mirror of https://github.com/k3s-io/k3s
test/e2e/auth: fix audit log test format parsing
Eric Chiang
parent
0d17e9deb7
commit
21666682eb
|
|
@ -29,6 +29,7 @@ go_library(
|
|||
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
|
||||
"//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
|
||||
"//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
|
||||
"//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library",
|
||||
"//vendor/k8s.io/client-go/kubernetes:go_default_library",
|
||||
"//vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1:go_default_library",
|
||||
"//vendor/k8s.io/client-go/rest:go_default_library",
|
||||
|
|
|
|||
|
|
@ -18,11 +18,13 @@ package auth
|
|||
|
||||
import (
|
||||
"bufio"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"strings"
|
||||
|
||||
apiv1 "k8s.io/api/core/v1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apiserver/pkg/apis/audit/v1beta1"
|
||||
"k8s.io/kubernetes/test/e2e/framework"
|
||||
|
||||
. "github.com/onsi/ginkgo"
|
||||
|
|
@ -66,10 +68,6 @@ var _ = SIGDescribe("Advanced Audit [Feature:Audit]", func() {
|
|||
err = f.ClientSet.Core().Secrets(f.Namespace.Name).Delete(secret.Name, &metav1.DeleteOptions{})
|
||||
framework.ExpectNoError(err, "failed to delete audit-secret")
|
||||
|
||||
// /version should not be audited
|
||||
_, err = f.ClientSet.Core().RESTClient().Get().AbsPath("/version").DoRaw()
|
||||
framework.ExpectNoError(err, "failed to query version")
|
||||
|
||||
expectedEvents := []auditEvent{{
|
||||
method: "create",
|
||||
namespace: namespace,
|
||||
|
|
@ -126,9 +124,6 @@ func expectAuditLines(f *framework.Framework, expected []auditEvent) {
|
|||
if _, found := expectations[event]; found {
|
||||
expectations[event] = true
|
||||
}
|
||||
|
||||
// /version should not be audited (filtered in the policy).
|
||||
Expect(event.uri).NotTo(HavePrefix("/version"))
|
||||
}
|
||||
framework.ExpectNoError(scanner.Err(), "error reading audit log")
|
||||
|
||||
|
|
@ -138,6 +133,21 @@ func expectAuditLines(f *framework.Framework, expected []auditEvent) {
|
|||
}
|
||||
|
||||
func parseAuditLine(line string) (auditEvent, error) {
|
||||
var e v1beta1.Event
|
||||
if err := json.Unmarshal([]byte(line), &e); err == nil {
|
||||
event := auditEvent{
|
||||
method: e.Verb,
|
||||
uri: e.RequestURI,
|
||||
}
|
||||
if e.ObjectRef != nil {
|
||||
event.namespace = e.ObjectRef.Namespace
|
||||
}
|
||||
if e.ResponseStatus != nil {
|
||||
event.response = fmt.Sprintf("%d", e.ResponseStatus.Code)
|
||||
}
|
||||
return event, nil
|
||||
}
|
||||
|
||||
fields := strings.Fields(line)
|
||||
if len(fields) < 3 {
|
||||
return auditEvent{}, fmt.Errorf("could not parse audit line: %s", line)
|
||||
|
|
|
|||
Loading…
Reference in New Issue