testlib

package
v0.39.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 16, 2025 License: Apache-2.0 Imports: 55 Imported by: 0

Documentation

Overview

Copyright 2022-2024 the Pinniped contributors. All Rights Reserved. SPDX-License-Identifier: Apache-2.0

Index

Constants

View Source 
const (
	ClusterSigningKeyIsAvailable     Capability = "clusterSigningKeyIsAvailable"
	AnonymousAuthenticationSupported Capability = "anonymousAuthenticationSupported"
	HasExternalLoadBalancerProvider  Capability = "hasExternalLoadBalancerProvider"
	CanReachInternetLDAPPorts        Capability = "canReachInternetLDAPPorts"

	KindDistro KubeDistro = "Kind"
	GKEDistro  KubeDistro = "GKE"
	AKSDistro  KubeDistro = "AKS"
	EKSDistro  KubeDistro = "EKS"
	TKGSDistro KubeDistro = "TKGS"
)
View Source 
const DefaultCipherSuitePreference = "client"

Because of a bug in nmap, the cipher suite preference is incorrectly shown as 'client' in some cases. in fips-only mode, it correctly shows the cipher preference as 'server', while in non-fips mode it shows as 'client'.

Variables

This section is empty.

Functions

func AccessAsGroupTest 

func AccessAsGroupTest(
	ctx context.Context,
	testGroup string,
	clientUnderTest kubernetes.Interface,
) func(t *testing.T)

AccessAsGroupTest runs a generic test in which a clientUnderTest with membership in group testGroup tries to auth to the kube API (i.e., list namespaces).

Use this function if you want to simply validate that a user can auth to the kube API (via a group membership) after performing a Pinniped credential exchange.

func AccessAsGroupWithKubectlTest 

func AccessAsGroupWithKubectlTest(
	testKubeConfigYAML string,
	testGroup string,
	expectedNamespace string,
) func(t *testing.T)

func AccessAsUserTest 

func AccessAsUserTest(
	ctx context.Context,
	testUsername string,
	clientUnderTest kubernetes.Interface,
) func(t *testing.T)

AccessAsUserTest runs a generic test in which a clientUnderTest operating with username testUsername tries to auth to the kube API (i.e., list namespaces).

Use this function if you want to simply validate that a user can auth to the kube API after performing a Pinniped credential exchange.

func AccessAsUserWithKubectlTest 

func AccessAsUserWithKubectlTest(
	testKubeConfigYAML string,
	testUsername string,
	expectedNamespace string,
) func(t *testing.T)

func AddTestUserToGroup added in v0.15.0 

func AddTestUserToGroup(t *testing.T, env *TestEnv, testGroupName, testUserName string)

AddTestUserToGroup adds a test user to a group within the test-users directory.

func ChangeADTestUserPassword added in v0.15.0 

func ChangeADTestUserPassword(t *testing.T, env *TestEnv, testUserName string)

ChangeADTestUserPassword changes the user's password to a new one.

func CreateFreshADTestGroup added in v0.15.0 

func CreateFreshADTestGroup(t *testing.T, env *TestEnv) string

CreateFreshADTestGroup creates a fresh test group in AD to use for this test and returns the group's name.

func CreateFreshADTestUser added in v0.15.0 

func CreateFreshADTestUser(t *testing.T, env *TestEnv) (string, string)

CreateFreshADTestUser creates a fresh test user in AD to use for this test and returns their username and password.

func CreateGitHubClientCredentialsSecret added in v0.31.0 

func CreateGitHubClientCredentialsSecret(t *testing.T, clientID string, clientSecret string) *corev1.Secret

func CreateGitHubIdentityProvider added in v0.31.0 

func CreateGitHubIdentityProvider(t *testing.T, spec idpv1alpha1.GitHubIdentityProviderSpec, expectedPhase idpv1alpha1.GitHubIdentityProviderPhase) *idpv1alpha1.GitHubIdentityProvider

func CreateNamespace added in v0.11.0 

func CreateNamespace(ctx context.Context, t *testing.T, name string) *corev1.Namespace

func CreateOIDCClient added in v0.20.0 

func CreateOIDCClient(t *testing.T, spec supervisorconfigv1alpha1.OIDCClientSpec, expectedPhase supervisorconfigv1alpha1.OIDCClientPhase) (string, string)

