernetes/test/e2e/framework/testfiles"
|
e2etestfiles "k8s.io/kubernetes/test/e2e/framework/testfiles"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
"github.com/onsi/gomega"
|
"github.com/onsi/gomega"
|
||||||
@ -221,6 +222,7 @@ func logContainers(f *framework.Framework, pod *v1.Pod) {
|
|||||||
|
|
||||||
var _ = SIGDescribe("[Feature:GPUDevicePlugin]", func() {
|
var _ = SIGDescribe("[Feature:GPUDevicePlugin]", func() {
|
||||||
f := framework.NewDefaultFramework("device-plugin-gpus")
|
f := framework.NewDefaultFramework("device-plugin-gpus")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.It("run Nvidia GPU Device Plugin tests", func() {
|
ginkgo.It("run Nvidia GPU Device Plugin tests", func() {
|
||||||
testNvidiaGPUs(f)
|
testNvidiaGPUs(f)
|
||||||
})
|
})
|
||||||
@ -322,6 +324,7 @@ var _ = SIGDescribe("GPUDevicePluginAcrossRecreate [Feature:Recreate]", func() {
|
|||||||
e2eskipper.SkipUnlessProviderIs("gce", "gke")
|
e2eskipper.SkipUnlessProviderIs("gce", "gke")
|
||||||
})
|
})
|
||||||
f := framework.NewDefaultFramework("device-plugin-gpus-recreate")
|
f := framework.NewDefaultFramework("device-plugin-gpus-recreate")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.It("run Nvidia GPU Device Plugin tests with a recreation", func() {
|
ginkgo.It("run Nvidia GPU Device Plugin tests with a recreation", func() {
|
||||||
testNvidiaGPUsJob(f)
|
testNvidiaGPUsJob(f)
|
||||||
})
|
})
|
||||||
|
@ -683,6 +683,7 @@ var _ = SIGDescribe("SchedulerPreemption [Serial]", func() {
|
|||||||
ginkgo.Context("PriorityClass endpoints", func() {
|
ginkgo.Context("PriorityClass endpoints", func() {
|
||||||
var cs clientset.Interface
|
var cs clientset.Interface
|
||||||
f := framework.NewDefaultFramework("sched-preemption-path")
|
f := framework.NewDefaultFramework("sched-preemption-path")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
testUUID := uuid.New().String()
|
testUUID := uuid.New().String()
|
||||||
var pcs []*schedulingv1.PriorityClass
|
var pcs []*schedulingv1.PriorityClass
|
||||||
|
|
||||||
|
@ -28,12 +28,14 @@ import (
|
|||||||
"k8s.io/apimachinery/pkg/watch"
|
"k8s.io/apimachinery/pkg/watch"
|
||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = utils.SIGDescribe("CSIStorageCapacity", func() {
|
var _ = utils.SIGDescribe("CSIStorageCapacity", func() {
|
||||||
f := framework.NewDefaultFramework("csistoragecapacity")
|
f := framework.NewDefaultFramework("csistoragecapacity")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Release: v1.24
|
Release: v1.24
|
||||||
|
@ -33,6 +33,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -45,6 +46,7 @@ var (
|
|||||||
|
|
||||||
var _ = utils.SIGDescribe("[Feature:Flexvolumes] Detaching volumes", func() {
|
var _ = utils.SIGDescribe("[Feature:Flexvolumes] Detaching volumes", func() {
|
||||||
f := framework.NewDefaultFramework("flexvolume")
|
f := framework.NewDefaultFramework("flexvolume")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
// note that namespace deletion is handled by delete-namespace flag
|
// note that namespace deletion is handled by delete-namespace flag
|
||||||
|
|
||||||
|
@ -38,6 +38,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -61,6 +62,7 @@ var _ = utils.SIGDescribe("[Feature:Flexvolumes] Mounted flexvolume expand[Slow]
|
|||||||
)
|
)
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("mounted-flexvolume-expand")
|
f := framework.NewDefaultFramework("mounted-flexvolume-expand")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
e2eskipper.SkipUnlessProviderIs("aws", "gce", "local")
|
e2eskipper.SkipUnlessProviderIs("aws", "gce", "local")
|
||||||
e2eskipper.SkipUnlessMasterOSDistroIs("debian", "ubuntu", "gci", "custom")
|
