diff --git a/pkg/securitycontext/util_test.go b/pkg/securitycontext/util_test.go index 1b89adcd893f8..5cc3fa71ada85 100644 --- a/pkg/securitycontext/util_test.go +++ b/pkg/securitycontext/util_test.go @@ -178,56 +178,39 @@ func TestHasRootRunAsUser(t *testing.T) { } func TestAddNoNewPrivileges(t *testing.T) { - var nonRoot int64 = 1000 - var root int64 = 0 pfalse := false ptrue := true tests := map[string]struct { - sc v1.SecurityContext + sc *v1.SecurityContext expect bool }{ - "allowPrivilegeEscalation nil security context nil": {}, - "allowPrivilegeEscalation nil nonRoot": { - sc: v1.SecurityContext{ - RunAsUser: &nonRoot, - }, - }, - "allowPrivilegeEscalation nil root": { - sc: v1.SecurityContext{ - RunAsUser: &root, - }, + "allowPrivilegeEscalation nil security context nil": { + sc: nil, + expect: false, }, - "allowPrivilegeEscalation false nonRoot": { - sc: v1.SecurityContext{ - RunAsUser: &nonRoot, - AllowPrivilegeEscalation: &pfalse, + "allowPrivilegeEscalation nil": { + sc: &v1.SecurityContext{ + AllowPrivilegeEscalation: nil, }, - expect: true, + expect: false, }, - "allowPrivilegeEscalation false root": { - sc: v1.SecurityContext{ - RunAsUser: &root, + "allowPrivilegeEscalation false": { + sc: &v1.SecurityContext{ AllowPrivilegeEscalation: &pfalse, }, expect: true, }, - "allowPrivilegeEscalation true nonRoot": { - sc: v1.SecurityContext{ - RunAsUser: &nonRoot, - AllowPrivilegeEscalation: &ptrue, - }, - }, - "allowPrivilegeEscalation true root": { - sc: v1.SecurityContext{ - RunAsUser: &root, + "allowPrivilegeEscalation true": { + sc: &v1.SecurityContext{ AllowPrivilegeEscalation: &ptrue, }, + expect: false, }, } for k, v := range tests { - actual := AddNoNewPrivileges(&v.sc) + actual := AddNoNewPrivileges(v.sc) if actual != v.expect { t.Errorf("%s failed, expected %t but received %t", k, v.expect, actual) }