From 50859e8c92a39b87ad91f14d01908a259a0602ce Mon Sep 17 00:00:00 2001
From: Cédric Ollivier <cedric.ollivier@orange.com>
Date: Fri, 12 Jan 2024 21:00:04 +0100
Subject: Remove Hostpath testing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

It's against Security Standards as explained in [1].
"Using the hostPath volume type presents many security risks.
If you can avoid using a hostPath volume, you should."

It basically asks for the profile Privileged
"pod-security.kubernetes.io/enforce": "privileged

[1] https://kubernetes.io/docs/concepts/storage/volumes/#hostpath

Change-Id: I89e35f11ab7917b904ac474401bf609ad9c5dd3d
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
---
 functest_kubernetes/rally/all-in-one.yaml | 25 -------------------------
 1 file changed, 25 deletions(-)

diff --git a/functest_kubernetes/rally/all-in-one.yaml b/functest_kubernetes/rally/all-in-one.yaml
index db30194e..380666d9 100644
--- a/functest_kubernetes/rally/all-in-one.yaml
+++ b/functest_kubernetes/rally/all-in-one.yaml
@@ -166,31 +166,6 @@ subtasks:
         count: {{ namespaces_count }}
         with_serviceaccount: true
 
-  - title: >-
-      Run a single workload with create/read/check/delete pod with hostPath
-      volume
-    scenario:
-      Kubernetes.create_and_delete_pod_with_hostpath_volume:
-        image: {{ dockerhub_repo }}/busybox:1.28
-        command:
-          - sleep
-          - "3600"
-        mount_path: /opt/check
-        check_cmd:
-          - ls
-          - /opt/check
-        error_regexp: No such file
-        volume_type: Directory
-        volume_path: /tmp/
-    runner:
-      constant:
-        concurrency: {{ concurrency }}
-        times: {{ times }}
-    contexts:
-      namespaces:
-        count: {{ namespaces_count }}
-        with_serviceaccount: true
-
   - title:
       Run a single workload with create/read/delete pod with configMap volume
     scenario:
-- 
cgit 1.2.3-korg