aboutsummaryrefslogtreecommitdiffstats
path: root/functest_kubernetes
diff options
context:
space:
mode:
authorCédric Ollivier <cedric.ollivier@orange.com>2024-01-12 21:00:04 +0100
committerCédric Ollivier <cedric.ollivier@orange.com>2024-01-12 21:11:31 +0100
commit50859e8c92a39b87ad91f14d01908a259a0602ce (patch)
treeed917e3859209ebbfd45b30316a92a4cb8dc0a81 /functest_kubernetes
parenteaea540c2f3a19ba13b69c3624f2d26c15d0f875 (diff)
Remove Hostpath testing
It's against Security Standards as explained in [1]. "Using the hostPath volume type presents many security risks. If you can avoid using a hostPath volume, you should." It basically asks for the profile Privileged "pod-security.kubernetes.io/enforce": "privileged [1] https://kubernetes.io/docs/concepts/storage/volumes/#hostpath Change-Id: I89e35f11ab7917b904ac474401bf609ad9c5dd3d Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
Diffstat (limited to 'functest_kubernetes')
-rw-r--r--functest_kubernetes/rally/all-in-one.yaml25
1 files changed, 0 insertions, 25 deletions
diff --git a/functest_kubernetes/rally/all-in-one.yaml b/functest_kubernetes/rally/all-in-one.yaml
index db30194e..380666d9 100644
--- a/functest_kubernetes/rally/all-in-one.yaml
+++ b/functest_kubernetes/rally/all-in-one.yaml
@@ -166,31 +166,6 @@ subtasks:
count: {{ namespaces_count }}
with_serviceaccount: true
- - title: >-
- Run a single workload with create/read/check/delete pod with hostPath
- volume
- scenario:
- Kubernetes.create_and_delete_pod_with_hostpath_volume:
- image: {{ dockerhub_repo }}/busybox:1.28
- command:
- - sleep
- - "3600"
- mount_path: /opt/check
- check_cmd:
- - ls
- - /opt/check
- error_regexp: No such file
- volume_type: Directory
- volume_path: /tmp/
- runner:
- constant:
- concurrency: {{ concurrency }}
- times: {{ times }}
- contexts:
- namespaces:
- count: {{ namespaces_count }}
- with_serviceaccount: true
-
- title:
Run a single workload with create/read/delete pod with configMap volume
scenario: