mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-20 10:20:51 +00:00
Merge pull request #109283 from s-urbaniak/ratchet-e2e
test/e2e/framework: use restricted policy by default, default existing tests to privileged
This commit is contained in:
Kubernetes Prow Robot
GitHub
commit
8cd689e40d
@ -35,6 +35,7 @@ import (
|
||||
utilfeature "k8s.io/apiserver/pkg/util/feature"
|
||||
"k8s.io/client-go/util/workqueue"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
func shouldCheckRemainingItem() bool {
|
||||
@ -45,6 +46,7 @@ const numberOfTotalResources = 400
|
||||
|
||||
var _ = SIGDescribe("Servers with support for API chunking", func() {
|
||||
f := framework.NewDefaultFramework("chunking")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
ns := f.Namespace.Name
|
||||
|
||||
@ -44,6 +44,7 @@ import (
|
||||
"k8s.io/kube-openapi/pkg/validation/spec"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/utils/crd"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -52,6 +53,7 @@ var (
|
||||
|
||||
var _ = SIGDescribe("CustomResourcePublishOpenAPI [Privileged:ClusterAdmin]", func() {
|
||||
f := framework.NewDefaultFramework("crd-publish-openapi")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release: v1.16
|
||||
|
||||
@ -32,10 +32,12 @@ import (
|
||||
"k8s.io/apiserver/pkg/storage/names"
|
||||
"k8s.io/client-go/dynamic"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("CustomResourceValidationRules [Privileged:ClusterAdmin][Alpha][Feature:CustomResourceValidationExpressions]", func() {
|
||||
f := framework.NewDefaultFramework("crd-validation-expressions")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var apiExtensionClient *clientset.Clientset
|
||||
ginkgo.BeforeEach(func() {
|
||||
|
||||
@ -31,6 +31,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/watch"
|
||||
"k8s.io/client-go/dynamic"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -38,6 +39,7 @@ import (
|
||||
var _ = SIGDescribe("CustomResourceDefinition Watch [Privileged:ClusterAdmin]", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("crd-watch")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.Context("CustomResourceDefinition Watch", func() {
|
||||
/*
|
||||
|
||||
@ -39,11 +39,13 @@ import (
|
||||
"k8s.io/client-go/dynamic"
|
||||
"k8s.io/client-go/util/retry"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("CustomResourceDefinition resources [Privileged:ClusterAdmin]", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("custom-resource-definition")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.Context("Simple CustomResourceDefinition", func() {
|
||||
/*
|
||||
|
||||
@ -28,6 +28,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/utils/crd"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -35,6 +36,7 @@ import (
|
||||
var storageVersionServerVersion = utilversion.MustParseSemantic("v1.13.99")
|
||||
var _ = SIGDescribe("Discovery", func() {
|
||||
f := framework.NewDefaultFramework("discovery")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var namespaceName string
|
||||
|
||||
|
||||
@ -31,6 +31,7 @@ import (
|
||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -38,6 +39,7 @@ import (
|
||||
var _ = SIGDescribe("Etcd failure [Disruptive]", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("etcd-failure")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
// This test requires:
|
||||
|
||||
@ -39,6 +39,7 @@ import (
|
||||
"k8s.io/client-go/rest"
|
||||
clientsideflowcontrol "k8s.io/client-go/util/flowcontrol"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -52,6 +53,7 @@ var (
|
||||
|
||||
var _ = SIGDescribe("API priority and fairness", func() {
|
||||
f := framework.NewDefaultFramework("apf")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("should ensure that requests can be classified by adding FlowSchema and PriorityLevelConfiguration", func() {
|
||||
testingFlowSchemaName := "e2e-testing-flowschema"
|
||||
|
||||
@ -214,6 +214,7 @@ func newTestingCronJob(name string, value string) *batchv1.CronJob {
|
||||
|
||||
var _ = SIGDescribe("Generated clientset", func() {
|
||||
f := framework.NewDefaultFramework("clientset")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("should create v1 cronJobs, delete cronJobs, watch cronJobs", func() {
|
||||
cronJobClient := f.ClientSet.BatchV1().CronJobs(f.Namespace.Name)
|
||||
|
||||
@ -27,6 +27,7 @@ import (
|
||||
clientset "k8s.io/client-go/kubernetes"
|
||||
restclient "k8s.io/client-go/rest"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -116,6 +117,7 @@ func testPath(client clientset.Interface, path string, requiredChecks sets.Strin
|
||||
|
||||
var _ = SIGDescribe("health handlers", func() {
|
||||
f := framework.NewDefaultFramework("health")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("should contain necessary checks", func() {
|
||||
ginkgo.By("/health")
|
||||
|
||||
@ -29,12 +29,14 @@ import (
|
||||
"k8s.io/apimachinery/pkg/fields"
|
||||
"k8s.io/apimachinery/pkg/watch"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("client-go should negotiate", func() {
|
||||
f := framework.NewDefaultFramework("protocol")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
for _, s := range []string{
|
||||
"application/json",
|
||||
|
||||
@ -24,6 +24,7 @@ import (
|
||||
"github.com/onsi/ginkgo"
|
||||
"k8s.io/client-go/rest"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -32,6 +33,7 @@ const (
|
||||
|
||||
var _ = SIGDescribe("Server request timeout", func() {
|
||||
f := framework.NewDefaultFramework("request-timeout")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("should return HTTP status code 400 if the user specifies an invalid timeout in the request URL", func() {
|
||||
rt := getRoundTripper(f)
|
||||
|
||||
@ -21,12 +21,14 @@ import (
|
||||
|
||||
"k8s.io/apimachinery/pkg/version"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("server version", func() {
|
||||
f := framework.NewDefaultFramework("server-version")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release: v1.19
|
||||
|
||||
@ -25,6 +25,7 @@ import (
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -37,6 +38,7 @@ const (
|
||||
// This test requires that --feature-gates=APIServerIdentity=true,StorageVersionAPI=true be set on the apiserver and the controller manager
