diff --git a/Dockerfile b/Dockerfile index b5dc23a1..be8fb170 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,7 @@ COPY hack ./hack # Build the executable binary (CGO_ENABLED=0 means static linking) RUN mkdir out \ - && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(hack/get-ldflags.sh)" -o out ./cmd/pinniped-server/... \ + && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(hack/get-ldflags.sh)" -o out ./cmd/pinniped-concierge/... \ && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "$(hack/get-ldflags.sh)" -o out ./cmd/pinniped-supervisor/... \ && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o out ./cmd/local-user-authenticator/... @@ -28,7 +28,7 @@ RUN mkdir out \ FROM debian:10.5-slim # Copy the binaries from the build-env stage -COPY --from=build-env /work/out/pinniped-server /usr/local/bin/pinniped-server +COPY --from=build-env /work/out/pinniped-concierge /usr/local/bin/pinniped-concierge COPY --from=build-env /work/out/pinniped-supervisor /usr/local/bin/pinniped-supervisor COPY --from=build-env /work/out/local-user-authenticator /usr/local/bin/local-user-authenticator @@ -36,4 +36,4 @@ COPY --from=build-env /work/out/local-user-authenticator /usr/local/bin/local-us EXPOSE 443 # Set the entrypoint -ENTRYPOINT ["/usr/local/bin/pinniped-server"] +ENTRYPOINT ["/usr/local/bin/pinniped-concierge"] diff --git a/cmd/pinniped-server/main.go b/cmd/pinniped-concierge/main.go similarity index 92% rename from cmd/pinniped-server/main.go rename to cmd/pinniped-concierge/main.go index 5741a696..8ca7bf44 100644 --- a/cmd/pinniped-server/main.go +++ b/cmd/pinniped-concierge/main.go @@ -12,7 +12,7 @@ import ( "k8s.io/component-base/logs" "k8s.io/klog/v2" - "go.pinniped.dev/internal/server" + "go.pinniped.dev/internal/concierge/server" ) func main() { diff --git a/internal/apiserver/apiserver.go b/internal/concierge/apiserver/apiserver.go similarity index 95% rename from internal/apiserver/apiserver.go rename to internal/concierge/apiserver/apiserver.go index 98d2c7bd..5dbcd9b1 100644 --- a/internal/apiserver/apiserver.go +++ b/internal/concierge/apiserver/apiserver.go @@ -87,7 +87,7 @@ func (c *Config) Complete() CompletedConfig { // New returns a new instance of AdmissionServer from the given config. func (c completedConfig) New() (*PinnipedServer, error) { - genericServer, err := c.GenericConfig.New("pinniped-server", genericapiserver.NewEmptyDelegate()) // completion is done in Complete, no need for a second time + genericServer, err := c.GenericConfig.New("pinniped-concierge", genericapiserver.NewEmptyDelegate()) // completion is done in Complete, no need for a second time if err != nil { return nil, fmt.Errorf("completion error: %w", err) } diff --git a/internal/server/server.go b/internal/concierge/server/server.go similarity index 95% rename from internal/server/server.go rename to internal/concierge/server/server.go index 63456a79..23ad1258 100644 --- a/internal/server/server.go +++ b/internal/concierge/server/server.go @@ -1,7 +1,7 @@ // Copyright 2020 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -// Package server is the command line entry point for pinniped-server. +// Package server is the command line entry point for pinniped-concierge. package server import ( @@ -15,8 +15,8 @@ import ( genericoptions "k8s.io/apiserver/pkg/server/options" loginv1alpha1 "go.pinniped.dev/generated/1.19/apis/login/v1alpha1" - "go.pinniped.dev/internal/apiserver" "go.pinniped.dev/internal/certauthority/dynamiccertauthority" + "go.pinniped.dev/internal/concierge/apiserver" "go.pinniped.dev/internal/controller/identityprovider/idpcache" "go.pinniped.dev/internal/controllermanager" "go.pinniped.dev/internal/downward" @@ -26,7 +26,7 @@ import ( "go.pinniped.dev/pkg/config" ) -// App is an object that represents the pinniped-server application. +// App is an object that represents the pinniped-concierge application. type App struct { cmd *cobra.Command @@ -54,9 +54,9 @@ func (a *App) Run() error { // Create the server command and save it into the App. func (a *App) addServerCommand(ctx context.Context, args []string, stdout, stderr io.Writer) { cmd := &cobra.Command{ - Use: "pinniped-server", + Use: "pinniped-concierge", Long: here.Doc(` - pinniped-server provides a generic API for mapping an external + pinniped-concierge provides a generic API for mapping an external credential from somewhere to an internal credential to be used for authenticating to the Kubernetes API.