Skip to content

Commit 0016ceb

Browse files
php-coderphp-coder
committed
admission_test.go(testSCCAdmission): modify to signalize about errors.
1 parent 0ea1b36 commit 0016ceb

File tree

1 file changed

+9
-16
lines changed

1 file changed

+9
-16
lines changed

pkg/security/admission/admission_test.go

+9-16
Original file line numberDiff line numberDiff line change
@@ -265,19 +265,10 @@ func TestAdmitSuccess(t *testing.T) {
265265
if i == 0 {
266266
containers = v.pod.Spec.InitContainers
267267
}
268-
attrs := kadmission.NewAttributesRecord(v.pod, nil, kapi.Kind("Pod").WithVersion("version"), v.pod.Namespace, v.pod.Name, kapi.Resource("pods").WithVersion("version"), "", kadmission.Create, &user.DefaultInfo{})
269-
err := p.Admit(attrs)
270-
271-
if err != nil {
272-
t.Fatalf("%s expected no errors but received %v", k, err)
273-
}
274268

275-
validatedSCC, ok := v.pod.Annotations[allocator.ValidatedSCCAnnotation]
276-
if !ok {
277-
t.Errorf("%s expected to find the validated annotation on the pod for the scc but found none", k)
278-
}
279-
if validatedSCC != saSCC.Name {
280-
t.Errorf("%s should have validated against %s but found %s", k, saSCC.Name, validatedSCC)
269+
hasErrors := testSCCAdmission(v.pod, p, saSCC.Name, k, t)
270+
if hasErrors {
271+
continue
281272
}
282273

283274
if !reflect.DeepEqual(v.expectedPodSC, v.pod.Spec.SecurityContext) {
@@ -939,23 +930,25 @@ func TestAdmitSeccomp(t *testing.T) {
939930
}
940931

941932
// testSCCAdmission is a helper to admit the pod and ensure it was validated against the expected
942-
// SCC.
943-
func testSCCAdmission(pod *kapi.Pod, plugin kadmission.Interface, expectedSCC, testName string, t *testing.T) {
933+
// SCC. Returns true when errors have been encountered.
934+
func testSCCAdmission(pod *kapi.Pod, plugin kadmission.Interface, expectedSCC, testName string, t *testing.T) bool {
944935
attrs := kadmission.NewAttributesRecord(pod, nil, kapi.Kind("Pod").WithVersion("version"), pod.Namespace, pod.Name, kapi.Resource("pods").WithVersion("version"), "", kadmission.Create, &user.DefaultInfo{})
945936
err := plugin.Admit(attrs)
946937
if err != nil {
947938
t.Errorf("%s error admitting pod: %v", testName, err)
948-
return
939+
return true
949940
}
950941

951942
validatedSCC, ok := pod.Annotations[allocator.ValidatedSCCAnnotation]
952943
if !ok {
953944
t.Errorf("expected %q to find the validated annotation on the pod for the scc but found none", testName)
954-
return
945+
return true
955946
}
956947
if validatedSCC != expectedSCC {
957948
t.Errorf("%q should have validated against %s but found %s", testName, expectedSCC, validatedSCC)
949+
return true
958950
}
951+
return false
959952
}
960953

961954
func laxSCC() *securityapi.SecurityContextConstraints {

0 commit comments

Comments
 (0)