CLI's get-kubeconfig
subcommand now also sets PINNIPED_NAMESPACE env var
This commit is contained in:
parent
079e07a51f
commit
a479450940
@ -201,7 +201,7 @@ func getKubeConfig(
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
config := newPinnipedKubeconfig(v1Cluster, fullPathToSelf, token)
|
config := newPinnipedKubeconfig(v1Cluster, fullPathToSelf, token, pinnipedInstallationNamespace)
|
||||||
|
|
||||||
err = writeConfigAsYAML(outputWriter, config)
|
err = writeConfigAsYAML(outputWriter, config)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -298,7 +298,7 @@ func copyCurrentClusterFromExistingKubeConfig(currentKubeConfig clientcmdapi.Con
|
|||||||
return v1Cluster, nil
|
return v1Cluster, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token string) v1.Config {
|
func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token string, namespace string) v1.Config {
|
||||||
clusterName := "pinniped-cluster"
|
clusterName := "pinniped-cluster"
|
||||||
userName := "pinniped-user"
|
userName := "pinniped-user"
|
||||||
|
|
||||||
@ -329,9 +329,21 @@ func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token st
|
|||||||
Command: fullPathToSelf,
|
Command: fullPathToSelf,
|
||||||
Args: []string{"exchange-credential"},
|
Args: []string{"exchange-credential"},
|
||||||
Env: []v1.ExecEnvVar{
|
Env: []v1.ExecEnvVar{
|
||||||
{Name: "PINNIPED_K8S_API_ENDPOINT", Value: v1Cluster.Server},
|
{
|
||||||
{Name: "PINNIPED_CA_BUNDLE", Value: string(v1Cluster.CertificateAuthorityData)},
|
Name: "PINNIPED_K8S_API_ENDPOINT",
|
||||||
{Name: "PINNIPED_TOKEN", Value: token},
|
Value: v1Cluster.Server,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "PINNIPED_CA_BUNDLE",
|
||||||
|
Value: string(v1Cluster.CertificateAuthorityData)},
|
||||||
|
{
|
||||||
|
Name: "PINNIPED_NAMESPACE",
|
||||||
|
Value: namespace,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "PINNIPED_TOKEN",
|
||||||
|
Value: token,
|
||||||
|
},
|
||||||
},
|
},
|
||||||
APIVersion: clientauthenticationv1beta1.SchemeGroupVersion.String(),
|
APIVersion: clientauthenticationv1beta1.SchemeGroupVersion.String(),
|
||||||
InstallHint: "The Pinniped CLI is required to authenticate to the current cluster.\n" +
|
InstallHint: "The Pinniped CLI is required to authenticate to the current cluster.\n" +
|
||||||
|
@ -201,7 +201,7 @@ func TestNewGetKubeConfigCmd(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
//nolint: unparam
|
//nolint: unparam
|
||||||
func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnipedEndpoint, pinnipedCABundle string) string {
|
func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnipedEndpoint, pinnipedCABundle, namespace string) string {
|
||||||
return here.Docf(`
|
return here.Docf(`
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
clusters:
|
clusters:
|
||||||
@ -230,12 +230,14 @@ func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnip
|
|||||||
value: %s
|
value: %s
|
||||||
- name: PINNIPED_CA_BUNDLE
|
- name: PINNIPED_CA_BUNDLE
|
||||||
value: %s
|
value: %s
|
||||||
|
- name: PINNIPED_NAMESPACE
|
||||||
|
value: %s
|
||||||
- name: PINNIPED_TOKEN
|
- name: PINNIPED_TOKEN
|
||||||
value: %s
|
value: %s
|
||||||
installHint: |-
|
installHint: |-
|
||||||
The Pinniped CLI is required to authenticate to the current cluster.
|
The Pinniped CLI is required to authenticate to the current cluster.
|
||||||
For more information, please visit https://pinniped.dev
|
For more information, please visit https://pinniped.dev
|
||||||
`, clusterCAData, clusterServer, command, pinnipedEndpoint, pinnipedCABundle, token)
|
`, clusterCAData, clusterServer, command, pinnipedEndpoint, pinnipedCABundle, namespace, token)
|
||||||
}
|
}
|
||||||
|
|
||||||
func newCredentialIssuerConfig(server, certificateAuthorityData string) *crdpinnipedv1alpha1.CredentialIssuerConfig {
|
func newCredentialIssuerConfig(server, certificateAuthorityData string) *crdpinnipedv1alpha1.CredentialIssuerConfig {
|
||||||
@ -311,6 +313,7 @@ func TestGetKubeConfig(t *testing.T) {
|
|||||||
"some-token",
|
"some-token",
|
||||||
"https://fake-server-url-value",
|
"https://fake-server-url-value",
|
||||||
"fake-certificate-authority-data-value",
|
"fake-certificate-authority-data-value",
|
||||||
|
"some-namespace",
|
||||||
), outputBuffer.String())
|
), outputBuffer.String())
|
||||||
})
|
})
|
||||||
|
|
||||||
@ -358,6 +361,7 @@ func TestGetKubeConfig(t *testing.T) {
|
|||||||
"some-token",
|
"some-token",
|
||||||
"https://some-other-fake-server-url-value",
|
"https://some-other-fake-server-url-value",
|
||||||
"some-other-fake-certificate-authority-data-value",
|
"some-other-fake-certificate-authority-data-value",
|
||||||
|
"some-namespace",
|
||||||
), outputBuffer.String())
|
), outputBuffer.String())
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
@ -449,6 +453,7 @@ func TestGetKubeConfig(t *testing.T) {
|
|||||||
"some-token",
|
"some-token",
|
||||||
"https://fake-server-url-value",
|
"https://fake-server-url-value",
|
||||||
"fake-certificate-authority-data-value",
|
"fake-certificate-authority-data-value",
|
||||||
|
"some-namespace",
|
||||||
), outputBuffer.String())
|
), outputBuffer.String())
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
@ -512,6 +517,7 @@ func TestGetKubeConfig(t *testing.T) {
|
|||||||
"some-token",
|
"some-token",
|
||||||
"https://fake-server-url-value",
|
"https://fake-server-url-value",
|
||||||
"fake-certificate-authority-data-value",
|
"fake-certificate-authority-data-value",
|
||||||
|
"some-namespace",
|
||||||
), outputBuffer.String())
|
), outputBuffer.String())
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
@ -552,6 +558,7 @@ func TestGetKubeConfig(t *testing.T) {
|
|||||||
"some-token",
|
"some-token",
|
||||||
"https://fake-server-url-value",
|
"https://fake-server-url-value",
|
||||||
"fake-certificate-authority-data-value",
|
"fake-certificate-authority-data-value",
|
||||||
|
"some-namespace",
|
||||||
), outputBuffer.String())
|
), outputBuffer.String())
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
Loading…
Reference in New Issue
Block a user