Put our TokenCredentialRequest API into the "pinniped" category.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer 2020-11-13 12:09:22 -06:00
parent 785a1d14fb
commit ab87977c08
No known key found for this signature in database
GPG Key ID: EAE88AD172C5AE2D
3 changed files with 17 additions and 13 deletions

View File

@ -24,13 +24,6 @@ import (
// clientCertificateTTL is the TTL for short-lived client certificates returned by this API. // clientCertificateTTL is the TTL for short-lived client certificates returned by this API.
const clientCertificateTTL = 1 * time.Hour const clientCertificateTTL = 1 * time.Hour
type Storage interface {
rest.Creater
rest.NamespaceScopedStrategy
rest.Scoper
rest.Storage
}
type CertIssuer interface { type CertIssuer interface {
IssuePEM(subject pkix.Name, dnsNames []string, ttl time.Duration) ([]byte, []byte, error) IssuePEM(subject pkix.Name, dnsNames []string, ttl time.Duration) ([]byte, []byte, error)
} }
@ -51,6 +44,15 @@ type REST struct {
issuer CertIssuer issuer CertIssuer
} }
// Assert that our *REST implements all the optional interfaces that we expect it to implement.
var _ interface {
rest.Creater
rest.NamespaceScopedStrategy
rest.Scoper
rest.Storage
rest.CategoriesProvider
} = (*REST)(nil)
func (*REST) New() runtime.Object { func (*REST) New() runtime.Object {
return &loginapi.TokenCredentialRequest{} return &loginapi.TokenCredentialRequest{}
} }
@ -59,6 +61,10 @@ func (*REST) NamespaceScoped() bool {
return true return true
} }
func (*REST) Categories() []string {
return []string{"pinniped"}
}
func (r *REST) Create(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions) (runtime.Object, error) { func (r *REST) Create(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions) (runtime.Object, error) {
t := trace.FromContext(ctx).Nest("create", trace.Field{ t := trace.FromContext(ctx).Nest("create", trace.Field{
Key: "kind", Key: "kind",

View File

@ -31,6 +31,7 @@ func TestNew(t *testing.T) {
r := NewREST(nil, nil) r := NewREST(nil, nil)
require.NotNil(t, r) require.NotNil(t, r)
require.True(t, r.NamespaceScoped()) require.True(t, r.NamespaceScoped())
require.Equal(t, []string{"pinniped"}, r.Categories())
require.IsType(t, &loginapi.TokenCredentialRequest{}, r.New()) require.IsType(t, &loginapi.TokenCredentialRequest{}, r.New())
} }

View File

@ -17,8 +17,7 @@ import (
func TestGetAPIResourceList(t *testing.T) { func TestGetAPIResourceList(t *testing.T) {
library.SkipUnlessIntegration(t) library.SkipUnlessIntegration(t)
client := library.NewConciergeClientset(t) client := library.NewClientset(t)
groups, resources, err := client.Discovery().ServerGroupsAndResources() groups, resources, err := client.Discovery().ServerGroupsAndResources()
require.NoError(t, err) require.NoError(t, err)
@ -47,6 +46,7 @@ func TestGetAPIResourceList(t *testing.T) {
Kind: "TokenCredentialRequest", Kind: "TokenCredentialRequest",
Verbs: []string{"create"}, Verbs: []string{"create"},
Namespaced: true, Namespaced: true,
Categories: []string{"pinniped"},
}, },
}, },
}, },
@ -188,14 +188,11 @@ func TestGetAPIResourceList(t *testing.T) {
continue continue
} }
for _, a := range r.APIResources { for _, a := range r.APIResources {
assert.NotContainsf(t, a.Categories, "all", "expected resource %q not to be in the 'all' category", a.Name)
if strings.HasSuffix(a.Name, "/status") { if strings.HasSuffix(a.Name, "/status") {
continue continue
} }
if a.Kind == "TokenCredentialRequest" {
continue
}
assert.Containsf(t, a.Categories, "pinniped", "expected resource %q to be in the 'pinniped' category", a.Name) assert.Containsf(t, a.Categories, "pinniped", "expected resource %q to be in the 'pinniped' category", a.Name)
assert.NotContainsf(t, a.Categories, "all", "expected resource %q not to be in the 'all' category", a.Name)
} }
} }
}) })