github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix pod security policy capability test.

pull/6/head
Lantao Liu 2018-01-27 01:43:01 +00:00
parent 67a5a26673
commit 49dfaec72e
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
test/e2e/auth/pod_security_policy.go
View File

@ -235,10 +235,10 @@ func testPrivilegedPods(f *framework.Framework, tester func(pod *v1.Pod)) {
tester(unconfined) tester(unconfined)
}) })
By("Running a CAP_SYS_ADMIN pod", func() { By("Running a SYS_ADMIN pod", func() {
sysadmin := restrictedPod(f, "sysadmin") sysadmin := restrictedPod(f, "sysadmin")
sysadmin.Spec.Containers[0].SecurityContext.Capabilities = &v1.Capabilities{ sysadmin.Spec.Containers[0].SecurityContext.Capabilities = &v1.Capabilities{
Add: []v1.Capability{"CAP_SYS_ADMIN"}, Add: []v1.Capability{"SYS_ADMIN"},
} }
sysadmin.Spec.Containers[0].SecurityContext.AllowPrivilegeEscalation = nil sysadmin.Spec.Containers[0].SecurityContext.AllowPrivilegeEscalation = nil
tester(sysadmin) tester(sysadmin)