Merge pull request #111076 from claudiubelu/unittests-6

unittests: Fixes cmd unit tests for Windows
This commit is contained in:
Kubernetes Prow Robot 2022-09-16 07:39:27 -07:00 committed by GitHub
commit 05f17ee5d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 340 additions and 267 deletions

View File

@ -82,7 +82,7 @@ func TestSchedulerOptions(t *testing.T) {
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil { leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil {
t.Fatal(err) t.Fatal(err)
@ -114,7 +114,7 @@ users:
apiVersion: componentconfig/v1alpha1 apiVersion: componentconfig/v1alpha1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil { leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil {
t.Fatal(err) t.Fatal(err)
@ -125,7 +125,7 @@ leaderElection:
apiVersion: kubescheduler.config.k8s.io/v1beta3 apiVersion: kubescheduler.config.k8s.io/v1beta3
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil { leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil {
t.Fatal(err) t.Fatal(err)
@ -136,7 +136,7 @@ leaderElection:
apiVersion: kubescheduler.config.k8s.io/v1beta2 apiVersion: kubescheduler.config.k8s.io/v1beta2
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil { leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil {
t.Fatal(err) t.Fatal(err)
@ -147,7 +147,7 @@ leaderElection:
apiVersion: kubescheduler.config.k8s.io/unknown apiVersion: kubescheduler.config.k8s.io/unknown
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil { leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil {
t.Fatal(err) t.Fatal(err)
@ -157,7 +157,7 @@ leaderElection:
if err := os.WriteFile(noVersionConfig, []byte(fmt.Sprintf(` if err := os.WriteFile(noVersionConfig, []byte(fmt.Sprintf(`
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil { leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil {
t.Fatal(err) t.Fatal(err)
@ -168,7 +168,7 @@ leaderElection:
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaderElect: true leaderElect: true
foo: bar`, configKubeconfig)), os.FileMode(0600)); err != nil { foo: bar`, configKubeconfig)), os.FileMode(0600)); err != nil {
@ -180,7 +180,7 @@ foo: bar`, configKubeconfig)), os.FileMode(0600)); err != nil {
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaderElect: true leaderElect: true
leaderElect: false`, configKubeconfig)), os.FileMode(0600)); err != nil { leaderElect: false`, configKubeconfig)), os.FileMode(0600)); err != nil {
@ -217,7 +217,7 @@ users:
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
reserve: reserve:
@ -248,7 +248,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta3 apiVersion: kubescheduler.config.k8s.io/v1beta3
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
reserve: reserve:
@ -279,7 +279,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta2 apiVersion: kubescheduler.config.k8s.io/v1beta2
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
reserve: reserve:
@ -310,7 +310,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- schedulerName: "foo-profile" - schedulerName: "foo-profile"
plugins: plugins:
@ -337,7 +337,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta3 apiVersion: kubescheduler.config.k8s.io/v1beta3
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- schedulerName: "foo-profile" - schedulerName: "foo-profile"
plugins: plugins:
@ -364,7 +364,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta2 apiVersion: kubescheduler.config.k8s.io/v1beta2
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- schedulerName: "foo-profile" - schedulerName: "foo-profile"
plugins: plugins:

View File

@ -88,7 +88,7 @@ users:
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
multiPoint: multiPoint:
@ -126,7 +126,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta3 apiVersion: kubescheduler.config.k8s.io/v1beta3
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
multiPoint: multiPoint:
@ -164,7 +164,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta2 apiVersion: kubescheduler.config.k8s.io/v1beta2
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
preFilter: preFilter:
@ -201,7 +201,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta3 apiVersion: kubescheduler.config.k8s.io/v1beta3
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
preFilter: preFilter:
@ -220,7 +220,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta3 apiVersion: kubescheduler.config.k8s.io/v1beta3
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
preFilter: preFilter:
@ -239,7 +239,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1beta2 apiVersion: kubescheduler.config.k8s.io/v1beta2
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- plugins: - plugins:
preFilter: preFilter:
@ -258,7 +258,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
profiles: profiles:
- schedulerName: "profile-default-plugins" - schedulerName: "profile-default-plugins"
- schedulerName: "profile-disable-all-filter-and-score-plugins" - schedulerName: "profile-disable-all-filter-and-score-plugins"
@ -288,7 +288,7 @@ profiles:
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
`, configKubeconfig)), os.FileMode(0600)); err != nil { `, configKubeconfig)), os.FileMode(0600)); err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -299,7 +299,7 @@ clientConnection:
apiVersion: kubescheduler.config.k8s.io/v1 apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "%s" kubeconfig: '%s'
leaderElection: leaderElection:
leaseDuration: 1h leaseDuration: 1h
`, configKubeconfig)), os.FileMode(0600)); err != nil { `, configKubeconfig)), os.FileMode(0600)); err != nil {

View File

@ -0,0 +1,28 @@
//go:build !windows
// +build !windows
/*
Copyright 2022 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package validation
import (
"path/filepath"
)
func isAbs(path string) bool {
return filepath.IsAbs(path)
}

