From ec4735ff93f109f7ba5a93762cf33c90d5a7fbbd Mon Sep 17 00:00:00 2001 From: Vincent Shen Date: Tue, 28 Nov 2023 08:16:11 -0800 Subject: [PATCH] OCP4: Fix e2e result on CIS kube file permission issues Some of the file permission issues has been addressed on OpenShift 4.14 from 644 to 600 and some of them are back ported to 4.13, let's change the expected e2e result to match that --- .../tests/ocp4/4.10.yml | 4 ++++ .../tests/ocp4/4.11.yml | 4 ++++ .../tests/ocp4/4.12.yml | 4 ++++ .../tests/ocp4/4.13.yml | 4 ++++ .../tests/ocp4/4.14.yml | 4 ++++ .../tests/ocp4/e2e.yml | 5 ----- .../master/file_permissions_etcd_member/tests/ocp4/4.10.yml | 4 ++++ .../master/file_permissions_etcd_member/tests/ocp4/4.11.yml | 4 ++++ .../master/file_permissions_etcd_member/tests/ocp4/4.12.yml | 4 ++++ .../master/file_permissions_etcd_member/tests/ocp4/4.13.yml | 4 ++++ .../master/file_permissions_etcd_member/tests/ocp4/4.14.yml | 4 ++++ .../master/file_permissions_etcd_member/tests/ocp4/e2e.yml | 5 ----- .../file_permissions_kube_apiserver/tests/ocp4/4.10.yml | 4 ++++ .../file_permissions_kube_apiserver/tests/ocp4/4.11.yml | 4 ++++ .../file_permissions_kube_apiserver/tests/ocp4/4.12.yml | 4 ++++ .../file_permissions_kube_apiserver/tests/ocp4/4.13.yml | 4 ++++ .../file_permissions_kube_apiserver/tests/ocp4/4.14.yml | 4 ++++ .../file_permissions_kube_apiserver/tests/ocp4/e2e.yml | 5 ----- .../tests/ocp4/4.10.yml | 4 ++++ .../tests/ocp4/4.11.yml | 4 ++++ .../tests/ocp4/4.12.yml | 4 ++++ .../tests/ocp4/4.13.yml | 4 ++++ .../tests/ocp4/4.14.yml | 4 ++++ .../tests/ocp4/e2e.yml | 5 ----- .../tests/ocp4/4.10.yml | 4 ++++ .../tests/ocp4/4.11.yml | 4 ++++ .../tests/ocp4/4.12.yml | 4 ++++ .../tests/ocp4/4.13.yml | 4 ++++ .../tests/ocp4/4.14.yml | 4 ++++ .../file_permissions_scheduler_kubeconfig/tests/ocp4/e2e.yml | 5 ----- 30 files changed, 100 insertions(+), 25 deletions(-) create mode 100644 applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.10.yml create mode 100644 applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.11.yml create mode 100644 applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.12.yml create mode 100644 applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.13.yml create mode 100644 applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.14.yml delete mode 100644 applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/e2e.yml create mode 100644 applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.10.yml create mode 100644 applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.11.yml create mode 100644 applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.12.yml create mode 100644 applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.13.yml create mode 100644 applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.14.yml delete mode 100644 applications/openshift/master/file_permissions_etcd_member/tests/ocp4/e2e.yml create mode 100644 applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.10.yml create mode 100644 applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.11.yml create mode 100644 applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.12.yml create mode 100644 applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.13.yml create mode 100644 applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.14.yml delete mode 100644 applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/e2e.yml create mode 100644 applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.10.yml create mode 100644 applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.11.yml create mode 100644 applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.12.yml create mode 100644 applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.13.yml create mode 100644 applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.14.yml delete mode 100644 applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/e2e.yml create mode 100644 applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.10.yml create mode 100644 applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.11.yml create mode 100644 applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.12.yml create mode 100644 applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.13.yml create mode 100644 applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.14.yml delete mode 100644 applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/e2e.yml diff --git a/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.10.yml b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.10.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.10.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.11.yml b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.11.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.11.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.12.yml b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.12.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.12.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.13.yml b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.13.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.13.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.14.yml b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.14.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/4.14.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/e2e.yml b/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/e2e.yml deleted file mode 100644 index 1669a6961b3..00000000000 --- a/applications/openshift/master/file_permissions_controller_manager_kubeconfig/tests/ocp4/e2e.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# This will fail until OpenShift 4.14 is released and used by CI. -default_result: - master: FAIL - worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.10.yml b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.10.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.10.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.11.yml b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.11.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.11.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.12.yml b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.12.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.12.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.13.yml b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.13.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.13.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.14.yml b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.14.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/4.14.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/e2e.yml b/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/e2e.yml deleted file mode 100644 index 1669a6961b3..00000000000 --- a/applications/openshift/master/file_permissions_etcd_member/tests/ocp4/e2e.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# This will fail until OpenShift 4.14 is released and used by CI. -default_result: - master: FAIL - worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.10.yml b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.10.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.10.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.11.yml b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.11.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.11.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.12.yml b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.12.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.12.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.13.yml b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.13.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.13.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.14.yml b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.14.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/4.14.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/e2e.yml b/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/e2e.yml deleted file mode 100644 index 1669a6961b3..00000000000 --- a/applications/openshift/master/file_permissions_kube_apiserver/tests/ocp4/e2e.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# This will fail until OpenShift 4.14 is released and used by CI. -default_result: - master: FAIL - worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.10.yml b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.10.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.10.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.11.yml b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.11.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.11.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.12.yml b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.12.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.12.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.13.yml b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.13.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.13.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.14.yml b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.14.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/4.14.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/e2e.yml b/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/e2e.yml deleted file mode 100644 index 1669a6961b3..00000000000 --- a/applications/openshift/master/file_permissions_kube_controller_manager/tests/ocp4/e2e.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# This will fail until OpenShift 4.14 is released and used by CI. -default_result: - master: FAIL - worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.10.yml b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.10.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.10.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.11.yml b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.11.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.11.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.12.yml b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.12.yml new file mode 100644 index 00000000000..97c9129d7ec --- /dev/null +++ b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.12.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: FAIL + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.13.yml b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.13.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.13.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.14.yml b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.14.yml new file mode 100644 index 00000000000..7f9939ad0e4 --- /dev/null +++ b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/4.14.yml @@ -0,0 +1,4 @@ +--- +default_result: + master: PASS + worker: NOT-APPLICABLE diff --git a/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/e2e.yml b/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/e2e.yml deleted file mode 100644 index 1669a6961b3..00000000000 --- a/applications/openshift/master/file_permissions_scheduler_kubeconfig/tests/ocp4/e2e.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -# This will fail until OpenShift 4.14 is released and used by CI. -default_result: - master: FAIL - worker: NOT-APPLICABLE