func CreateOIDCClientCredentialsSecret added in v0.31.0 

func CreateOIDCClientCredentialsSecret(t *testing.T, clientID string, clientSecret string) *corev1.Secret

func CreatePod 

func CreatePod(ctx context.Context, t *testing.T, name, namespace string, spec corev1.PodSpec) *corev1.Pod

func CreateTestActiveDirectoryIdentityProvider added in v0.11.0 

func CreateTestActiveDirectoryIdentityProvider(t *testing.T, spec idpv1alpha1.ActiveDirectoryIdentityProviderSpec, expectedPhase idpv1alpha1.ActiveDirectoryIdentityProviderPhase) *idpv1alpha1.ActiveDirectoryIdentityProvider

func CreateTestClusterRoleBinding 

func CreateTestClusterRoleBinding(t *testing.T, subject rbacv1.Subject, roleRef rbacv1.RoleRef) *rbacv1.ClusterRoleBinding

func CreateTestConfigMap added in v0.33.0 

func CreateTestConfigMap(t *testing.T, namespace string, baseName string, stringData map[string]string) *corev1.ConfigMap

func CreateTestFederationDomain 

func CreateTestFederationDomain(
	ctx context.Context,
	t *testing.T,
	spec supervisorconfigv1alpha1.FederationDomainSpec,
	expectStatus supervisorconfigv1alpha1.FederationDomainPhase,
) *supervisorconfigv1alpha1.FederationDomain

CreateTestFederationDomain creates and returns a test FederationDomain in the $PINNIPED_TEST_SUPERVISOR_NAMESPACE, which will be automatically deleted at the end of the current test's lifetime.

func CreateTestGitHubIdentityProvider added in v0.31.0 

func CreateTestGitHubIdentityProvider(t *testing.T, spec idpv1alpha1.GitHubIdentityProviderSpec, expectedPhase idpv1alpha1.GitHubIdentityProviderPhase) *idpv1alpha1.GitHubIdentityProvider

func CreateTestGitHubIdentityProviderWithObjectMeta added in v0.31.0 

func CreateTestGitHubIdentityProviderWithObjectMeta(t *testing.T, spec idpv1alpha1.GitHubIdentityProviderSpec, objectMeta metav1.ObjectMeta, expectedPhase idpv1alpha1.GitHubIdentityProviderPhase) *idpv1alpha1.GitHubIdentityProvider

func CreateTestJWTAuthenticator 

func CreateTestJWTAuthenticator(
	ctx context.Context,
	t *testing.T,
	spec authenticationv1alpha1.JWTAuthenticatorSpec,
	expectedStatus authenticationv1alpha1.JWTAuthenticatorPhase) *authenticationv1alpha1.JWTAuthenticator

CreateTestJWTAuthenticator creates and returns a test JWTAuthenticator which will be automatically deleted at the end of the current test's lifetime.

func CreateTestJWTAuthenticatorForCLIUpstream 

func CreateTestJWTAuthenticatorForCLIUpstream(ctx context.Context, t *testing.T) *authenticationv1alpha1.JWTAuthenticator

CreateTestJWTAuthenticatorForCLIUpstream creates and returns a test JWTAuthenticator which will be automatically deleted at the end of the current test's lifetime.

CreateTestJWTAuthenticatorForCLIUpstream gets the OIDC issuer info from IntegrationEnv().CLIUpstreamOIDC.

func CreateTestLDAPIdentityProvider 

func CreateTestLDAPIdentityProvider(t *testing.T, spec idpv1alpha1.LDAPIdentityProviderSpec, expectedPhase idpv1alpha1.LDAPIdentityProviderPhase) *idpv1alpha1.LDAPIdentityProvider

func CreateTestOIDCIdentityProvider 

func CreateTestOIDCIdentityProvider(t *testing.T, spec idpv1alpha1.OIDCIdentityProviderSpec, expectedPhase idpv1alpha1.OIDCIdentityProviderPhase) *idpv1alpha1.OIDCIdentityProvider

func CreateTestOIDCIdentityProviderWithObjectMeta added in v0.26.0 

func CreateTestOIDCIdentityProviderWithObjectMeta(t *testing.T, spec idpv1alpha1.OIDCIdentityProviderSpec, objectMeta metav1.ObjectMeta, expectedPhase idpv1alpha1.OIDCIdentityProviderPhase) *idpv1alpha1.OIDCIdentityProvider

