Add ut coverage for capabilities.Setup (#125395)

* Add ut coverage for capabilities.Setup * Update pkg/capabilities/capabilities_test.go Co-authored-by: Ed Bartosh <eduard.bartosh@intel.com> * Add ut coverage for capabilities.Setup Signed-off-by: robert-cronin <robert.owen.cronin@gmail.com> --------- Signed-off-by: robert-cronin <robert.owen.cronin@gmail.com> Co-authored-by: Ed Bartosh <eduard.bartosh@intel.com>
2025-11-01 02:38:12 +00:00 · 2024-10-18 04:23:03 +11:00
parent 4cf9bff9eb
commit cdbfbde4aa
4 changed files with 66 additions and 21 deletions
--- a/pkg/apis/core/validation/validation_test.go
+++ b/pkg/apis/core/validation/validation_test.go
@@ -8323,7 +8323,8 @@ func TestValidateLinuxPodSecurityContext(t *testing.T) {

 func TestValidateContainers(t *testing.T) {
 	volumeDevices := make(map[string]core.VolumeSource)
-	capabilities.SetForTests(capabilities.Capabilities{
+	capabilities.ResetForTest()
+	capabilities.Initialize(capabilities.Capabilities{
 		AllowPrivileged: true,
 	})

@@ -8526,7 +8527,8 @@ func TestValidateContainers(t *testing.T) {
 		t.Errorf("expected success: %v", errs)
 	}

-	capabilities.SetForTests(capabilities.Capabilities{
+	capabilities.ResetForTest()
+	capabilities.Initialize(capabilities.Capabilities{
 		AllowPrivileged: false,
 	})
 	errorCases := []struct {
@@ -9151,7 +9153,8 @@ func TestValidateContainers(t *testing.T) {

 func TestValidateInitContainers(t *testing.T) {
 	volumeDevices := make(map[string]core.VolumeSource)
-	capabilities.SetForTests(capabilities.Capabilities{
+	capabilities.ResetForTest()
+	capabilities.Initialize(capabilities.Capabilities{
 		AllowPrivileged: true,
 	})

@@ -9229,7 +9232,8 @@ func TestValidateInitContainers(t *testing.T) {
 		t.Errorf("expected success: %v", errs)
 	}

-	capabilities.SetForTests(capabilities.Capabilities{
+	capabilities.ResetForTest()
+	capabilities.Initialize(capabilities.Capabilities{
 		AllowPrivileged: false,
 	})
 	errorCases := []struct {
@@ -14508,7 +14512,8 @@ func TestValidatePodEphemeralContainersUpdate(t *testing.T) {

 	// Some tests use Windows host pods as an example of fields that might
 	// conflict between an ephemeral container and the rest of the pod.
-	capabilities.SetForTests(capabilities.Capabilities{
+	capabilities.ResetForTest()
+	capabilities.Initialize(capabilities.Capabilities{
 		AllowPrivileged: true,
 	})
 	makeWindowsHostPod := func(ephemeralContainers []core.EphemeralContainer) *core.Pod {
@@ -20996,7 +21001,8 @@ func TestValidateSecurityContext(t *testing.T) {
 		},
 	}
 	for k, v := range errorCases {
-		capabilities.SetForTests(capabilities.Capabilities{
+		capabilities.ResetForTest()
+		capabilities.Initialize(capabilities.Capabilities{
 			AllowPrivileged: v.capAllowPriv,
 		})
 		// note the unconditional `true` here for hostUsers. The failure case to test for ProcMount only includes it being true,
@@ -23649,8 +23655,8 @@ func TestValidateWindowsHostProcessPod(t *testing.T) {

 	for _, testCase := range testCases {
 		t.Run(testCase.name, func(t *testing.T) {
-
-			capabilities.SetForTests(capabilities.Capabilities{
+			capabilities.ResetForTest()
+			capabilities.Initialize(capabilities.Capabilities{
 				AllowPrivileged: testCase.allowPrivileged,
 			})