self._command = [kwargs.get('command', self.COMMAND_DEFAULT)]
self._args = kwargs.get('args', [])
self._volume_mounts = kwargs.get('volumeMounts', [])
+ self._security_context = kwargs.get('securityContext')
def _create_volume_mounts(self):
"""Return all "volumeMounts" items per container"""
def get_container_item(self):
"""Create a "container" item"""
container_name = '{}-container'.format(self._name)
- return {'args': self._args,
- 'command': self._command,
- 'image': self._image,
- 'name': container_name,
- 'volumeMounts': self._create_volume_mounts()}
+ container = {'args': self._args,
+ 'command': self._command,
+ 'image': self._image,
+ 'name': container_name,
+ 'volumeMounts': self._create_volume_mounts()}
+ if self._security_context:
+ container['securityContext'] = self._security_context
+ return container
class KubernetesObject(object):
self.node_selector = parameters.pop('nodeSelector', {})
self.ssh_key = parameters.pop('ssh_key', self.SSHKEY_DEFAULT)
self._volumes = parameters.pop('volumes', [])
+ self._security_context = parameters.pop('securityContext', None)
containers = parameters.pop('containers', None)
if containers:
self._add_containers()
self._add_node_selector()
self._add_volumes()
+ self._add_security_context()
def get_template(self):
return self.template
return {'name': name,
type_name: type_data}
+ def _add_security_context(self):
+ if self._security_context:
+ utils.set_dict_value(self.template,
+ 'spec.template.spec.securityContext',
+ self._security_context)
+
class ServiceObject(object):
with self.assertRaises(exceptions.KubernetesTemplateInvalidVolumeType):
kubernetes.KubernetesObject._create_volume_item(volume)
+ def test__add_security_context(self):
+ k8s_obj = kubernetes.KubernetesObject('pod_name')
+ self.assertNotIn('securityContext',
+ k8s_obj.template['spec']['template']['spec'])
+
+ k8s_obj._security_context = {'key_pod': 'value_pod'}
+ k8s_obj._add_security_context()
+ self.assertEqual(
+ {'key_pod': 'value_pod'},
+ k8s_obj.template['spec']['template']['spec']['securityContext'])
+
+ def test__add_security_context_by_init(self):
+ containers = []
+ for i in range(5):
+ containers.append(
+ {'securityContext': {'key%s' % i: 'value%s' % i}})
+ _kwargs = {'containers': containers,
+ 'securityContext': {'key_pod': 'value_pod'}}
+ k8s_obj = kubernetes.KubernetesObject('pod_name', **_kwargs)
+ self.assertEqual(
+ {'key_pod': 'value_pod'},
+ k8s_obj.template['spec']['template']['spec']['securityContext'])
+ for i in range(5):
+ container = (
+ k8s_obj.template['spec']['template']['spec']['containers'][i])
+ self.assertEqual({'key%s' % i: 'value%s' % i},
+ container['securityContext'])
+
class ContainerObjectTestCase(base.BaseUnitTestCase):
'name': 'cname-container',
'volumeMounts': container_obj._create_volume_mounts()}
self.assertEqual(expected, container_obj.get_container_item())
+
+ def test_get_container_item_with_security_context(self):
+ volume_mount = {'name': 'fake_name',
+ 'mountPath': 'fake_path'}
+ args = ['arg1', 'arg2']
+ container_obj = kubernetes.ContainerObject(
+ 'cname', ssh_key='fake_sshkey', volumeMount=[volume_mount],
+ args=args, securityContext={'key': 'value'})
+ expected = {'args': args,
+ 'command': [kubernetes.ContainerObject.COMMAND_DEFAULT],
+ 'image': kubernetes.ContainerObject.IMAGE_DEFAULT,
+ 'name': 'cname-container',
+ 'volumeMounts': container_obj._create_volume_mounts(),
+ 'securityContext': {'key': 'value'}}
+ self.assertEqual(expected, container_obj.get_container_item())
Code Review / yardstick.git / commitdiff