github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

selinux/mustrunas_test.go(TestMustRunAsValidate): make PSP SeLinux options configurable.

Browse Source
This commit is contained in:
Slava Semushin 2018-01-24 18:40:07 +01:00
parent 3f261537b1
commit 26fb4ed5fc
1 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
pkg/security/podsecuritypolicy/selinux/mustrunas_test.go
View File

@ -99,41 +99,49 @@ func TestMustRunAsValidate(t *testing.T) {
seType := newValidOpts() seType := newValidOpts()
seType.Type = "invalid" seType.Type = "invalid"
validOpts := newValidOpts()
tests := map[string]struct { tests := map[string]struct {
podSeLinux *api.SELinuxOptions podSeLinux *api.SELinuxOptions
pspSeLinux *api.SELinuxOptions
expectedMsg string expectedMsg string
}{ }{
"invalid role": { "invalid role": {
podSeLinux: role, podSeLinux: role,
pspSeLinux: validOpts,
expectedMsg: "role: Invalid value", expectedMsg: "role: Invalid value",
}, },
"invalid user": { "invalid user": {
podSeLinux: user, podSeLinux: user,
pspSeLinux: validOpts,
expectedMsg: "user: Invalid value", expectedMsg: "user: Invalid value",
}, },
"invalid level": { "invalid level": {
podSeLinux: level, podSeLinux: level,
pspSeLinux: validOpts,
expectedMsg: "level: Invalid value", expectedMsg: "level: Invalid value",
}, },
"invalid type": { "invalid type": {
podSeLinux: seType, podSeLinux: seType,
pspSeLinux: validOpts,
expectedMsg: "type: Invalid value", expectedMsg: "type: Invalid value",
}, },
"valid": { "valid": {
podSeLinux: newValidOpts(), podSeLinux: validOpts,
pspSeLinux: validOpts,
expectedMsg: "", expectedMsg: "",
}, },
"valid with different order of categories": { "valid with different order of categories": {
podSeLinux: newValidOptsWithLevel("s0:c6,c0"), podSeLinux: newValidOptsWithLevel("s0:c6,c0"),
pspSeLinux: validOpts,
expectedMsg: "", expectedMsg: "",
}, },
} }
opts := &extensions.SELinuxStrategyOptions{
SELinuxOptions: newValidOpts(),
}
for name, tc := range tests { for name, tc := range tests {
opts := &extensions.SELinuxStrategyOptions{
SELinuxOptions: tc.pspSeLinux,
}
mustRunAs, err := NewMustRunAs(opts) mustRunAs, err := NewMustRunAs(opts)
if err != nil { if err != nil {
t.Errorf("unexpected error initializing NewMustRunAs for testcase %s: %#v", name, err) t.Errorf("unexpected error initializing NewMustRunAs for testcase %s: %#v", name, err)