func CreateTestSecret 

func CreateTestSecret(t *testing.T, namespace string, baseName string, secretType corev1.SecretType, stringData map[string]string) *corev1.Secret

func CreateTestSecretBytes added in v0.25.0 

func CreateTestSecretBytes(t *testing.T, namespace string, baseName string, secretType corev1.SecretType, data map[string][]byte) *corev1.Secret

func CreateTestSecretWithName added in v0.34.0 

func CreateTestSecretWithName(t *testing.T, namespace string, name string, secretType corev1.SecretType, stringData map[string]string) *corev1.Secret

func CreateTestWebhookAuthenticator 

func CreateTestWebhookAuthenticator(
	ctx context.Context,
	t *testing.T,
	webhookSpec *authenticationv1alpha1.WebhookAuthenticatorSpec,
	expectedStatus authenticationv1alpha1.WebhookAuthenticatorPhase) corev1.TypedLocalObjectReference

CreateTestWebhookAuthenticator creates and returns a test WebhookAuthenticator in $PINNIPED_TEST_CONCIERGE_NAMESPACE, which will be automatically deleted at the end of the current test's lifetime. It returns a corev1.TypedLocalObjectReference which describes the test webhook authenticator within the test namespace.

func CreateTokenCredentialRequest 

func CreateTokenCredentialRequest(ctx context.Context, t *testing.T, spec v1alpha1.TokenCredentialRequestSpec) (*v1alpha1.TokenCredentialRequest, error)

func DeactivateADTestUser added in v0.15.0 

func DeactivateADTestUser(t *testing.T, env *TestEnv, testUserName string)

DeactivateADTestUser deactivates the test user.

func DeploymentsContainerHasHTTPSProxyEnvVar added in v0.34.0 

func DeploymentsContainerHasHTTPSProxyEnvVar(t *testing.T, namespaceName string, deploymentName string) bool

func GetExpectedCiphers added in v0.16.0 

func GetExpectedCiphers(config *tls.Config, preference string) string

func LockADTestUser added in v0.15.0 

func LockADTestUser(t *testing.T, env *TestEnv, testUserName string)

LockADTestUser locks the test user's account by entering the wrong password a bunch of times.

func LookupIP 

func LookupIP(ctx context.Context, hostname string) ([]net.IP, error)

LookupIP looks up the IP address of the provided hostname, preferring IPv4.

func MaskTokens 

func MaskTokens(in string) string

MaskTokens makes a best-effort attempt to mask out things that look like secret tokens in test output. Provides more readable test output, but also obscures sensitive state params and authcodes from public test output.

func NewAPIExtensionsV1Client added in v0.13.0 

func NewAPIExtensionsV1Client(t *testing.T) apiextensionsv1.ApiextensionsV1Interface

func NewAggregatedClientset 

func NewAggregatedClientset(t *testing.T) aggregatorclient.Interface

func NewAnonymousClientRestConfig 

func NewAnonymousClientRestConfig(t *testing.T) *rest.Config

Returns a rest.Config without any user authentication info.

func NewAnonymousConciergeClientset 

func NewAnonymousConciergeClientset(t *testing.T) conciergeclientset.Interface

func NewAnonymousSupervisorClientset added in v0.20.0 

func NewAnonymousSupervisorClientset(t *testing.T) supervisorclientset.Interface

func NewClientConfig 

func NewClientConfig(t *testing.T) *rest.Config

func NewClientsetForKubeConfig 

func NewClientsetForKubeConfig(t *testing.T, kubeConfig string) kubernetes.Interface

func NewClientsetWithCertAndKey 

func NewClientsetWithCertAndKey(t *testing.T, clientCertificateData, clientKeyData string) kubernetes.Interface

func NewConciergeClientset 

func NewConciergeClientset(t *testing.T) conciergeclientset.Interface

func NewKubeclient 

func NewKubeclient(t *testing.T, config *rest.Config) *kubeclient.Client

func NewKubeclientOptions added in v0.11.0 

func NewKubeclientOptions(t *testing.T, config *rest.Config) []kubeclient.Option

func NewKubernetesClientset 

func NewKubernetesClientset(t *testing.T) kubernetes.Interface

func NewLoggerReader 

func NewLoggerReader(t *testing.T, name string, reader io.Reader) io.Reader

NewLoggerReader wraps an io.Reader to log its input and output. It also performs some heuristic token masking.

