From d86b24ca2f1c136da5cf0e306726f9da2cfc3d8f Mon Sep 17 00:00:00 2001 From: Andrew Keesler Date: Mon, 19 Apr 2021 16:10:20 -0400 Subject: [PATCH] hack: add prepare-webhook-on-kind.sh Inspired from 7bb5657c4d5. I used this to help accept 2 stories today. Signed-off-by: Andrew Keesler --- hack/prepare-webhook-on-kind.sh | 37 +++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100755 hack/prepare-webhook-on-kind.sh diff --git a/hack/prepare-webhook-on-kind.sh b/hack/prepare-webhook-on-kind.sh new file mode 100755 index 00000000..7f67e3ac --- /dev/null +++ b/hack/prepare-webhook-on-kind.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash + +# Copyright 2021 the Pinniped contributors. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 + +# +# This script deploys a WebhookAuthenticator to use for manual testing. It +# assumes that you have run hack/prepare-for-integration-tests.sh while pointed +# at the current cluster. +# + +set -euo pipefail + +# Change working directory to the top of the repo. +ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)" +cd "$ROOT" + +# Read the env vars output by hack/prepare-for-integration-tests.sh. +source /tmp/integration-test-env + +# Create WebhookAuthenticator. +cat <&2 +kind: WebhookAuthenticator +apiVersion: authentication.concierge.pinniped.dev/v1alpha1 +metadata: + name: my-webhook +spec: + endpoint: ${PINNIPED_TEST_WEBHOOK_ENDPOINT} + tls: + certificateAuthorityData: ${PINNIPED_TEST_WEBHOOK_CA_BUNDLE} +EOF + +# Use the CLI to get a kubeconfig that will use this WebhookAuthenticator. +go build -o /tmp/pinniped ./cmd/pinniped +/tmp/pinniped get kubeconfig --static-token "$PINNIPED_TEST_USER_TOKEN" >/tmp/kubeconfig-with-webhook-auth.yaml + +echo "export KUBECONFIG=/tmp/kubeconfig-with-webhook-auth.yaml"