Do the kubeconfig proxy environment injection, but actually render back out the YAML.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
parent
1734280a19
commit
9dfbe60253
@ -26,7 +26,6 @@ import (
|
|||||||
authorizationv1 "k8s.io/api/authorization/v1"
|
authorizationv1 "k8s.io/api/authorization/v1"
|
||||||
corev1 "k8s.io/api/core/v1"
|
corev1 "k8s.io/api/core/v1"
|
||||||
rbacv1 "k8s.io/api/rbac/v1"
|
rbacv1 "k8s.io/api/rbac/v1"
|
||||||
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
|
||||||
|
|
||||||
authv1alpha "go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1"
|
authv1alpha "go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1"
|
||||||
configv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1"
|
configv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1"
|
||||||
@ -166,13 +165,8 @@ func TestE2EFullIntegration(t *testing.T) {
|
|||||||
|
|
||||||
// If there is a proxy, we always want the "pinniped login oidc" command to use it, even if the
|
// If there is a proxy, we always want the "pinniped login oidc" command to use it, even if the
|
||||||
// parent kubectl process is connecting to an external load balancer and not using the proxy.
|
// parent kubectl process is connecting to an external load balancer and not using the proxy.
|
||||||
if env.Proxy != "" {
|
kubeconfigYAML = env.InjectProxyEnvIntoKubeconfig(kubeconfigYAML)
|
||||||
restConfig.ExecProvider.Env = append(restConfig.ExecProvider.Env,
|
t.Logf("test kubeconfig after proxy environment addition:\n%s\n\n", kubeconfigYAML)
|
||||||
clientcmdapi.ExecEnvVar{Name: "http_proxy", Value: env.Proxy},
|
|
||||||
clientcmdapi.ExecEnvVar{Name: "https_proxy", Value: env.Proxy},
|
|
||||||
clientcmdapi.ExecEnvVar{Name: "no_proxy", Value: "127.0.0.1"},
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
kubeconfigPath := filepath.Join(tempDir, "kubeconfig.yaml")
|
kubeconfigPath := filepath.Join(tempDir, "kubeconfig.yaml")
|
||||||
require.NoError(t, ioutil.WriteFile(kubeconfigPath, []byte(kubeconfigYAML), 0600))
|
require.NoError(t, ioutil.WriteFile(kubeconfigPath, []byte(kubeconfigYAML), 0600))
|
||||||
|
@ -10,6 +10,8 @@ import (
|
|||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
"k8s.io/client-go/tools/clientcmd"
|
||||||
|
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
|
||||||
"sigs.k8s.io/yaml"
|
"sigs.k8s.io/yaml"
|
||||||
|
|
||||||
auth1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1"
|
auth1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1"
|
||||||
@ -67,10 +69,47 @@ type TestOIDCUpstream struct {
|
|||||||
|
|
||||||
// ProxyEnv returns a set of environment variable strings (e.g., to combine with os.Environ()) which set up the configured test HTTP proxy.
|
// ProxyEnv returns a set of environment variable strings (e.g., to combine with os.Environ()) which set up the configured test HTTP proxy.
|
||||||
func (e *TestEnv) ProxyEnv() []string {
|
func (e *TestEnv) ProxyEnv() []string {
|
||||||
|
vars := e.proxyVars()
|
||||||
|
if vars == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
res := make([]string, 0, len(vars))
|
||||||
|
for k, v := range vars {
|
||||||
|
res = append(res, k+"="+v)
|
||||||
|
}
|
||||||
|
return res
|
||||||
|
}
|
||||||
|
|
||||||
|
func (e *TestEnv) InjectProxyEnvIntoKubeconfig(kubeconfigYAML string) string {
|
||||||
|
proxyVars := e.proxyVars()
|
||||||
|
if proxyVars == nil {
|
||||||
|
return kubeconfigYAML
|
||||||
|
}
|
||||||
|
|
||||||
|
kubeconfig, err := clientcmd.Load([]byte(kubeconfigYAML))
|
||||||
|
require.NoError(e.t, err)
|
||||||
|
for i := range kubeconfig.AuthInfos {
|
||||||
|
if exec := kubeconfig.AuthInfos[i].Exec; exec != nil {
|
||||||
|
for k, v := range proxyVars {
|
||||||
|
exec.Env = append(exec.Env, clientcmdapi.ExecEnvVar{Name: k, Value: v})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
newYAML, err := clientcmd.Write(*kubeconfig)
|
||||||
|
require.NoError(t, err)
|
||||||
|
return string(newYAML)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (e *TestEnv) proxyVars() map[string] {
|
||||||
if e.Proxy == "" {
|
if e.Proxy == "" {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
return []string{"http_proxy=" + e.Proxy, "https_proxy=" + e.Proxy, "no_proxy=127.0.0.1"}
|
return map[string]string{
|
||||||
|
"http_proxy": e.Proxy,
|
||||||
|
"https_proxy": e.Proxy,
|
||||||
|
"no_proxy": "127.0.0.1",
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// IntegrationEnv gets the integration test environment from OS environment variables. This
|
// IntegrationEnv gets the integration test environment from OS environment variables. This
|
||||||
|
Loading…
Reference in New Issue
Block a user