Merge pull request #56349 from php-coder/simplify_admission_test

Automatic merge from submit-queue (batch tested with PRs 56947, 56349, 57140, 53686, 57314). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

 admission_test.go(TestAdmitPreferNonmutating): simplify test

**What this PR does / why we need it**:
This PR simplifies `TestAdmitPreferNonmutating` test by inlining members that have a constant values.

**Release note**:
```release-note
NONE
```

PTAL @liggitt @tallclair 
CC @simo5
This commit is contained in:
Kubernetes Submit Queue 2017-12-18 12:24:38 -08:00 committed by GitHub
commit b6b1762a80
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -349,10 +349,8 @@ func TestAdmitPreferNonmutating(t *testing.T) {
pod *kapi.Pod pod *kapi.Pod
podBeforeUpdate *kapi.Pod podBeforeUpdate *kapi.Pod
psps []*extensions.PodSecurityPolicy psps []*extensions.PodSecurityPolicy
shouldPassAdmit bool
shouldPassValidate bool shouldPassValidate bool
expectMutation bool expectMutation bool
expectedPodUser *int64
expectedContainerUser *int64 expectedContainerUser *int64
expectedPSP string expectedPSP string
}{ }{
@ -360,10 +358,8 @@ func TestAdmitPreferNonmutating(t *testing.T) {
operation: kadmission.Create, operation: kadmission.Create,
pod: unprivilegedRunAsAnyPod.DeepCopy(), pod: unprivilegedRunAsAnyPod.DeepCopy(),
psps: []*extensions.PodSecurityPolicy{privilegedPSP}, psps: []*extensions.PodSecurityPolicy{privilegedPSP},
shouldPassAdmit: true,
shouldPassValidate: true, shouldPassValidate: true,
expectMutation: false, expectMutation: false,
expectedPodUser: nil,
expectedContainerUser: nil, expectedContainerUser: nil,
expectedPSP: privilegedPSP.Name, expectedPSP: privilegedPSP.Name,
}, },
@ -371,10 +367,8 @@ func TestAdmitPreferNonmutating(t *testing.T) {
operation: kadmission.Create, operation: kadmission.Create,
pod: unprivilegedRunAsAnyPod.DeepCopy(), pod: unprivilegedRunAsAnyPod.DeepCopy(),
psps: []*extensions.PodSecurityPolicy{mutating2, mutating1, privilegedPSP}, psps: []*extensions.PodSecurityPolicy{mutating2, mutating1, privilegedPSP},
shouldPassAdmit: true,
shouldPassValidate: true, shouldPassValidate: true,
expectMutation: false, expectMutation: false,
expectedPodUser: nil,
expectedContainerUser: nil, expectedContainerUser: nil,
expectedPSP: privilegedPSP.Name, expectedPSP: privilegedPSP.Name,
}, },
@ -382,10 +376,8 @@ func TestAdmitPreferNonmutating(t *testing.T) {
operation: kadmission.Create, operation: kadmission.Create,
pod: unprivilegedRunAsAnyPod.DeepCopy(), pod: unprivilegedRunAsAnyPod.DeepCopy(),
psps: []*extensions.PodSecurityPolicy{mutating2, mutating1}, psps: []*extensions.PodSecurityPolicy{mutating2, mutating1},
shouldPassAdmit: true,
shouldPassValidate: true, shouldPassValidate: true,
expectMutation: true, expectMutation: true,
expectedPodUser: nil,
expectedContainerUser: &mutating1.Spec.RunAsUser.Ranges[0].Min, expectedContainerUser: &mutating1.Spec.RunAsUser.Ranges[0].Min,
expectedPSP: mutating1.Name, expectedPSP: mutating1.Name,
}, },
@ -394,10 +386,8 @@ func TestAdmitPreferNonmutating(t *testing.T) {
pod: changedPodWithSC.DeepCopy(), pod: changedPodWithSC.DeepCopy(),
podBeforeUpdate: podWithSC.DeepCopy(), podBeforeUpdate: podWithSC.DeepCopy(),
psps: []*extensions.PodSecurityPolicy{mutating2, mutating1, privilegedPSP}, psps: []*extensions.PodSecurityPolicy{mutating2, mutating1, privilegedPSP},
shouldPassAdmit: true,
shouldPassValidate: true, shouldPassValidate: true,
expectMutation: false, expectMutation: false,
expectedPodUser: nil,
expectedContainerUser: nil, expectedContainerUser: nil,
expectedPSP: privilegedPSP.Name, expectedPSP: privilegedPSP.Name,
}, },
@ -406,10 +396,8 @@ func TestAdmitPreferNonmutating(t *testing.T) {
pod: changedPod.DeepCopy(), pod: changedPod.DeepCopy(),
