github/client-go
1
0
Fork 0
mirror of https://github.com/kubernetes/client-go.git synced 2025-09-04 16:40:21 +00:00
Code Issues Projects Releases Wiki Activity

exec credential provider: ProvideClusterInfo and kubeconfig shadow

Browse Source 
- The main idea here is that we want to 1) prevent potentially large CA
  bundles from being set in an exec plugin's environment and 2) ensure
  that the exec plugin is getting everything it needs in order to talk to
  a cluster.
- Avoid breaking existing manual declarations of rest.Config instances by
  moving exec Cluster to kubeconfig internal type.
- Use client.authentication.k8s.io/exec to qualify exec cluster extension.
- Deep copy the exec Cluster.Config when we copy a rest.Config.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>

Kubernetes-commit: c4299d15d5289768808034676858e76a177eeae5
This commit is contained in:
Andrew Keesler
2020-10-29 13:38:42 -04:00
committed by Kubernetes Publisher
parent eb15c10113
commit a7ba87c612
22 changed files with 822 additions and 174 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
tools/clientcmd/client_config_test.go
View File

@@ -836,7 +836,7 @@ clusters:
- cluster:
server: https://localhost:8080
extensions:
- name: exec
- name: client.authentication.k8s.io/exec
extension:
audience: foo
other: bar
@@ -858,6 +858,7 @@ users:
- arg-1
- arg-2
command: foo-command
provideClusterInfo: true
`
tmpfile, err := ioutil.TempFile("", "kubeconfig")
if err != nil {
@@ -871,15 +872,18 @@ users:
if err != nil {
t.Error(err)
}
if !reflect.DeepEqual(config.Exec.ExecProvider.Args, []string{"arg-1", "arg-2"}) {
t.Errorf("Got args %v when they should be %v\n", config.Exec.ExecProvider.Args, []string{"arg-1", "arg-2"})
if !reflect.DeepEqual(config.ExecProvider.Args, []string{"arg-1", "arg-2"}) {
t.Errorf("Got args %v when they should be %v\n", config.ExecProvider.Args, []string{"arg-1", "arg-2"})
}
if !config.ExecProvider.ProvideClusterInfo {
t.Error("Wanted provider cluster info to be true")
}
want := &runtime.Unknown{
Raw: []byte(`{"audience":"foo","other":"bar"}`),
ContentType: "application/json",
}
if !reflect.DeepEqual(config.Exec.Config, want) {
t.Errorf("Got config %v when it should be %v\n", config.Exec.Config, want)
if !reflect.DeepEqual(config.ExecProvider.Config, want) {
t.Errorf("Got config %v when it should be %v\n", config.ExecProvider.Config, want)
}
}