From 32fece0e08d2b27ac6d7901749e07622e1dc7850 Mon Sep 17 00:00:00 2001 From: David Eads Date: Tue, 3 Mar 2020 13:16:50 -0500 Subject: [PATCH] update override behavior for kubectl --tls-server-name Kubernetes-commit: 9dcbc0bf909a794cf77a801bfd29e306791b1e24 --- .../clientcmd/api/v1/zz_generated.conversion.go | 2 ++ tools/clientcmd/client_config.go | 6 +++++- tools/clientcmd/client_config_test.go | 17 +++++++++++++++++ 3 files changed, 24 insertions(+), 1 deletion(-) diff --git a/tools/clientcmd/api/v1/zz_generated.conversion.go b/tools/clientcmd/api/v1/zz_generated.conversion.go index 31e00ea6..8f3631e1 100644 --- a/tools/clientcmd/api/v1/zz_generated.conversion.go +++ b/tools/clientcmd/api/v1/zz_generated.conversion.go @@ -233,6 +233,7 @@ func Convert_api_AuthProviderConfig_To_v1_AuthProviderConfig(in *api.AuthProvide func autoConvert_v1_Cluster_To_api_Cluster(in *Cluster, out *api.Cluster, s conversion.Scope) error { out.Server = in.Server + out.TLSServerName = in.TLSServerName out.InsecureSkipTLSVerify = in.InsecureSkipTLSVerify out.CertificateAuthority = in.CertificateAuthority out.CertificateAuthorityData = *(*[]byte)(unsafe.Pointer(&in.CertificateAuthorityData)) @@ -250,6 +251,7 @@ func Convert_v1_Cluster_To_api_Cluster(in *Cluster, out *api.Cluster, s conversi func autoConvert_api_Cluster_To_v1_Cluster(in *api.Cluster, out *Cluster, s conversion.Scope) error { // INFO: in.LocationOfOrigin opted out of conversion generation out.Server = in.Server + out.TLSServerName = in.TLSServerName out.InsecureSkipTLSVerify = in.InsecureSkipTLSVerify out.CertificateAuthority = in.CertificateAuthority out.CertificateAuthorityData = *(*[]byte)(unsafe.Pointer(&in.CertificateAuthorityData)) diff --git a/tools/clientcmd/client_config.go b/tools/clientcmd/client_config.go index 6b5f3f73..a9806384 100644 --- a/tools/clientcmd/client_config.go +++ b/tools/clientcmd/client_config.go @@ -461,7 +461,11 @@ func (config *DirectClientConfig) getCluster() (clientcmdapi.Cluster, error) { mergedClusterInfo.CertificateAuthorityData = config.overrides.ClusterInfo.CertificateAuthorityData } - if config.overrides.ClusterInfo.TLSServerName != "" { + // if the --tls-server-name has been set in overrides, use that value. + // if the --server has been set in overrides, then use the value of --tls-server-name specified on the CLI too. This gives the property + // that setting a --server will effectively clear the KUBECONFIG value of tls-server-name if it is specified on the command line which is + // usually correct. + if config.overrides.ClusterInfo.TLSServerName != "" || config.overrides.ClusterInfo.Server != "" { mergedClusterInfo.TLSServerName = config.overrides.ClusterInfo.TLSServerName } diff --git a/tools/clientcmd/client_config_test.go b/tools/clientcmd/client_config_test.go index e89ce147..3232d8b0 100644 --- a/tools/clientcmd/client_config_test.go +++ b/tools/clientcmd/client_config_test.go @@ -199,6 +199,23 @@ func TestTLSServerName(t *testing.T) { matchByteArg(nil, actualCfg.TLSClientConfig.CAData, t) } +func TestTLSServerNameClearsWhenServerNameSet(t *testing.T) { + config := createValidTestConfig() + + clientBuilder := NewNonInteractiveClientConfig(*config, "clean", &ConfigOverrides{ + ClusterInfo: clientcmdapi.Cluster{ + Server: "http://something", + }, + }, nil) + + actualCfg, err := clientBuilder.ClientConfig() + if err != nil { + t.Errorf("Unexpected error: %v", err) + } + + matchStringArg("", actualCfg.ServerName, t) +} + func TestMergeContext(t *testing.T) { const namespace = "overridden-namespace"