8f27219ac9
It seems that google changed it from "the gcp auth plugin is deprecated in v1.22+, unavailable in v1.25+; use gcloud instead" to instead say "unavailable in v1.26+". Make the matcher in category_test.go more loose to allow both to match.
108 lines
4.0 KiB
Go
108 lines
4.0 KiB
Go
// Copyright 2021-2022 the Pinniped contributors. All Rights Reserved.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package integration
|
|
|
|
import (
|
|
"bytes"
|
|
"os/exec"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"go.pinniped.dev/test/testlib"
|
|
)
|
|
|
|
func runTestKubectlCommand(t *testing.T, args ...string) (string, string) {
|
|
t.Helper()
|
|
var stdOut, stdErr bytes.Buffer
|
|
testlib.RequireEventually(t, func(requireEventually *require.Assertions) {
|
|
stdOut.Reset()
|
|
stdErr.Reset()
|
|
cmd := exec.Command("kubectl", args...)
|
|
cmd.Stdout = &stdOut
|
|
cmd.Stderr = &stdErr
|
|
requireEventually.NoError(cmd.Run())
|
|
}, 120*time.Second, 200*time.Millisecond)
|
|
return stdOut.String(), stdErr.String()
|
|
}
|
|
|
|
func requireCleanKubectlStderr(t *testing.T, stderr string) {
|
|
// Every line must be empty or contain a known, innocuous warning.
|
|
for _, line := range strings.Split(stderr, "\n") {
|
|
switch {
|
|
case strings.TrimSpace(line) == "",
|
|
strings.Contains(line, "Throttling request took"),
|
|
strings.Contains(line, "due to client-side throttling, not priority and fairness"),
|
|
strings.Contains(line, "the gcp auth plugin is deprecated in v1.22+, unavailable in "),
|
|
strings.Contains(line, "To learn more, consult https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke"):
|
|
// ignore these allowed stderr lines
|
|
default:
|
|
// anything else is a failure
|
|
require.Failf(t, "unexpected kubectl stderr", "kubectl produced unexpected stderr:\n%s\n\n", stderr)
|
|
return
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestGetPinnipedCategory(t *testing.T) {
|
|
env := testlib.IntegrationEnv(t)
|
|
dotSuffix := "." + env.APIGroupSuffix
|
|
|
|
t.Run("category, no special params", func(t *testing.T) {
|
|
t.Parallel()
|
|
stdout, stderr := runTestKubectlCommand(t, "get", "pinniped", "-A")
|
|
requireCleanKubectlStderr(t, stderr)
|
|
require.NotContains(t, stdout, "MethodNotAllowed")
|
|
require.Contains(t, stdout, dotSuffix)
|
|
})
|
|
|
|
t.Run("category, table params", func(t *testing.T) {
|
|
t.Parallel()
|
|
stdout, stderr := runTestKubectlCommand(t, "get", "pinniped", "-A", "-o", "wide", "-v", "10")
|
|
require.NotContains(t, stdout, "MethodNotAllowed")
|
|
require.Contains(t, stdout, dotSuffix)
|
|
require.Contains(t, stderr, `"kind":"Table"`)
|
|
require.Contains(t, stderr, `"resourceVersion":"0"`)
|
|
require.Contains(t, stderr, `/v1alpha1/tokencredentialrequests`)
|
|
require.Contains(t, stderr, `/v1alpha1/whoamirequests`)
|
|
})
|
|
|
|
t.Run("list, no special params", func(t *testing.T) {
|
|
t.Parallel()
|
|
stdout, stderr := runTestKubectlCommand(t, "get", "tokencredentialrequests.login.concierge"+dotSuffix, "-A")
|
|
require.Empty(t, stdout)
|
|
require.NotContains(t, stderr, "MethodNotAllowed")
|
|
require.Contains(t, stderr, `No resources found`)
|
|
})
|
|
|
|
t.Run("list, table params", func(t *testing.T) {
|
|
t.Parallel()
|
|
stdout, stderr := runTestKubectlCommand(t, "get", "tokencredentialrequests.login.concierge"+dotSuffix, "-A", "-o", "wide", "-v", "10")
|
|
require.Empty(t, stdout)
|
|
require.NotContains(t, stderr, "MethodNotAllowed")
|
|
require.Contains(t, stderr, `"kind":"Table"`)
|
|
require.Contains(t, stderr, `"resourceVersion":"0"`)
|
|
})
|
|
|
|
t.Run("raw request to see body, token cred", func(t *testing.T) {
|
|
t.Parallel()
|
|
stdout, stderr := runTestKubectlCommand(t, "get", "--raw", "/apis/login.concierge"+dotSuffix+"/v1alpha1/tokencredentialrequests")
|
|
require.NotContains(t, stdout, "MethodNotAllowed")
|
|
require.Contains(t, stdout, `{"kind":"TokenCredentialRequestList","apiVersion":"login.concierge`+
|
|
dotSuffix+`/v1alpha1","metadata":{"resourceVersion":"0"},"items":[]}`)
|
|
requireCleanKubectlStderr(t, stderr)
|
|
})
|
|
|
|
t.Run("raw request to see body, whoami", func(t *testing.T) {
|
|
t.Parallel()
|
|
stdout, stderr := runTestKubectlCommand(t, "get", "--raw", "/apis/identity.concierge"+dotSuffix+"/v1alpha1/whoamirequests")
|
|
require.NotContains(t, stdout, "MethodNotAllowed")
|
|
require.Contains(t, stdout, `{"kind":"WhoAmIRequestList","apiVersion":"identity.concierge`+
|
|
dotSuffix+`/v1alpha1","metadata":{"resourceVersion":"0"},"items":[]}`)
|
|
requireCleanKubectlStderr(t, stderr)
|
|
})
|
|
}
|