mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 19:56:01 +00:00
Merge pull request #104551 from Elbehery/unprivileged_storage_client
[sig-storage] Run storage e2e test_client_pod as privileged
This commit is contained in:
commit
d5de03f0d3
@ -368,6 +368,16 @@ func runVolumeTesterPod(client clientset.Interface, timeouts *framework.TimeoutC
|
||||
var gracePeriod int64 = 1
|
||||
var command string
|
||||
|
||||
/**
|
||||
This condition fixes running storage e2e tests in SELinux environment.
|
||||
HostPath Volume Plugin creates a directory within /tmp on host machine, to be mounted as volume.
|
||||
Inject-pod writes content to the volume, and a client-pod tries the read the contents and verify.
|
||||
When SELinux is enabled on the host, client-pod can not read the content, with permission denied.
|
||||
Invoking client-pod as privileged, so that it can access the volume content, even when SELinux is enabled on the host.
|
||||
*/
|
||||
if config.Prefix == "hostpathsymlink" || config.Prefix == "hostpath" {
|
||||
privileged = true
|
||||
}
|
||||
command = "while true ; do sleep 2; done "
|
||||
seLinuxOptions := &v1.SELinuxOptions{Level: "s0:c0,c1"}
|
||||
clientPod := &v1.Pod{
|
||||
|
Loading…
Reference in New Issue
Block a user