Merge pull request #51560 from ericchiang/fix-audit-log-test

Automatic merge from submit-queue (batch tested with PRs 51632, 51055, 51676, 51560, 50007) test/e2e/auth: fix audit log test format parsing Fixes #51556 ```release-note NONE ``` cc @CaoShuFeng Still need to figure out how to run this test locally.
kubernetes · Sep 1, 2017 · 7da58e2 · 7da58e2
2 parents ed53363 + 2166668
commit 7da58e2
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 7 deletions.
diff --git a/test/e2e/auth/BUILD b/test/e2e/auth/BUILD
@@ -29,6 +29,7 @@ go_library(
         "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/util/wait:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/apis/audit/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes:go_default_library",
         "//vendor/k8s.io/client-go/kubernetes/typed/certificates/v1beta1:go_default_library",
         "//vendor/k8s.io/client-go/rest:go_default_library",

diff --git a/test/e2e/auth/audit.go b/test/e2e/auth/audit.go
@@ -18,11 +18,13 @@ package auth
 
 import (
 	"bufio"
+	"encoding/json"
 	"fmt"
 	"strings"
 
 	apiv1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apiserver/pkg/apis/audit/v1beta1"
 	"k8s.io/kubernetes/test/e2e/framework"
 
 	. "github.com/onsi/ginkgo"
@@ -66,10 +68,6 @@ var _ = SIGDescribe("Advanced Audit [Feature:Audit]", func() {
 		err = f.ClientSet.Core().Secrets(f.Namespace.Name).Delete(secret.Name, &metav1.DeleteOptions{})
 		framework.ExpectNoError(err, "failed to delete audit-secret")
 
-		// /version should not be audited
-		_, err = f.ClientSet.Core().RESTClient().Get().AbsPath("/version").DoRaw()
-		framework.ExpectNoError(err, "failed to query version")
-
 		expectedEvents := []auditEvent{{
 			method:    "create",
 			namespace: namespace,
@@ -126,9 +124,6 @@ func expectAuditLines(f *framework.Framework, expected []auditEvent) {
 		if _, found := expectations[event]; found {
 			expectations[event] = true
 		}
-
-		// /version should not be audited (filtered in the policy).
-		Expect(event.uri).NotTo(HavePrefix("/version"))
 	}
 	framework.ExpectNoError(scanner.Err(), "error reading audit log")
 
@@ -138,6 +133,21 @@ func expectAuditLines(f *framework.Framework, expected []auditEvent) {
 }
 
 func parseAuditLine(line string) (auditEvent, error) {
+	var e v1beta1.Event
+	if err := json.Unmarshal([]byte(line), &e); err == nil {
+		event := auditEvent{
+			method: e.Verb,
+			uri:    e.RequestURI,
+		}
+		if e.ObjectRef != nil {
+			event.namespace = e.ObjectRef.Namespace
+		}
+		if e.ResponseStatus != nil {
+			event.response = fmt.Sprintf("%d", e.ResponseStatus.Code)
+		}
+		return event, nil
+	}
+
 	fields := strings.Fields(line)
 	if len(fields) < 3 {
 		return auditEvent{}, fmt.Errorf("could not parse audit line: %s", line)