github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-25 20:53:33 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #50378 from php-coder/improve_unit_tests

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 50378, 51463, 50006, 51962, 51673). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>..

provider_test.go: use existing method instead of own copy of it

**What this PR does / why we need it**:
This PR removes duplicated definition of the `defaultPod()` function and also updates a comment.

**Release note**:
```release-note
NONE
```
This commit is contained in:
Kubernetes Submit Queue 2017-09-23 04:02:49 -07:00 committed by GitHub
commit 1b7cd72261
2 changed files with 5 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/security/podsecuritypolicy/provider.go
View File

@ -334,7 +334,7 @@ func (s *simpleProvider) ValidateContainerSecurityContext(pod *api.Pod, containe
return allErrs return allErrs
} }
// hasHostPort checks the port definitions on the container for HostPort > 0. // hasInvalidHostPort checks whether the port definitions on the container fall outside of the ranges allowed by the PSP.
func (s *simpleProvider) hasInvalidHostPort(container *api.Container, fldPath *field.Path) field.ErrorList { func (s *simpleProvider) hasInvalidHostPort(container *api.Container, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{} allErrs := field.ErrorList{}
for _, cp := range container.Ports { for _, cp := range container.Ports {

27
pkg/security/podsecuritypolicy/provider_test.go
View File

@ -621,7 +621,7 @@ func TestValidatePodSecurityContextSuccess(t *testing.T) {
api.SeccompPodAnnotationKey: "foo", api.SeccompPodAnnotationKey: "foo",
} }
errorCases := map[string]struct { successCases := map[string]struct {
pod *api.Pod pod *api.Pod
psp *extensions.PodSecurityPolicy psp *extensions.PodSecurityPolicy
}{ }{
@ -679,7 +679,7 @@ func TestValidatePodSecurityContextSuccess(t *testing.T) {
}, },
} }
for k, v := range errorCases { for k, v := range successCases {
provider, err := NewSimpleProvider(v.psp, "namespace", NewSimpleStrategyFactory()) provider, err := NewSimpleProvider(v.psp, "namespace", NewSimpleStrategyFactory())
if err != nil { if err != nil {
t.Fatalf("unable to create provider %v", err) t.Fatalf("unable to create provider %v", err)
@ -693,25 +693,6 @@ func TestValidatePodSecurityContextSuccess(t *testing.T) {
} }
func TestValidateContainerSecurityContextSuccess(t *testing.T) { func TestValidateContainerSecurityContextSuccess(t *testing.T) {
var notPriv bool = false
defaultPod := func() *api.Pod {
return &api.Pod{
Spec: api.PodSpec{
SecurityContext: &api.PodSecurityContext{},
Containers: []api.Container{
{
Name: defaultContainerName,
SecurityContext: &api.SecurityContext{
// expected to be set by defaulting mechanisms
Privileged: &notPriv,
// fill in the rest for test cases
},
},
},
},
}
}
// success user strat // success user strat
userPSP := defaultPSP() userPSP := defaultPSP()
uid := int64(999) uid := int64(999)
@ -805,7 +786,7 @@ func TestValidateContainerSecurityContextSuccess(t *testing.T) {
api.SeccompPodAnnotationKey: "foo", api.SeccompPodAnnotationKey: "foo",
} }
errorCases := map[string]struct { successCases := map[string]struct {
pod *api.Pod pod *api.Pod
psp *extensions.PodSecurityPolicy psp *extensions.PodSecurityPolicy
}{ }{
@ -863,7 +844,7 @@ func TestValidateContainerSecurityContextSuccess(t *testing.T) {
}, },
} }
for k, v := range errorCases { for k, v := range successCases {
provider, err := NewSimpleProvider(v.psp, "namespace", NewSimpleStrategyFactory()) provider, err := NewSimpleProvider(v.psp, "namespace", NewSimpleStrategyFactory())
if err != nil { if err != nil {
t.Fatalf("unable to create provider %v", err) t.Fatalf("unable to create provider %v", err)