From ab87977c080801a74d7fa7372b89bb364eb6b20c Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Fri, 13 Nov 2020 12:09:22 -0600 Subject: [PATCH] Put our TokenCredentialRequest API into the "pinniped" category. Signed-off-by: Matt Moyer --- internal/registry/credentialrequest/rest.go | 20 ++++++++++++------- .../registry/credentialrequest/rest_test.go | 1 + test/integration/kube_api_discovery_test.go | 9 +++------ 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/internal/registry/credentialrequest/rest.go b/internal/registry/credentialrequest/rest.go index 4dbfe7c5..8e2dd8e7 100644 --- a/internal/registry/credentialrequest/rest.go +++ b/internal/registry/credentialrequest/rest.go @@ -24,13 +24,6 @@ import ( // clientCertificateTTL is the TTL for short-lived client certificates returned by this API. const clientCertificateTTL = 1 * time.Hour -type Storage interface { - rest.Creater - rest.NamespaceScopedStrategy - rest.Scoper - rest.Storage -} - type CertIssuer interface { IssuePEM(subject pkix.Name, dnsNames []string, ttl time.Duration) ([]byte, []byte, error) } @@ -51,6 +44,15 @@ type REST struct { issuer CertIssuer } +// Assert that our *REST implements all the optional interfaces that we expect it to implement. +var _ interface { + rest.Creater + rest.NamespaceScopedStrategy + rest.Scoper + rest.Storage + rest.CategoriesProvider +} = (*REST)(nil) + func (*REST) New() runtime.Object { return &loginapi.TokenCredentialRequest{} } @@ -59,6 +61,10 @@ func (*REST) NamespaceScoped() bool { return true } +func (*REST) Categories() []string { + return []string{"pinniped"} +} + func (r *REST) Create(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions) (runtime.Object, error) { t := trace.FromContext(ctx).Nest("create", trace.Field{ Key: "kind", diff --git a/internal/registry/credentialrequest/rest_test.go b/internal/registry/credentialrequest/rest_test.go index 4bebbc53..9626b4f5 100644 --- a/internal/registry/credentialrequest/rest_test.go +++ b/internal/registry/credentialrequest/rest_test.go @@ -31,6 +31,7 @@ func TestNew(t *testing.T) { r := NewREST(nil, nil) require.NotNil(t, r) require.True(t, r.NamespaceScoped()) + require.Equal(t, []string{"pinniped"}, r.Categories()) require.IsType(t, &loginapi.TokenCredentialRequest{}, r.New()) } diff --git a/test/integration/kube_api_discovery_test.go b/test/integration/kube_api_discovery_test.go index de17b8a3..d04b1b42 100644 --- a/test/integration/kube_api_discovery_test.go +++ b/test/integration/kube_api_discovery_test.go @@ -17,8 +17,7 @@ import ( func TestGetAPIResourceList(t *testing.T) { library.SkipUnlessIntegration(t) - client := library.NewConciergeClientset(t) - + client := library.NewClientset(t) groups, resources, err := client.Discovery().ServerGroupsAndResources() require.NoError(t, err) @@ -47,6 +46,7 @@ func TestGetAPIResourceList(t *testing.T) { Kind: "TokenCredentialRequest", Verbs: []string{"create"}, Namespaced: true, + Categories: []string{"pinniped"}, }, }, }, @@ -188,14 +188,11 @@ func TestGetAPIResourceList(t *testing.T) { continue } for _, a := range r.APIResources { - assert.NotContainsf(t, a.Categories, "all", "expected resource %q not to be in the 'all' category", a.Name) if strings.HasSuffix(a.Name, "/status") { continue } - if a.Kind == "TokenCredentialRequest" { - continue - } assert.Containsf(t, a.Categories, "pinniped", "expected resource %q to be in the 'pinniped' category", a.Name) + assert.NotContainsf(t, a.Categories, "all", "expected resource %q not to be in the 'all' category", a.Name) } } })