library

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2021 License: Apache-2.0 Imports: 39 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AccessAsGroupTest added in v0.2.0 

func AccessAsGroupTest(
	ctx context.Context,
	testGroup string,
	clientUnderTest kubernetes.Interface,
) func(t *testing.T)

AccessAsGroupTest runs a generic test in which a clientUnderTest with membership in group testGroup tries to auth to the kube API (i.e., list namespaces).

Use this function if you want to simply validate that a user can auth to the kube API (via a group membership) after performing a Pinniped credential exchange.

func AccessAsGroupWithKubectlTest added in v0.2.0 

func AccessAsGroupWithKubectlTest(
	testKubeConfigYAML string,
	testGroup string,
	expectedNamespace string,
) func(t *testing.T)

func AccessAsUserTest added in v0.2.0 

func AccessAsUserTest(
	ctx context.Context,
	testUsername string,
	clientUnderTest kubernetes.Interface,
) func(t *testing.T)

AccessAsUserTest runs a generic test in which a clientUnderTest operating with username testUsername tries to auth to the kube API (i.e., list namespaces).

Use this function if you want to simply validate that a user can auth to the kube API after performing a Pinniped credential exchange.

func AccessAsUserWithKubectlTest added in v0.2.0 

func AccessAsUserWithKubectlTest(
	testKubeConfigYAML string,
	testUsername string,
	expectedNamespace string,
) func(t *testing.T)

func AssertNoRestartsDuringTest added in v0.5.0 

func AssertNoRestartsDuringTest(t *testing.T, namespace, labelSelector string)

NewRestartAssertion allows a caller to assert that there were no restarts for a Pod in the provided namespace with the provided labelSelector during the lifetime of a test.

func CreateClientCredsSecret added in v0.3.0 

func CreateClientCredsSecret(t *testing.T, clientID string, clientSecret string) *corev1.Secret

func CreateTestClusterRoleBinding added in v0.3.0 

func CreateTestClusterRoleBinding(t *testing.T, subject rbacv1.Subject, roleRef rbacv1.RoleRef) *rbacv1.ClusterRoleBinding

func CreateTestFederationDomain added in v0.3.0 

func CreateTestFederationDomain(ctx context.Context, t *testing.T, issuer string, certSecretName string, expectStatus configv1alpha1.FederationDomainStatusCondition) *configv1alpha1.FederationDomain

CreateTestFederationDomain creates and returns a test FederationDomain in $PINNIPED_TEST_SUPERVISOR_NAMESPACE, which will be automatically deleted at the end of the current test's lifetime. It generates a random, valid, issuer for the FederationDomain.

If the provided issuer is not the empty string, then it will be used for the FederationDomain.Spec.Issuer field. Else, a random issuer will be generated.

func CreateTestJWTAuthenticator added in v0.3.0 

func CreateTestJWTAuthenticator(ctx context.Context, t *testing.T, spec auth1alpha1.JWTAuthenticatorSpec) corev1.TypedLocalObjectReference

CreateTestJWTAuthenticator creates and returns a test JWTAuthenticator in $PINNIPED_TEST_CONCIERGE_NAMESPACE, which will be automatically deleted at the end of the current test's lifetime. It returns a corev1.TypedLocalObjectReference which describes the test JWT authenticator within the test namespace.

func CreateTestJWTAuthenticatorForCLIUpstream added in v0.3.0 

func CreateTestJWTAuthenticatorForCLIUpstream(ctx context.Context, t *testing.T) corev1.TypedLocalObjectReference

CreateTestJWTAuthenticatorForCLIUpstream creates and returns a test JWTAuthenticator in $PINNIPED_TEST_CONCIERGE_NAMESPACE, which will be automatically deleted at the end of the current test's lifetime. It returns a corev1.TypedLocalObjectReference which describes the test JWT authenticator within the test namespace.

CreateTestJWTAuthenticatorForCLIUpstream gets the OIDC issuer info from IntegrationEnv().CLITestUpstream.

func CreateTestOIDCIdentityProvider added in v0.3.0 

func CreateTestOIDCIdentityProvider(t *testing.T, spec idpv1alpha1.OIDCIdentityProviderSpec, expectedPhase idpv1alpha1.OIDCIdentityProviderPhase) *idpv1alpha1.OIDCIdentityProvider

func CreateTestSecret added in v0.3.0 

func CreateTestSecret(t *testing.T, namespace string, baseName string, secretType corev1.SecretType, stringData map[string]string) *corev1.Secret

func CreateTestWebhookAuthenticator added in v0.2.0 

func CreateTestWebhookAuthenticator(ctx context.Context, t *testing.T) corev1.TypedLocalObjectReference

CreateTestWebhookAuthenticator creates and returns a test WebhookAuthenticator in $PINNIPED_TEST_CONCIERGE_NAMESPACE, which will be automatically deleted at the end of the current test's lifetime. It returns a corev1.TypedLocalObjectReference which describes the test webhook authenticator within the test namespace.

func DumpLogs added in v0.3.0 

func DumpLogs(t *testing.T, namespace string, labelSelector string)

DumpLogs is meant to be called in a `defer` to dump the logs of components in the cluster on a test failure.

func LookupIP added in v0.3.0 

func LookupIP(ctx context.Context, hostname string) ([]net.IP, error)

LookupIP looks up the IP address of the provided hostname, preferring IPv4.

func MaskTokens added in v0.3.0 

func MaskTokens(in string) string

MaskTokens makes a best-effort attempt to mask out things that look like secret tokens in test output. The goal is more to have readable test output than for any security reason.

