projected_combined.go

Documentation: k8s.io/kubernetes/test/e2e/common/storage

     1  /*
     2  Copyright 2014 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package storage
    18  
    19  import (
    20  	"context"
    21  	"fmt"
    22  
    23  	v1 "k8s.io/api/core/v1"
    24  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    25  	"k8s.io/apimachinery/pkg/util/uuid"
    26  	"k8s.io/kubernetes/test/e2e/framework"
    27  	e2epodoutput "k8s.io/kubernetes/test/e2e/framework/pod/output"
    28  	imageutils "k8s.io/kubernetes/test/utils/image"
    29  	admissionapi "k8s.io/pod-security-admission/api"
    30  
    31  	"github.com/onsi/ginkgo/v2"
    32  )
    33  
    34  var _ = SIGDescribe("Projected combined", func() {
    35  	f := framework.NewDefaultFramework("projected")
    36  	f.NamespacePodSecurityLevel = admissionapi.LevelBaseline
    37  
    38  	// Test multiple projections
    39  	/*
    40  	   Release: v1.9
    41  	   Testname: Projected Volume, multiple projections
    42  	   Description: A Pod is created with a projected volume source for secrets, configMap and downwardAPI with pod name, cpu and memory limits and cpu and memory requests. Pod MUST be able to read the secrets, configMap values and the cpu and memory limits as well as cpu and memory requests from the mounted DownwardAPIVolumeFiles.
    43  	*/
    44  	framework.ConformanceIt("should project all components that make up the projection API [Projection]", f.WithNodeConformance(), func(ctx context.Context) {
    45  		var err error
    46  		podName := "projected-volume-" + string(uuid.NewUUID())
    47  		secretName := "secret-projected-all-test-volume-" + string(uuid.NewUUID())
    48  		configMapName := "configmap-projected-all-test-volume-" + string(uuid.NewUUID())
    49  		configMap := &v1.ConfigMap{
    50  			ObjectMeta: metav1.ObjectMeta{
    51  				Namespace: f.Namespace.Name,
    52  				Name:      configMapName,
    53  			},
    54  			Data: map[string]string{
    55  				"configmap-data": "configmap-value-1",
    56  			},
    57  		}
    58  		secret := &v1.Secret{
    59  			ObjectMeta: metav1.ObjectMeta{
    60  				Namespace: f.Namespace.Name,
    61  				Name:      secretName,
    62  			},
    63  			Data: map[string][]byte{
    64  				"secret-data": []byte("secret-value-1"),
    65  			},
    66  		}
    67  
    68  		ginkgo.By(fmt.Sprintf("Creating configMap with name %s", configMap.Name))
    69  		if configMap, err = f.ClientSet.CoreV1().ConfigMaps(f.Namespace.Name).Create(ctx, configMap, metav1.CreateOptions{}); err != nil {
    70  			framework.Failf("unable to create test configMap %s: %v", configMap.Name, err)
    71  		}
    72  		ginkgo.By(fmt.Sprintf("Creating secret with name %s", secret.Name))
    73  		if secret, err = f.ClientSet.CoreV1().Secrets(f.Namespace.Name).Create(ctx, secret, metav1.CreateOptions{}); err != nil {
    74  			framework.Failf("unable to create test secret %s: %v", secret.Name, err)
    75  		}
    76  
    77  		pod := projectedAllVolumeBasePod(podName, secretName, configMapName, nil, nil)
    78  		pod.Spec.Containers = []v1.Container{
    79  			{
    80  				Name:    "projected-all-volume-test",
    81  				Image:   imageutils.GetE2EImage(imageutils.BusyBox),
    82  				Command: []string{"sh", "-c", "cat /all/podname && cat /all/secret-data && cat /all/configmap-data"},
    83  				VolumeMounts: []v1.VolumeMount{
    84  					{
    85  						Name:      "podinfo",
    86  						MountPath: "/all",
    87  						ReadOnly:  false,
    88  					},
    89  				},
    90  			},
    91  		}
    92  		e2epodoutput.TestContainerOutput(ctx, f, "Check all projections for projected volume plugin", pod, 0, []string{
    93  			podName,
    94  			"secret-value-1",
    95  			"configmap-value-1",
    96  		})
    97  	})
    98  })
    99  
   100  func projectedAllVolumeBasePod(podName string, secretName string, configMapName string, labels, annotations map[string]string) *v1.Pod {
   101  	pod := &v1.Pod{
   102  		ObjectMeta: metav1.ObjectMeta{
   103  			Name:        podName,
   104  			Labels:      labels,
   105  			Annotations: annotations,
   106  		},
   107  		Spec: v1.PodSpec{
   108  			Volumes: []v1.Volume{
   109  				{
   110  					Name: "podinfo",
   111  					VolumeSource: v1.VolumeSource{
   112  						Projected: &v1.ProjectedVolumeSource{
   113  							Sources: []v1.VolumeProjection{
   114  								{
   115  									DownwardAPI: &v1.DownwardAPIProjection{
   116  										Items: []v1.DownwardAPIVolumeFile{
   117  											{
   118  												Path: "podname",
   119  												FieldRef: &v1.ObjectFieldSelector{
   120  													APIVersion: "v1",
   121  													FieldPath:  "metadata.name",
   122  												},
   123  											},
   124  										},
   125  									},
   126  								},
   127  								{
   128  									Secret: &v1.SecretProjection{
   129  										LocalObjectReference: v1.LocalObjectReference{
   130  											Name: secretName,
   131  										},
   132  									},
   133  								},
   134  								{
   135  									ConfigMap: &v1.ConfigMapProjection{
   136  										LocalObjectReference: v1.LocalObjectReference{
   137  											Name: configMapName,
   138  										},
   139  									},
   140  								},
   141  							},
   142  						},
   143  					},
   144  				},
   145  			},
   146  			RestartPolicy: v1.RestartPolicyNever,
   147  		},
   148  	}
   149  
   150  	return pod
   151  }
   152
View as plain text