djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CLI's get-kubeconfig subcommand now also sets PINNIPED_NAMESPACE env var

Browse Source
This commit is contained in:
Ryan Richard 2020-09-17 16:05:56 -07:00
parent 079e07a51f
commit a479450940
2 changed files with 26 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
cmd/pinniped/cmd/get_kubeconfig.go
View File

@ -201,7 +201,7 @@ func getKubeConfig(
return err
}
config := newPinnipedKubeconfig(v1Cluster, fullPathToSelf, token)
config := newPinnipedKubeconfig(v1Cluster, fullPathToSelf, token, pinnipedInstallationNamespace)
err = writeConfigAsYAML(outputWriter, config)
if err != nil {
@ -298,7 +298,7 @@ func copyCurrentClusterFromExistingKubeConfig(currentKubeConfig clientcmdapi.Con
return v1Cluster, nil
}
func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token string) v1.Config {
func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token string, namespace string) v1.Config {
clusterName := "pinniped-cluster"
userName := "pinniped-user"
@ -329,9 +329,21 @@ func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token st
Command: fullPathToSelf,
Args: []string{"exchange-credential"},
Env: []v1.ExecEnvVar{
{Name: "PINNIPED_K8S_API_ENDPOINT", Value: v1Cluster.Server},
{Name: "PINNIPED_CA_BUNDLE", Value: string(v1Cluster.CertificateAuthorityData)},
{Name: "PINNIPED_TOKEN", Value: token},
{
Name: "PINNIPED_K8S_API_ENDPOINT",
Value: v1Cluster.Server,
},
{
Name: "PINNIPED_CA_BUNDLE",
Value: string(v1Cluster.CertificateAuthorityData)},
{
Name: "PINNIPED_NAMESPACE",
Value: namespace,
},
{
Name: "PINNIPED_TOKEN",
Value: token,
},
},
APIVersion: clientauthenticationv1beta1.SchemeGroupVersion.String(),
InstallHint: "The Pinniped CLI is required to authenticate to the current cluster.\n" +

11
cmd/pinniped/cmd/get_kubeconfig_test.go
View File

@ -201,7 +201,7 @@ func TestNewGetKubeConfigCmd(t *testing.T) {
}
//nolint: unparam
func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnipedEndpoint, pinnipedCABundle string) string {
func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnipedEndpoint, pinnipedCABundle, namespace string) string {
return here.Docf(`
apiVersion: v1
clusters:
@ -230,12 +230,14 @@ func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnip
value: %s
- name: PINNIPED_CA_BUNDLE
value: %s
- name: PINNIPED_NAMESPACE
value: %s
- name: PINNIPED_TOKEN
value: %s
installHint: |-
The Pinniped CLI is required to authenticate to the current cluster.
For more information, please visit https://pinniped.dev
`, clusterCAData, clusterServer, command, pinnipedEndpoint, pinnipedCABundle, token)
`, clusterCAData, clusterServer, command, pinnipedEndpoint, pinnipedCABundle, namespace, token)
}
func newCredentialIssuerConfig(server, certificateAuthorityData string) *crdpinnipedv1alpha1.CredentialIssuerConfig {
@ -311,6 +313,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token",
"https://fake-server-url-value",
"fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String())
})
@ -358,6 +361,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token",
"https://some-other-fake-server-url-value",
"some-other-fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String())
})
})
@ -449,6 +453,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token",
"https://fake-server-url-value",
"fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String())
})
})
@ -512,6 +517,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token",
"https://fake-server-url-value",
"fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String())
})
})
@ -552,6 +558,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token",
"https://fake-server-url-value",
"fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String())
})
})