e2eskipper.SkipUnlessMasterOSDistroIs("debian", "ubuntu", "gci", "custom")
|
||||||
|
@ -37,6 +37,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = utils.SIGDescribe("[Feature:Flexvolumes] Mounted flexvolume volume expand [Slow]", func() {
|
var _ = utils.SIGDescribe("[Feature:Flexvolumes] Mounted flexvolume volume expand [Slow]", func() {
|
||||||
@ -55,6 +56,7 @@ var _ = utils.SIGDescribe("[Feature:Flexvolumes] Mounted flexvolume volume expan
|
|||||||
)
|
)
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("mounted-flexvolume-expand")
|
f := framework.NewDefaultFramework("mounted-flexvolume-expand")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
e2eskipper.SkipUnlessProviderIs("aws", "gce", "local")
|
e2eskipper.SkipUnlessProviderIs("aws", "gce", "local")
|
||||||
e2eskipper.SkipUnlessMasterOSDistroIs("debian", "ubuntu", "gci", "custom")
|
e2eskipper.SkipUnlessMasterOSDistroIs("debian", "ubuntu", "gci", "custom")
|
||||||
|
@ -30,10 +30,12 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = utils.SIGDescribe("GenericPersistentVolume[Disruptive]", func() {
|
var _ = utils.SIGDescribe("GenericPersistentVolume[Disruptive]", func() {
|
||||||
f := framework.NewDefaultFramework("generic-disruptive-pv")
|
f := framework.NewDefaultFramework("generic-disruptive-pv")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var (
|
var (
|
||||||
c clientset.Interface
|
c clientset.Interface
|
||||||
ns string
|
ns string
|
||||||
|
@ -26,6 +26,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
"github.com/onsi/ginkgo"
|
"github.com/onsi/ginkgo"
|
||||||
)
|
)
|
||||||
@ -33,6 +34,7 @@ import (
|
|||||||
var _ = utils.SIGDescribe("GKE local SSD [Feature:GKELocalSSD]", func() {
|
var _ = utils.SIGDescribe("GKE local SSD [Feature:GKELocalSSD]", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("localssd")
|
f := framework.NewDefaultFramework("localssd")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
e2eskipper.SkipUnlessProviderIs("gke")
|
e2eskipper.SkipUnlessProviderIs("gke")
|
||||||
|
@ -28,6 +28,7 @@ import (
|
|||||||
storagev1 "k8s.io/api/storage/v1"
|
storagev1 "k8s.io/api/storage/v1"
|
||||||
"k8s.io/apimachinery/pkg/api/resource"
|
"k8s.io/apimachinery/pkg/api/resource"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
|
|
||||||
utilerrors "k8s.io/apimachinery/pkg/util/errors"
|
utilerrors "k8s.io/apimachinery/pkg/util/errors"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
@ -58,6 +59,7 @@ var _ = utils.SIGDescribe("Mounted volume expand [Feature:StorageProvider]", fun
|
|||||||
)
|
)
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("mounted-volume-expand")
|
f := framework.NewDefaultFramework("mounted-volume-expand")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
e2eskipper.SkipUnlessProviderIs("aws", "gce")
|
e2eskipper.SkipUnlessProviderIs("aws", "gce")
|
||||||
c = f.ClientSet
|
c = f.ClientSet
|
||||||
|
@ -39,6 +39,7 @@ import (
|
|||||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||||
e2evolume "k8s.io/kubernetes/test/e2e/framework/volume"
|
e2evolume "k8s.io/kubernetes/test/e2e/framework/volume"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
type testBody func(c clientset.Interface, f *framework.Framework, clientPod *v1.Pod)
|
type testBody func(c clientset.Interface, f *framework.Framework, clientPod *v1.Pod)
|
||||||
@ -77,6 +78,7 @@ func checkForControllerManagerHealthy(duration time.Duration) error {
|
|||||||
var _ = utils.SIGDescribe("NFSPersistentVolumes[Disruptive][Flaky]", func() {
|
var _ = utils.SIGDescribe("NFSPersistentVolumes[Disruptive][Flaky]", func() {
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("disruptive-pv")
|
f := framework.NewDefaultFramework("disruptive-pv")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var (