`), RunE: func(cmd *cobra.Command, args []string) error { return a.runServer(ctx) }, diff --git a/internal/server/server_test.go b/internal/concierge/server/server_test.go similarity index 87% rename from internal/server/server_test.go rename to internal/concierge/server/server_test.go index c5911c35..790e493e 100644 --- a/internal/server/server_test.go +++ b/internal/concierge/server/server_test.go @@ -15,17 +15,17 @@ import ( ) const knownGoodUsage = ` -pinniped-server provides a generic API for mapping an external +pinniped-concierge provides a generic API for mapping an external credential from somewhere to an internal credential to be used for authenticating to the Kubernetes API. Usage: - pinniped-server [flags] + pinniped-concierge [flags] Flags: -c, --config string path to configuration file (default "pinniped.yaml") --downward-api-path string path to Downward API volume mount (default "/etc/podinfo") - -h, --help help for pinniped-server + -h, --help help for pinniped-concierge --log-flush-frequency duration Maximum number of seconds between log flushes (default 5s) ` @@ -48,7 +48,7 @@ func TestCommand(t *testing.T) { { name: "OneArgFails", args: []string{"tuna"}, - wantErr: `unknown command "tuna" for "pinniped-server"`, + wantErr: `unknown command "tuna" for "pinniped-concierge"`, }, { name: "ShortConfigFlagSucceeds", @@ -64,7 +64,7 @@ func TestCommand(t *testing.T) { "--config", "some/path/to/config.yaml", "tuna", }, - wantErr: `unknown command "tuna" for "pinniped-server"`, + wantErr: `unknown command "tuna" for "pinniped-concierge"`, }, } for _, test := range tests { diff --git a/internal/server/testdata/podinfo/labels b/internal/concierge/server/testdata/podinfo/labels similarity index 100% rename from internal/server/testdata/podinfo/labels rename to internal/concierge/server/testdata/podinfo/labels diff --git a/internal/server/testdata/podinfo/namespace b/internal/concierge/server/testdata/podinfo/namespace similarity index 100% rename from internal/server/testdata/podinfo/namespace rename to internal/concierge/server/testdata/podinfo/namespace diff --git a/internal/server/testdata/valid-config.yaml b/internal/concierge/server/testdata/valid-config.yaml similarity index 100% rename from internal/server/testdata/valid-config.yaml rename to internal/concierge/server/testdata/valid-config.yaml diff --git a/test/integration/cli_test.go b/test/integration/cli_test.go index 731f97fe..1e337262 100644 --- a/test/integration/cli_test.go +++ b/test/integration/cli_test.go @@ -62,13 +62,13 @@ func TestCLI(t *testing.T) { adminClient := library.NewClientset(t) t.Run( "access as user with kubectl", - accessAsUserWithKubectlTest(ctx, adminClient, kubeConfigYAML, env.TestUser.ExpectedUsername, env.Namespace), + library.AccessAsUserWithKubectlTest(ctx, adminClient, kubeConfigYAML, env.TestUser.ExpectedUsername, env.Namespace), ) for _, group := range env.TestUser.ExpectedGroups { group := group t.Run( "access as group "+group+" with kubectl", - accessAsGroupWithKubectlTest(ctx, adminClient, kubeConfigYAML, group, env.Namespace), + library.AccessAsGroupWithKubectlTest(ctx, adminClient, kubeConfigYAML, group, env.Namespace), ) } @@ -76,10 +76,10 @@ func TestCLI(t *testing.T) { kubeClient := library.NewClientsetForKubeConfig(t, kubeConfigYAML) // Validate that we can auth to the API via our user. - t.Run("access as user with client-go", accessAsUserTest(ctx, adminClient, env.TestUser.ExpectedUsername, kubeClient)) + t.Run("access as user with client-go", library.AccessAsUserTest(ctx, adminClient, env.TestUser.ExpectedUsername, kubeClient)) for _, group := range env.TestUser.ExpectedGroups { group := group - t.Run("access as group "+group+" with client-go", accessAsGroupTest(ctx, adminClient, group, kubeClient)) + t.Run("access as group "+group+" with