func NewRestConfigFromKubeconfig 

func NewRestConfigFromKubeconfig(t *testing.T, kubeConfig string) *rest.Config

func NewSupervisorClientset 

func NewSupervisorClientset(t *testing.T) supervisorclientset.Interface

func ObjectMetaWithRandomName added in v0.26.0 

func ObjectMetaWithRandomName(t *testing.T, baseName string) metav1.ObjectMeta

func PinnipedCLIPath 

func PinnipedCLIPath(t *testing.T) string

PinnipedCLIPath returns the path to the Pinniped CLI binary, built on demand and cached between tests.

func RandBytes 

func RandBytes(t *testing.T, numBytes int) []byte

func RandHex 

func RandHex(t *testing.T, numBytes int) string

func RedactURLParams 

func RedactURLParams(fullURL *url.URL) string

Remove any potentially sensitive query param and fragment values for test logging.

func RequireEventually 

func RequireEventually(
	t *testing.T,
	f func(requireEventually *require.Assertions),
	waitFor time.Duration,
	tick time.Duration,
	msgAndArgs ...any,
)

RequireEventually is similar to require.Eventually() except that it is thread safe and provides a richer way to write per-iteration assertions.

func RequireEventuallyWithoutError 

func RequireEventuallyWithoutError(
	t *testing.T,
	f func() (bool, error),
	waitFor time.Duration,
	tick time.Duration,
	msgAndArgs ...any,
)

RequireEventuallyWithoutError is similar to require.Eventually() except that it also allows the caller to return an error from the condition function. If the condition function returns an error at any point, the assertion will immediately fail.

func RequireEventuallyf 

func RequireEventuallyf(
	t *testing.T,
	f func(requireEventually *require.Assertions),
	waitFor time.Duration,
	tick time.Duration,
	msg string,
	args ...any,
)

func RequireNeverWithoutError 

func RequireNeverWithoutError(
	t *testing.T,
	f func() (bool, error),
	waitFor time.Duration,
	tick time.Duration,
	msgAndArgs ...any,
)

RequireNeverWithoutError is similar to require.Never() except that it also allows the caller to return an error from the condition function. If the condition function returns an error at any point, the assertion will immediately fail.

func RestrictiveSecurityContext added in v0.20.0 

func RestrictiveSecurityContext() *corev1.SecurityContext

RestrictiveSecurityContext returns a container SecurityContext which will be allowed by the most restrictive level of Pod Security Admission policy (as of Kube v1.25's policies).

func RunNmapSSLEnum added in v0.16.0 

func RunNmapSSLEnum(t *testing.T, host string, port uint16) (string, string)

func Sdump 

func Sdump(a ...any) string

func SkipTestWhenActiveDirectoryIsUnavailable added in v0.18.0 

func SkipTestWhenActiveDirectoryIsUnavailable(t *testing.T, env *TestEnv)

func SkipTestWhenGitHubIsUnavailable added in v0.31.0 

func SkipTestWhenGitHubIsUnavailable(t *testing.T)

func SkipTestWhenGitHubOAuthClientCallbackDoesNotMatchFederationDomainIssuerCallback added in v0.31.0 

func SkipTestWhenGitHubOAuthClientCallbackDoesNotMatchFederationDomainIssuerCallback(t *testing.T)

func SkipTestWhenLDAPIsUnavailable added in v0.18.0 

func SkipTestWhenLDAPIsUnavailable(t *testing.T, env *TestEnv)

func SkipUnlessIntegration 

func SkipUnlessIntegration(t *testing.T)

SkipUnlessIntegration skips the current test if `-short` has been passed to `go test`.