|
||||
var _ = SIGDescribe("StorageVersion resources [Feature:StorageVersionAPI]", func() {
|
||||
f := framework.NewDefaultFramework("storage-version")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("storage version with non-existing id should be GC'ed", func() {
|
||||
client := f.ClientSet
|
||||
|
||||
@ -31,6 +31,7 @@ import (
|
||||
cachetools "k8s.io/client-go/tools/cache"
|
||||
watchtools "k8s.io/client-go/tools/watch"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -47,6 +48,7 @@ const (
|
||||
|
||||
var _ = SIGDescribe("Watchers", func() {
|
||||
f := framework.NewDefaultFramework("watch")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release: v1.11
|
||||
|
||||
@ -41,6 +41,7 @@ import (
|
||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -204,6 +205,7 @@ func getContainerRestarts(c clientset.Interface, ns string, labelSelector labels
|
||||
var _ = SIGDescribe("DaemonRestart [Disruptive]", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("daemonrestart")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
rcName := "daemonrestart" + strconv.Itoa(numPods) + "-" + string(uuid.NewUUID())
|
||||
labelSelector := labels.Set(map[string]string{"name": rcName}).AsSelector()
|
||||
existingPods := cache.NewStore(cache.MetaNamespaceKeyFunc)
|
||||
|
||||
@ -76,6 +76,7 @@ var _ = SIGDescribe("DisruptionController", func() {
|
||||
|
||||
ginkgo.Context("Listing PodDisruptionBudgets for all namespaces", func() {
|
||||
anotherFramework := framework.NewDefaultFramework("disruption-2")
|
||||
anotherFramework.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release : v1.21
|
||||
|
||||
@ -23,10 +23,12 @@ import (
|
||||
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("Conformance Tests", func() {
|
||||
f := framework.NewDefaultFramework("conformance-tests")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release: v1.23
|
||||
|
||||
@ -42,10 +42,12 @@ import (
|
||||
"k8s.io/client-go/util/certificate/csr"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("Certificates API [Privileged:ClusterAdmin]", func() {
|
||||
f := framework.NewDefaultFramework("certificates")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release: v1.19
|
||||
|
||||
@ -36,6 +36,7 @@ import (
|
||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
utilpointer "k8s.io/utils/pointer"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
@ -45,6 +46,7 @@ const nobodyUser = int64(65534)
|
||||
|
||||
var _ = SIGDescribe("PodSecurityPolicy [Feature:PodSecurityPolicy]", func() {
|
||||
f := framework.NewDefaultFramework("podsecuritypolicy")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
f.SkipPrivilegedPSPBinding = true
|
||||
|
||||
// Client that will impersonate the default service account, in order to run
|
||||
|
||||
@ -27,12 +27,14 @@ import (
|
||||
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("[Feature:ClusterSizeAutoscalingScaleUp] [Slow] Autoscaling", func() {
|
||||
f := framework.NewDefaultFramework("autoscaling")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.Describe("Autoscaling a service", func() {
|
||||
ginkgo.BeforeEach(func() {
|
||||
|
||||
@ -37,6 +37,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -61,6 +62,7 @@ type scaleUpTestConfig struct {
|
||||
|
||||
var _ = SIGDescribe("Cluster size autoscaler scalability [Slow]", func() {
|
||||
f := framework.NewDefaultFramework("autoscaling")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var c clientset.Interface
|
||||
var nodeCount int
|
||||
var coresPerNode int
|
||||
|
||||
@ -53,6 +53,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/scheduling"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -92,6 +93,7 @@ const (
|
||||
|
||||
var _ = SIGDescribe("Cluster size autoscaling [Slow]", func() {
|
||||
f := framework.NewDefaultFramework("autoscaling")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var c clientset.Interface
|
||||
var nodeCount int
|
||||
var memAllocatableMb int
|
||||
|
||||
@ -33,6 +33,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/instrumentation/monitoring"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"golang.org/x/oauth2/google"
|
||||
@ -51,6 +52,7 @@ var _ = SIGDescribe("[HPA] Horizontal pod autoscaling (scale resource: Custom Me
|
||||
})
|
||||
|
||||
f := framework.NewDefaultFramework("horizontal-pod-autoscaling")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("should scale down with Custom Metric of type Pod from Stackdriver [Feature:CustomMetricsAutoscaling]", func() {
|
||||
initialReplicas := 2
|
||||
|
||||
@ -33,6 +33,7 @@ import (
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -47,6 +48,7 @@ const (
|
||||
|
||||
var _ = SIGDescribe("DNS horizontal autoscaling", func() {
|
||||
f := framework.NewDefaultFramework("dns-autoscaling")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var c clientset.Interface
|
||||
var previousParams map[string]string
|
||||
var originDNSReplicasCount int
|
||||
|
||||
@ -21,12 +21,14 @@ import (
|
||||
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("[Feature:HPA] [Serial] [Slow] Horizontal pod autoscaling (non-default behavior)", func() {
|
||||
f := framework.NewDefaultFramework("horizontal-pod-autoscaling")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.Describe("with short downscale stabilization window", func() {
|
||||
ginkgo.It("should scale down soon after the stabilization period", func() {
|
||||
|
||||
@ -35,6 +35,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -217,6 +218,7 @@ var _ = SIGDescribe("Addon update", func() {
|
||||
var dir string
|
||||
var sshClient *ssh.Client
|
||||
f := framework.NewDefaultFramework("addon-update-test")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
// This test requires:
|
||||
|
||||
@ -23,6 +23,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/upgrades"
|
||||
"k8s.io/kubernetes/test/e2e/upgrades/apps"
|
||||
"k8s.io/kubernetes/test/utils/junit"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -35,6 +36,7 @@ var upgradeTests = []upgrades.Test{
|
||||
|
||||
var _ = SIGDescribe("stateful Upgrade [Feature:StatefulUpgrade]", func() {
|
||||
f := framework.NewDefaultFramework("stateful-upgrade")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||