View File

@ -0,0 +1,30 @@
//go:build windows
// +build windows
/*
Copyright 2022 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package validation
import (
"path/filepath"
)
func isAbs(path string) bool {
// on Windows, filepath.IsAbs will not return True for paths prefixed with a slash, even
// though they can be used as absolute paths (https://docs.microsoft.com/en-us/dotnet/standard/io/file-path-formats).
return filepath.IsAbs(path) || (len(path) > 0 && (path[0] == '\\' || path[0] == '/'))
}

View File

@ -21,7 +21,6 @@ import (
"net" "net"
"net/url" "net/url"
"os" "os"
"path/filepath"
"strconv" "strconv"
"strings" "strings"
@ -86,7 +85,7 @@ func ValidateJoinConfiguration(c *kubeadm.JoinConfiguration) field.ErrorList {
allErrs = append(allErrs, ValidateNodeRegistrationOptions(&c.NodeRegistration, field.NewPath("nodeRegistration"))...) allErrs = append(allErrs, ValidateNodeRegistrationOptions(&c.NodeRegistration, field.NewPath("nodeRegistration"))...)
allErrs = append(allErrs, ValidateJoinControlPlane(c.ControlPlane, field.NewPath("controlPlane"))...) allErrs = append(allErrs, ValidateJoinControlPlane(c.ControlPlane, field.NewPath("controlPlane"))...)
if !filepath.IsAbs(c.CACertPath) || !strings.HasSuffix(c.CACertPath, ".crt") { if !isAbs(c.CACertPath) || !strings.HasSuffix(c.CACertPath, ".crt") {
allErrs = append(allErrs, field.Invalid(field.NewPath("caCertPath"), c.CACertPath, "the ca certificate path must be an absolute path")) allErrs = append(allErrs, field.Invalid(field.NewPath("caCertPath"), c.CACertPath, "the ca certificate path must be an absolute path"))
} }
return allErrs return allErrs
@ -525,7 +524,7 @@ func ValidateNetworking(c *kubeadm.ClusterConfiguration, fldPath *field.Path) fi
// ValidateAbsolutePath validates whether provided path is absolute or not // ValidateAbsolutePath validates whether provided path is absolute or not
func ValidateAbsolutePath(path string, fldPath *field.Path) field.ErrorList { func ValidateAbsolutePath(path string, fldPath *field.Path) field.ErrorList {
allErrs := field.ErrorList{} allErrs := field.ErrorList{}
if !filepath.IsAbs(path) { if !isAbs(path) {
allErrs = append(allErrs, field.Invalid(fldPath, path, "path is not absolute")) allErrs = append(allErrs, field.Invalid(fldPath, path, "path is not absolute"))
} }
return allErrs return allErrs

