From 914a2a325a94139065f4cb0b98f81d12792477df Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka Date: Fri, 29 Apr 2022 11:16:16 +0200 Subject: [PATCH] auth e2e: node_authn test: don't expect a SA secret The test was expecting an SA token in a secret but pods are getting their SA tokens via projected volumes by default. Also, the SA token controller function is getting reduced so the original check is likely to fail. --- test/e2e/auth/node_authn.go | 7 ------- 1 file changed, 7 deletions(-) diff --git a/test/e2e/auth/node_authn.go b/test/e2e/auth/node_authn.go index d6ba011775e..68340d8d9b0 100644 --- a/test/e2e/auth/node_authn.go +++ b/test/e2e/auth/node_authn.go @@ -51,13 +51,6 @@ var _ = SIGDescribe("[Feature:NodeAuthenticator]", func() { nodeIPs := e2enode.GetAddressesByTypeAndFamily(&nodes.Items[0], v1.NodeInternalIP, family) framework.ExpectNotEqual(len(nodeIPs), 0) - - // make sure ServiceAccount admission controller is enabled, so secret generation on SA creation works - saName := "default" - sa, err := f.ClientSet.CoreV1().ServiceAccounts(ns).Get(context.TODO(), saName, metav1.GetOptions{}) - framework.ExpectNoError(err, "failed to retrieve service account (%s:%s)", ns, saName) - framework.ExpectNotEqual(len(sa.Secrets), 0) - }) ginkgo.It("The kubelet's main port 10250 should reject requests with no credentials", func() {