aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorCédric Ollivier <cedric.ollivier@orange.com>2024-01-12 21:00:04 +0100
committerCédric Ollivier <cedric.ollivier@orange.com>2024-01-12 22:23:06 +0100
commit767cb9d833f7dfb12c16b291981ad71fa368a4d8 (patch)
tree7ca1c383d385a4b5cdf532ff16547e9844e18fdb
parent8f277a9677eaaadb904da860c5edcfec0fce8216 (diff)
Remove Hostpath testing
It's against Security Standards as explained in [1]. "Using the hostPath volume type presents many security risks. If you can avoid using a hostPath volume, you should." It basically asks for the profile Privileged "pod-security.kubernetes.io/enforce": "privileged [1] https://kubernetes.io/docs/concepts/storage/volumes/#hostpath Change-Id: I89e35f11ab7917b904ac474401bf609ad9c5dd3d Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com> (cherry picked from commit 50859e8c92a39b87ad91f14d01908a259a0602ce)
-rw-r--r--functest_kubernetes/rally/all-in-one.yaml25
1 files changed, 0 insertions, 25 deletions
diff --git a/functest_kubernetes/rally/all-in-one.yaml b/functest_kubernetes/rally/all-in-one.yaml
index db30194e..380666d9 100644
--- a/functest_kubernetes/rally/all-in-one.yaml
+++ b/functest_kubernetes/rally/all-in-one.yaml
@@ -166,31 +166,6 @@ subtasks:
count: {{ namespaces_count }}
with_serviceaccount: true
- - title: >-
- Run a single workload with create/read/check/delete pod with hostPath
- volume
- scenario:
- Kubernetes.create_and_delete_pod_with_hostpath_volume:
- image: {{ dockerhub_repo }}/busybox:1.28
- command:
- - sleep
- - "3600"
- mount_path: /opt/check
- check_cmd:
- - ls
- - /opt/check
- error_regexp: No such file
- volume_type: Directory
- volume_path: /tmp/
- runner:
- constant:
- concurrency: {{ concurrency }}
- times: {{ times }}
- contexts:
- namespaces:
- count: {{ namespaces_count }}
- with_serviceaccount: true
-
- title:
Run a single workload with create/read/delete pod with configMap volume
scenario: