README

How to Test Manually

  • $ minikube start
  • In the Vault folder, $ make dev XC_ARCH=amd64 XC_OS=linux XC_OSARCH=linux/amd64
  • Create a file called vault-test.yaml with the following contents:
apiVersion: v1
kind: Pod
metadata:
  name: vault
spec:
  containers:
    - name: nginx
      image: nginx
      command: [ "sh", "-c"]
      args:
      - while true; do
          echo -en '\n';
          printenv VAULT_K8S_POD_NAME VAULT_K8S_NAMESPACE;
          sleep 10;
        done;
      env:
        - name: VAULT_K8S_POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: VAULT_K8S_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
  restartPolicy: Never
  • Create the pod: $ kubectl apply -f vault-test.yaml
  • View the full initial state of the pod: $ kubectl get pod vault -o=yaml > initialstate.txt
  • Drop the Vault binary into the pod: $ kubectl cp bin/vault /vault:/
  • Drop to the shell within the pod: $ kubectl exec -it vault -- /bin/bash
  • Install a text editor: $ apt-get update, $ apt-get install nano
  • Write a test Vault config to vault.config like:
storage "inmem" {}
service_registration "kubernetes" {}
disable_mlock = true
ui = true
api_addr = "http://127.0.0.1:8200"
log_level = "debug"
  • Run Vault: $ ./vault server -config=vault.config -dev -dev-root-token-id=root
  • If 403's are received, you may need to grant RBAC, example here: https://github.com/fabric8io/fabric8/issues/6840#issuecomment-307560275
  • In a separate window outside the pod, view the resulting state of the pod: $ kubectl get pod vault -o=yaml > currentstate.txt
  • View the differences: $ diff initialstate.txt currentstate.txt
Expand ▾ Collapse ▴

Documentation

Index

Constants

View Source
const (
	ExpectedNamespace = "default"
	ExpectedPodName   = "shell-demo"
)

Variables

View Source
var (
	// ReturnGatewayTimeouts toggles whether the test server should return,
	// well, gateway timeouts...
	ReturnGatewayTimeouts = atomic.NewBool(false)
)

Functions

func Server

func Server(t *testing.T) (testState *State, testConf *Conf, closeFunc func())

    Server returns an http test server that can be used to test Kubernetes client code. It also retains the current state, and a func to close the server and to clean up any temporary files.

    Types

    type Conf

    type Conf struct {
    	ClientScheme, PathToTokenFile, PathToRootCAFile, ServiceHost, ServicePort string
    }

      Conf returns the info needed to configure the client to point at the test server. This must be done by the caller to avoid an import cycle between the client and the testserver. Example usage:

      client.Scheme = testConf.ClientScheme
      client.TokenFile = testConf.PathToTokenFile
      client.RootCAFile = testConf.PathToRootCAFile
      if err := os.Setenv(client.EnvVarKubernetesServiceHost, testConf.ServiceHost); err != nil {
      	t.Fatal(err)
      }
      if err := os.Setenv(client.EnvVarKubernetesServicePort, testConf.ServicePort); err != nil {
      	t.Fatal(err)
      }
      

      type State

      type State struct {
      	// contains filtered or unexported fields
      }

      func (*State) Get

      func (s *State) Get(key string) map[string]interface{}

      func (*State) NumPatches

      func (s *State) NumPatches() int

      Source Files