From 4d22a51414b696c4ea54252592281f4d7f953f62 Mon Sep 17 00:00:00 2001 From: Claudiu Belu Date: Tue, 5 Mar 2019 06:49:15 -0800 Subject: [PATCH] tests: creates HostPath pods as unprivileged The containers are mounted the /tmp folder as a HostPath volume and they are supposed to create a new file in it. The /tmp folder has 777 file permissions, so there shouldn't be any problems creating a file, even if the container is unprivileged. --- test/e2e/common/host_path.go | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/test/e2e/common/host_path.go b/test/e2e/common/host_path.go index e9977a568e4..a44a429d2a5 100644 --- a/test/e2e/common/host_path.go +++ b/test/e2e/common/host_path.go @@ -68,7 +68,9 @@ var _ = Describe("[sig-storage] HostPath", func() { source := &v1.HostPathVolumeSource{ Path: "/tmp", } - pod := testPodWithHostVol(volumePath, source, true) + // we can't spawn privileged containers on Windows, nor do we need to. + privileged := !framework.NodeOSDistroIs("windows") + pod := testPodWithHostVol(volumePath, source, privileged) pod.Spec.Containers[0].Args = []string{ fmt.Sprintf("--new_file_0644=%v", filePath), @@ -97,7 +99,10 @@ var _ = Describe("[sig-storage] HostPath", func() { source := &v1.HostPathVolumeSource{ Path: "/tmp", } - pod := testPodWithHostVol(volumePath, source, true) + + // we can't spawn privileged containers on Windows, nor do we need to. + privileged := !framework.NodeOSDistroIs("windows") + pod := testPodWithHostVol(volumePath, source, privileged) // Write the file in the subPath from container 0 container := &pod.Spec.Containers[0]