From ee817fc945cd4c62cc4e3054063bdb9f44bea7ba Mon Sep 17 00:00:00 2001 From: Iryna Shustava Date: Tue, 24 Aug 2021 15:49:19 -0600 Subject: [PATCH] Re-enable psps in accceptance tests (#629) --- .../consul/test/acceptance/framework/consul/consul_cluster.go | 2 +- charts/consul/test/acceptance/framework/helpers/helpers.go | 2 +- charts/consul/test/terraform/gke/main.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/consul/test/acceptance/framework/consul/consul_cluster.go b/charts/consul/test/acceptance/framework/consul/consul_cluster.go index 1b32400f449b..8a5c29a63f00 100644 --- a/charts/consul/test/acceptance/framework/consul/consul_cluster.go +++ b/charts/consul/test/acceptance/framework/consul/consul_cluster.go @@ -356,7 +356,7 @@ func configurePodSecurityPolicies(t *testing.T, client kubernetes.Interface, cfg Name: "test-psp", }, Spec: policyv1beta.PodSecurityPolicySpec{ - Privileged: false, + Privileged: true, AllowedCapabilities: []corev1.Capability{"NET_ADMIN"}, SELinux: policyv1beta.SELinuxStrategyOptions{ Rule: policyv1beta.SELinuxStrategyRunAsAny, diff --git a/charts/consul/test/acceptance/framework/helpers/helpers.go b/charts/consul/test/acceptance/framework/helpers/helpers.go index 242d527f448d..df8ae218a3c0 100644 --- a/charts/consul/test/acceptance/framework/helpers/helpers.go +++ b/charts/consul/test/acceptance/framework/helpers/helpers.go @@ -37,7 +37,7 @@ func WaitForAllPodsToBeReady(t *testing.T, client kubernetes.Interface, namespac // Wait up to 15m. // On Azure, volume provisioning can sometimes take close to 5 min, // so we need to give a bit more time for pods to become healthy. - counter := &retry.Counter{Count: 180, Wait: 5 * time.Second} + counter := &retry.Counter{Count: 180, Wait: 1 * time.Second} retry.RunWith(counter, t, func(r *retry.R) { pods, err := client.CoreV1().Pods(namespace).List(context.Background(), metav1.ListOptions{LabelSelector: podLabelSelector}) require.NoError(r, err) diff --git a/charts/consul/test/terraform/gke/main.tf b/charts/consul/test/terraform/gke/main.tf index 5dccf255bedf..a6c294e2e6dc 100644 --- a/charts/consul/test/terraform/gke/main.tf +++ b/charts/consul/test/terraform/gke/main.tf @@ -26,7 +26,7 @@ resource "google_container_cluster" "cluster" { node_version = data.google_container_engine_versions.main.latest_master_version pod_security_policy_config { - enabled = false # Helm does not currently work with pod security policies enabled, the acceptance tests fail with this enabled. Re-enable after fixing. + enabled = true } resource_labels = var.labels