|
||||
ginkgo.Describe("stateful upgrade", func() {
|
||||
|
||||
@ -22,6 +22,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/upgrades"
|
||||
"k8s.io/kubernetes/test/e2e/upgrades/auth"
|
||||
"k8s.io/kubernetes/test/utils/junit"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -32,6 +33,7 @@ var upgradeTests = []upgrades.Test{
|
||||
|
||||
var _ = SIGDescribe("ServiceAccount admission controller migration [Feature:BoundServiceAccountTokenVolume]", func() {
|
||||
f := framework.NewDefaultFramework("serviceaccount-admission-controller-migration")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||
|
||||
ginkgo.Describe("master upgrade", func() {
|
||||
|
||||
@ -26,6 +26,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/upgrades/node"
|
||||
"k8s.io/kubernetes/test/e2e/upgrades/storage"
|
||||
"k8s.io/kubernetes/test/utils/junit"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -50,6 +51,7 @@ var upgradeTests = []upgrades.Test{
|
||||
|
||||
var _ = SIGDescribe("Upgrade [Feature:Upgrade]", func() {
|
||||
f := framework.NewDefaultFramework("cluster-upgrade")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||
|
||||
// Create the frameworks here because we can only create them
|
||||
@ -88,6 +90,7 @@ var _ = SIGDescribe("Upgrade [Feature:Upgrade]", func() {
|
||||
|
||||
var _ = SIGDescribe("Downgrade [Feature:Downgrade]", func() {
|
||||
f := framework.NewDefaultFramework("cluster-downgrade")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||
|
||||
ginkgo.Describe("cluster downgrade", func() {
|
||||
|
||||
@ -23,6 +23,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -30,6 +31,7 @@ import (
|
||||
var _ = SIGDescribe("GKE node pools [Feature:GKENodePool]", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("node-pools")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
e2eskipper.SkipUnlessProviderIs("gke")
|
||||
|
||||
@ -35,6 +35,7 @@ import (
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
func addMasterReplica(zone string) error {
|
||||
@ -161,6 +162,7 @@ func waitForMasters(masterPrefix string, c clientset.Interface, size int, timeou
|
||||
|
||||
var _ = SIGDescribe("HA-master [Feature:HAMaster]", func() {
|
||||
f := framework.NewDefaultFramework("ha-master")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var c clientset.Interface
|
||||
var ns string
|
||||
var additionalReplicaZones []string
|
||||
|
||||
@ -27,12 +27,14 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2ekubelet "k8s.io/kubernetes/test/e2e/framework/kubelet"
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("Ports Security Check [Feature:KubeletSecurity]", func() {
|
||||
f := framework.NewDefaultFramework("kubelet-security")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var node *v1.Node
|
||||
var nodeName string
|
||||
|
||||
@ -25,6 +25,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/upgrades"
|
||||
"k8s.io/kubernetes/test/e2e/upgrades/network"
|
||||
"k8s.io/kubernetes/test/utils/junit"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -45,6 +46,7 @@ func kubeProxyDaemonSetExtraEnvs(enableKubeProxyDaemonSet bool) []string {
|
||||
|
||||
var _ = SIGDescribe("kube-proxy migration [Feature:KubeProxyDaemonSetMigration]", func() {
|
||||
f := framework.NewDefaultFramework("kube-proxy-ds-migration")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
upgradeTestFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||
downgradeTestsFrameworks := upgrades.CreateUpgradeFrameworks(downgradeTests)
|
||||
|
||||
|
||||
@ -22,6 +22,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/upgrades"
|
||||
"k8s.io/kubernetes/test/e2e/upgrades/node"
|
||||
"k8s.io/kubernetes/test/utils/junit"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -32,6 +33,7 @@ var upgradeTests = []upgrades.Test{
|
||||
|
||||
var _ = SIGDescribe("gpu Upgrade [Feature:GPUUpgrade]", func() {
|
||||
f := framework.NewDefaultFramework("gpu-upgrade")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
testFrameworks := upgrades.CreateUpgradeFrameworks(upgradeTests)
|
||||
|
||||
ginkgo.Describe("master upgrade", func() {
|
||||
|
||||
@ -29,6 +29,7 @@ import (
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"github.com/onsi/gomega"
|
||||
@ -36,6 +37,7 @@ import (
|
||||
|
||||
var _ = SIGDescribe("[Disruptive]NodeLease", func() {
|
||||
f := framework.NewDefaultFramework("node-lease-test")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var systemPodsNo int32
|
||||
var c clientset.Interface
|
||||
var ns string
|
||||
|
||||
@ -35,6 +35,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -91,6 +92,7 @@ var _ = SIGDescribe("Reboot [Disruptive] [Feature:Reboot]", func() {
|
||||
})
|
||||
|
||||
f = framework.NewDefaultFramework("reboot")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("each node by ordering clean reboot and ensure they function upon restart", func() {
|
||||
// clean shutdown and restart
|
||||
|
||||
@ -33,6 +33,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework/providers/gce"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -43,6 +44,7 @@ const (
|
||||
|
||||
var _ = SIGDescribe("Recreate [Feature:Recreate]", func() {
|
||||
f := framework.NewDefaultFramework("recreate")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var originalNodes []v1.Node
|
||||
var originalPodNames []string
|
||||
var ps *testutils.PodStore
|
||||
|
||||
@ -29,6 +29,7 @@ import (
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -45,6 +46,7 @@ func resizeRC(c clientset.Interface, ns, name string, replicas int32) error {
|
||||
|
||||
var _ = SIGDescribe("Nodes [Disruptive]", func() {
|
||||
f := framework.NewDefaultFramework("resize-nodes")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var systemPodsNo int32
|
||||
var c clientset.Interface
|
||||
var ns string
|
||||
|
||||
@ -29,6 +29,7 @@ import (
|
||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -43,6 +44,7 @@ func nodeNames(nodes []v1.Node) []string {
|
||||
|
||||
var _ = SIGDescribe("Restart [Disruptive]", func() {
|
||||
f := framework.NewDefaultFramework("restart")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var ps *testutils.PodStore
|
||||
var originalNodes []v1.Node
|
||||
var originalPodNames []string
|
||||
|
||||
