mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-27 13:37:30 +00:00
Use privileged containers for statefulset e2e tests
Test containers need to run as spc_t in order to interact with the host filesystem under /tmp, as the tests for StatefulSet are doing. Docker will transition the container into this domain when running the container as privileged. Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
This commit is contained in:
parent
b2ea780731
commit
a1eedac6cb
@ -722,7 +722,7 @@ func (s *statefulSetTester) createStatefulSet(manifestPath, ns string) *apps.Sta
|
|||||||
func (s *statefulSetTester) checkMount(ss *apps.StatefulSet, mountPath string) error {
|
func (s *statefulSetTester) checkMount(ss *apps.StatefulSet, mountPath string) error {
|
||||||
for _, cmd := range []string{
|
for _, cmd := range []string{
|
||||||
// Print inode, size etc
|
// Print inode, size etc
|
||||||
fmt.Sprintf("ls -idlh %v", mountPath),
|
fmt.Sprintf("ls -idlhZ %v", mountPath),
|
||||||
// Print subdirs
|
// Print subdirs
|
||||||
fmt.Sprintf("find %v", mountPath),
|
fmt.Sprintf("find %v", mountPath),
|
||||||
// Try writing
|
// Try writing
|
||||||
@ -1118,6 +1118,8 @@ func newStatefulSet(name, ns, governingSvcName string, replicas int32, statefulP
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
privileged := true
|
||||||
|
|
||||||
return &apps.StatefulSet{
|
return &apps.StatefulSet{
|
||||||
TypeMeta: metav1.TypeMeta{
|
TypeMeta: metav1.TypeMeta{
|
||||||
Kind: "StatefulSet",
|
Kind: "StatefulSet",
|
||||||
@ -1143,6 +1145,9 @@ func newStatefulSet(name, ns, governingSvcName string, replicas int32, statefulP
|
|||||||
Name: "nginx",
|
Name: "nginx",
|
||||||
Image: nginxImage,
|
Image: nginxImage,
|
||||||
VolumeMounts: mounts,
|
VolumeMounts: mounts,
|
||||||
|
SecurityContext: &v1.SecurityContext{
|
||||||
|
Privileged: &privileged,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
Volumes: vols,
|
Volumes: vols,
|
||||||
|
Loading…
Reference in New Issue
Block a user