Merge pull request #51560 from ericchiang/fix-audit-log-test

Automatic merge from submit-queue (batch tested with PRs 51632, 51055, 51676, 51560, 50007) test/e2e/auth: fix audit log test format parsing Fixes https://github.com/kubernetes/kubernetes/issues/51556 ```release-note NONE ``` cc @CaoShuFeng Still need to figure out how to run this test locally.
2025-07-23 11:50:44 +00:00 · 2017-09-01 08:27:18 -07:00 · 2017-09-01 08:27:18 -07:00 · 7da58e29d2
commit 7da58e29d2
parent ed53363c54 21666682eb
2 changed files with 18 additions and 7 deletions
--- a/test/e2e/auth/BUILD
+++ b/test/e2e/auth/BUILD
@ -29,6 +29,7 @@ go_library(
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library",
        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
        "//vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1:go_default_library",
        "//vendor/k8s.io/client-go/rest:go_default_library",
--- a/test/e2e/auth/audit.go
+++ b/test/e2e/auth/audit.go
@ -18,11 +18,13 @@ package auth

 import (
 	"bufio"
+	"encoding/json"
 	"fmt"
 	"strings"

 	apiv1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apiserver/pkg/apis/audit/v1beta1"
 	"k8s.io/kubernetes/test/e2e/framework"

 	. "github.com/onsi/ginkgo"
@ -66,10 +68,6 @@ var _ = SIGDescribe("Advanced Audit [Feature:Audit]", func() {
 		err = f.ClientSet.Core().Secrets(f.Namespace.Name).Delete(secret.Name, &metav1.DeleteOptions{})
 		framework.ExpectNoError(err, "failed to delete audit-secret")

-		// /version should not be audited
-		_, err = f.ClientSet.Core().RESTClient().Get().AbsPath("/version").DoRaw()
-		framework.ExpectNoError(err, "failed to query version")
-
 		expectedEvents := []auditEvent{{
 			method:    "create",
 			namespace: namespace,
@ -126,9 +124,6 @@ func expectAuditLines(f *framework.Framework, expected []auditEvent) {
 		if _, found := expectations[event]; found {
 			expectations[event] = true
 		}
-
-		// /version should not be audited (filtered in the policy).
-		Expect(event.uri).NotTo(HavePrefix("/version"))
 	}
 	framework.ExpectNoError(scanner.Err(), "error reading audit log")

@ -138,6 +133,21 @@ func expectAuditLines(f *framework.Framework, expected []auditEvent) {
 }

 func parseAuditLine(line string) (auditEvent, error) {
+	var e v1beta1.Event
+	if err := json.Unmarshal([]byte(line), &e); err == nil {
+		event := auditEvent{
+			method: e.Verb,
+			uri:    e.RequestURI,
+		}
+		if e.ObjectRef != nil {
+			event.namespace = e.ObjectRef.Namespace
+		}
+		if e.ResponseStatus != nil {
+			event.response = fmt.Sprintf("%d", e.ResponseStatus.Code)
+		}
+		return event, nil
+	}
+
 	fields := strings.Fields(line)
 	if len(fields) < 3 {
 		return auditEvent{}, fmt.Errorf("could not parse audit line: %s", line)