func TestObjectMeta added in v0.31.0 

func TestObjectMeta(t *testing.T, baseName string) metav1.ObjectMeta

func WaitForActiveDirectoryIdentityProviderStatusConditions added in v0.33.0 

func WaitForActiveDirectoryIdentityProviderStatusConditions(
	ctx context.Context,
	t *testing.T,
	client alpha1.ActiveDirectoryIdentityProviderInterface,
	activeDirectoryIDPName string,
	expectConditions []*metav1.Condition,
)

func WaitForFederationDomainStatusConditions added in v0.26.0 

func WaitForFederationDomainStatusConditions(ctx context.Context, t *testing.T, federationDomainName string, expectConditions []metav1.Condition)

func WaitForFederationDomainStatusPhase added in v0.26.0 

func WaitForFederationDomainStatusPhase(ctx context.Context, t *testing.T, federationDomainName string, expectPhase supervisorconfigv1alpha1.FederationDomainPhase)

func WaitForGitHubIDPPhase added in v0.31.0 

func WaitForGitHubIDPPhase(
	ctx context.Context,
	t *testing.T,
	client alpha1.GitHubIdentityProviderInterface,
	gitHubIDPName string,
	expectPhase idpv1alpha1.GitHubIdentityProviderPhase,
)

func WaitForGitHubIdentityProviderStatusConditions added in v0.31.0 

func WaitForGitHubIdentityProviderStatusConditions(
	ctx context.Context,
	t *testing.T,
	client alpha1.GitHubIdentityProviderInterface,
	gitHubIDPName string,
	expectConditions []*metav1.Condition,
)

func WaitForJWTAuthenticatorStatusConditions added in v0.29.0 

func WaitForJWTAuthenticatorStatusConditions(ctx context.Context, t *testing.T, jwtAuthenticatorName string, expectConditions []metav1.Condition)

func WaitForJWTAuthenticatorStatusPhase added in v0.29.0 

func WaitForJWTAuthenticatorStatusPhase(ctx context.Context, t *testing.T, jwtAuthenticatorName string, expectPhase authenticationv1alpha1.JWTAuthenticatorPhase)

func WaitForLDAPIdentityProviderStatusConditions added in v0.33.0 

func WaitForLDAPIdentityProviderStatusConditions(
	ctx context.Context,
	t *testing.T,
	client alpha1.LDAPIdentityProviderInterface,
	ldapIDPName string,
	expectConditions []*metav1.Condition,
)

func WaitForUserToHaveAccess 

func WaitForUserToHaveAccess(t *testing.T, user string, groups []string, shouldHaveAccessTo *authorizationv1.ResourceAttributes)

func WaitForWebhookAuthenticatorStatusConditions added in v0.30.0 

func WaitForWebhookAuthenticatorStatusConditions(ctx context.Context, t *testing.T, webhookName string, expectConditions []metav1.Condition)

func WaitForWebhookAuthenticatorStatusPhase added in v0.30.0 

func WaitForWebhookAuthenticatorStatusPhase(
	ctx context.Context,
	t *testing.T,
	webhookName string,
	expectPhase authenticationv1alpha1.WebhookAuthenticatorPhase)

Types

type Capability 

type Capability string

type KubeDistro 

type KubeDistro string

type SupervisorIssuer added in v0.34.0 

type SupervisorIssuer struct {
	// contains filtered or unexported fields
}

func NewSupervisorIssuer added in v0.34.0 

func NewSupervisorIssuer(t *testing.T, issuer string) *SupervisorIssuer

func (*SupervisorIssuer) AddAlternativeName added in v0.35.0 

func (s *SupervisorIssuer) AddAlternativeName(san string)

AddAlternativeName adds a SAN for the cert. It is not intended to take an IP address as its argument.

func (*SupervisorIssuer) AddPathSuffix added in v0.36.0 

func (s *SupervisorIssuer) AddPathSuffix(path string)

func (*SupervisorIssuer) Address added in v0.34.0 

func (s *SupervisorIssuer) Address() string

func (*SupervisorIssuer) Hostname added in v0.34.0 

func (s *SupervisorIssuer) Hostname() string

func (*SupervisorIssuer) IsIPAddress added in v0.34.0 

func (s *SupervisorIssuer) IsIPAddress() bool

func (*SupervisorIssuer) Issuer added in v0.34.0 

func (s *SupervisorIssuer) Issuer() string

func (*SupervisorIssuer) IssuerServerCert added in v0.34.0 

func (s *SupervisorIssuer) IssuerServerCert(
	t *testing.T,
	ca *certauthority.CA,
) ([]byte, []byte)

