- APISnoop org-flow: CoreV1ServiceAccountReplaceTest.org
- Test approval issue: Write e2e test for replaceCoreV1NamespacedServiceAccount - +1 Endpoint #112822
- Test PR: Write e2e test for replaceCoreV1NamespacedServiceAccount - +1 Endpoint #112823
- Two weeks soak start date: testgrid-link 5 Oct 2022
- Two weeks soak end date: 19 Oct 2022
- Test promotion PR: Promote replaceCoreV1NamespacedServiceAccount test to Conformance - +1 Endpoint #113061
According to this APIsnoop query, there are still three remaining LimitRange endpoints which are untested.
SELECT
endpoint,
path,
kind
FROM testing.untested_stable_endpoint
where eligible is true
and endpoint ilike '%ServiceAccount%'
order by kind, endpoint desc
limit 10;
endpoint | path | kind
---------------------------------------+-------------------------------------------------------+----------------
replaceCoreV1NamespacedServiceAccount | /api/v1/namespaces/{namespace}/serviceaccounts/{name} | ServiceAccount
(1 row)
- Kubernetes API Reference Docs
- Kubernetes API / Authentication Resources / ServiceAccount
- client-go - ServiceAccount
Feature: Test replace ServiceAccount api endpoint
- replaceCoreV1NamespacedServiceAccount
Scenario: confirm that the replace action will apply to a ServiceAccount
Given the e2e test has created a ServiceAccount
And AutomountServiceAccountToken setting is updated to true from false
When the test updates the ServiceAccount
Then the requested action is accepted without any error
And the AutomountServiceAccountToken is found to be true
Using a number of existing e2e test practices a new ginkgo test has been created for one ServiceAccount endpoint. The e2e logs for this test are listed below.
[It] should update a ServiceAccount
/home/ii/go/src/k8s.io/kubernetes/test/e2e/auth/service_accounts.go:803
STEP: Creating ServiceAccount "e2e-sa-kdl2c" 10/03/22 12:36:45.522
Oct 3 12:36:45.527: INFO: AutomountServiceAccountToken: false
STEP: Updating ServiceAccount "e2e-sa-kdl2c" 10/03/22 12:36:45.527
Oct 3 12:36:45.533: INFO: AutomountServiceAccountToken: true
This query shows which ServiceAccount endpoints are hit within a short period of running this e2e test
select distinct substring(endpoint from '\w+') AS endpoint,
right(useragent,30) AS useragent
from testing.audit_event
where endpoint ilike '%ServiceAccount%'
and release_date::BIGINT > round(((EXTRACT(EPOCH FROM NOW()))::numeric)*1000,0) - 60000
and useragent like 'e2e%should%'
order by endpoint
limit 10;
endpoint | useragent
---------------------------------------+--------------------------------
createCoreV1NamespacedServiceAccount | should update a ServiceAccount
listCoreV1NamespacedServiceAccount | should update a ServiceAccount
readCoreV1NamespacedServiceAccount | should update a ServiceAccount
replaceCoreV1NamespacedServiceAccount | should update a ServiceAccount
(4 rows)
If a test with these calls gets merged, test coverage will go up by 1 point
This test is also created with the goal of conformance promotion.
/sig testing
/sig architecture
/area conformance