From f51843c57d28653f74ff15781016d88de9462acc Mon Sep 17 00:00:00 2001 From: Slava Semushin Date: Tue, 14 Nov 2017 18:19:07 +0100 Subject: [PATCH] admission_test.go(TestAdmitFailure): reduce code by (enchancing and) using existing function. --- pkg/security/admission/admission_test.go | 31 ++++++------------------ 1 file changed, 7 insertions(+), 24 deletions(-) diff --git a/pkg/security/admission/admission_test.go b/pkg/security/admission/admission_test.go index 07e0de4d0106..0cbe833d9a14 100644 --- a/pkg/security/admission/admission_test.go +++ b/pkg/security/admission/admission_test.go @@ -532,30 +532,8 @@ func TestAdmitFailure(t *testing.T) { // now add an escalated scc to the group and re-run the cases that expected failure, they should // now pass by validating against the escalated scc. - adminSCC := &securityapi.SecurityContextConstraints{ - ObjectMeta: metav1.ObjectMeta{ - Name: "scc-admin", - }, - AllowPrivilegedContainer: true, - AllowHostNetwork: true, - AllowHostPorts: true, - AllowHostPID: true, - AllowHostIPC: true, - RunAsUser: securityapi.RunAsUserStrategyOptions{ - Type: securityapi.RunAsUserStrategyRunAsAny, - }, - SELinuxContext: securityapi.SELinuxContextStrategyOptions{ - Type: securityapi.SELinuxStrategyRunAsAny, - }, - FSGroup: securityapi.FSGroupStrategyOptions{ - Type: securityapi.FSGroupStrategyRunAsAny, - }, - SupplementalGroups: securityapi.SupplementalGroupsStrategyOptions{ - Type: securityapi.SupplementalGroupsStrategyRunAsAny, - }, - Groups: []string{"system:serviceaccounts"}, - } - + adminSCC := laxSCC() + adminSCC.Name = "scc-admin" indexer.Add(adminSCC) for i := 0; i < 2; i++ { @@ -1141,6 +1119,11 @@ func laxSCC() *securityapi.SecurityContextConstraints { ObjectMeta: metav1.ObjectMeta{ Name: "lax", }, + AllowPrivilegedContainer: true, + AllowHostNetwork: true, + AllowHostPorts: true, + AllowHostPID: true, + AllowHostIPC: true, RunAsUser: securityapi.RunAsUserStrategyOptions{ Type: securityapi.RunAsUserStrategyRunAsAny, },