[go: nahoru, domu]
Skip to content

Commit

Permalink
genpolicy: toggle containerd pull in tests
Browse files Browse the repository at this point in the history 
Add v1 image test case

Fixes: #9144

Signed-off-by: Saul Paredes <saulparedes@microsoft.com>
  • Loading branch information
@Redent0r
Redent0r committed Feb 29, 2024
1 parent b2398a0 commit 2831777
Show file tree
Hide file tree
Showing 4 changed files with 50 additions and 2 deletions.
32 changes: 32 additions & 0 deletions tests/integration/kubernetes/k8s-pod-v1.bats
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
#!/usr/bin/env bats
#
# Copyright (c) 2023 Microsoft.
#
# SPDX-License-Identifier: Apache-2.0
#

load "${BATS_TEST_DIRNAME}/../../common.bash"
load "${BATS_TEST_DIRNAME}/tests_common.sh"

setup() {
get_pod_config_dir
pod_name="nginxhttps"
pod_yaml="${pod_config_dir}/pod-v1.yaml"
policy_settings_dir="$(create_tmp_policy_settings_dir "${pod_config_dir}")"
auto_generate_policy "${policy_settings_dir}" "${pod_yaml}"
}

@test "Deploy v1 pod" {

kubectl create -f "${pod_yaml}"

# Wait for pod to start
kubectl wait --for=condition=Ready --timeout=$timeout pod "$pod_name"
}

teardown() {
# Debugging information
kubectl describe "pod/$pod_name"

kubectl delete pod "$pod_name"
}
1 change: 1 addition & 0 deletions tests/integration/kubernetes/run_kubernetes_tests.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ else
"k8s-optional-empty-secret.bats" \
"k8s-pid-ns.bats" \
"k8s-pod-quota.bats" \
"k8s-pod-v1.bats" \
"k8s-port-forward.bats" \
"k8s-projected-volume.bats" \
"k8s-qos-pods.bats" \
Expand Down
13 changes: 13 additions & 0 deletions tests/integration/kubernetes/runtimeclass_workloads/pod-v1.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
apiVersion: v1
kind: Pod
metadata:
name: nginxhttps

spec:
runtimeClassName: kata
containers:
- name: nginxhttps
image: "docker.io/bprashanth/nginxhttps:1.0"
ports:
- containerPort: 80
6 changes: 4 additions & 2 deletions tests/integration/kubernetes/tests_common.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,9 @@ create_common_genpolicy_settings() {

# Set the default namespace of Kata CI tests in the genpolicy settings.
set_namespace_to_policy_settings "${genpolicy_settings_dir}" "${TEST_CLUSTER_NAMESPACE}"

# allow genpolicy to access containerd without sudo
sudo chown "$(whoami)" /var/run/containerd/containerd.sock
}

# If auto-generated policy testing is enabled, make a copy of the common genpolicy settings
Expand Down Expand Up @@ -166,8 +169,7 @@ auto_generate_policy() {
declare -r config_map_yaml_file="$3"

auto_generate_policy_enabled || return 0

local genpolicy_command="RUST_LOG=info /opt/kata/bin/genpolicy -u -y ${yaml_file}"
local genpolicy_command="RUST_LOG=info /opt/kata/bin/genpolicy -ud -y ${yaml_file}"
genpolicy_command+=" -p ${settings_dir}/rules.rego"
genpolicy_command+=" -j ${settings_dir}/genpolicy-settings.json"

Expand Down

0 comments on commit 2831777

Please sign in to comment.