2020-07-27 23:49:43 +00:00
|
|
|
/*
|
|
|
|
Copyright 2020 VMware, Inc.
|
|
|
|
SPDX-License-Identifier: Apache-2.0
|
|
|
|
*/
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
2020-07-28 14:10:40 +00:00
|
|
|
"context"
|
2020-07-27 23:49:43 +00:00
|
|
|
"fmt"
|
|
|
|
"testing"
|
2020-07-28 14:10:40 +00:00
|
|
|
"time"
|
2020-07-27 23:49:43 +00:00
|
|
|
|
|
|
|
"github.com/sclevine/spec"
|
|
|
|
"github.com/sclevine/spec/report"
|
2020-07-28 13:42:25 +00:00
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"k8s.io/client-go/pkg/apis/clientauthentication"
|
2020-07-27 23:49:43 +00:00
|
|
|
)
|
|
|
|
|
2020-07-28 13:42:25 +00:00
|
|
|
type errWriter struct{ returnErr error }
|
|
|
|
|
|
|
|
func (e *errWriter) Write([]byte) (int, error) { return 0, e.returnErr }
|
|
|
|
|
2020-07-27 23:49:43 +00:00
|
|
|
func TestRun(t *testing.T) {
|
|
|
|
spec.Run(t, "Run", func(t *testing.T, when spec.G, it spec.S) {
|
|
|
|
var buffer *bytes.Buffer
|
|
|
|
var tokenExchanger tokenExchanger
|
|
|
|
var fakeEnv map[string]string
|
|
|
|
|
|
|
|
var envGetter envGetter = func(envVarName string) (string, bool) {
|
|
|
|
value, present := fakeEnv[envVarName]
|
|
|
|
if !present {
|
|
|
|
return "", false
|
|
|
|
}
|
|
|
|
return value, true
|
|
|
|
}
|
|
|
|
|
|
|
|
it.Before(func() {
|
|
|
|
buffer = new(bytes.Buffer)
|
|
|
|
fakeEnv = map[string]string{
|
|
|
|
"PLACEHOLDER_NAME_TOKEN": "token from env",
|
|
|
|
"PLACEHOLDER_NAME_CA_BUNDLE": "ca bundle from env",
|
|
|
|
"PLACEHOLDER_NAME_K8S_API_ENDPOINT": "k8s api from env",
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
when("env vars are missing", func() {
|
|
|
|
it("returns an error when PLACEHOLDER_NAME_TOKEN is missing", func() {
|
|
|
|
fakeEnv = map[string]string{
|
|
|
|
"PLACEHOLDER_NAME_K8S_API_ENDPOINT": "a",
|
|
|
|
"PLACEHOLDER_NAME_CA_BUNDLE": "b",
|
|
|
|
}
|
2020-07-28 14:10:40 +00:00
|
|
|
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
|
2020-07-28 13:47:11 +00:00
|
|
|
require.EqualError(t, err, "failed to login: environment variable not set: PLACEHOLDER_NAME_TOKEN")
|
2020-07-27 23:49:43 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
it("returns an error when PLACEHOLDER_NAME_CA_BUNDLE is missing", func() {
|
|
|
|
fakeEnv = map[string]string{
|
|
|
|
"PLACEHOLDER_NAME_K8S_API_ENDPOINT": "a",
|
|
|
|
"PLACEHOLDER_NAME_TOKEN": "b",
|
|
|
|
}
|
2020-07-28 14:10:40 +00:00
|
|
|
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
|
2020-07-28 13:47:11 +00:00
|
|
|
require.EqualError(t, err, "failed to login: environment variable not set: PLACEHOLDER_NAME_CA_BUNDLE")
|
2020-07-27 23:49:43 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
it("returns an error when PLACEHOLDER_NAME_K8S_API_ENDPOINT is missing", func() {
|
|
|
|
fakeEnv = map[string]string{
|
|
|
|
"PLACEHOLDER_NAME_TOKEN": "a",
|
|
|
|
"PLACEHOLDER_NAME_CA_BUNDLE": "b",
|
|
|
|
}
|
2020-07-28 14:10:40 +00:00
|
|
|
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
|
2020-07-28 13:47:11 +00:00
|
|
|
require.EqualError(t, err, "failed to login: environment variable not set: PLACEHOLDER_NAME_K8S_API_ENDPOINT")
|
2020-07-27 23:49:43 +00:00
|
|
|
})
|
|
|
|
}, spec.Parallel())
|
|
|
|
|
|
|
|
when("the token exchange fails", func() {
|
|
|
|
it.Before(func() {
|
2020-07-28 14:10:40 +00:00
|
|
|
tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*clientauthentication.ExecCredential, error) {
|
