github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-10 20:42:26 +00:00
Code Issues Projects Releases Wiki Activity

Add information about SELinux test tags

Browse Source
This commit is contained in:
Jan Safranek 2024-02-28 12:43:12 +01:00
parent ba3562776f
commit 2a22b6f6b8
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
test/e2e/storage/csi_mock/csi_selinux_mount.go
View File

@ -43,6 +43,19 @@ import (
admissionapi "k8s.io/pod-security-admission/api"
)
// Tests for SELinuxMount feature.
// KEP: https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1710-selinux-relabeling
// There are two feature gates: SELinuxMountReadWriteOncePod and SELinuxMount.
// These tags are used in the tests:
//
// [FeatureGate:SELinuxMountReadWriteOncePod]
// - The test requires SELinuxMountReadWriteOncePod enabled. SELinuxMount may be enabled or disabled, except for tests with Feature:SELinuxMountReadWriteOncePodOnly (see below).
//
// [FeatureGate:SELinuxMountReadWriteOncePod] [Feature:SELinuxMountReadWriteOncePodOnly]
// - The test requires SELinuxMountReadWriteOncePod enabled and SELinuxMount disabled. This checks metrics that are emitted only when SELinuxMount is disabled.
//
// [FeatureGate:SELinuxMount]
// - The test requires SELinuxMountReadWriteOncePod and SELinuxMount enabled.
var _ = utils.SIGDescribe("CSI Mock selinux on mount", func() {
f := framework.NewDefaultFramework("csi-mock-volumes-selinux")
f.NamespacePodSecurityLevel = admissionapi.LevelPrivileged