Skip to content

Commit 2166668

Browse files
ericchiangericchiang
committed
test/e2e/auth: fix audit log test format parsing
1 parent 0d17e9d commit 2166668

File tree

2 files changed

+18
-7
lines changed

2 files changed

+18
-7
lines changed

test/e2e/auth/BUILD

+1
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ go_library(
2929
"//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
3030
"//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
3131
"//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
32+
"//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library",
3233
"//vendor/k8s.io/client-go/kubernetes:go_default_library",
3334
"//vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1:go_default_library",
3435
"//vendor/k8s.io/client-go/rest:go_default_library",

test/e2e/auth/audit.go

+17-7
Original file line numberDiff line numberDiff line change
@@ -18,11 +18,13 @@ package auth
1818

1919
import (
2020
"bufio"
21+
"encoding/json"
2122
"fmt"
2223
"strings"
2324

2425
apiv1 "k8s.io/api/core/v1"
2526
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
27+
"k8s.io/apiserver/pkg/apis/audit/v1beta1"
2628
"k8s.io/kubernetes/test/e2e/framework"
2729

2830
. "github.com/onsi/ginkgo"
@@ -66,10 +68,6 @@ var _ = SIGDescribe("Advanced Audit [Feature:Audit]", func() {
6668
err = f.ClientSet.Core().Secrets(f.Namespace.Name).Delete(secret.Name, &metav1.DeleteOptions{})
6769
framework.ExpectNoError(err, "failed to delete audit-secret")
6870

69-
// /version should not be audited
70-
_, err = f.ClientSet.Core().RESTClient().Get().AbsPath("/version").DoRaw()
71-
framework.ExpectNoError(err, "failed to query version")
72-
7371
expectedEvents := []auditEvent{{
7472
method: "create",
7573
namespace: namespace,
@@ -126,9 +124,6 @@ func expectAuditLines(f *framework.Framework, expected []auditEvent) {
126124
if _, found := expectations[event]; found {
127125
expectations[event] = true
128126
}
129-
130-
// /version should not be audited (filtered in the policy).
131-
Expect(event.uri).NotTo(HavePrefix("/version"))
132127
}
133128
framework.ExpectNoError(scanner.Err(), "error reading audit log")
134129

@@ -138,6 +133,21 @@ func expectAuditLines(f *framework.Framework, expected []auditEvent) {
138133
}
139134

140135
func parseAuditLine(line string) (auditEvent, error) {
136+
var e v1beta1.Event
137+
if err := json.Unmarshal([]byte(line), &e); err == nil {
138+
event := auditEvent{
139+
method: e.Verb,
140+
uri: e.RequestURI,
141+
}
142+
if e.ObjectRef != nil {
143+
event.namespace = e.ObjectRef.Namespace
144+
}
145+
if e.ResponseStatus != nil {
146+
event.response = fmt.Sprintf("%d", e.ResponseStatus.Code)
147+
}
148+
return event, nil
149+
}
150+
141151
fields := strings.Fields(line)
142152
if len(fields) < 3 {
143153
return auditEvent{}, fmt.Errorf("could not parse audit line: %s", line)

0 commit comments

Comments
 (0)