origin
origin copied to clipboard
openshift
CNTRLPLANE-55: test for minimally sufficient pss
What
Add tests that the setting of the minimally sufficient PodSecurityStandard annotation works
Why
Because we want to protect the feature from breaking.
@ibihim: This pull request references CNTRLPLANE-55 which is a valid jira issue.
Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.20.0" version, but no target version was set.
In response to this:
What
Add tests that the setting of the minimally sufficient PodSecurityStandard annotation works
Why
Because we want to protect the feature from breaking.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.
[APPROVALNOTIFIER] This PR is NOT APPROVED
This pull-request has been approved by: ibihim Once this PR has been reviewed and has the lgtm label, please assign neisw for approval. For more information see the Code Review Process.
The full list of commands accepted by this bot can be found here.
Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
![openshift-ci[bot] avatar](https://avatars.githubusercontent.com/in/91280?v=4 "Published by a pub.dev verified publisher"){kind=small}
Risk analysis has seen new tests most likely introduced by this PR. Please ensure that new tests meet guidelines for naming and stability.
New tests seen in this PR at sha: 77b723be387dc43d31e919995b43812af6fa1d8b
- "[sig-auth][Feature:PodSecurity] with baseline level should set correct MinimallySufficientPodSecurityStandard, even though PSA label is set to Baseline [Suite:openshift/conformance/parallel]" [Total: 21, Pass: 21, Fail: 0, Flake: 1]
- "[sig-auth][Feature:PodSecurity] with restricted level restricted-v2 SCC should mutate empty securityContext to match restricted PSa profile [Suite:openshift/conformance/parallel]" [Total: 21, Pass: 21, Fail: 0, Flake: 0]
![openshift-trt[bot] avatar](https://avatars.githubusercontent.com/u/111778100?v=4 "Published by a pub.dev verified publisher"){kind=small}
PR needs rebase.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
@ibihim: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:
| Test name | Commit | Details | Required | Rerun command |
|---|---|---|---|---|
| ci/prow/e2e-aws-ovn-serial-publicnet | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-aws-ovn-serial-publicnet |
| ci/prow/e2e-gcp-disruptive | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-gcp-disruptive |
| ci/prow/e2e-aws-ovn-single-node-serial | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-aws-ovn-single-node-serial |
| ci/prow/e2e-vsphere-ovn-etcd-scaling | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-vsphere-ovn-etcd-scaling |
| ci/prow/4.12-upgrade-from-stable-4.11-e2e-aws-ovn-upgrade-rollback | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test 4.12-upgrade-from-stable-4.11-e2e-aws-ovn-upgrade-rollback |
| ci/prow/okd-e2e-gcp | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test okd-e2e-gcp |
| ci/prow/e2e-aws-disruptive | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-aws-disruptive |
| ci/prow/e2e-metal-ipi-serial-ovn-ipv6 | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-metal-ipi-serial-ovn-ipv6 |
| ci/prow/e2e-aws-ovn-etcd-scaling | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-aws-ovn-etcd-scaling |
| ci/prow/e2e-gcp-fips-serial | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-gcp-fips-serial |
| ci/prow/e2e-aws-ovn-single-node | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-aws-ovn-single-node |
| ci/prow/e2e-vsphere-ovn-dualstack-primaryv6 | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-vsphere-ovn-dualstack-primaryv6 |
| ci/prow/e2e-azure-ovn-upgrade | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-azure-ovn-upgrade |
| ci/prow/e2e-gcp-ovn-etcd-scaling | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-gcp-ovn-etcd-scaling |
| ci/prow/e2e-openstack-serial | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-openstack-serial |
| ci/prow/e2e-azure-ovn-etcd-scaling | 77b723be387dc43d31e919995b43812af6fa1d8b | link | false | /test e2e-azure-ovn-etcd-scaling |
| ci/prow/e2e-gcp-csi | 77b723be387dc43d31e919995b43812af6fa1d8b | link | true | /test e2e-gcp-csi |
| ci/prow/e2e-aws-csi | 77b723be387dc43d31e919995b43812af6fa1d8b | link | true | /test e2e-aws-csi |
| ci/prow/go-verify-deps | 77b723be387dc43d31e919995b43812af6fa1d8b | link | true | /test go-verify-deps |
| ci/prow/e2e-aws-ovn-microshift-serial | 77b723be387dc43d31e919995b43812af6fa1d8b | link | true | /test e2e-aws-ovn-microshift-serial |
| ci/prow/e2e-aws-ovn-microshift | 77b723be387dc43d31e919995b43812af6fa1d8b | link | true | /test e2e-aws-ovn-microshift |
| ci/prow/e2e-metal-ipi-ovn-ipv6 | 77b723be387dc43d31e919995b43812af6fa1d8b | link | true | /test e2e-metal-ipi-ovn-ipv6 |
Full PR test history. Your PR dashboard.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.