From 1aae8311e903d1c5731e272577cf3c933c0b1e4d Mon Sep 17 00:00:00 2001 From: Gaelle Fournier Date: Thu, 14 Sep 2023 17:18:25 +0200 Subject: [PATCH] feat(e2e): Check install operator SecurityContext --- e2e/install/cli/install_test.go | 10 ++++++++++ e2e/support/test_support.go | 10 ++++++++++ 2 files changed, 20 insertions(+) diff --git a/e2e/install/cli/install_test.go b/e2e/install/cli/install_test.go index d39d104c69..b90f0116dc 100644 --- a/e2e/install/cli/install_test.go +++ b/e2e/install/cli/install_test.go @@ -55,6 +55,16 @@ func TestBasicInstallation(t *testing.T) { Eventually(PlatformConditionStatus(ns, v1.IntegrationPlatformConditionReady), TestTimeoutShort). Should(Equal(corev1.ConditionTrue)) + // Check if default security context has been applyed + Eventually(OperatorPodHas(ns, func(pod *corev1.Pod) bool { + if pod.Spec.Containers == nil || len(pod.Spec.Containers) == 0 { + return false + } + // exclude user for openshift + pod.Spec.Containers[0].SecurityContext.RunAsUser = nil + return reflect.DeepEqual(pod.Spec.Containers[0].SecurityContext, kubernetes.DefaultOperatorSecurityContext()) + }), TestTimeoutShort).Should(BeTrue()) + t.Run("run yaml", func(t *testing.T) { Expect(KamelRunWithID(operatorID, ns, "files/yaml.yaml").Execute()).To(Succeed()) Eventually(IntegrationPodPhase(ns, "yaml"), TestTimeoutLong).Should(Equal(corev1.PodRunning)) diff --git a/e2e/support/test_support.go b/e2e/support/test_support.go index 05fc4fb466..83a8935a77 100644 --- a/e2e/support/test_support.go +++ b/e2e/support/test_support.go @@ -1341,6 +1341,16 @@ func OperatorImage(ns string) func() string { } } +func OperatorPodHas(ns string, predicate func(pod *corev1.Pod) bool) func() bool { + return func() bool { + pod := OperatorPod(ns)() + if pod == nil { + return false + } + return predicate(pod) + } +} + func OperatorPodPhase(ns string) func() corev1.PodPhase { return func() corev1.PodPhase { pod := OperatorPod(ns)()