Skip to content

Commit 06f1b85

Browse files
committed
test: update test golden files
1 parent a7e0e3c commit 06f1b85

File tree

2 files changed

+57
-16
lines changed

2 files changed

+57
-16
lines changed

internal/templates/testdata/golden/startup-scripts.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -15,10 +15,10 @@ data:
1515
TARGET_UID=2000
1616
TARGET_GID=2000
1717
DEV_USERNAME="testuser"
18+
SA_TOKEN_PATH="/var/run/secrets/devenv/token"
1819
1920
# Path configuration
2021
PYTHON_BIN_PATH=""
21-
PYTHON_PATH="${PYTHON_BIN_PATH}/python3"
2222
ENV_INIT_SCRIPT="/home/${DEV_USERNAME}/.devenv_init.sh"
2323
ENV_BASH_SCRIPT="/home/${DEV_USERNAME}/.devenv_bash.sh"
2424
@@ -27,7 +27,7 @@ data:
2727
# === SYSTEM PACKAGE INSTALLATION ===
2828
echo "Installing core system packages..."
2929
apt-get update
30-
apt-get install -y sudo openssh-server
30+
apt-get install -y sudo openssh-server python3 python3-pip
3131
3232
# Install Homebrew dependencies if Homebrew will be installed
3333
@@ -51,7 +51,7 @@ data:
5151
usermod -l ${DEV_USERNAME} -s /bin/bash -d /home/${DEV_USERNAME} -g ${TARGET_GID} $(id -un ${TARGET_UID})
5252
else
5353
echo "Adding user ${DEV_USERNAME} with UID ${TARGET_UID}"
54-
useradd -u ${TARGET_UID} -m -s /bin/bash ${DEV_USERNAME}
54+
useradd -u ${TARGET_UID} -g ${TARGET_GID} -m -s /bin/bash ${DEV_USERNAME}
5555
fi
5656
5757
# Ensure home directory exists and has correct ownership
@@ -114,10 +114,10 @@ data:
114114
# Install common python packages from requirements.txt
115115
if [ -f /scripts/requirements.txt ]; then
116116
echo "Installing Python packages from requirements.txt"
117-
/bin/bash /scripts/run_with_git.sh ${DEV_USERNAME} ${PYTHON_PATH} -m pip install --no-user --no-cache-dir -r /scripts/requirements.txt
117+
/bin/bash /scripts/run_with_git.sh ${DEV_USERNAME} ${PYTHON_BIN_PATH} -m pip install --user --no-cache-dir -r /scripts/requirements.txt
118118
fi
119119
echo "Installing Python packages: numpy pandas"
120-
/bin/bash /scripts/run_with_git.sh ${DEV_USERNAME} ${PYTHON_PATH} -m pip install --no-user --no-cache-dir numpy pandas
120+
/bin/bash /scripts/run_with_git.sh ${DEV_USERNAME} ${PYTHON_BIN_PATH} -m pip install --no-user --no-cache-dir numpy pandas
121121
122122
echo "Section 6: Package installation complete"
123123

internal/templates/testdata/golden/statefulset.yaml

Lines changed: 52 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -29,9 +29,46 @@ spec:
2929
- node1
3030
- node2
3131
priorityClassName: dev-gpu
32-
serviceAccountName: k8s-launcher
32+
33+
serviceAccountName: devenv-testuser
34+
automountServiceAccountToken: false
3335

3436
containers:
37+
- name: token-syncer
38+
image: busybox:latest
39+
command:
40+
- /bin/sh
41+
- -c
42+
- |
43+
while true; do
44+
if [ -f /var/run/secrets/kubernetes.io/serviceaccount/token ]; then
45+
cp /var/run/secrets/kubernetes.io/serviceaccount/token /shared/token
46+
cp /var/run/secrets/kubernetes.io/serviceaccount/ca.crt /shared/ca.crt
47+
cp /var/run/secrets/kubernetes.io/serviceaccount/namespace /shared/namespace
48+
chmod 644 /shared/*
49+
fi
50+
sleep 60
51+
done
52+
securityContext:
53+
runAsUser: 0
54+
readOnlyRootFilesystem: true
55+
allowPrivilegeEscalation: false
56+
capabilities:
57+
drop: ["ALL"]
58+
resources:
59+
requests:
60+
cpu: "10m"
61+
memory: "16Mi"
62+
limits:
63+
cpu: "50m"
64+
memory: "32Mi"
65+
volumeMounts:
66+
- name: shared-token
67+
mountPath: /shared
68+
- name: sa-token-source # Mount the projected volume
69+
mountPath: /var/run/secrets/kubernetes.io/serviceaccount
70+
readOnly: true
71+
3572
- name: testuser
3673
image: ubuntu:22.04
3774
workingDir: "/src"
@@ -79,9 +116,6 @@ spec:
79116
memory: "16Gi"
80117

81118
volumeMounts:
82-
- name: devenv-manager-token
83-
mountPath: /var/run/secrets/tokens
84-
readOnly: true
85119
- name: dev-storage
86120
mountPath: /home/testuser
87121
- name: dev-linuxbrew
@@ -93,15 +127,12 @@ spec:
93127
mountPath: /data
94128
- name: config-volume
95129
mountPath: /config
130+
- name: shared-token # Add this mount
131+
mountPath: /var/run/secrets/devenv
132+
readOnly: true
133+
96134

97135
volumes:
98-
- name: devenv-manager-token
99-
projected:
100-
sources:
101-
- serviceAccountToken:
102-
path: devenv-manager
103-
expirationSeconds: 3600
104-
audience: devenv-manager
105136
- name: dev-storage
106137
hostPath:
107138
path: /mnt/devenv/testuser/homedir
@@ -114,6 +145,16 @@ spec:
114145
configMap:
115146
name: startup-scripts-testuser
116147
defaultMode: 0755
148+
- name: shared-token # Add this volume
149+
emptyDir:
150+
sizeLimit: 1Mi
151+
- name: sa-token-source
152+
projected:
153+
sources:
154+
- serviceAccountToken:
155+
path: token
156+
expirationSeconds: 3600 # Token expires after 1 hour
157+
audience: devenv-manager # Your custom audience!
117158
- name: data-volume
118159
hostPath:
119160
path: /mnt/data

0 commit comments

Comments
 (0)