kublet/userns: Test error messages on init failures

This adds a test for the just added wrapping error message, as well as for the other already present error messages that initialization can fail with. Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
2025-08-05 10:19:50 +00:00 · 2024-01-19 16:18:12 +01:00 · 2024-01-19 16:18:12 +01:00 · cae710d9e9
commit cae710d9e9
parent a56d483df0
1 changed files with 36 additions and 0 deletions
--- a/pkg/kubelet/userns/userns_manager_test.go
+++ b/pkg/kubelet/userns/userns_manager_test.go
@ -18,6 +18,7 @@ package userns

 import (
 	"fmt"
+	"os"
 	"testing"

 	"github.com/stretchr/testify/assert"
@ -360,3 +361,38 @@ func TestRecordMaxPods(t *testing.T) {
 	err = m.record(types.UID(fmt.Sprintf("%d", maxPods+1)), uint32((maxPods+1)*65536), 65536)
 	assert.Error(t, err)
 }
+
+type failingUserNsPodsManager struct {
+	testUserNsPodsManager
+}
+
+func (m *failingUserNsPodsManager) ListPodsFromDisk() ([]types.UID, error) {
+	return nil, os.ErrPermission
+}
+
+func TestMakeUserNsManagerFailsListPod(t *testing.T) {
+	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, pkgfeatures.UserNamespacesSupport, true)()
+
+	testUserNsPodsManager := &failingUserNsPodsManager{}
+	_, err := MakeUserNsManager(testUserNsPodsManager)
+	assert.Error(t, err)
+	assert.ErrorContains(t, err, "read pods from disk")
+}
+
+func TestMakeUserNsManagerFailsPodRecord(t *testing.T) {
+	defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, pkgfeatures.UserNamespacesSupport, true)()
+
+	testUserNsPodsManager := &testUserNsPodsManager{
+		podList: []types.UID{"pod-1", "pod-2"},
+		podDir:  t.TempDir(),
+	}
+
+	// Remove read/execute permissions from this directory.
+	if err := os.Chmod(testUserNsPodsManager.podDir, 0222); err != nil {
+		t.Fatal(err)
+	}
+
+	_, err := MakeUserNsManager(testUserNsPodsManager)
+	assert.Error(t, err)
+	assert.ErrorContains(t, err, "record pod mappings")
+}