|
var (
|
||||||
c clientset.Interface
|
c clientset.Interface
|
||||||
ns string
|
ns string
|
||||||
|
@ -48,6 +48,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -70,6 +71,7 @@ var _ = utils.SIGDescribe("Pod Disks [Feature:StorageProvider]", func() {
|
|||||||
nodes *v1.NodeList
|
nodes *v1.NodeList
|
||||||
)
|
)
|
||||||
f := framework.NewDefaultFramework("pod-disks")
|
f := framework.NewDefaultFramework("pod-disks")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
e2eskipper.SkipUnlessNodeCountIsAtLeast(minNodes)
|
e2eskipper.SkipUnlessNodeCountIsAtLeast(minNodes)
|
||||||
|
@ -32,6 +32,7 @@ import (
|
|||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
// verifyGCEDiskAttached performs a sanity check to verify the PD attached to the node
|
// verifyGCEDiskAttached performs a sanity check to verify the PD attached to the node
|
||||||
@ -74,6 +75,7 @@ var _ = utils.SIGDescribe("PersistentVolumes GCEPD [Feature:StorageProvider]", f
|
|||||||
)
|
)
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("pv")
|
f := framework.NewDefaultFramework("pv")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
c = f.ClientSet
|
c = f.ClientSet
|
||||||
ns = f.Namespace.Name
|
ns = f.Namespace.Name
|
||||||
|
@ -97,6 +97,7 @@ var _ = utils.SIGDescribe("PersistentVolumes", func() {
|
|||||||
|
|
||||||
// global vars for the ginkgo.Context()s and ginkgo.It()'s below
|
// global vars for the ginkgo.Context()s and ginkgo.It()'s below
|
||||||
f := framework.NewDefaultFramework("pv")
|
f := framework.NewDefaultFramework("pv")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var (
|
var (
|
||||||
c clientset.Interface
|
c clientset.Interface
|
||||||
ns string
|
ns string
|
||||||
|
@ -32,6 +32,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/framework"
|
"k8s.io/kubernetes/test/e2e/framework"
|
||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = utils.SIGDescribe("PV Protection", func() {
|
var _ = utils.SIGDescribe("PV Protection", func() {
|
||||||
@ -48,6 +49,7 @@ var _ = utils.SIGDescribe("PV Protection", func() {
|
|||||||
)
|
)
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("pv-protection")
|
f := framework.NewDefaultFramework("pv-protection")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
client = f.ClientSet
|
client = f.ClientSet
|
||||||
nameSpace = f.Namespace.Name
|
nameSpace = f.Namespace.Name
|
||||||
|
@ -48,6 +48,7 @@ import (
|
|||||||
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -60,6 +61,7 @@ const (
|
|||||||
|
|
||||||
var _ = utils.SIGDescribe("Regional PD", func() {
|
var _ = utils.SIGDescribe("Regional PD", func() {
|
||||||
f := framework.NewDefaultFramework("regional-pd")
|
f := framework.NewDefaultFramework("regional-pd")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
// filled in BeforeEach
|
// filled in BeforeEach
|
||||||
var c clientset.Interface
|
var c clientset.Interface
|
||||||
|
@ -34,6 +34,7 @@ import (
|
|||||||
e2evolume "k8s.io/kubernetes/test/e2e/framework/volume"
|
e2evolume "k8s.io/kubernetes/test/e2e/framework/volume"
|
||||||
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
||||||
storageutils "k8s.io/kubernetes/test/e2e/storage/utils"
|
storageutils "k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
type capacityTestSuite struct {
|
type capacityTestSuite struct {
|
||||||
@ -89,6 +90,7 @@ func (p *capacityTestSuite) DefineTests(driver storageframework.TestDriver, patt
|
|||||||
// Beware that it also registers an AfterEach which renders f unusable. Any code using
|
// Beware that it also registers an AfterEach which renders f unusable. Any code using
|
||||||
// f must run inside an It or Context callback.
