diff --git a/test/e2e/auth/metadata_concealment.go b/test/e2e/auth/metadata_concealment.go index e10d307c841..58337dc8d21 100644 --- a/test/e2e/auth/metadata_concealment.go +++ b/test/e2e/auth/metadata_concealment.go @@ -55,10 +55,10 @@ var _ = SIGDescribe("Metadata Concealment", func() { }, } job, err := framework.CreateJob(f.ClientSet, f.Namespace.Name, job) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to create job (%s:%s)", f.Namespace.Name, job.Name) By("Ensuring job reaches completions") err = framework.WaitForJobComplete(f.ClientSet, f.Namespace.Name, job.Name, int32(1)) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to ensure job completion (%s:%s)", f.Namespace.Name, job.Name) }) }) diff --git a/test/e2e/auth/node_authn.go b/test/e2e/auth/node_authn.go index 8e62646ecc5..117bbd469f9 100644 --- a/test/e2e/auth/node_authn.go +++ b/test/e2e/auth/node_authn.go @@ -38,7 +38,7 @@ var _ = SIGDescribe("[Feature:NodeAuthenticator]", func() { ns = f.Namespace.Name nodeList, err := f.ClientSet.CoreV1().Nodes().List(metav1.ListOptions{}) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to list nodes in namespace: %s", ns) Expect(len(nodeList.Items)).NotTo(BeZero()) pickedNode := nodeList.Items[0] @@ -47,8 +47,9 @@ var _ = SIGDescribe("[Feature:NodeAuthenticator]", func() { nodeIPs = append(nodeIPs, framework.GetNodeAddresses(&pickedNode, v1.NodeInternalIP)...) // make sure ServiceAccount admission controller is enabled, so secret generation on SA creation works - sa, err := f.ClientSet.CoreV1().ServiceAccounts(ns).Get("default", metav1.GetOptions{}) - Expect(err).NotTo(HaveOccurred()) + saName := "default" + sa, err := f.ClientSet.CoreV1().ServiceAccounts(ns).Get(saName, metav1.GetOptions{}) + Expect(err).NotTo(HaveOccurred(), "failed to retrieve service account (%s:%s)", ns, saName) Expect(len(sa.Secrets)).NotTo(BeZero()) }) @@ -72,7 +73,7 @@ var _ = SIGDescribe("[Feature:NodeAuthenticator]", func() { AutomountServiceAccountToken: &trueValue, } _, err := f.ClientSet.CoreV1().ServiceAccounts(ns).Create(newSA) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to create service account (%s:%s)", ns, newSA.Name) pod := createNodeAuthTestPod(f) diff --git a/test/e2e/auth/node_authz.go b/test/e2e/auth/node_authz.go index a4a43186b94..0f967c95918 100644 --- a/test/e2e/auth/node_authz.go +++ b/test/e2e/auth/node_authz.go @@ -51,23 +51,24 @@ var _ = SIGDescribe("[Feature:NodeAuthorizer]", func() { ns = f.Namespace.Name nodeList, err := f.ClientSet.CoreV1().Nodes().List(metav1.ListOptions{}) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to list nodes in namespace: %s", ns) Expect(len(nodeList.Items)).NotTo(Equal(0)) nodeName = nodeList.Items[0].Name asUser = NodeNamePrefix + nodeName - sa, err := f.ClientSet.CoreV1().ServiceAccounts(ns).Get("default", metav1.GetOptions{}) + saName := "default" + sa, err := f.ClientSet.CoreV1().ServiceAccounts(ns).Get(saName, metav1.GetOptions{}) Expect(len(sa.Secrets)).NotTo(Equal(0)) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to retrieve service account (%s:%s)", ns, saName) defaultSaSecret = sa.Secrets[0].Name By("Creating a kubernetes client that impersonates a node") config, err := framework.LoadConfig() - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to load kubernetes client config") config.Impersonate = restclient.ImpersonationConfig{ UserName: asUser, Groups: []string{NodesGroup}, } c, err = clientset.NewForConfig(config) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to create Clientset for the given config: %+v", *config) }) It("Getting a non-existent secret should exit with the Forbidden error, not a NotFound error", func() { @@ -97,7 +98,7 @@ var _ = SIGDescribe("[Feature:NodeAuthorizer]", func() { }, } _, err := f.ClientSet.CoreV1().ConfigMaps(ns).Create(configmap) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to create configmap (%s:%s) %+v", ns, configmap.Name, *configmap) _, err = c.CoreV1().ConfigMaps(ns).Get(configmap.Name, metav1.GetOptions{}) Expect(apierrors.IsForbidden(err)).Should(Equal(true)) }) @@ -114,7 +115,7 @@ var _ = SIGDescribe("[Feature:NodeAuthorizer]", func() { }, } _, err := f.ClientSet.CoreV1().Secrets(ns).Create(secret) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to create secret (%s:%s)", ns, secret.Name) By("Node should not get the secret") _, err = c.CoreV1().Secrets(ns).Get(secret.Name, metav1.GetOptions{}) @@ -147,10 +148,12 @@ var _ = SIGDescribe("[Feature:NodeAuthorizer]", func() { } _, err = f.ClientSet.CoreV1().Pods(ns).Create(pod) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to create pod (%s:%s)", ns, pod.Name) By("The node should able to access the secret") - err = wait.Poll(framework.Poll, 1*time.Minute, func() (bool, error) { + itv := framework.Poll + dur := 1 * time.Minute + err = wait.Poll(itv, dur, func() (bool, error) { _, err = c.CoreV1().Secrets(ns).Get(secret.Name, metav1.GetOptions{}) if err != nil { framework.Logf("Failed to get secret %v, err: %v", secret.Name, err) @@ -158,7 +161,7 @@ var _ = SIGDescribe("[Feature:NodeAuthorizer]", func() { } return true, nil }) - Expect(err).NotTo(HaveOccurred()) + Expect(err).NotTo(HaveOccurred(), "failed to get secret after trying every %v for %v (%s:%s)", itv, dur, ns, secret.Name) }) It("A node shouldn't be able to create another node", func() {