test/e2e: drop the pod security admission hack

The Kubernetes e2e framework now supports setting the pod security level.
kubernetes-sigs · Aug 26, 2024 · 94bda00 · 94bda00
1 parent 8c3cb31
commit 94bda00
Showing 1 changed file with 2 additions and 8 deletions.
diff --git a/test/e2e/node_feature_discovery_test.go b/test/e2e/node_feature_discovery_test.go
@@ -200,6 +200,8 @@ func cleanupCRs(ctx context.Context, cli *nfdclient.Clientset, namespace string)
 // Actual test suite
 var _ = NFDDescribe(Label("nfd-master"), func() {
 	f := framework.NewDefaultFramework("node-feature-discovery")
+	// nfd-worker needs host mounts
+	f.NamespacePodSecurityLevel = admissionapi.LevelPrivileged
 
 	Context("when deploying a single nfd-master pod", Ordered, func() {
 		var (
@@ -234,14 +236,6 @@ var _ = NFDDescribe(Label("nfd-master"), func() {
 		})
 
 		JustBeforeEach(func(ctx context.Context) {
-			// Drop the pod security admission label as nfd-worker needs host mounts
-			if _, ok := f.Namespace.Labels[admissionapi.EnforceLevelLabel]; ok {
-				framework.Logf("Deleting %s label from the test namespace", admissionapi.EnforceLevelLabel)
-				delete(f.Namespace.Labels, admissionapi.EnforceLevelLabel)
-				_, err := f.ClientSet.CoreV1().Namespaces().Update(ctx, f.Namespace, metav1.UpdateOptions{})
-				Expect(err).NotTo(HaveOccurred())
-			}
-
 			err := testutils.ConfigureRBAC(ctx, f.ClientSet, f.Namespace.Name)
 			Expect(err).NotTo(HaveOccurred())