|
// f must run inside an It or Context callback.
|
||||||
f := framework.NewFrameworkWithCustomTimeouts("capacity", storageframework.GetDriverTimeouts(driver))
|
f := framework.NewFrameworkWithCustomTimeouts("capacity", storageframework.GetDriverTimeouts(driver))
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
init := func() {
|
init := func() {
|
||||||
dDriver, _ = driver.(storageframework.DynamicPVTestDriver)
|
dDriver, _ = driver.(storageframework.DynamicPVTestDriver)
|
||||||
|
@ -34,6 +34,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
||||||
storageutils "k8s.io/kubernetes/test/e2e/storage/utils"
|
storageutils "k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
type volumeStressTestSuite struct {
|
type volumeStressTestSuite struct {
|
||||||
@ -113,6 +114,7 @@ func (t *volumeStressTestSuite) DefineTests(driver storageframework.TestDriver,
|
|||||||
// Beware that it also registers an AfterEach which renders f unusable. Any code using
|
// Beware that it also registers an AfterEach which renders f unusable. Any code using
|
||||||
// f must run inside an It or Context callback.
|
// f must run inside an It or Context callback.
|
||||||
f := framework.NewFrameworkWithCustomTimeouts("stress", storageframework.GetDriverTimeouts(driver))
|
f := framework.NewFrameworkWithCustomTimeouts("stress", storageframework.GetDriverTimeouts(driver))
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
init := func() {
|
init := func() {
|
||||||
cs = f.ClientSet
|
cs = f.ClientSet
|
||||||
|
@ -37,6 +37,7 @@ import (
|
|||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
type volumePerformanceTestSuite struct {
|
type volumePerformanceTestSuite struct {
|
||||||
@ -126,6 +127,7 @@ func (t *volumePerformanceTestSuite) DefineTests(driver storageframework.TestDri
|
|||||||
ClientBurst: 400,
|
ClientBurst: 400,
|
||||||
}
|
}
|
||||||
f := framework.NewFramework("volume-lifecycle-performance", frameworkOptions, nil)
|
f := framework.NewFramework("volume-lifecycle-performance", frameworkOptions, nil)
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
f.AddAfterEach("cleanup", func(f *framework.Framework, failed bool) {
|
f.AddAfterEach("cleanup", func(f *framework.Framework, failed bool) {
|
||||||
ginkgo.By("Closing informer channel")
|
ginkgo.By("Closing informer channel")
|
||||||
close(l.stopCh)
|
close(l.stopCh)
|
||||||
|
@ -30,10 +30,12 @@ import (
|
|||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = utils.SIGDescribe("Multi-AZ Cluster Volumes", func() {
|
var _ = utils.SIGDescribe("Multi-AZ Cluster Volumes", func() {
|
||||||
f := framework.NewDefaultFramework("multi-az")
|
f := framework.NewDefaultFramework("multi-az")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var zoneCount int
|
var zoneCount int
|
||||||
var err error
|
var err error
|
||||||
image := framework.ServeHostnameImage
|
image := framework.ServeHostnameImage
|
||||||
|
@ -26,6 +26,7 @@ import (
|
|||||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = utils.SIGDescribe("Volume limits", func() {
|
var _ = utils.SIGDescribe("Volume limits", func() {
|
||||||
@ -33,6 +34,7 @@ var _ = utils.SIGDescribe("Volume limits", func() {
|
|||||||
c clientset.Interface
|
c clientset.Interface
|
||||||
)
|
)
|
||||||
f := framework.NewDefaultFramework("volume-limits-on-node")
|
f := framework.NewDefaultFramework("volume-limits-on-node")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
ginkgo.BeforeEach(func() {
|
ginkgo.BeforeEach(func() {
|
||||||
e2eskipper.SkipUnlessProviderIs("aws", "gce", "gke")
|
e2eskipper.SkipUnlessProviderIs("aws", "gce", "gke")
|
||||||
// If CSIMigration is enabled, then the limits should be on CSINodes, not Nodes, and another test checks this
|
// If CSIMigration is enabled, then the limits should be on CSINodes, not Nodes, and another test checks this
|
||||||
|
@ -30,6 +30,7 @@ import (
