Not asking for sudo passwords for password-less sudo users any more

Running hack/make-rules/test-e2e-node.sh or test/e2e_node/conformance/run_test.sh with a password-less sudo user on a dev box right now requires to first create a password for that user, and then type it every time one wants to run these tests. This patch is fixing this by not asking for sudo credentials if it seems the user can run any command without a password. Signed-off-by: Jean Rouge <rougej+github@gmail.com>
2025-07-30 15:05:27 +00:00 · 2019-05-29 14:04:13 -07:00 · 2019-05-29 14:04:13 -07:00 · 1bd3d8b929
commit 1bd3d8b929
parent 472b9011d5
3 changed files with 23 additions and 8 deletions
--- a/hack/make-rules/test-e2e-node.sh
+++ b/hack/make-rules/test-e2e-node.sh
@ -154,10 +154,17 @@ if [ "${remote}" = true ] ; then
  exit $?

 else
-  # Refresh sudo credentials for local run
-  if ! ping -c 1 -q metadata.google.internal &> /dev/null; then
-    echo "Updating sudo credentials"
-    sudo -v || exit 1
+  # Refresh sudo credentials if needed
+  if ping -c 1 -q metadata.google.internal &> /dev/null; then
+    echo 'Running on CGE, not asking for sudo credentials'
+  elif sudo --non-interactive "$(which bash)" -c true 2> /dev/null; then
+    # if we can run bash without a password, it's a pretty safe bet that either
+    # we can run any command without a password, or that sudo credentials
+    # are already cached - and they've just been re-cached
+    echo 'No need to refresh sudo credentials'
+  else
+    echo 'Updating sudo credentials'
+    sudo --validate || exit 1
  fi

  # Do not use any network plugin by default. User could override the flags with
--- a/test/e2e_node/conformance/run_test.sh
+++ b/test/e2e_node/conformance/run_test.sh
@ -24,9 +24,17 @@
 # TODO(random-liu): Use standard tool to start kubelet in production way (such
 # as systemd, supervisord etc.)

-# Refresh sudo credentials if not running on GCE.
-if ! ping -c 1 -q metadata.google.internal &> /dev/null; then
-  sudo -v || exit 1
+# Refresh sudo credentials if needed
+if ping -c 1 -q metadata.google.internal &> /dev/null; then
+  echo 'Running on CGE, not asking for sudo credentials'
+elif sudo --non-interactive "$(which bash)" -c true 2> /dev/null; then
+  # if we can run bash without a password, it's a pretty safe bet that either
+  # we can run any command without a password, or that sudo credentials
+  # are already cached - and they've just been re-cached
+  echo 'No need to refresh sudo credentials'
+else
+  echo 'Updating sudo credentials'
+  sudo --validate || exit 1
 fi

 # FOCUS is ginkgo focus to select which tests to run. By default, FOCUS is
--- a/test/e2e_node/node_container_manager_test.go
+++ b/test/e2e_node/node_container_manager_test.go
@ -60,7 +60,7 @@ func setDesiredConfiguration(initialConfig *kubeletconfig.KubeletConfiguration)
 var _ = framework.KubeDescribe("Node Container Manager [Serial]", func() {
 	f := framework.NewDefaultFramework("node-container-manager")
 	Describe("Validate Node Allocatable [NodeFeature:NodeAllocatable]", func() {
-		It("set's up the node and runs the test", func() {
+		It("sets up the node and runs the test", func() {
 			framework.ExpectNoError(runTest(f))
 		})
 	})