@ -27,12 +27,14 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("[Feature:CloudProvider][Disruptive] Nodes", func() {
|
||||
f := framework.NewDefaultFramework("cloudprovider")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var c clientset.Interface
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
|
||||
@ -30,6 +30,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/types"
|
||||
"k8s.io/apimachinery/pkg/util/strategicpatch"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
"k8s.io/utils/pointer"
|
||||
)
|
||||
|
||||
@ -51,6 +52,7 @@ func getPatchBytes(oldLease, newLease *coordinationv1.Lease) ([]byte, error) {
|
||||
|
||||
var _ = SIGDescribe("Lease", func() {
|
||||
f := framework.NewDefaultFramework("lease-test")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release: v1.17
|
||||
|
||||
@ -31,6 +31,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"github.com/onsi/gomega"
|
||||
@ -39,6 +40,7 @@ import (
|
||||
var _ = SIGDescribe("NodeLease", func() {
|
||||
var nodeName string
|
||||
f := framework.NewDefaultFramework("node-lease-test")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
node, err := e2enode.GetRandomReadySchedulableNode(f.ClientSet)
|
||||
|
||||
@ -31,6 +31,7 @@ import (
|
||||
"k8s.io/client-go/util/retry"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -42,6 +43,7 @@ const (
|
||||
|
||||
var _ = SIGDescribe("PodTemplates", func() {
|
||||
f := framework.NewDefaultFramework("podtemplate")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
/*
|
||||
Release: v1.19
|
||||
Testname: PodTemplate lifecycle
|
||||
|
||||
@ -27,12 +27,14 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
|
||||
var _ = SIGDescribe("Downward API [Serial] [Disruptive] [NodeFeature:EphemeralStorage]", func() {
|
||||
f := framework.NewDefaultFramework("downward-api")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.Context("Downward API tests for local ephemeral storage", func() {
|
||||
ginkgo.BeforeEach(func() {
|
||||
|
||||
@ -534,8 +534,7 @@ func (f *Framework) CreateNamespace(baseName string, labels map[string]string) (
|
||||
labels = labelsCopy
|
||||
}
|
||||
|
||||
// TODO(sur): set to restricted before 1.24 test freeze
|
||||
enforceLevel := admissionapi.LevelPrivileged
|
||||
enforceLevel := admissionapi.LevelRestricted
|
||||
if f.NamespacePodSecurityEnforceLevel != "" {
|
||||
enforceLevel = f.NamespacePodSecurityEnforceLevel
|
||||
}
|
||||
|
||||
@ -26,6 +26,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"k8s.io/apimachinery/pkg/types"
|
||||
@ -38,6 +39,7 @@ const (
|
||||
|
||||
var _ = common.SIGDescribe("Events", func() {
|
||||
f := framework.NewDefaultFramework("events")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release: v1.20
|
||||
|
||||
@ -32,6 +32,7 @@ import (
|
||||
typedeventsv1 "k8s.io/client-go/kubernetes/typed/events/v1"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"k8s.io/apimachinery/pkg/types"
|
||||
@ -75,6 +76,7 @@ func eventExistsInList(client typedeventsv1.EventInterface, namespace, name stri
|
||||
|
||||
var _ = common.SIGDescribe("Events API", func() {
|
||||
f := framework.NewDefaultFramework("events")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var coreClient corev1.EventInterface
|
||||
var client typedeventsv1.EventInterface
|
||||
var clientAllNamespaces typedeventsv1.EventInterface
|
||||
|
||||
@ -29,6 +29,7 @@ import (
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -42,6 +43,7 @@ var _ = e2econfig.AddOptions(&loggingSoak, "instrumentation.logging.soak")
|
||||
var _ = instrumentation.SIGDescribe("Logging soak [Performance] [Slow] [Disruptive]", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("logging-soak")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
// Not a global constant (irrelevant outside this test), also not a parameter (if you want more logs, use --scale=).
|
||||
kbRateInSeconds := 1 * time.Second
|
||||
|
||||
@ -31,6 +31,7 @@ import (
|
||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||
"k8s.io/kubernetes/test/e2e/scheduling"
|
||||
"k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"golang.org/x/oauth2/google"
|
||||
@ -52,6 +53,7 @@ var _ = instrumentation.SIGDescribe("Stackdriver Monitoring", func() {
|
||||
})
|
||||
|
||||
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("should have accelerator metrics [Feature:StackdriverAcceleratorMonitoring]", func() {
|
||||
testStackdriverAcceleratorMonitoring(f)
|
||||
|
||||
@ -35,6 +35,7 @@ import (
|
||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||
customclient "k8s.io/metrics/pkg/client/custom_metrics"
|
||||
externalclient "k8s.io/metrics/pkg/client/external_metrics"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"golang.org/x/oauth2/google"
|
||||
@ -53,6 +54,7 @@ var _ = instrumentation.SIGDescribe("Stackdriver Monitoring", func() {
|
||||
})
|
||||
|
||||
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("should run Custom Metrics - Stackdriver Adapter for old resource model [Feature:StackdriverCustomMetrics]", func() {
|
||||
kubeClient := f.ClientSet
|
||||
|
||||
@ -30,10 +30,12 @@ import (
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = instrumentation.SIGDescribe("MetricsGrabber", func() {
|
||||
f := framework.NewDefaultFramework("metrics-grabber")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var c, ec clientset.Interface
|
||||
var grabber *e2emetrics.Grabber
|
||||
ginkgo.BeforeEach(func() {
|
||||
|
||||
@ -28,6 +28,7 @@ import (
|
||||
e2eautoscaling "k8s.io/kubernetes/test/e2e/framework/autoscaling"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"golang.org/x/oauth2/google"
|
||||
@ -65,6 +66,7 @@ var _ = instrumentation.SIGDescribe("Stackdriver Monitoring", func() {
|
||||
})
|
||||
|
||||
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.It("should have cluster metrics [Feature:StackdriverMonitoring]", func() {
|
||||
testStackdriverMonitoring(f, 1, 100, 200)
|
||||
|
||||
@ -31,6 +31,7 @@ import (
|
||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
instrumentation "k8s.io/kubernetes/test/e2e/instrumentation/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"golang.org/x/oauth2/google"
|
||||
@ -50,6 +51,7 @@ var _ = instrumentation.SIGDescribe("Stackdriver Monitoring", func() {
