Simplify TestCLIGetKubeconfigStaticToken now that there's only a single table case.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-23 10:26:04 -05:00 · 2021-03-23 10:26:04 -05:00 · 9501168265
commit 9501168265
parent 2e79664f3d
1 changed files with 51 additions and 69 deletions
--- a/test/integration/cli_test.go
+++ b/test/integration/cli_test.go
@ -49,78 +49,60 @@ func TestCLIGetKubeconfigStaticToken(t *testing.T) {
 	// Build pinniped CLI.
 	pinnipedExe := library.PinnipedCLIPath(t)
-	for _, tt := range []struct {
+	stdout, stderr := runPinnipedCLI(t, nil, pinnipedExe, "get", "kubeconfig",
-		name                 string
+		"--static-token", env.TestUser.Token,
-		args                 []string
+		"--concierge-api-group-suffix", env.APIGroupSuffix,
-		expectStderrContains []string
+		"--concierge-authenticator-type", "webhook",
-	}{
+		"--concierge-authenticator-name", authenticator.Name,
-		{
+	)
-			name: "newer command, but still using static parameters",
+	assert.Contains(t, stderr, "discovered CredentialIssuer")
-			args: []string{
+	assert.Contains(t, stderr, "discovered Concierge endpoint")
-				"get", "kubeconfig",
+	assert.Contains(t, stderr, "discovered Concierge certificate authority bundle")
-				"--static-token", env.TestUser.Token,
+	assert.Contains(t, stderr, "validated connection to the cluster")
 				"--concierge-api-group-suffix", env.APIGroupSuffix,
 				"--concierge-authenticator-type", "webhook",
 				"--concierge-authenticator-name", authenticator.Name,
 			},
 			expectStderrContains: []string{
 				"discovered CredentialIssuer",
 				"discovered Concierge endpoint",
 				"discovered Concierge certificate authority bundle",
 				"validated connection to the cluster",
 			},
 		},
 	} {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			stdout, stderr := runPinnipedCLI(t, nil, pinnipedExe, tt.args...)
 			for _, s := range tt.expectStderrContains {
 				assert.Contains(t, stderr, s)
 			}
-			// Even the deprecated command should now generate a kubeconfig with the new "pinniped login static" command.
+	// Even the deprecated command should now generate a kubeconfig with the new "pinniped login static" command.
-			restConfig := library.NewRestConfigFromKubeconfig(t, stdout)
+	restConfig := library.NewRestConfigFromKubeconfig(t, stdout)
-			require.NotNil(t, restConfig.ExecProvider)
+	require.NotNil(t, restConfig.ExecProvider)
-			require.Equal(t, []string{"login", "static"}, restConfig.ExecProvider.Args[:2])
+	require.Equal(t, []string{"login", "static"}, restConfig.ExecProvider.Args[:2])
-			// In addition to the client-go based testing below, also try the kubeconfig
+	// In addition to the client-go based testing below, also try the kubeconfig
-			// with kubectl to validate that it works.
+	// with kubectl to validate that it works.
-			t.Run(
+	t.Run(
-				"access as user with kubectl",
+		"access as user with kubectl",
-				library.AccessAsUserWithKubectlTest(stdout, env.TestUser.ExpectedUsername, env.ConciergeNamespace),
+		library.AccessAsUserWithKubectlTest(stdout, env.TestUser.ExpectedUsername, env.ConciergeNamespace),
-			)
+	)
-			for _, group := range env.TestUser.ExpectedGroups {
+	for _, group := range env.TestUser.ExpectedGroups {
-				group := group
+		group := group
-				t.Run(
+		t.Run(
-					"access as group "+group+" with kubectl",
+			"access as group "+group+" with kubectl",
-					library.AccessAsGroupWithKubectlTest(stdout, group, env.ConciergeNamespace),
+			library.AccessAsGroupWithKubectlTest(stdout, group, env.ConciergeNamespace),
-				)
+		)
 			}
 			// Create Kubernetes client with kubeconfig from pinniped CLI.
 			kubeClient := library.NewClientsetForKubeConfig(t, stdout)
 			// Validate that we can auth to the API via our user.
 			t.Run("access as user with client-go", library.AccessAsUserTest(ctx, env.TestUser.ExpectedUsername, kubeClient))
 			for _, group := range env.TestUser.ExpectedGroups {
 				group := group
 				t.Run("access as group "+group+" with client-go", library.AccessAsGroupTest(ctx, group, kubeClient))
 			}
 			// Validate that `pinniped whoami` returns the correct identity.
 			kubeconfigPath := filepath.Join(testutil.TempDir(t), "whoami-kubeconfig")
 			require.NoError(t, ioutil.WriteFile(kubeconfigPath, []byte(stdout), 0600))
 			assertWhoami(
 				ctx,
 				t,
 				false,
 				pinnipedExe,
 				kubeconfigPath,
 				env.TestUser.ExpectedUsername,
 				append(env.TestUser.ExpectedGroups, "system:authenticated"),
 			)
 		})
 	}
 	// Create Kubernetes client with kubeconfig from pinniped CLI.
 	kubeClient := library.NewClientsetForKubeConfig(t, stdout)
 	// Validate that we can auth to the API via our user.
 	t.Run("access as user with client-go", library.AccessAsUserTest(ctx, env.TestUser.ExpectedUsername, kubeClient))
 	for _, group := range env.TestUser.ExpectedGroups {
 		group := group
 		t.Run("access as group "+group+" with client-go", library.AccessAsGroupTest(ctx, group, kubeClient))
 	}
 	t.Run("whoami", func(t *testing.T) {
 		// Validate that `pinniped whoami` returns the correct identity.
 		kubeconfigPath := filepath.Join(testutil.TempDir(t), "whoami-kubeconfig")
 		require.NoError(t, ioutil.WriteFile(kubeconfigPath, []byte(stdout), 0600))
 		assertWhoami(
 			ctx,
 			t,
 			false,
 			pinnipedExe,
 			kubeconfigPath,
 			env.TestUser.ExpectedUsername,
 			append(env.TestUser.ExpectedGroups, "system:authenticated"),
 		)
 	})
 }
 func runPinnipedCLI(t *testing.T, envVars []string, pinnipedExe string, args ...string) (string, string) {