func (*SupervisorIssuer) Port added in v0.34.0 

func (s *SupervisorIssuer) Port(defaultPort string) string

type TestEnv 

type TestEnv struct {
	ToolsNamespace                 string                                          `json:"toolsNamespace"`
	ConciergeNamespace             string                                          `json:"conciergeNamespace"`
	SupervisorNamespace            string                                          `json:"supervisorNamespace"`
	ConciergeAppName               string                                          `json:"conciergeAppName"`
	SupervisorAppName              string                                          `json:"supervisorAppName"`
	SupervisorServiceName          string                                          `json:"supervisorServiceName"`
	SupervisorCustomLabels         map[string]string                               `json:"supervisorCustomLabels"`
	ConciergeCustomLabels          map[string]string                               `json:"conciergeCustomLabels"`
	KubernetesDistribution         KubeDistro                                      `json:"kubernetesDistribution"`
	Capabilities                   map[Capability]bool                             `json:"capabilities"`
	TestWebhook                    authenticationv1alpha1.WebhookAuthenticatorSpec `json:"testWebhook"`
	SupervisorHTTPSAddress         string                                          `json:"supervisorHttpsAddress"`
	SupervisorHTTPSIngressAddress  string                                          `json:"supervisorHttpsIngressAddress"`
	SupervisorHTTPSIngressCABundle string                                          `json:"supervisorHttpsIngressCABundle"`
	Proxy                          string                                          `json:"proxy"`
	APIGroupSuffix                 string                                          `json:"apiGroupSuffix"`
	ShellContainerImage            string                                          `json:"shellContainer"`

	TestUser struct {
		Token            string   `json:"token"`
		ExpectedUsername string   `json:"expectedUsername"`
		ExpectedGroups   []string `json:"expectedGroups"`
	} `json:"testUser"`

	CLIUpstreamOIDC                   TestOIDCUpstream   `json:"cliOIDCUpstream"`
	SupervisorUpstreamOIDC            TestOIDCUpstream   `json:"supervisorOIDCUpstream"`
	SupervisorUpstreamLDAP            TestLDAPUpstream   `json:"supervisorLDAPUpstream"`
	SupervisorUpstreamActiveDirectory TestLDAPUpstream   `json:"supervisorActiveDirectoryUpstream"`
	SupervisorUpstreamGithub          TestGithubUpstream `json:"supervisorGithubUpstream"`
	// contains filtered or unexported fields
}

TestEnv captures all the external parameters consumed by our integration tests.

func IntegrationEnv 

func IntegrationEnv(t *testing.T, opts ...TestEnvOption) *TestEnv

IntegrationEnv gets the integration test environment from OS environment variables. This method also implies SkipUnlessIntegration().

func (*TestEnv) DefaultTLSCertSecretName added in v0.34.0 

func (e *TestEnv) DefaultTLSCertSecretName() string

func (*TestEnv) HasCapability 

func (e *TestEnv) HasCapability(cap Capability) bool

func (*TestEnv) InferSupervisorIssuerURL added in v0.33.0 

func (e *TestEnv) InferSupervisorIssuerURL(t *testing.T) *SupervisorIssuer

InferSupervisorIssuerURL infers the downstream issuer URL from the callback associated with the upstream test client registration.

func (*TestEnv) ProxyEnv 

func (e *TestEnv) ProxyEnv() []string

ProxyEnv returns a set of environment variable strings (e.g., to combine with os.Environ()) which set up the configured test HTTP proxy.

func (*TestEnv) WithCapability 

func (e *TestEnv) WithCapability(cap Capability) *TestEnv

func (*TestEnv) WithKubeDistribution 

func (e *TestEnv) WithKubeDistribution(distro KubeDistro) *TestEnv

WithKubeDistribution skips the test unless it will run on the expected cluster type. Please use this sparingly. We would prefer that a test run on every cluster type where it can possibly run, so prefer to run everywhere when possible or use cluster capabilities when needed, rather than looking at the type of cluster to decide to skip a test. However, there are some tests that do not depend on or interact with Kubernetes itself which really only need to run on a single platform to give us the coverage that we desire.

func (*TestEnv) WithoutCapability 

func (e *TestEnv) WithoutCapability(cap Capability) *TestEnv

type TestEnvOption added in v0.27.0 

type TestEnvOption func(env *TestEnv)

func SkipPodRestartAssertions added in v0.27.0 

func SkipPodRestartAssertions() TestEnvOption

SkipPodRestartAssertions is a functional option that can be passed to IntegrationEnv() to skip using the implicit assertions which check that no pods get restarted during tests. Please using this sparingly, since most pod restarts are caused by unintentional crashes and should therefore cause tests to fail.