2020-07-27 23:49:43 +00:00
|
|
|
return nil, fmt.Errorf("some error")
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
it("returns an error", func() {
|
2020-07-28 14:10:40 +00:00
|
|
|
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
|
2020-07-28 13:47:11 +00:00
|
|
|
require.EqualError(t, err, "failed to login: some error")
|
2020-07-27 23:49:43 +00:00
|
|
|
})
|
|
|
|
}, spec.Parallel())
|
|
|
|
|
2020-07-28 13:42:25 +00:00
|
|
|
when("the JSON encoder fails", func() {
|
|
|
|
it.Before(func() {
|
2020-07-28 14:10:40 +00:00
|
|
|
tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*clientauthentication.ExecCredential, error) {
|
2020-07-28 13:42:25 +00:00
|
|
|
return &clientauthentication.ExecCredential{
|
|
|
|
Status: &clientauthentication.ExecCredentialStatus{Token: "some token"},
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
it("returns an error", func() {
|
2020-07-28 14:10:40 +00:00
|
|
|
err := run(envGetter, tokenExchanger, &errWriter{returnErr: fmt.Errorf("some IO error")}, 30*time.Second)
|
2020-07-28 13:42:25 +00:00
|
|
|
require.EqualError(t, err, "failed to marshal response to stdout: some IO error")
|
|
|
|
})
|
|
|
|
}, spec.Parallel())
|
|
|
|
|
2020-07-28 14:10:40 +00:00
|
|
|
when("the token exchange times out", func() {
|
|
|
|
it.Before(func() {
|
|
|
|
tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*clientauthentication.ExecCredential, error) {
|
|
|
|
select {
|
|
|
|
case <-time.After(100 * time.Millisecond):
|
|
|
|
return &clientauthentication.ExecCredential{
|
|
|
|
Status: &clientauthentication.ExecCredentialStatus{Token: "some token"},
|
|
|
|
}, nil
|
|
|
|
case <-ctx.Done():
|
|
|
|
return nil, ctx.Err()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
it("returns an error", func() {
|
|
|
|
err := run(envGetter, tokenExchanger, buffer, 1*time.Millisecond)
|
|
|
|
require.EqualError(t, err, "failed to login: context deadline exceeded")
|
|
|
|
})
|
|
|
|
}, spec.Parallel())
|
|
|
|
|
2020-07-27 23:49:43 +00:00
|
|
|
when("the token exchange succeeds", func() {
|
|
|
|
var actualToken, actualCaBundle, actualAPIEndpoint string
|
|
|
|
|
|
|
|
it.Before(func() {
|
2020-07-28 14:10:40 +00:00
|
|
|
tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*clientauthentication.ExecCredential, error) {
|
2020-07-27 23:49:43 +00:00
|
|
|
actualToken, actualCaBundle, actualAPIEndpoint = token, caBundle, apiEndpoint
|
|
|
|
return &clientauthentication.ExecCredential{
|
|
|
|
Status: &clientauthentication.ExecCredentialStatus{Token: "some token"},
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
})
|
|
|
|
|
|
|
|
it("writes the execCredential to the given writer", func() {
|
2020-07-28 14:10:40 +00:00
|
|
|
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
|
2020-07-27 23:49:43 +00:00
|
|
|
require.NoError(t, err)
|
|
|
|
require.Equal(t, fakeEnv["PLACEHOLDER_NAME_TOKEN"], actualToken)
|
|
|
|
require.Equal(t, fakeEnv["PLACEHOLDER_NAME_CA_BUNDLE"], actualCaBundle)
|
|
|
|
require.Equal(t, fakeEnv["PLACEHOLDER_NAME_K8S_API_ENDPOINT"], actualAPIEndpoint)
|
|
|
|
expected := `{
|
|
|
|
"Spec": {"Interactive": false, "Response": null},
|
|
|
|
"Status": {"ClientCertificateData": "", "ClientKeyData": "", "ExpirationTimestamp": null, "Token": "some token"}
|
|
|
|
}`
|
|
|
|
require.JSONEq(t, expected, buffer.String())
|
|
|
|
})
|
|
|
|
}, spec.Parallel())
|
|
|
|
}, spec.Report(report.Terminal{}))
|
|
|
|
}
|