|
||||
})
|
||||
|
||||
f := framework.NewDefaultFramework("stackdriver-monitoring")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var kubeClient clientset.Interface
|
||||
|
||||
ginkgo.It("should run Stackdriver Metadata Agent [Feature:StackdriverMetadataAgent]", func() {
|
||||
|
||||
@ -26,6 +26,7 @@ import (
|
||||
bootstrapapi "k8s.io/cluster-bootstrap/token/api"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/e2e/lifecycle"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -41,6 +42,7 @@ var _ = lifecycle.SIGDescribe("[Feature:BootstrapTokens]", func() {
|
||||
var c clientset.Interface
|
||||
|
||||
f := framework.NewDefaultFramework("bootstrap-signer")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.AfterEach(func() {
|
||||
if len(secretNeedClean) > 0 {
|
||||
ginkgo.By("delete the bootstrap token secret")
|
||||
|
||||
@ -27,6 +27,7 @@ import (
|
||||
bootstrapapi "k8s.io/cluster-bootstrap/token/api"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/e2e/lifecycle"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var secretNeedClean string
|
||||
@ -35,6 +36,7 @@ var _ = lifecycle.SIGDescribe("[Feature:BootstrapTokens]", func() {
|
||||
var c clientset.Interface
|
||||
|
||||
f := framework.NewDefaultFramework("bootstrap-token-cleaner")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
c = f.ClientSet
|
||||
|
||||
@ -36,6 +36,7 @@ import (
|
||||
e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
dnsclient "k8s.io/kubernetes/third_party/forked/golang/net"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"github.com/onsi/gomega"
|
||||
@ -59,8 +60,10 @@ type dnsTestCommon struct {
|
||||
}
|
||||
|
||||
func newDNSTestCommon() dnsTestCommon {
|
||||
framework := framework.NewDefaultFramework("dns-config-map")
|
||||
framework.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
return dnsTestCommon{
|
||||
f: framework.NewDefaultFramework("dns-config-map"),
|
||||
f: framework,
|
||||
ns: "kube-system",
|
||||
}
|
||||
}
|
||||
|
||||
@ -30,6 +30,7 @@ import (
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -43,6 +44,7 @@ const (
|
||||
|
||||
var _ = common.SIGDescribe("[Feature:PerformanceDNS][Serial]", func() {
|
||||
f := framework.NewDefaultFramework("performancedns")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
framework.ExpectNoError(framework.WaitForAllNodesSchedulable(f.ClientSet, framework.TestContext.NodeSchedulableTimeout))
|
||||
|
||||
@ -38,12 +38,14 @@ import (
|
||||
e2eservice "k8s.io/kubernetes/test/e2e/framework/service"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
netutils "k8s.io/utils/net"
|
||||
)
|
||||
|
||||
// Tests for ipv4-ipv6 dual-stack feature
|
||||
var _ = common.SIGDescribe("[Feature:IPv6DualStack]", func() {
|
||||
f := framework.NewDefaultFramework("dualstack")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var cs clientset.Interface
|
||||
var podClient *framework.PodClient
|
||||
|
||||
@ -29,10 +29,12 @@ import (
|
||||
clientset "k8s.io/client-go/kubernetes"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = common.SIGDescribe("EndpointSliceMirroring", func() {
|
||||
f := framework.NewDefaultFramework("endpointslicemirroring")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var cs clientset.Interface
|
||||
|
||||
|
||||
@ -38,6 +38,7 @@ import (
|
||||
e2eservice "k8s.io/kubernetes/test/e2e/framework/service"
|
||||
e2etestfiles "k8s.io/kubernetes/test/e2e/framework/testfiles"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -57,6 +58,7 @@ except:
|
||||
|
||||
var _ = common.SIGDescribe("ClusterDns [Feature:Example]", func() {
|
||||
f := framework.NewDefaultFramework("cluster-dns")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var c clientset.Interface
|
||||
ginkgo.BeforeEach(func() {
|
||||
|
||||
@ -39,6 +39,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
gcecloud "k8s.io/legacy-cloud-providers/gce"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -53,6 +54,7 @@ const (
|
||||
var _ = common.SIGDescribe("Firewall rule", func() {
|
||||
var firewallTestName = "firewall-test"
|
||||
f := framework.NewDefaultFramework(firewallTestName)
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var cs clientset.Interface
|
||||
var cloudConfig framework.CloudConfig
|
||||
|
||||
@ -537,6 +537,7 @@ func detectNegAnnotation(f *framework.Framework, jig *e2eingress.TestJig, gceCon
|
||||
|
||||
var _ = common.SIGDescribe("Ingress API", func() {
|
||||
f := framework.NewDefaultFramework("ingress")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
/*
|
||||
Release: v1.19
|
||||
Testname: Ingress API
|
||||
|
||||
@ -21,6 +21,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
"k8s.io/kubernetes/test/e2e/network/scale"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -31,6 +32,7 @@ var _ = common.SIGDescribe("Loadbalancing: L7 Scalability", func() {
|
||||
ns string
|
||||
)
|
||||
f := framework.NewDefaultFramework("ingress-scale")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
ns = f.Namespace.Name
|
||||
|
||||
@ -31,6 +31,7 @@ import (
|
||||
clientset "k8s.io/client-go/kubernetes"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
utilpointer "k8s.io/utils/pointer"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
@ -38,6 +39,7 @@ import (
|
||||
|
||||
var _ = common.SIGDescribe("IngressClass [Feature:Ingress]", func() {
|
||||
f := framework.NewDefaultFramework("ingressclass")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var cs clientset.Interface
|
||||
ginkgo.BeforeEach(func() {
|
||||
cs = f.ClientSet
|
||||
@ -181,6 +183,7 @@ func deleteIngressClass(cs clientset.Interface, name string) {
|
||||
|
||||
var _ = common.SIGDescribe("IngressClass API", func() {
|
||||
f := framework.NewDefaultFramework("ingressclass")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var cs clientset.Interface
|
||||
ginkgo.BeforeEach(func() {
|
||||
cs = f.ClientSet
|
||||
|
||||
@ -1733,6 +1733,7 @@ var _ = common.SIGDescribe("NetworkPolicy [Feature:SCTPConnectivity][LinuxOnly][
|
||||
var podServer *v1.Pod
|
||||
var podServerLabelSelector string
|
||||
f := framework.NewDefaultFramework("sctp-network-policy")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
// Windows does not support network policies.
