From e68cc0a6eda8bdf3c8f65397bc5007fd9afd9c07 Mon Sep 17 00:00:00 2001 From: carlory Date: Fri, 17 Jan 2025 15:35:26 +0800 Subject: [PATCH] remove feature label FSGroup --- test/e2e/auth/service_accounts.go | 4 +--- test/e2e/common/storage/configmap_volume.go | 8 +++----- test/e2e/common/storage/downwardapi_volume.go | 6 ++---- test/e2e/common/storage/empty_dir.go | 4 +--- test/e2e/common/storage/projected_configmap.go | 8 +++----- test/e2e/common/storage/projected_downwardapi.go | 6 ++---- test/e2e/feature/feature.go | 3 --- test/e2e/nodefeature/nodefeature.go | 3 --- 8 files changed, 12 insertions(+), 30 deletions(-) diff --git a/test/e2e/auth/service_accounts.go b/test/e2e/auth/service_accounts.go index db39c114d07..39a2c901ab9 100644 --- a/test/e2e/auth/service_accounts.go +++ b/test/e2e/auth/service_accounts.go @@ -38,13 +38,11 @@ import ( watch "k8s.io/apimachinery/pkg/watch" "k8s.io/client-go/util/retry" "k8s.io/kubernetes/plugin/pkg/admission/serviceaccount" - "k8s.io/kubernetes/test/e2e/feature" "k8s.io/kubernetes/test/e2e/framework" e2ekubectl "k8s.io/kubernetes/test/e2e/framework/kubectl" e2epod "k8s.io/kubernetes/test/e2e/framework/pod" e2eoutput "k8s.io/kubernetes/test/e2e/framework/pod/output" e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper" - "k8s.io/kubernetes/test/e2e/nodefeature" imageutils "k8s.io/kubernetes/test/utils/image" admissionapi "k8s.io/pod-security-admission/api" utilptr "k8s.io/utils/pointer" @@ -365,7 +363,7 @@ var _ = SIGDescribe("ServiceAccounts", func() { Containers MUST verify that the projected service account token can be read and has correct file mode set including ownership and permission. */ - f.It("should set ownership and permission when RunAsUser or FsGroup is present [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should set ownership and permission when RunAsUser or FsGroup is present [LinuxOnly]", func(ctx context.Context) { e2eskipper.SkipIfNodeOSDistroIs("windows") var ( diff --git a/test/e2e/common/storage/configmap_volume.go b/test/e2e/common/storage/configmap_volume.go index c7912f4aa1e..bfdf085f787 100644 --- a/test/e2e/common/storage/configmap_volume.go +++ b/test/e2e/common/storage/configmap_volume.go @@ -27,12 +27,10 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" - "k8s.io/kubernetes/test/e2e/feature" "k8s.io/kubernetes/test/e2e/framework" e2epod "k8s.io/kubernetes/test/e2e/framework/pod" e2epodoutput "k8s.io/kubernetes/test/e2e/framework/pod/output" e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper" - "k8s.io/kubernetes/test/e2e/nodefeature" imageutils "k8s.io/kubernetes/test/utils/image" admissionapi "k8s.io/pod-security-admission/api" ) @@ -61,7 +59,7 @@ var _ = SIGDescribe("ConfigMap", func() { doConfigMapE2EWithoutMappings(ctx, f, false, 0, &defaultMode) }) - f.It("should be consumable from pods in volume as non-root with defaultMode and fsGroup set [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should be consumable from pods in volume as non-root with defaultMode and fsGroup set [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options, and it does not support setting file permissions. e2eskipper.SkipIfNodeOSDistroIs("windows") defaultMode := int32(0440) /* setting fsGroup sets mode to at least 440 */ @@ -77,7 +75,7 @@ var _ = SIGDescribe("ConfigMap", func() { doConfigMapE2EWithoutMappings(ctx, f, true, 0, nil) }) - f.It("should be consumable from pods in volume as non-root with FSGroup [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should be consumable from pods in volume as non-root with FSGroup [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options. e2eskipper.SkipIfNodeOSDistroIs("windows") doConfigMapE2EWithoutMappings(ctx, f, true, 1001, nil) @@ -112,7 +110,7 @@ var _ = SIGDescribe("ConfigMap", func() { doConfigMapE2EWithMappings(ctx, f, true, 0, nil) }) - f.It("should be consumable from pods in volume with mappings as non-root with FSGroup [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should be consumable from pods in volume with mappings as non-root with FSGroup [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options. e2eskipper.SkipIfNodeOSDistroIs("windows") doConfigMapE2EWithMappings(ctx, f, true, 1001, nil) diff --git a/test/e2e/common/storage/downwardapi_volume.go b/test/e2e/common/storage/downwardapi_volume.go index 263e9d3d93e..e2334df72d9 100644 --- a/test/e2e/common/storage/downwardapi_volume.go +++ b/test/e2e/common/storage/downwardapi_volume.go @@ -25,12 +25,10 @@ import ( "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" - "k8s.io/kubernetes/test/e2e/feature" "k8s.io/kubernetes/test/e2e/framework" e2epod "k8s.io/kubernetes/test/e2e/framework/pod" e2epodoutput "k8s.io/kubernetes/test/e2e/framework/pod/output" e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper" - "k8s.io/kubernetes/test/e2e/nodefeature" imageutils "k8s.io/kubernetes/test/utils/image" admissionapi "k8s.io/pod-security-admission/api" @@ -94,7 +92,7 @@ var _ = SIGDescribe("Downward API volume", func() { }) }) - f.It("should provide podname as non-root with fsgroup [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should provide podname as non-root with fsgroup [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options. e2eskipper.SkipIfNodeOSDistroIs("windows") podName := "metadata-volume-" + string(uuid.NewUUID()) @@ -109,7 +107,7 @@ var _ = SIGDescribe("Downward API volume", func() { }) }) - f.It("should provide podname as non-root with fsgroup and defaultMode [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should provide podname as non-root with fsgroup and defaultMode [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options, and it does not support setting file permissions. e2eskipper.SkipIfNodeOSDistroIs("windows") podName := "metadata-volume-" + string(uuid.NewUUID()) diff --git a/test/e2e/common/storage/empty_dir.go b/test/e2e/common/storage/empty_dir.go index 9aab64fbe5e..7c8d5427fd9 100644 --- a/test/e2e/common/storage/empty_dir.go +++ b/test/e2e/common/storage/empty_dir.go @@ -28,12 +28,10 @@ import ( "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" - "k8s.io/kubernetes/test/e2e/feature" "k8s.io/kubernetes/test/e2e/framework" e2epod "k8s.io/kubernetes/test/e2e/framework/pod" e2epodoutput "k8s.io/kubernetes/test/e2e/framework/pod/output" e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper" - "k8s.io/kubernetes/test/e2e/nodefeature" imageutils "k8s.io/kubernetes/test/utils/image" admissionapi "k8s.io/pod-security-admission/api" ) @@ -50,7 +48,7 @@ var _ = SIGDescribe("EmptyDir volumes", func() { f := framework.NewDefaultFramework("emptydir") f.NamespacePodSecurityLevel = admissionapi.LevelBaseline - f.Context("when FSGroup is specified [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func() { + f.Context("when FSGroup is specified [LinuxOnly]", func() { ginkgo.BeforeEach(func() { // Windows does not support the FSGroup SecurityContext option. diff --git a/test/e2e/common/storage/projected_configmap.go b/test/e2e/common/storage/projected_configmap.go index 5d438153e79..a1d8dac0102 100644 --- a/test/e2e/common/storage/projected_configmap.go +++ b/test/e2e/common/storage/projected_configmap.go @@ -24,12 +24,10 @@ import ( v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" - "k8s.io/kubernetes/test/e2e/feature" "k8s.io/kubernetes/test/e2e/framework" e2epod "k8s.io/kubernetes/test/e2e/framework/pod" e2epodoutput "k8s.io/kubernetes/test/e2e/framework/pod/output" e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper" - "k8s.io/kubernetes/test/e2e/nodefeature" imageutils "k8s.io/kubernetes/test/utils/image" admissionapi "k8s.io/pod-security-admission/api" @@ -61,7 +59,7 @@ var _ = SIGDescribe("Projected configMap", func() { doProjectedConfigMapE2EWithoutMappings(ctx, f, false, 0, &defaultMode) }) - f.It("should be consumable from pods in volume as non-root with defaultMode and fsGroup set [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should be consumable from pods in volume as non-root with defaultMode and fsGroup set [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options, and it does not support setting file permissions. e2eskipper.SkipIfNodeOSDistroIs("windows") defaultMode := int32(0440) /* setting fsGroup sets mode to at least 440 */ @@ -77,7 +75,7 @@ var _ = SIGDescribe("Projected configMap", func() { doProjectedConfigMapE2EWithoutMappings(ctx, f, true, 0, nil) }) - f.It("should be consumable from pods in volume as non-root with FSGroup [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should be consumable from pods in volume as non-root with FSGroup [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options. e2eskipper.SkipIfNodeOSDistroIs("windows") doProjectedConfigMapE2EWithoutMappings(ctx, f, true, 1001, nil) @@ -112,7 +110,7 @@ var _ = SIGDescribe("Projected configMap", func() { doProjectedConfigMapE2EWithMappings(ctx, f, true, 0, nil) }) - f.It("should be consumable from pods in volume with mappings as non-root with FSGroup [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should be consumable from pods in volume with mappings as non-root with FSGroup [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options. e2eskipper.SkipIfNodeOSDistroIs("windows") doProjectedConfigMapE2EWithMappings(ctx, f, true, 1001, nil) diff --git a/test/e2e/common/storage/projected_downwardapi.go b/test/e2e/common/storage/projected_downwardapi.go index 222b5ce6a6c..78ed1c90228 100644 --- a/test/e2e/common/storage/projected_downwardapi.go +++ b/test/e2e/common/storage/projected_downwardapi.go @@ -24,12 +24,10 @@ import ( v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/uuid" - "k8s.io/kubernetes/test/e2e/feature" "k8s.io/kubernetes/test/e2e/framework" e2epod "k8s.io/kubernetes/test/e2e/framework/pod" e2epodoutput "k8s.io/kubernetes/test/e2e/framework/pod/output" e2eskipper "k8s.io/kubernetes/test/e2e/framework/skipper" - "k8s.io/kubernetes/test/e2e/nodefeature" imageutils "k8s.io/kubernetes/test/utils/image" admissionapi "k8s.io/pod-security-admission/api" @@ -94,7 +92,7 @@ var _ = SIGDescribe("Projected downwardAPI", func() { }) }) - f.It("should provide podname as non-root with fsgroup [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should provide podname as non-root with fsgroup [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options. e2eskipper.SkipIfNodeOSDistroIs("windows") podName := "metadata-volume-" + string(uuid.NewUUID()) @@ -109,7 +107,7 @@ var _ = SIGDescribe("Projected downwardAPI", func() { }) }) - f.It("should provide podname as non-root with fsgroup and defaultMode [LinuxOnly]", nodefeature.FSGroup, feature.FSGroup, func(ctx context.Context) { + f.It("should provide podname as non-root with fsgroup and defaultMode [LinuxOnly]", func(ctx context.Context) { // Windows does not support RunAsUser / FSGroup SecurityContext options, and it does not support setting file permissions. e2eskipper.SkipIfNodeOSDistroIs("windows") podName := "metadata-volume-" + string(uuid.NewUUID()) diff --git a/test/e2e/feature/feature.go b/test/e2e/feature/feature.go index e9439d69d79..04d8284f55a 100644 --- a/test/e2e/feature/feature.go +++ b/test/e2e/feature/feature.go @@ -152,9 +152,6 @@ var ( // TODO: document the feature (owning SIG, when to use this feature for a test) Flexvolumes = framework.WithFeature(framework.ValidFeatures.Add("Flexvolumes")) - // TODO: document the feature (owning SIG, when to use this feature for a test) - FSGroup = framework.WithFeature(framework.ValidFeatures.Add("FSGroup")) - // OWNER: sig-node // Testing garbage collection of images/containers GarbageCollect = framework.WithFeature(framework.ValidFeatures.Add("GarbageCollect")) diff --git a/test/e2e/nodefeature/nodefeature.go b/test/e2e/nodefeature/nodefeature.go index 5519b19e4fe..078b9d31652 100644 --- a/test/e2e/nodefeature/nodefeature.go +++ b/test/e2e/nodefeature/nodefeature.go @@ -49,9 +49,6 @@ var ( // TODO: document the feature (owning SIG, when to use this feature for a test) Eviction = framework.WithNodeFeature(framework.ValidNodeFeatures.Add("Eviction")) - // TODO: document the feature (owning SIG, when to use this feature for a test) - FSGroup = framework.WithNodeFeature(framework.ValidNodeFeatures.Add("FSGroup")) - // TODO: document the feature (owning SIG, when to use this feature for a test) GarbageCollect = framework.WithNodeFeature(framework.ValidNodeFeatures.Add("GarbageCollect"))