k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/test/e2e/common/storage/projected_combined.go (about) 1 /* 2 Copyright 2014 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package storage 18 19 import ( 20 "context" 21 "fmt" 22 23 v1 "k8s.io/api/core/v1" 24 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 25 "k8s.io/apimachinery/pkg/util/uuid" 26 "k8s.io/kubernetes/test/e2e/framework" 27 e2epodoutput "k8s.io/kubernetes/test/e2e/framework/pod/output" 28 imageutils "k8s.io/kubernetes/test/utils/image" 29 admissionapi "k8s.io/pod-security-admission/api" 30 31 "github.com/onsi/ginkgo/v2" 32 ) 33 34 var _ = SIGDescribe("Projected combined", func() { 35 f := framework.NewDefaultFramework("projected") 36 f.NamespacePodSecurityLevel = admissionapi.LevelBaseline 37 38 // Test multiple projections 39 /* 40 Release: v1.9 41 Testname: Projected Volume, multiple projections 42 Description: A Pod is created with a projected volume source for secrets, configMap and downwardAPI with pod name, cpu and memory limits and cpu and memory requests. Pod MUST be able to read the secrets, configMap values and the cpu and memory limits as well as cpu and memory requests from the mounted DownwardAPIVolumeFiles. 43 */ 44 framework.ConformanceIt("should project all components that make up the projection API [Projection]", f.WithNodeConformance(), func(ctx context.Context) { 45 var err error 46 podName := "projected-volume-" + string(uuid.NewUUID()) 47 secretName := "secret-projected-all-test-volume-" + string(uuid.NewUUID()) 48 configMapName := "configmap-projected-all-test-volume-" + string(uuid.NewUUID()) 49 configMap := &v1.ConfigMap{ 50 ObjectMeta: metav1.ObjectMeta{ 51 Namespace: f.Namespace.Name, 52 Name: configMapName, 53 }, 54 Data: map[string]string{ 55 "configmap-data": "configmap-value-1", 56 }, 57 } 58 secret := &v1.Secret{ 59 ObjectMeta: metav1.ObjectMeta{ 60 Namespace: f.Namespace.Name, 61 Name: secretName, 62 }, 63 Data: map[string][]byte{ 64 "secret-data": []byte("secret-value-1"), 65 }, 66 } 67 68 ginkgo.By(fmt.Sprintf("Creating configMap with name %s", configMap.Name)) 69 if configMap, err = f.ClientSet.CoreV1().ConfigMaps(f.Namespace.Name).Create(ctx, configMap, metav1.CreateOptions{}); err != nil { 70 framework.Failf("unable to create test configMap %s: %v", configMap.Name, err) 71 } 72 ginkgo.By(fmt.Sprintf("Creating secret with name %s", secret.Name)) 73 if secret, err = f.ClientSet.CoreV1().Secrets(f.Namespace.Name).Create(ctx, secret, metav1.CreateOptions{}); err != nil { 74 framework.Failf("unable to create test secret %s: %v", secret.Name, err) 75 } 76 77 pod := projectedAllVolumeBasePod(podName, secretName, configMapName, nil, nil) 78 pod.Spec.Containers = []v1.Container{ 79 { 80 Name: "projected-all-volume-test", 81 Image: imageutils.GetE2EImage(imageutils.BusyBox), 82 Command: []string{"sh", "-c", "cat /all/podname && cat /all/secret-data && cat /all/configmap-data"}, 83 VolumeMounts: []v1.VolumeMount{ 84 { 85 Name: "podinfo", 86 MountPath: "/all", 87 ReadOnly: false, 88 }, 89 }, 90 }, 91 } 92 e2epodoutput.TestContainerOutput(ctx, f, "Check all projections for projected volume plugin", pod, 0, []string{ 93 podName, 94 "secret-value-1", 95 "configmap-value-1", 96 }) 97 }) 98 }) 99 100 func projectedAllVolumeBasePod(podName string, secretName string, configMapName string, labels, annotations map[string]string) *v1.Pod { 101 pod := &v1.Pod{ 102 ObjectMeta: metav1.ObjectMeta{ 103 Name: podName, 104 Labels: labels, 105 Annotations: annotations, 106 }, 107 Spec: v1.PodSpec{ 108 Volumes: []v1.Volume{ 109 { 110 Name: "podinfo", 111 VolumeSource: v1.VolumeSource{ 112 Projected: &v1.ProjectedVolumeSource{ 113 Sources: []v1.VolumeProjection{ 114 { 115 DownwardAPI: &v1.DownwardAPIProjection{ 116 Items: []v1.DownwardAPIVolumeFile{ 117 { 118 Path: "podname", 119 FieldRef: &v1.ObjectFieldSelector{ 120 APIVersion: "v1", 121 FieldPath: "metadata.name", 122 }, 123 }, 124 }, 125 }, 126 }, 127 { 128 Secret: &v1.SecretProjection{ 129 LocalObjectReference: v1.LocalObjectReference{ 130 Name: secretName, 131 }, 132 }, 133 }, 134 { 135 ConfigMap: &v1.ConfigMapProjection{ 136 LocalObjectReference: v1.LocalObjectReference{ 137 Name: configMapName, 138 }, 139 }, 140 }, 141 }, 142 }, 143 }, 144 }, 145 }, 146 RestartPolicy: v1.RestartPolicyNever, 147 }, 148 } 149 150 return pod 151 }