|
||||
@ -2186,6 +2187,7 @@ func cleanupNetworkPolicy(f *framework.Framework, policy *networkingv1.NetworkPo
|
||||
|
||||
var _ = common.SIGDescribe("NetworkPolicy API", func() {
|
||||
f := framework.NewDefaultFramework("networkpolicies")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
/*
|
||||
Release: v1.20
|
||||
Testname: NetworkPolicies API
|
||||
|
||||
@ -33,6 +33,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
utilnet "k8s.io/utils/net"
|
||||
)
|
||||
|
||||
@ -116,6 +117,7 @@ and what is happening in practice:
|
||||
|
||||
var _ = common.SIGDescribe("Netpol", func() {
|
||||
f := framework.NewDefaultFramework("netpol")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var model *Model
|
||||
|
||||
ginkgo.Context("NetworkPolicy between server and client", func() {
|
||||
@ -1254,6 +1256,7 @@ var _ = common.SIGDescribe("Netpol", func() {
|
||||
|
||||
var _ = common.SIGDescribe("Netpol [LinuxOnly]", func() {
|
||||
f := framework.NewDefaultFramework("udp-network-policy")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var model *Model
|
||||
ginkgo.BeforeEach(func() {
|
||||
// Windows does not support UDP testing via agnhost.
|
||||
@ -1339,6 +1342,7 @@ var _ = common.SIGDescribe("Netpol [LinuxOnly]", func() {
|
||||
|
||||
var _ = common.SIGDescribe("Netpol [Feature:SCTPConnectivity][LinuxOnly][Disruptive]", func() {
|
||||
f := framework.NewDefaultFramework("sctp-network-policy")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var model *Model
|
||||
ginkgo.BeforeEach(func() {
|
||||
// Windows does not support network policies.
|
||||
|
||||
@ -25,6 +25,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/util/intstr"
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
"k8s.io/apimachinery/pkg/watch"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
networkingv1 "k8s.io/api/networking/v1"
|
||||
@ -35,6 +36,7 @@ import (
|
||||
|
||||
var _ = common.SIGDescribe("Netpol API", func() {
|
||||
f := framework.NewDefaultFramework("netpol")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
/*
|
||||
Release: v1.20
|
||||
Testname: NetworkPolicies API
|
||||
|
||||
@ -34,12 +34,14 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
gcecloud "k8s.io/legacy-cloud-providers/gce"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
|
||||
var _ = common.SIGDescribe("Services GCE [Slow]", func() {
|
||||
f := framework.NewDefaultFramework("services")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var cs clientset.Interface
|
||||
serviceLBNames := []string{}
|
||||
|
||||
@ -26,6 +26,7 @@ import (
|
||||
v1 "k8s.io/api/core/v1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
@ -63,6 +64,7 @@ var (
|
||||
// We use the [Feature:NoSNAT] tag so that most jobs will skip this test by default.
|
||||
var _ = common.SIGDescribe("NoSNAT [Feature:NoSNAT] [Slow]", func() {
|
||||
f := framework.NewDefaultFramework("no-snat-test")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.It("Should be able to send traffic between Pods without SNAT", func() {
|
||||
cs := f.ClientSet
|
||||
pc := cs.CoreV1().Pods(f.Namespace.Name)
|
||||
|
||||
@ -37,10 +37,12 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/network/common"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = common.SIGDescribe("[Feature:Topology Hints]", func() {
|
||||
f := framework.NewDefaultFramework("topology-hints")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
// filled in BeforeEach
|
||||
var c clientset.Interface
|
||||
|
||||
@ -33,6 +33,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/perftype"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -196,6 +197,7 @@ func verifyCPULimits(expected e2ekubelet.ContainersCPUSummary, actual e2ekubelet
|
||||
var _ = SIGDescribe("Kubelet [Serial] [Slow]", func() {
|
||||
var nodeNames sets.String
|
||||
f := framework.NewDefaultFramework("kubelet-perf")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var om *e2ekubelet.RuntimeOperationMonitor
|
||||
var rm *e2ekubelet.ResourceMonitor
|
||||
|
||||
|
||||
@ -34,6 +34,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||
testutils "k8s.io/kubernetes/test/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"github.com/onsi/gomega"
|
||||
@ -48,6 +49,7 @@ var _ = SIGDescribe("NodeProblemDetector", func() {
|
||||
maxNodesToProcess = 10
|
||||
)
|
||||
f := framework.NewDefaultFramework("node-problem-detector")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
e2eskipper.SkipUnlessSSHKeyPresent()
|
||||
|
||||
@ -29,6 +29,7 @@ import (
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
// This test requires that --terminated-pod-gc-threshold=100 be set on the controller manager
|
||||
@ -36,6 +37,7 @@ import (
|
||||
// Slow by design (7 min)
|
||||
var _ = SIGDescribe("Pod garbage collector [Feature:PodGarbageCollector] [Slow]", func() {
|
||||
f := framework.NewDefaultFramework("pod-garbage-collector")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.It("should handle the creation of 1000 pods", func() {
|
||||
var count int
|
||||
for count < 1000 {
|
||||
|
||||
@ -23,6 +23,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -32,6 +33,7 @@ const maxNodes = 100
|
||||
var _ = SIGDescribe("SSH", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("ssh")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
// When adding more providers here, also implement their functionality in e2essh.GetSigner(...).
