Add some debug logging when "pinniped get kubeconfig" fails to find a successful strategy.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer 2021-03-09 12:39:44 -06:00
parent 29d5e43220
commit d6a0dfa497
No known key found for this signature in database
GPG Key ID: EAE88AD172C5AE2D
2 changed files with 21 additions and 2 deletions

View File

@ -295,6 +295,14 @@ func discoverConciergeParams(credentialIssuer *configv1alpha1.CredentialIssuer,
// Autodiscover the --concierge-mode. // Autodiscover the --concierge-mode.
frontend, err := getConciergeFrontend(credentialIssuer, flags.concierge.mode) frontend, err := getConciergeFrontend(credentialIssuer, flags.concierge.mode)
if err != nil { if err != nil {
for _, strategy := range credentialIssuer.Status.Strategies {
log.Info("found CredentialIssuer strategy",
"type", strategy.Type,
"status", strategy.Status,
"reason", strategy.Reason,
"message", strategy.Message,
)
}
return err return err
} }

View File

@ -324,16 +324,27 @@ func TestGetKubeconfig(t *testing.T) {
`), `),
}, },
{ {
name: "autodetect webhook authenticator, bad credential issuer with no status", name: "autodetect webhook authenticator, bad credential issuer with only failing strategy",
args: []string{ args: []string{
"--kubeconfig", "./testdata/kubeconfig.yaml", "--kubeconfig", "./testdata/kubeconfig.yaml",
}, },
conciergeObjects: []runtime.Object{ conciergeObjects: []runtime.Object{
&configv1alpha1.CredentialIssuer{ObjectMeta: metav1.ObjectMeta{Name: "test-credential-issuer"}}, &configv1alpha1.CredentialIssuer{
ObjectMeta: metav1.ObjectMeta{Name: "test-credential-issuer"},
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{{
Type: "SomeType",
Status: configv1alpha1.ErrorStrategyStatus,
Reason: "SomeReason",
Message: "Some message",
}},
},
},
&conciergev1alpha1.WebhookAuthenticator{ObjectMeta: metav1.ObjectMeta{Name: "test-authenticator"}}, &conciergev1alpha1.WebhookAuthenticator{ObjectMeta: metav1.ObjectMeta{Name: "test-authenticator"}},
}, },
wantLogs: []string{ wantLogs: []string{
`"level"=0 "msg"="discovered CredentialIssuer" "name"="test-credential-issuer"`, `"level"=0 "msg"="discovered CredentialIssuer" "name"="test-credential-issuer"`,
`"level"=0 "msg"="found CredentialIssuer strategy" "message"="Some message" "reason"="SomeReason" "status"="Error" "type"="SomeType"`,
}, },
wantError: true, wantError: true,
wantStderr: here.Doc(` wantStderr: here.Doc(`