spolti commented on code in PR #239:
URL:
https://github.com/apache/incubator-kie-kogito-serverless-operator/pull/239#discussion_r1341744493
##########
test/e2e/workflow_test.go:
##########
@@ -36,139 +32,122 @@ import (
. "github.com/onsi/gomega"
)
-// namespace store the ns where the Operator and Operand will be executed
-const namespace = "sonataflow-operator-system"
-
-const (
- minikubePlatform = "minikube"
- openshiftPlatform = "openshift"
-)
+var _ = Describe("SonataFlow Operator", Serial, func() {
+
+ Describe("ensure that Operator and Operand(s) can run in restricted
namespaces", Ordered, func() {
+ It("Prepare the environment", func() {
+ // Now, let's ensure that all namespaces can raise a
Warn when we apply the manifests
+ // and that the namespace where the Operator and
Operand will run are enforced as
+ // restricted so that we can ensure that both can be
admitted and run with the enforcement
+
+ // See:
https://kubernetes.io/docs/tutorials/security/seccomp/
+
+ /*
+ TODO: Uncomment to enable when
https://issues.redhat.com/browse/KOGITO-9110 will be available
+ By("labeling all namespaces to warn
when we apply the manifest if would violate the PodStandards")
+ cmd = exec.Command("kubectl", "label",
"--overwrite", "ns", "--all",
+
"pod-security.kubernetes.io/audit=restricted",
+
"pod-security.kubernetes.io/enforce-version=v1.22",
+
"pod-security.kubernetes.io/warn=restricted")
+ _, err := utils.Run(cmd)
+ ExpectWithOffset(1,
err).NotTo(HaveOccurred())
+
+ By("labeling enforce the namespace
where the Operator and Operand(s) will run")
+ cmd = exec.Command("kubectl", "label",
"--overwrite", "ns", namespace,
+
"pod-security.kubernetes.io/audit=restricted",
+
"pod-security.kubernetes.io/enforce-version=v1.22",
+
"pod-security.kubernetes.io/enforce=restricted")
+ _, err = utils.Run(cmd)
+ Expect(err).To(Not(HaveOccurred()))
+
+ */
+
+ var controllerPodName string
+ operatorImageName, err := utils.GetOperatorImageName()
+ ExpectWithOffset(1, err).NotTo(HaveOccurred())
-var _ = Describe("SonataFlow Operator", Ordered, func() {
+ By("deploying the controller-manager")
+ cmd := exec.Command("make", "deploy",
fmt.Sprintf("IMG=%s", operatorImageName))
- BeforeAll(func() {
Review Comment:
no, as I changed the main e2e to be serial, instead, each e2e test will have
its own environment preparation running in order.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