|
||||
|
||||
@ -39,6 +39,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
e2etestfiles "k8s.io/kubernetes/test/e2e/framework/testfiles"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
"github.com/onsi/gomega"
|
||||
@ -221,6 +222,7 @@ func logContainers(f *framework.Framework, pod *v1.Pod) {
|
||||
|
||||
var _ = SIGDescribe("[Feature:GPUDevicePlugin]", func() {
|
||||
f := framework.NewDefaultFramework("device-plugin-gpus")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.It("run Nvidia GPU Device Plugin tests", func() {
|
||||
testNvidiaGPUs(f)
|
||||
})
|
||||
@ -322,6 +324,7 @@ var _ = SIGDescribe("GPUDevicePluginAcrossRecreate [Feature:Recreate]", func() {
|
||||
e2eskipper.SkipUnlessProviderIs("gce", "gke")
|
||||
})
|
||||
f := framework.NewDefaultFramework("device-plugin-gpus-recreate")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.It("run Nvidia GPU Device Plugin tests with a recreation", func() {
|
||||
testNvidiaGPUsJob(f)
|
||||
})
|
||||
|
||||
@ -683,6 +683,7 @@ var _ = SIGDescribe("SchedulerPreemption [Serial]", func() {
|
||||
ginkgo.Context("PriorityClass endpoints", func() {
|
||||
var cs clientset.Interface
|
||||
f := framework.NewDefaultFramework("sched-preemption-path")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
testUUID := uuid.New().String()
|
||||
var pcs []*schedulingv1.PriorityClass
|
||||
|
||||
|
||||
@ -28,12 +28,14 @@ import (
|
||||
"k8s.io/apimachinery/pkg/watch"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
|
||||
var _ = utils.SIGDescribe("CSIStorageCapacity", func() {
|
||||
f := framework.NewDefaultFramework("csistoragecapacity")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
/*
|
||||
Release: v1.24
|
||||
|
||||
@ -33,6 +33,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -45,6 +46,7 @@ var (
|
||||
|
||||
var _ = utils.SIGDescribe("[Feature:Flexvolumes] Detaching volumes", func() {
|
||||
f := framework.NewDefaultFramework("flexvolume")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
// note that namespace deletion is handled by delete-namespace flag
|
||||
|
||||
|
||||
@ -38,6 +38,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -61,6 +62,7 @@ var _ = utils.SIGDescribe("[Feature:Flexvolumes] Mounted flexvolume expand[Slow]
|
||||
)
|
||||
|
||||
f := framework.NewDefaultFramework("mounted-flexvolume-expand")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.BeforeEach(func() {
|
||||
e2eskipper.SkipUnlessProviderIs("aws", "gce", "local")
|
||||
e2eskipper.SkipUnlessMasterOSDistroIs("debian", "ubuntu", "gci", "custom")
|
||||
|
||||
@ -37,6 +37,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = utils.SIGDescribe("[Feature:Flexvolumes] Mounted flexvolume volume expand [Slow]", func() {
|
||||
@ -55,6 +56,7 @@ var _ = utils.SIGDescribe("[Feature:Flexvolumes] Mounted flexvolume volume expan
|
||||
)
|
||||
|
||||
f := framework.NewDefaultFramework("mounted-flexvolume-expand")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.BeforeEach(func() {
|
||||
e2eskipper.SkipUnlessProviderIs("aws", "gce", "local")
|
||||
e2eskipper.SkipUnlessMasterOSDistroIs("debian", "ubuntu", "gci", "custom")
|
||||
|
||||
@ -30,10 +30,12 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = utils.SIGDescribe("GenericPersistentVolume[Disruptive]", func() {
|
||||
f := framework.NewDefaultFramework("generic-disruptive-pv")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var (
|
||||
c clientset.Interface
|
||||
ns string
|
||||
|
||||
@ -26,6 +26,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
"github.com/onsi/ginkgo"
|
||||
)
|
||||
@ -33,6 +34,7 @@ import (
|
||||
var _ = utils.SIGDescribe("GKE local SSD [Feature:GKELocalSSD]", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("localssd")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
e2eskipper.SkipUnlessProviderIs("gke")
|
||||
|
||||
@ -28,6 +28,7 @@ import (
|
||||
storagev1 "k8s.io/api/storage/v1"
|
||||
"k8s.io/apimachinery/pkg/api/resource"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
|
||||
utilerrors "k8s.io/apimachinery/pkg/util/errors"
|
||||
"k8s.io/apimachinery/pkg/util/wait"
|
||||
@ -58,6 +59,7 @@ var _ = utils.SIGDescribe("Mounted volume expand [Feature:StorageProvider]", fun
|
||||
)
|
||||
|
||||
f := framework.NewDefaultFramework("mounted-volume-expand")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.BeforeEach(func() {
|
||||
e2eskipper.SkipUnlessProviderIs("aws", "gce")
|
||||
c = f.ClientSet
|
||||
|
||||
@ -39,6 +39,7 @@ import (
|
||||
e2essh "k8s.io/kubernetes/test/e2e/framework/ssh"
|
||||
e2evolume "k8s.io/kubernetes/test/e2e/framework/volume"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
type testBody func(c clientset.Interface, f *framework.Framework, clientPod *v1.Pod)
|
||||
@ -77,6 +78,7 @@ func checkForControllerManagerHealthy(duration time.Duration) error {
|
||||
var _ = utils.SIGDescribe("NFSPersistentVolumes[Disruptive][Flaky]", func() {
|
||||
|
||||
f := framework.NewDefaultFramework("disruptive-pv")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var (
|
||||
c clientset.Interface
|
||||
ns string
|
||||
|
||||
@ -48,6 +48,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -70,6 +71,7 @@ var _ = utils.SIGDescribe("Pod Disks [Feature:StorageProvider]", func() {
|
||||
nodes *v1.NodeList
|
||||
)
|
||||
f := framework.NewDefaultFramework("pod-disks")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
ginkgo.BeforeEach(func() {
|
||||
e2eskipper.SkipUnlessNodeCountIsAtLeast(minNodes)
|
||||
|
||||
@ -32,6 +32,7 @@ import (
|
||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
// verifyGCEDiskAttached performs a sanity check to verify the PD attached to the node
|
||||
@ -74,6 +75,7 @@ var _ = utils.SIGDescribe("PersistentVolumes GCEPD [Feature:StorageProvider]", f
|
||||
)
|
||||
|
||||
f := framework.NewDefaultFramework("pv")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.BeforeEach(func() {
|
||||
c = f.ClientSet
|
||||
ns = f.Namespace.Name
|
||||
|
||||
@ -97,6 +97,7 @@ var _ = utils.SIGDescribe("PersistentVolumes", func() {
|
||||
|
||||
// global vars for the ginkgo.Context()s and ginkgo.It()'s below
|
||||
f := framework.NewDefaultFramework("pv")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var (
|
||||
c clientset.Interface
|
||||
ns string
|
||||
|
||||
@ -32,6 +32,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = utils.SIGDescribe("PV Protection", func() {
|
||||
@ -48,6 +49,7 @@ var _ = utils.SIGDescribe("PV Protection", func() {
|
||||
)
|
||||
|
||||
f := framework.NewDefaultFramework("pv-protection")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.BeforeEach(func() {
|
||||
client = f.ClientSet
|
||||
nameSpace = f.Namespace.Name
|
||||
|
||||
@ -48,6 +48,7 @@ import (
|
||||
"k8s.io/kubernetes/test/e2e/storage/testsuites"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
imageutils "k8s.io/kubernetes/test/utils/image"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -60,6 +61,7 @@ const (
|
||||
|
||||
var _ = utils.SIGDescribe("Regional PD", func() {
|
||||
f := framework.NewDefaultFramework("regional-pd")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
// filled in BeforeEach
|
||||
var c clientset.Interface
|
||||
|
||||
@ -34,6 +34,7 @@ import (
|
||||
e2evolume "k8s.io/kubernetes/test/e2e/framework/volume"
|
||||
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
||||
storageutils "k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
type capacityTestSuite struct {
|
||||
@ -89,6 +90,7 @@ func (p *capacityTestSuite) DefineTests(driver storageframework.TestDriver, patt
|
||||
// Beware that it also registers an AfterEach which renders f unusable. Any code using
|
||||
// f must run inside an It or Context callback.
