- We want to follow the <noun>Request convention. - The actual operation does not login a user, but it does retrieve a credential with which they can login. - This commit includes changes to all LoginRequest-related symbols and constants to try to update their names to follow the new CredentialRequest type. Signed-off-by: Andrew Keesler <akeesler@vmware.com>
151 lines
4.8 KiB
151 lines
4.8 KiB
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
package main
import (
func TestRun(t *testing.T) {
spec.Run(t, "main.run", func(t *testing.T, when spec.G, it spec.S) {
var r *require.Assertions
var buffer *bytes.Buffer
var tokenExchanger tokenExchanger
var fakeEnv map[string]string
var envGetter envGetter = func(envVarName string) (string, bool) {
value, present := fakeEnv[envVarName]
if !present {
return "", false
return value, true
it.Before(func() {
r = require.New(t)
buffer = new(bytes.Buffer)
fakeEnv = map[string]string{
"PLACEHOLDER_NAME_TOKEN": "token from env",
"PLACEHOLDER_NAME_CA_BUNDLE": "ca bundle from env",
"PLACEHOLDER_NAME_K8S_API_ENDPOINT": "k8s api from env",
when("env vars are missing", func() {
it("returns an error when PLACEHOLDER_NAME_TOKEN is missing", func() {
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
r.EqualError(err, "failed to get credential: environment variable not set: PLACEHOLDER_NAME_TOKEN")
it("returns an error when PLACEHOLDER_NAME_CA_BUNDLE is missing", func() {
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
r.EqualError(err, "failed to get credential: environment variable not set: PLACEHOLDER_NAME_CA_BUNDLE")
it("returns an error when PLACEHOLDER_NAME_K8S_API_ENDPOINT is missing", func() {
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
r.EqualError(err, "failed to get credential: environment variable not set: PLACEHOLDER_NAME_K8S_API_ENDPOINT")
when("the token exchange fails", func() {
it.Before(func() {
tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {
return nil, fmt.Errorf("some error")
it("returns an error", func() {
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
r.EqualError(err, "failed to get credential: some error")
when("the JSON encoder fails", func() {
it.Before(func() {
tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {
return &client.Credential{Token: "some token"}, nil
it("returns an error", func() {
err := run(envGetter, tokenExchanger, &testutil.ErrorWriter{ReturnError: fmt.Errorf("some IO error")}, 30*time.Second)
r.EqualError(err, "failed to marshal response to stdout: some IO error")
when("the token exchange times out", func() {
it.Before(func() {
tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {
select {
case <-time.After(100 * time.Millisecond):
return &client.Credential{Token: "some token"}, nil
case <-ctx.Done():
return nil, ctx.Err()
it("returns an error", func() {
err := run(envGetter, tokenExchanger, buffer, 1*time.Millisecond)
r.EqualError(err, "failed to get credential: context deadline exceeded")
when("the token exchange succeeds", func() {
var actualToken, actualCaBundle, actualAPIEndpoint string
it.Before(func() {
tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {
actualToken, actualCaBundle, actualAPIEndpoint = token, caBundle, apiEndpoint
now := time.Date(2020, 7, 29, 1, 2, 3, 0, time.UTC)
return &client.Credential{
ExpirationTimestamp: &now,
ClientCertificateData: "some certificate",
ClientKeyData: "some key",
Token: "some token",
}, nil
it("writes the execCredential to the given writer", func() {
err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
r.Equal(fakeEnv["PLACEHOLDER_NAME_TOKEN"], actualToken)
r.Equal(fakeEnv["PLACEHOLDER_NAME_CA_BUNDLE"], actualCaBundle)
r.Equal(fakeEnv["PLACEHOLDER_NAME_K8S_API_ENDPOINT"], actualAPIEndpoint)
expected := `{
"kind": "ExecCredential",
"apiVersion": "client.authentication.k8s.io/v1beta1",
"spec": {},
"status": {
"clientCertificateData": "some certificate",
"clientKeyData":"some key",
"token": "some token"
r.JSONEq(expected, buffer.String())
}, spec.Parallel(), spec.Report(report.Terminal{}))