CLI's get-kubeconfig subcommand now also sets PINNIPED_NAMESPACE env var

This commit is contained in:
Ryan Richard 2020-09-17 16:05:56 -07:00
parent 079e07a51f
commit a479450940
2 changed files with 26 additions and 7 deletions

View File

@ -201,7 +201,7 @@ func getKubeConfig(
return err return err
} }
config := newPinnipedKubeconfig(v1Cluster, fullPathToSelf, token) config := newPinnipedKubeconfig(v1Cluster, fullPathToSelf, token, pinnipedInstallationNamespace)
err = writeConfigAsYAML(outputWriter, config) err = writeConfigAsYAML(outputWriter, config)
if err != nil { if err != nil {
@ -298,7 +298,7 @@ func copyCurrentClusterFromExistingKubeConfig(currentKubeConfig clientcmdapi.Con
return v1Cluster, nil return v1Cluster, nil
} }
func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token string) v1.Config { func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token string, namespace string) v1.Config {
clusterName := "pinniped-cluster" clusterName := "pinniped-cluster"
userName := "pinniped-user" userName := "pinniped-user"
@ -329,9 +329,21 @@ func newPinnipedKubeconfig(v1Cluster v1.Cluster, fullPathToSelf string, token st
Command: fullPathToSelf, Command: fullPathToSelf,
Args: []string{"exchange-credential"}, Args: []string{"exchange-credential"},
Env: []v1.ExecEnvVar{ Env: []v1.ExecEnvVar{
{Name: "PINNIPED_K8S_API_ENDPOINT", Value: v1Cluster.Server}, {
{Name: "PINNIPED_CA_BUNDLE", Value: string(v1Cluster.CertificateAuthorityData)}, Name: "PINNIPED_K8S_API_ENDPOINT",
{Name: "PINNIPED_TOKEN", Value: token}, Value: v1Cluster.Server,
},
{
Name: "PINNIPED_CA_BUNDLE",
Value: string(v1Cluster.CertificateAuthorityData)},
{
Name: "PINNIPED_NAMESPACE",
Value: namespace,
},
{
Name: "PINNIPED_TOKEN",
Value: token,
},
}, },
APIVersion: clientauthenticationv1beta1.SchemeGroupVersion.String(), APIVersion: clientauthenticationv1beta1.SchemeGroupVersion.String(),
InstallHint: "The Pinniped CLI is required to authenticate to the current cluster.\n" + InstallHint: "The Pinniped CLI is required to authenticate to the current cluster.\n" +

View File

@ -201,7 +201,7 @@ func TestNewGetKubeConfigCmd(t *testing.T) {
} }
//nolint: unparam //nolint: unparam
func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnipedEndpoint, pinnipedCABundle string) string { func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnipedEndpoint, pinnipedCABundle, namespace string) string {
return here.Docf(` return here.Docf(`
apiVersion: v1 apiVersion: v1
clusters: clusters:
@ -230,12 +230,14 @@ func expectedKubeconfigYAML(clusterCAData, clusterServer, command, token, pinnip
value: %s value: %s
- name: PINNIPED_CA_BUNDLE - name: PINNIPED_CA_BUNDLE
value: %s value: %s
- name: PINNIPED_NAMESPACE
value: %s
- name: PINNIPED_TOKEN - name: PINNIPED_TOKEN
value: %s value: %s
installHint: |- installHint: |-
The Pinniped CLI is required to authenticate to the current cluster. The Pinniped CLI is required to authenticate to the current cluster.
For more information, please visit https://pinniped.dev For more information, please visit https://pinniped.dev
`, clusterCAData, clusterServer, command, pinnipedEndpoint, pinnipedCABundle, token) `, clusterCAData, clusterServer, command, pinnipedEndpoint, pinnipedCABundle, namespace, token)
} }
func newCredentialIssuerConfig(server, certificateAuthorityData string) *crdpinnipedv1alpha1.CredentialIssuerConfig { func newCredentialIssuerConfig(server, certificateAuthorityData string) *crdpinnipedv1alpha1.CredentialIssuerConfig {
@ -311,6 +313,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token", "some-token",
"https://fake-server-url-value", "https://fake-server-url-value",
"fake-certificate-authority-data-value", "fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String()) ), outputBuffer.String())
}) })
@ -358,6 +361,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token", "some-token",
"https://some-other-fake-server-url-value", "https://some-other-fake-server-url-value",
"some-other-fake-certificate-authority-data-value", "some-other-fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String()) ), outputBuffer.String())
}) })
}) })
@ -449,6 +453,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token", "some-token",
"https://fake-server-url-value", "https://fake-server-url-value",
"fake-certificate-authority-data-value", "fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String()) ), outputBuffer.String())
}) })
}) })
@ -512,6 +517,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token", "some-token",
"https://fake-server-url-value", "https://fake-server-url-value",
"fake-certificate-authority-data-value", "fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String()) ), outputBuffer.String())
}) })
}) })
@ -552,6 +558,7 @@ func TestGetKubeConfig(t *testing.T) {
"some-token", "some-token",
"https://fake-server-url-value", "https://fake-server-url-value",
"fake-certificate-authority-data-value", "fake-certificate-authority-data-value",
"some-namespace",
), outputBuffer.String()) ), outputBuffer.String())
}) })
}) })