|
||||
f := framework.NewFrameworkWithCustomTimeouts("capacity", storageframework.GetDriverTimeouts(driver))
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
init := func() {
|
||||
dDriver, _ = driver.(storageframework.DynamicPVTestDriver)
|
||||
|
||||
@ -34,6 +34,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
||||
storageutils "k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
type volumeStressTestSuite struct {
|
||||
@ -113,6 +114,7 @@ func (t *volumeStressTestSuite) DefineTests(driver storageframework.TestDriver,
|
||||
// Beware that it also registers an AfterEach which renders f unusable. Any code using
|
||||
// f must run inside an It or Context callback.
|
||||
f := framework.NewFrameworkWithCustomTimeouts("stress", storageframework.GetDriverTimeouts(driver))
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
init := func() {
|
||||
cs = f.ClientSet
|
||||
|
||||
@ -37,6 +37,7 @@ import (
|
||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
storageframework "k8s.io/kubernetes/test/e2e/storage/framework"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
type volumePerformanceTestSuite struct {
|
||||
@ -126,6 +127,7 @@ func (t *volumePerformanceTestSuite) DefineTests(driver storageframework.TestDri
|
||||
ClientBurst: 400,
|
||||
}
|
||||
f := framework.NewFramework("volume-lifecycle-performance", frameworkOptions, nil)
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
f.AddAfterEach("cleanup", func(f *framework.Framework, failed bool) {
|
||||
ginkgo.By("Closing informer channel")
|
||||
close(l.stopCh)
|
||||
|
||||
@ -30,10 +30,12 @@ import (
|
||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = utils.SIGDescribe("Multi-AZ Cluster Volumes", func() {
|
||||
f := framework.NewDefaultFramework("multi-az")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var zoneCount int
|
||||
var err error
|
||||
image := framework.ServeHostnameImage
|
||||
|
||||
@ -26,6 +26,7 @@ import (
|
||||
e2enode "k8s.io/kubernetes/test/e2e/framework/node"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = utils.SIGDescribe("Volume limits", func() {
|
||||
@ -33,6 +34,7 @@ var _ = utils.SIGDescribe("Volume limits", func() {
|
||||
c clientset.Interface
|
||||
)
|
||||
f := framework.NewDefaultFramework("volume-limits-on-node")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
ginkgo.BeforeEach(func() {
|
||||
e2eskipper.SkipUnlessProviderIs("aws", "gce", "gke")
|
||||
// If CSIMigration is enabled, then the limits should be on CSINodes, not Nodes, and another test checks this
|
||||
|
||||
@ -30,6 +30,7 @@ import (
|
||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
// Testing configurations of single a PV/PVC pair attached to a vSphere Disk
|
||||
@ -51,6 +52,7 @@ var _ = utils.SIGDescribe("PersistentVolumes:vsphere [Feature:vsphere]", func()
|
||||
)
|
||||
|
||||
f := framework.NewDefaultFramework("pv")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
/*
|
||||
Test Setup
|
||||
|
||||
|
||||
@ -31,10 +31,12 @@ import (
|
||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
var _ = utils.SIGDescribe("PersistentVolumes [Feature:vsphere][Feature:ReclaimPolicy]", func() {
|
||||
f := framework.NewDefaultFramework("persistentvolumereclaim")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var (
|
||||
c clientset.Interface
|
||||
ns string
|
||||
|
||||
@ -28,6 +28,7 @@ import (
|
||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
/*
|
||||
@ -49,6 +50,7 @@ import (
|
||||
*/
|
||||
var _ = utils.SIGDescribe("PersistentVolumes [Feature:vsphere][Feature:LabelSelector]", func() {
|
||||
f := framework.NewDefaultFramework("pvclabelselector")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var (
|
||||
c clientset.Interface
|
||||
ns string
|
||||
|
||||
@ -33,6 +33,7 @@ import (
|
||||
e2epv "k8s.io/kubernetes/test/e2e/framework/pv"
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
/*
|
||||
@ -57,6 +58,7 @@ type NodeSelector struct {
|
||||
|
||||
var _ = utils.SIGDescribe("vcp at scale [Feature:vsphere] ", func() {
|
||||
f := framework.NewDefaultFramework("vcp-at-scale")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
|
||||
var (
|
||||
client clientset.Interface
|
||||
|
||||
@ -30,6 +30,7 @@ import (
|
||||
e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper"
|
||||
e2estatefulset "k8s.io/kubernetes/test/e2e/framework/statefulset"
|
||||
"k8s.io/kubernetes/test/e2e/storage/utils"
|
||||
admissionapi "k8s.io/pod-security-admission/api"
|
||||
)
|
||||
|
||||
/*
|
||||
@ -56,6 +57,7 @@ const (
|
||||
|
||||
var _ = utils.SIGDescribe("vsphere statefulset [Feature:vsphere]", func() {
|
||||
f := framework.NewDefaultFramework("vsphere-statefulset")
|
||||
f.NamespacePodSecurityEnforceLevel = admissionapi.LevelPrivileged
|
||||
var (
|
||||
namespace string
|
||||
client clientset.Interface
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user