func NewAggregatedClientset 

func NewAggregatedClientset(t *testing.T) aggregatorclient.Interface

func NewAnonymousConciergeClientset added in v0.2.0 

func NewAnonymousConciergeClientset(t *testing.T) conciergeclientset.Interface

func NewClientConfig 

func NewClientConfig(t *testing.T) *rest.Config

func NewClientsetForKubeConfig 

func NewClientsetForKubeConfig(t *testing.T, kubeConfig string) kubernetes.Interface

func NewClientsetWithCertAndKey 

func NewClientsetWithCertAndKey(t *testing.T, clientCertificateData, clientKeyData string) kubernetes.Interface

func NewConciergeClientset added in v0.2.0 

func NewConciergeClientset(t *testing.T) conciergeclientset.Interface

func NewKubernetesClientset added in v0.5.0 

func NewKubernetesClientset(t *testing.T) kubernetes.Interface

func NewLoggerReader added in v0.2.0 

func NewLoggerReader(t *testing.T, name string, reader io.Reader) io.Reader

NewLoggerReader wraps an io.Reader to log its input and output. It also performs some heuristic token masking.

func NewRestConfigFromKubeconfig added in v0.3.0 

func NewRestConfigFromKubeconfig(t *testing.T, kubeConfig string) *rest.Config

func NewSupervisorClientset added in v0.2.0 

func NewSupervisorClientset(t *testing.T) supervisorclientset.Interface

func PinnipedCLIPath added in v0.3.0 

func PinnipedCLIPath(t *testing.T) string

PinnipedCLIPath returns the path to the Pinniped CLI binary, built on demand and cached between tests.

func RandHex added in v0.3.0 

func RandHex(t *testing.T, numBytes int) string

func RequireEventuallyWithoutError added in v0.4.0 

func RequireEventuallyWithoutError(
	t *testing.T,
	f func() (bool, error),
	waitFor time.Duration,
	tick time.Duration,
	msgAndArgs ...interface{},
)

RequireEventuallyWithoutError is a wrapper around require.Eventually() that allows the caller to return an error from the condition function. If the condition function returns an error at any point, the assertion will immediately fail.

func Sdump 

func Sdump(a ...interface{}) string

func SkipUnlessIntegration 

func SkipUnlessIntegration(t *testing.T)

SkipUnlessIntegration skips the current test if `-short` has been passed to `go test`.

Types

type Capability added in v0.2.0 

type Capability string
const (
	ClusterSigningKeyIsAvailable Capability = "clusterSigningKeyIsAvailable"
)

type TestEnv 

type TestEnv struct {
	ConciergeNamespace             string                               `json:"conciergeNamespace"`
	SupervisorNamespace            string                               `json:"supervisorNamespace"`
	ConciergeAppName               string                               `json:"conciergeAppName"`
	SupervisorAppName              string                               `json:"supervisorAppName"`
	SupervisorCustomLabels         map[string]string                    `json:"supervisorCustomLabels"`
	ConciergeCustomLabels          map[string]string                    `json:"conciergeCustomLabels"`
	Capabilities                   map[Capability]bool                  `json:"capabilities"`
	TestWebhook                    auth1alpha1.WebhookAuthenticatorSpec `json:"testWebhook"`
	SupervisorHTTPAddress          string                               `json:"supervisorHttpAddress"`
	SupervisorHTTPSAddress         string                               `json:"supervisorHttpsAddress"`
	SupervisorHTTPSIngressAddress  string                               `json:"supervisorHttpsIngressAddress"`
	SupervisorHTTPSIngressCABundle string                               `json:"supervisorHttpsIngressCABundle"`
	Proxy                          string                               `json:"proxy"`
	APIGroupSuffix                 string                               `json:"apiGroupSuffix"`

	TestUser struct {
		Token            string   `json:"token"`
		ExpectedUsername string   `json:"expectedUsername"`
		ExpectedGroups   []string `json:"expectedGroups"`
	} `json:"testUser"`

	CLITestUpstream        TestOIDCUpstream `json:"cliOIDCUpstream"`
	SupervisorTestUpstream TestOIDCUpstream `json:"supervisorOIDCUpstream"`
	// contains filtered or unexported fields
}

TestEnv captures all the external parameters consumed by our integration tests.

func IntegrationEnv 

func IntegrationEnv(t *testing.T) *TestEnv

IntegrationEnv gets the integration test environment from OS environment variables. This method also implies SkipUnlessIntegration().

func (*TestEnv) HasCapability 

func (e *TestEnv) HasCapability(cap Capability) bool

func (*TestEnv) ProxyEnv added in v0.3.0 

func (e *TestEnv) ProxyEnv() []string

ProxyEnv returns a set of environment variable strings (e.g., to combine with os.Environ()) which set up the configured test HTTP proxy.

func (*TestEnv) WithCapability 

func (e *TestEnv) WithCapability(cap Capability) *TestEnv

func (*TestEnv) WithoutCapability 

func (e *TestEnv) WithoutCapability(cap Capability) *TestEnv

type TestOIDCUpstream added in v0.3.0 

type TestOIDCUpstream struct {
	Issuer           string   `json:"issuer"`
	CABundle         string   `json:"caBundle"`
	AdditionalScopes []string `json:"additionalScopes"`
	UsernameClaim    string   `json:"usernameClaim"`
	GroupsClaim      string   `json:"groupsClaim"`
	ClientID         string   `json:"clientID"`
	ClientSecret     string   `json:"clientSecret"`
	CallbackURL      string   `json:"callback"`
	Username         string   `json:"username"`
	Password         string   `json:"password"`
	ExpectedGroups   []string `json:"expectedGroups"`
}

Source Files

View all Source files

Directories

Path Synopsis
Package browsertest provides integration test helpers for our browser-based tests.
 Package browsertest provides integration test helpers for our browser-based tests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.