From 40b135de0c506aa97f049e8ad2b69904d3529d78 Mon Sep 17 00:00:00 2001 From: Isaac Hollander McCreery Date: Fri, 27 Oct 2017 15:39:25 -0700 Subject: [PATCH 1/2] Metadata concealment e2e --- test/e2e/auth/BUILD | 2 + test/e2e/auth/metadata_concealment.go | 64 +++++++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 test/e2e/auth/metadata_concealment.go diff --git a/test/e2e/auth/BUILD b/test/e2e/auth/BUILD index dde448bf569..70dac2829c7 100644 --- a/test/e2e/auth/BUILD +++ b/test/e2e/auth/BUILD @@ -11,6 +11,7 @@ go_library( "audit.go", "certificates.go", "framework.go", + "metadata_concealment.go", "node_authz.go", "service_accounts.go", ], @@ -23,6 +24,7 @@ go_library( "//vendor/github.com/evanphx/json-patch:go_default_library", "//vendor/github.com/onsi/ginkgo:go_default_library", "//vendor/github.com/onsi/gomega:go_default_library", + "//vendor/k8s.io/api/batch/v1:go_default_library", "//vendor/k8s.io/api/certificates/v1beta1:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", "//vendor/k8s.io/api/extensions/v1beta1:go_default_library", diff --git a/test/e2e/auth/metadata_concealment.go b/test/e2e/auth/metadata_concealment.go new file mode 100644 index 00000000000..3a6633c36d3 --- /dev/null +++ b/test/e2e/auth/metadata_concealment.go @@ -0,0 +1,64 @@ +/* +Copyright 2017 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package auth + +import ( + batch "k8s.io/api/batch/v1" + "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/kubernetes/test/e2e/framework" + + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +var _ = SIGDescribe("Metadata Concealment", func() { + f := framework.NewDefaultFramework("metadata-concealment") + completions := int32(1) + + It("should run a check-metadata-concealment job to completion", func() { + framework.SkipUnlessProviderIs("gce") + By("Creating a job") + job := &batch.Job{ + ObjectMeta: metav1.ObjectMeta{ + Name: "check-metadata-concealment", + }, + Spec: batch.JobSpec{ + Template: v1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Name: "check-metadata-concealment", + }, + Spec: v1.PodSpec{ + Containers: []v1.Container{ + { + Name: "check-metadata-concealment", + Image: "gcr.io/google_containers/check-metadata-concealment:v0.0.1", + }, + }, + RestartPolicy: v1.RestartPolicyOnFailure, + }, + }, + }, + } + job, err := framework.CreateJob(f.ClientSet, f.Namespace.Name, job) + Expect(err).NotTo(HaveOccurred()) + + By("Ensuring job reaches completions") + err = framework.WaitForJobFinish(f.ClientSet, f.Namespace.Name, job.Name, completions) + Expect(err).NotTo(HaveOccurred()) + }) +}) From 11f810ec0246ca34a23017da1ec2209aed5f6fe2 Mon Sep 17 00:00:00 2001 From: Isaac Hollander McCreery Date: Mon, 30 Oct 2017 14:54:54 -0700 Subject: [PATCH 2/2] Inline completions --- test/e2e/auth/metadata_concealment.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/e2e/auth/metadata_concealment.go b/test/e2e/auth/metadata_concealment.go index 3a6633c36d3..0fbde63df9b 100644 --- a/test/e2e/auth/metadata_concealment.go +++ b/test/e2e/auth/metadata_concealment.go @@ -28,7 +28,6 @@ import ( var _ = SIGDescribe("Metadata Concealment", func() { f := framework.NewDefaultFramework("metadata-concealment") - completions := int32(1) It("should run a check-metadata-concealment job to completion", func() { framework.SkipUnlessProviderIs("gce") @@ -58,7 +57,7 @@ var _ = SIGDescribe("Metadata Concealment", func() { Expect(err).NotTo(HaveOccurred()) By("Ensuring job reaches completions") - err = framework.WaitForJobFinish(f.ClientSet, f.Namespace.Name, job.Name, completions) + err = framework.WaitForJobFinish(f.ClientSet, f.Namespace.Name, job.Name, int32(1)) Expect(err).NotTo(HaveOccurred()) }) })