type TestGithubUpstream added in v0.31.0 

type TestGithubUpstream struct {
	GithubAppClientID                string   `json:"githubAppClientId"` // GitHub's new-style GitHub App
	GithubAppClientSecret            string   `json:"githubAppClientSecret"`
	GithubOAuthAppClientID           string   `json:"githubOAuthAppClientId"` // GitHub's old-style OAuth App
	GithubOAuthAppClientSecret       string   `json:"githubOAuthAppClientSecret"`
	GithubOAuthAppAllowedCallbackURL string   `json:"githubOAuthAppAllowedCallbackURL"` // the callback URL that was configured in GitHub for this App
	TestUserUsername                 string   `json:"testUserUsername"`                 // the "login" attribute value for the user
	TestUserPassword                 string   `json:"testUserPassword"`
	TestUserOTPSecret                string   `json:"testUserOTPSecret"`
	TestUserID                       string   `json:"testUserID"`           // the "id" attribute value for the user
	TestUserOrganization             string   `json:"testUserOrganization"` // an org to which the user belongs
	TestUserExpectedTeamNames        []string `json:"testUserExpectedTeamNames"`
	TestUserExpectedTeamSlugs        []string `json:"testUserExpectedTeamSlugs"`
}

type TestLDAPUpstream 

type TestLDAPUpstream struct {
	Host                                            string   `json:"host"`
	Domain                                          string   `json:"domain"`
	StartTLSOnlyHost                                string   `json:"startTLSOnlyHost"`
	CABundle                                        string   `json:"caBundle"`
	BindUsername                                    string   `json:"bindUsername"`
	BindPassword                                    string   `json:"bindPassword"`
	UserSearchBase                                  string   `json:"userSearchBase"`
	DefaultNamingContextSearchBase                  string   `json:"defaultNamingContextSearchBase"`
	GroupSearchBase                                 string   `json:"groupSearchBase"`
	TestUserDN                                      string   `json:"testUserDN"`
	TestUserCN                                      string   `json:"testUserCN"`
	TestUserPassword                                string   `json:"testUserPassword"`
	TestUserMailAttributeName                       string   `json:"testUserMailAttributeName"`
	TestUserMailAttributeValue                      string   `json:"testUserMailAttributeValue"`
	TestUserUniqueIDAttributeName                   string   `json:"testUserUniqueIDAttributeName"`
	TestUserUniqueIDAttributeValue                  string   `json:"testUserUniqueIDAttributeValue"`
	TestUserDirectGroupsCNs                         []string `json:"testUserDirectGroupsCNs"`
	TestUserDirectPosixGroupsCNs                    []string `json:"testUserDirectPosixGroupsCNs"`
	TestUserDirectGroupsDNs                         []string `json:"testUserDirectGroupsDNs"`
	TestUserSAMAccountNameValue                     string   `json:"testUserSAMAccountNameValue"`
	TestUserPrincipalNameValue                      string   `json:"testUserPrincipalNameValue"`
	TestUserIndirectGroupsSAMAccountNames           []string `json:"TestUserIndirectGroupsSAMAccountNames"`
	TestUserIndirectGroupsSAMAccountPlusDomainNames []string `json:"TestUserIndirectGroupsSAMAccountPlusDomainNames"`
	TestDeactivatedUserSAMAccountNameValue          string   `json:"TestDeactivatedUserSAMAccountNameValue"`
	TestDeactivatedUserPassword                     string   `json:"TestDeactivatedUserPassword"`
}

type TestOIDCUpstream 

type TestOIDCUpstream struct {
	Issuer           string   `json:"issuer"`
	CABundle         string   `json:"caBundle"`
	AdditionalScopes []string `json:"additionalScopes"`
	UsernameClaim    string   `json:"usernameClaim"`
	GroupsClaim      string   `json:"groupsClaim"`
	ClientID         string   `json:"clientID"`
	ClientSecret     string   `json:"clientSecret"`
	CallbackURL      string   `json:"callback"`
	Username         string   `json:"username"`
	Password         string   `json:"password"`
	ExpectedGroups   []string `json:"expectedGroups"`
}

Source Files

View all Source files

Directories

Path Synopsis
Package browsertest provides integration test helpers for our browser-based tests.
 Package browsertest provides integration test helpers for our browser-based tests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.