|
|||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Testing configurations of single a PV/PVC pair attached to a vSphere Disk
|
// Testing configurations of single a PV/PVC pair attached to a vSphere Disk
|
||||||
@ -51,6 +52,7 @@ var _ = utils.SIGDescribe("PersistentVolumes:vsphere [Feature:vsphere]", func()
|
|||||||
)
|
)
|
||||||
|
|
||||||
f := framework.NewDefaultFramework("pv")
|
f := framework.NewDefaultFramework("pv")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
/*
|
/*
|
||||||
Test Setup
|
Test Setup
|
||||||
|
|
||||||
|
@ -31,10 +31,12 @@ import (
|
|||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
var _ = utils.SIGDescribe("PersistentVolumes [Feature:vsphere][Feature:ReclaimPolicy]", func() {
|
var _ = utils.SIGDescribe("PersistentVolumes [Feature:vsphere][Feature:ReclaimPolicy]", func() {
|
||||||
f := framework.NewDefaultFramework("persistentvolumereclaim")
|
f := framework.NewDefaultFramework("persistentvolumereclaim")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var (
|
var (
|
||||||
c clientset.Interface
|
c clientset.Interface
|
||||||
ns string
|
ns string
|
||||||
|
@ -28,6 +28,7 @@ import (
|
|||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -49,6 +50,7 @@ import (
|
|||||||
*/
|
*/
|
||||||
var _ = utils.SIGDescribe("PersistentVolumes [Feature:vsphere][Feature:LabelSelector]", func() {
|
var _ = utils.SIGDescribe("PersistentVolumes [Feature:vsphere][Feature:LabelSelector]", func() {
|
||||||
f := framework.NewDefaultFramework("pvclabelselector")
|
f := framework.NewDefaultFramework("pvclabelselector")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var (
|
var (
|
||||||
c clientset.Interface
|
c clientset.Interface
|
||||||
ns string
|
ns string
|
||||||
|
@ -33,6 +33,7 @@ import (
|
|||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -57,6 +58,7 @@ type NodeSelector struct {
|
|||||||
|
|
||||||
var _ = utils.SIGDescribe("vcp at scale [Feature:vsphere] ", func() {
|
var _ = utils.SIGDescribe("vcp at scale [Feature:vsphere] ", func() {
|
||||||
f := framework.NewDefaultFramework("vcp-at-scale")
|
f := framework.NewDefaultFramework("vcp-at-scale")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
|
|
||||||
var (
|
var (
|
||||||
client clientset.Interface
|
client clientset.Interface
|
||||||
|
@ -30,6 +30,7 @@ import (
|
|||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
e2estatefulset "k8s.io/kubernetes/test/e2e/framework/statefulset"
|
e2estatefulset "k8s.io/kubernetes/test/e2e/framework/statefulset"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -56,6 +57,7 @@ const (
|
|||||||
|
|
||||||
var _ = utils.SIGDescribe("vsphere statefulset [Feature:vsphere]", func() {
|
var _ = utils.SIGDescribe("vsphere statefulset [Feature:vsphere]", func() {
|
||||||
f := framework.NewDefaultFramework("vsphere-statefulset")
|
f := framework.NewDefaultFramework("vsphere-statefulset")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var (
|
var (
|
||||||
namespace string
|
namespace string
|
||||||
client clientset.Interface
|
client clientset.Interface
|
||||||
|
@ -33,6 +33,7 @@ import (
|
|||||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||||
|
admissionapi "k8s.io/pod-security-admission/api"
|
||||||
)
|
)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -47,6 +48,7 @@ import (
|
|||||||
*/
|
*/
|
||||||
var _ = utils.SIGDescribe("vsphere cloud provider stress [Feature:vsphere]", func() {
|
var _ = utils.SIGDescribe("vsphere cloud provider stress [Feature:vsphere]", func() {
|
||||||
f := framework.NewDefaultFramework("vcp-stress")
|
f := framework.NewDefaultFramework("vcp-stress")
|
||||||
|
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||||
var (
|
var (
|
||||||
client clientset.Interface
|
client clientset.Interface
|
||||||
namespace string
|
namespace string
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user