djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Explicitly set the correct authenticator for impersonator test

Browse Source 
Signed-off-by: Ryan Richard <richardry@vmware.com>
This commit is contained in:
Margo Crawford 2021-03-25 16:57:37 -07:00 committed by Ryan Richard
parent cd6e48bfa8
commit 6f2882b831
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
test/integration/concierge_impersonation_proxy_test.go
View File

@ -275,7 +275,7 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl
} }
t.Run("kubectl port-forward and keeping the connection open for over a minute", func(t *testing.T) { t.Run("kubectl port-forward and keeping the connection open for over a minute", func(t *testing.T) {
kubeconfigPath, envVarsWithProxy, _ := getImpersonationKubeconfig(t, env, impersonationProxyURL, impersonationProxyCACertPEM) kubeconfigPath, envVarsWithProxy, _ := getImpersonationKubeconfig(t, env, impersonationProxyURL, impersonationProxyCACertPEM, credentialRequestSpecWithWorkingCredentials.Authenticator)
// Run the kubectl port-forward command. // Run the kubectl port-forward command.
timeout, cancelFunc := context.WithTimeout(ctx, 2*time.Minute) timeout, cancelFunc := context.WithTimeout(ctx, 2*time.Minute)
@ -546,7 +546,7 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl
}) })
t.Run("kubectl as a client", func(t *testing.T) { t.Run("kubectl as a client", func(t *testing.T) {
kubeconfigPath, envVarsWithProxy, tempDir := getImpersonationKubeconfig(t, env, impersonationProxyURL, impersonationProxyCACertPEM) kubeconfigPath, envVarsWithProxy, tempDir := getImpersonationKubeconfig(t, env, impersonationProxyURL, impersonationProxyCACertPEM, credentialRequestSpecWithWorkingCredentials.Authenticator)
// Try "kubectl exec" through the impersonation proxy. // Try "kubectl exec" through the impersonation proxy.
echoString := "hello world" echoString := "hello world"
@ -1084,7 +1084,7 @@ func credentialIssuerName(env *library.TestEnv) string {
return env.ConciergeAppName + "-config" return env.ConciergeAppName + "-config"
} }
func getImpersonationKubeconfig(t *testing.T, env *library.TestEnv, impersonationProxyURL string, impersonationProxyCACertPEM []byte) (string, []string, string) { func getImpersonationKubeconfig(t *testing.T, env *library.TestEnv, impersonationProxyURL string, impersonationProxyCACertPEM []byte, authenticator corev1.TypedLocalObjectReference) (string, []string, string) {
t.Helper() t.Helper()
pinnipedExe := library.PinnipedCLIPath(t) pinnipedExe := library.PinnipedCLIPath(t)
@ -1101,6 +1101,8 @@ func getImpersonationKubeconfig(t *testing.T, env *library.TestEnv, impersonatio
"--concierge-api-group-suffix", env.APIGroupSuffix, "--concierge-api-group-suffix", env.APIGroupSuffix,
"--oidc-skip-browser", "--oidc-skip-browser",
"--static-token", env.TestUser.Token, "--static-token", env.TestUser.Token,
"--concierge-authenticator-name", authenticator.Name,
"--concierge-authenticator-type", authenticator.Kind,
// Force the use of impersonation proxy strategy, but let it auto-discover the endpoint and CA. // Force the use of impersonation proxy strategy, but let it auto-discover the endpoint and CA.
"--concierge-mode", "ImpersonationProxy"} "--concierge-mode", "ImpersonationProxy"}
t.Log("Running:", pinnipedExe, getKubeConfigCmd) t.Log("Running:", pinnipedExe, getKubeConfigCmd)