client-go", library.AccessAsGroupTest(ctx, adminClient, group, kubeClient)) } } diff --git a/test/integration/api_discovery_test.go b/test/integration/concierge_api_discovery_test.go similarity index 100% rename from test/integration/api_discovery_test.go rename to test/integration/concierge_api_discovery_test.go diff --git a/test/integration/api_serving_certs_test.go b/test/integration/concierge_api_serving_certs_test.go similarity index 100% rename from test/integration/api_serving_certs_test.go rename to test/integration/concierge_api_serving_certs_test.go diff --git a/test/integration/app_availability_test.go b/test/integration/concierge_availability_test.go similarity index 100% rename from test/integration/app_availability_test.go rename to test/integration/concierge_availability_test.go diff --git a/test/integration/credentialissuerconfig_test.go b/test/integration/concierge_credentialissuerconfig_test.go similarity index 100% rename from test/integration/credentialissuerconfig_test.go rename to test/integration/concierge_credentialissuerconfig_test.go diff --git a/test/integration/credentialrequest_test.go b/test/integration/concierge_credentialrequest_test.go similarity index 96% rename from test/integration/credentialrequest_test.go rename to test/integration/concierge_credentialrequest_test.go index 277e7f3d..75b95719 100644 --- a/test/integration/credentialrequest_test.go +++ b/test/integration/concierge_credentialrequest_test.go @@ -77,13 +77,13 @@ func TestSuccessfulCredentialRequest(t *testing.T) { t.Run( "access as user", - accessAsUserTest(ctx, adminClient, env.TestUser.ExpectedUsername, clientWithCertFromCredentialRequest), + library.AccessAsUserTest(ctx, adminClient, env.TestUser.ExpectedUsername, clientWithCertFromCredentialRequest), ) for _, group := range env.TestUser.ExpectedGroups { group := group t.Run( "access as group "+group, - accessAsGroupTest(ctx, adminClient, group, clientWithCertFromCredentialRequest), + library.AccessAsGroupTest(ctx, adminClient, group, clientWithCertFromCredentialRequest), ) } } diff --git a/test/integration/kubecertagent_test.go b/test/integration/concierge_kubecertagent_test.go similarity index 100% rename from test/integration/kubecertagent_test.go rename to test/integration/concierge_kubecertagent_test.go diff --git a/test/integration/kubectl_test.go b/test/integration/concierge_kubectl_test.go similarity index 100% rename from test/integration/kubectl_test.go rename to test/integration/concierge_kubectl_test.go diff --git a/test/integration/common_test.go b/test/library/access.go similarity index 98% rename from test/integration/common_test.go rename to test/library/access.go index 38528fca..89b74704 100644 --- a/test/integration/common_test.go +++ b/test/library/access.go @@ -1,6 +1,7 @@ // Copyright 2020 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 -package integration + +package library import ( "context" @@ -11,12 +12,11 @@ import ( "testing" "time" - "k8s.io/apimachinery/pkg/api/errors" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" v1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" ) @@ -31,7 +31,7 @@ const ( // // Use this function if you want to simply validate that a user can auth to the kube API after // performing a Pinniped credential exchange. -func accessAsUserTest( +func AccessAsUserTest( ctx context.Context, adminClient kubernetes.Interface, testUsername string, @@ -53,7 +53,7 @@ func accessAsUserTest( } } -func accessAsUserWithKubectlTest( +func AccessAsUserWithKubectlTest( ctx context.Context, adminClient kubernetes.Interface, testKubeConfigYAML string, @@ -82,7 +82,7 @@ func accessAsUserWithKubectlTest( // // Use this function if you want to simply validate that a user can auth to the kube API (via // a group membership) after performing a Pinniped credential exchange. -func accessAsGroupTest( +func AccessAsGroupTest( ctx context.Context, adminClient kubernetes.Interface, testGroup string, @@ -104,7 +104,7 @@ func accessAsGroupTest( } } -func accessAsGroupWithKubectlTest( +func AccessAsGroupWithKubectlTest( ctx context.Context, adminClient kubernetes.Interface, testKubeConfigYAML string,