Merge pull request #66842 from hanxiaoshuai/cleanup0801

Automatic merge from submit-queue (batch tested with PRs 65297, 67179, 67116, 67011, 66842). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. clean up unused parameter in func restrictedPod and testPrivilegedPods **What this PR does / why we need it**: clean up unused parameter in func restrictedPod and testPrivilegedPods **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes # **Special notes for your reviewer**: /kind cleanup **Release note**: ```release-note NONE ```
2018-08-09 08:39:41 -07:00 · 2018-08-09 08:39:41 -07:00 · a224e53dab
parent d04d7b4db2 7e61ea9e72
commit a224e53dab
1 changed files with 17 additions and 17 deletions
--- a/test/e2e/auth/pod_security_policy.go
+++ b/test/e2e/auth/pod_security_policy.go
@ -75,7 +75,7 @@ var _ = SIGDescribe("PodSecurityPolicy", func() {

 	It("should forbid pod creation when no PSP is available", func() {
 		By("Running a restricted pod")
-		_, err := c.CoreV1().Pods(ns).Create(restrictedPod(f, "restricted"))
+		_, err := c.CoreV1().Pods(ns).Create(restrictedPod("restricted"))
 		expectForbidden(err)
 	})

@ -87,11 +87,11 @@ var _ = SIGDescribe("PodSecurityPolicy", func() {
 		defer cleanup()

 		By("Running a restricted pod")
-		pod, err := c.CoreV1().Pods(ns).Create(restrictedPod(f, "allowed"))
+		pod, err := c.CoreV1().Pods(ns).Create(restrictedPod("allowed"))
 		framework.ExpectNoError(err)
 		framework.ExpectNoError(framework.WaitForPodNameRunningInNamespace(c, pod.Name, pod.Namespace))

-		testPrivilegedPods(f, func(pod *v1.Pod) {
+		testPrivilegedPods(func(pod *v1.Pod) {
 			_, err := c.CoreV1().Pods(ns).Create(pod)
 			expectForbidden(err)
 		})
@ -103,11 +103,11 @@ var _ = SIGDescribe("PodSecurityPolicy", func() {
 		defer cleanup()

 		By("Running a restricted pod")
-		pod, err := c.CoreV1().Pods(ns).Create(restrictedPod(f, "allowed"))
+		pod, err := c.CoreV1().Pods(ns).Create(restrictedPod("allowed"))
 		framework.ExpectNoError(err)
 		framework.ExpectNoError(framework.WaitForPodNameRunningInNamespace(c, pod.Name, pod.Namespace))

-		testPrivilegedPods(f, func(pod *v1.Pod) {
+		testPrivilegedPods(func(pod *v1.Pod) {
 			_, err := c.CoreV1().Pods(ns).Create(pod)
 			expectForbidden(err)
 		})
@ -121,7 +121,7 @@ var _ = SIGDescribe("PodSecurityPolicy", func() {
 		expectedPSP, cleanup := createAndBindPSP(f, framework.PrivilegedPSP("permissive"))
 		defer cleanup()

-		testPrivilegedPods(f, func(pod *v1.Pod) {
+		testPrivilegedPods(func(pod *v1.Pod) {
 			p, err := c.CoreV1().Pods(ns).Create(pod)
 			framework.ExpectNoError(err)
 			framework.ExpectNoError(framework.WaitForPodNameRunningInNamespace(c, p.Name, p.Namespace))
@ -143,7 +143,7 @@ var _ = SIGDescribe("PodSecurityPolicy", func() {
 		expectedPSP, cleanup := createAndBindPSPInPolicy(f, privilegedPSPInPolicy("permissive"))
 		defer cleanup()

-		testPrivilegedPods(f, func(pod *v1.Pod) {
+		testPrivilegedPods(func(pod *v1.Pod) {
 			p, err := c.CoreV1().Pods(ns).Create(pod)
 			framework.ExpectNoError(err)
 			framework.ExpectNoError(framework.WaitForPodNameRunningInNamespace(c, p.Name, p.Namespace))
@ -163,16 +163,16 @@ func expectForbidden(err error) {
 	Expect(apierrs.IsForbidden(err)).To(BeTrue(), "should be forbidden error")
 }

-func testPrivilegedPods(f *framework.Framework, tester func(pod *v1.Pod)) {
+func testPrivilegedPods(tester func(pod *v1.Pod)) {
 	By("Running a privileged pod", func() {
-		privileged := restrictedPod(f, "privileged")
+		privileged := restrictedPod("privileged")
 		privileged.Spec.Containers[0].SecurityContext.Privileged = boolPtr(true)
 		privileged.Spec.Containers[0].SecurityContext.AllowPrivilegeEscalation = nil
 		tester(privileged)
 	})

 	By("Running a HostPath pod", func() {
-		hostpath := restrictedPod(f, "hostpath")
+		hostpath := restrictedPod("hostpath")
 		hostpath.Spec.Containers[0].VolumeMounts = []v1.VolumeMount{{
 			Name:      "hp",
 			MountPath: "/hp",
@ -187,26 +187,26 @@ func testPrivilegedPods(f *framework.Framework, tester func(pod *v1.Pod)) {
 	})

 	By("Running a HostNetwork pod", func() {
-		hostnet := restrictedPod(f, "hostnet")
+		hostnet := restrictedPod("hostnet")
 		hostnet.Spec.HostNetwork = true
 		tester(hostnet)
 	})

 	By("Running a HostPID pod", func() {
-		hostpid := restrictedPod(f, "hostpid")
+		hostpid := restrictedPod("hostpid")
 		hostpid.Spec.HostPID = true
 		tester(hostpid)
 	})

 	By("Running a HostIPC pod", func() {
-		hostipc := restrictedPod(f, "hostipc")
+		hostipc := restrictedPod("hostipc")
 		hostipc.Spec.HostIPC = true
 		tester(hostipc)
 	})

 	if common.IsAppArmorSupported() {
 		By("Running a custom AppArmor profile pod", func() {
-			aa := restrictedPod(f, "apparmor")
+			aa := restrictedPod("apparmor")
 			// Every node is expected to have the docker-default profile.
 			aa.Annotations[apparmor.ContainerAnnotationKeyPrefix+"pause"] = "localhost/docker-default"
 			tester(aa)
@ -214,13 +214,13 @@ func testPrivilegedPods(f *framework.Framework, tester func(pod *v1.Pod)) {
 	}

 	By("Running an unconfined Seccomp pod", func() {
-		unconfined := restrictedPod(f, "seccomp")
+		unconfined := restrictedPod("seccomp")
 		unconfined.Annotations[v1.SeccompPodAnnotationKey] = "unconfined"
 		tester(unconfined)
 	})

 	By("Running a SYS_ADMIN pod", func() {
-		sysadmin := restrictedPod(f, "sysadmin")
+		sysadmin := restrictedPod("sysadmin")
 		sysadmin.Spec.Containers[0].SecurityContext.Capabilities = &v1.Capabilities{
 			Add: []v1.Capability{"SYS_ADMIN"},
 		}
@ -311,7 +311,7 @@ func createAndBindPSPInPolicy(f *framework.Framework, pspTemplate *policy.PodSec
 	}
 }

-func restrictedPod(f *framework.Framework, name string) *v1.Pod {
+func restrictedPod(name string) *v1.Pod {
 	return &v1.Pod{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: name,