podBeforeUpdate: unprivilegedRunAsAnyPod.DeepCopy(), podBeforeUpdate: unprivilegedRunAsAnyPod.DeepCopy(),
psps: []*extensions.PodSecurityPolicy{mutating2, mutating1}, psps: []*extensions.PodSecurityPolicy{mutating2, mutating1},
shouldPassAdmit: true,
shouldPassValidate: false, shouldPassValidate: false,
expectMutation: false, expectMutation: false,
expectedPodUser: nil,
expectedContainerUser: nil, expectedContainerUser: nil,
expectedPSP: "", expectedPSP: "",
}, },
@ -418,10 +406,8 @@ func TestAdmitPreferNonmutating(t *testing.T) {
pod: unprivilegedRunAsAnyPod.DeepCopy(), pod: unprivilegedRunAsAnyPod.DeepCopy(),
podBeforeUpdate: unprivilegedRunAsAnyPod.DeepCopy(), podBeforeUpdate: unprivilegedRunAsAnyPod.DeepCopy(),
psps: []*extensions.PodSecurityPolicy{mutating2, mutating1}, psps: []*extensions.PodSecurityPolicy{mutating2, mutating1},
shouldPassAdmit: true,
shouldPassValidate: true, shouldPassValidate: true,
expectMutation: false, expectMutation: false,
expectedPodUser: nil,
expectedContainerUser: nil, expectedContainerUser: nil,
expectedPSP: "", expectedPSP: "",
}, },
@ -430,38 +416,32 @@ func TestAdmitPreferNonmutating(t *testing.T) {
pod: gcChangedPod.DeepCopy(), pod: gcChangedPod.DeepCopy(),
podBeforeUpdate: unprivilegedRunAsAnyPod.DeepCopy(), podBeforeUpdate: unprivilegedRunAsAnyPod.DeepCopy(),
psps: []*extensions.PodSecurityPolicy{mutating2, mutating1}, psps: []*extensions.PodSecurityPolicy{mutating2, mutating1},
shouldPassAdmit: true,
shouldPassValidate: true, shouldPassValidate: true,
expectMutation: false, expectMutation: false,
expectedPodUser: nil,
expectedContainerUser: nil, expectedContainerUser: nil,
expectedPSP: "", expectedPSP: "",
}, },
} }
for k, v := range tests { for k, v := range tests {
testPSPAdmitAdvanced(k, v.operation, v.psps, nil, &user.DefaultInfo{}, v.pod, v.podBeforeUpdate, v.shouldPassAdmit, v.shouldPassValidate, v.expectMutation, v.expectedPSP, t) testPSPAdmitAdvanced(k, v.operation, v.psps, nil, &user.DefaultInfo{}, v.pod, v.podBeforeUpdate, true, v.shouldPassValidate, v.expectMutation, v.expectedPSP, t)
if v.shouldPassAdmit { actualPodUser := (*int64)(nil)
actualPodUser := (*int64)(nil) if v.pod.Spec.SecurityContext != nil {
if v.pod.Spec.SecurityContext != nil { actualPodUser = v.pod.Spec.SecurityContext.RunAsUser
actualPodUser = v.pod.Spec.SecurityContext.RunAsUser }
} if actualPodUser != nil {
if (actualPodUser == nil) != (v.expectedPodUser == nil) { t.Errorf("%s expected pod user nil, got %v", k, *actualPodUser)
t.Errorf("%s expected pod user %v, got %v", k, v.expectedPodUser, actualPodUser) }
} else if actualPodUser != nil && *actualPodUser != *v.expectedPodUser {
t.Errorf("%s expected pod user %v, got %v", k, *v.expectedPodUser, *actualPodUser)
}
actualContainerUser := (*int64)(nil) actualContainerUser := (*int64)(nil)
if v.pod.Spec.Containers[0].SecurityContext != nil { if v.pod.Spec.Containers[0].SecurityContext != nil {
actualContainerUser = v.pod.Spec.Containers[0].SecurityContext.RunAsUser actualContainerUser = v.pod.Spec.Containers[0].SecurityContext.RunAsUser
} }
if (actualContainerUser == nil) != (v.expectedContainerUser == nil) { if (actualContainerUser == nil) != (v.expectedContainerUser == nil) {
t.Errorf("%s expected container user %v, got %v", k, v.expectedContainerUser, actualContainerUser) t.Errorf("%s expected container user %v, got %v", k, v.expectedContainerUser, actualContainerUser)
} else if actualContainerUser != nil && *actualContainerUser != *v.expectedContainerUser { } else if actualContainerUser != nil && *actualContainerUser != *v.expectedContainerUser {
t.Errorf("%s expected container user %v, got %v", k, *v.expectedContainerUser, *actualContainerUser) t.Errorf("%s expected container user %v, got %v", k, *v.expectedContainerUser, *actualContainerUser)
}
} }
} }
} }