View File

@ -17,6 +17,7 @@ limitations under the License.
package validation package validation
import ( import (
"fmt"
"os" "os"
"strings" "strings"
"testing" "testing"
@ -110,8 +111,9 @@ func TestValidateNodeRegistrationOptions(t *testing.T) {
{"valid-nodename", false}, // supported {"valid-nodename", false}, // supported
// test cases for criSocket are covered in TestValidateSocketPath // test cases for criSocket are covered in TestValidateSocketPath
} }
criPath := fmt.Sprintf("%s:///some/path", kubeadmapiv1.DefaultContainerRuntimeURLScheme)
for _, rt := range tests { for _, rt := range tests {
nro := kubeadmapi.NodeRegistrationOptions{Name: rt.nodeName, CRISocket: "unix:///some/path"} nro := kubeadmapi.NodeRegistrationOptions{Name: rt.nodeName, CRISocket: criPath}
actual := ValidateNodeRegistrationOptions(&nro, field.NewPath("nodeRegistration")) actual := ValidateNodeRegistrationOptions(&nro, field.NewPath("nodeRegistration"))
actualErrors := len(actual) > 0 actualErrors := len(actual) > 0
if actualErrors != rt.expectedErrors { if actualErrors != rt.expectedErrors {
@ -456,6 +458,7 @@ func TestValidateAPIEndpoint(t *testing.T) {
// TODO: Create a separated test for ValidateClusterConfiguration // TODO: Create a separated test for ValidateClusterConfiguration
func TestValidateInitConfiguration(t *testing.T) { func TestValidateInitConfiguration(t *testing.T) {
nodename := "valid-nodename" nodename := "valid-nodename"
criPath := fmt.Sprintf("%s:///some/path", kubeadmapiv1.DefaultContainerRuntimeURLScheme)
var tests = []struct { var tests = []struct {
name string name string
s *kubeadmapi.InitConfiguration s *kubeadmapi.InitConfiguration
@ -476,7 +479,7 @@ func TestValidateInitConfiguration(t *testing.T) {
}, },
CertificatesDir: "/some/cert/dir", CertificatesDir: "/some/cert/dir",
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: "unix:///some/path"}, NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: criPath},
}, false}, }, false},
{"invalid missing token with IPv6 service subnet", {"invalid missing token with IPv6 service subnet",
&kubeadmapi.InitConfiguration{ &kubeadmapi.InitConfiguration{
@ -491,7 +494,7 @@ func TestValidateInitConfiguration(t *testing.T) {
}, },
CertificatesDir: "/some/cert/dir", CertificatesDir: "/some/cert/dir",
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: "unix:///some/path"}, NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: criPath},
}, false}, }, false},
{"invalid missing node name", {"invalid missing node name",
&kubeadmapi.InitConfiguration{ &kubeadmapi.InitConfiguration{
@ -521,7 +524,7 @@ func TestValidateInitConfiguration(t *testing.T) {
}, },
CertificatesDir: "/some/other/cert/dir", CertificatesDir: "/some/other/cert/dir",
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: "unix:///some/path"}, NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: criPath},
}, false}, }, false},
{"valid InitConfiguration with IPv4 service subnet", {"valid InitConfiguration with IPv4 service subnet",
&kubeadmapi.InitConfiguration{ &kubeadmapi.InitConfiguration{
@ -542,7 +545,7 @@ func TestValidateInitConfiguration(t *testing.T) {
}, },
CertificatesDir: "/some/other/cert/dir", CertificatesDir: "/some/other/cert/dir",
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: "unix:///some/path"}, NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: criPath},
}, true}, }, true},
{"valid InitConfiguration using IPv6 service subnet", {"valid InitConfiguration using IPv6 service subnet",
&kubeadmapi.InitConfiguration{ &kubeadmapi.InitConfiguration{
@ -562,7 +565,7 @@ func TestValidateInitConfiguration(t *testing.T) {
}, },
CertificatesDir: "/some/other/cert/dir", CertificatesDir: "/some/other/cert/dir",
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: "unix:///some/path"}, NodeRegistration: kubeadmapi.NodeRegistrationOptions{Name: nodename, CRISocket: criPath},
}, true}, }, true},
} }
for _, rt := range tests { for _, rt := range tests {
@ -579,6 +582,7 @@ func TestValidateInitConfiguration(t *testing.T) {
} }
func TestValidateJoinConfiguration(t *testing.T) { func TestValidateJoinConfiguration(t *testing.T) {
criPath := fmt.Sprintf("%s:///var/run/containerd/containerd.sock", kubeadmapiv1.DefaultContainerRuntimeURLScheme)
var tests = []struct { var tests = []struct {
s *kubeadmapi.JoinConfiguration s *kubeadmapi.JoinConfiguration
expected bool expected bool
@ -607,7 +611,7 @@ func TestValidateJoinConfiguration(t *testing.T) {
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{ NodeRegistration: kubeadmapi.NodeRegistrationOptions{
Name: "aaa", Name: "aaa",
CRISocket: "unix:///var/run/containerd/containerd.sock", CRISocket: criPath,
}, },
}, true}, }, true},
{&kubeadmapi.JoinConfiguration{ // Pass with JoinControlPlane {&kubeadmapi.JoinConfiguration{ // Pass with JoinControlPlane
@ -622,7 +626,7 @@ func TestValidateJoinConfiguration(t *testing.T) {
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{ NodeRegistration: kubeadmapi.NodeRegistrationOptions{
Name: "aaa", Name: "aaa",
CRISocket: "unix:///var/run/containerd/containerd.sock", CRISocket: criPath,
}, },
ControlPlane: &kubeadmapi.JoinControlPlane{ ControlPlane: &kubeadmapi.JoinControlPlane{
LocalAPIEndpoint: kubeadmapi.APIEndpoint{ LocalAPIEndpoint: kubeadmapi.APIEndpoint{
@ -643,7 +647,7 @@ func TestValidateJoinConfiguration(t *testing.T) {
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{ NodeRegistration: kubeadmapi.NodeRegistrationOptions{
Name: "aaa", Name: "aaa",
CRISocket: "unix:///var/run/containerd/containerd.sock", CRISocket: criPath,
}, },
ControlPlane: &kubeadmapi.JoinControlPlane{ ControlPlane: &kubeadmapi.JoinControlPlane{
LocalAPIEndpoint: kubeadmapi.APIEndpoint{ LocalAPIEndpoint: kubeadmapi.APIEndpoint{
@ -664,7 +668,7 @@ func TestValidateJoinConfiguration(t *testing.T) {
}, },
NodeRegistration: kubeadmapi.NodeRegistrationOptions{ NodeRegistration: kubeadmapi.NodeRegistrationOptions{
Name: "aaa", Name: "aaa",
CRISocket: "unix:///var/run/containerd/containerd.sock", CRISocket: criPath,
}, },
ControlPlane: &kubeadmapi.JoinControlPlane{ ControlPlane: &kubeadmapi.JoinControlPlane{
LocalAPIEndpoint: kubeadmapi.APIEndpoint{ LocalAPIEndpoint: kubeadmapi.APIEndpoint{
@ -1124,9 +1128,10 @@ func TestValidateEtcd(t *testing.T) {
actual := ValidateEtcd(tc.etcd, field.NewPath("etcd")) actual := ValidateEtcd(tc.etcd, field.NewPath("etcd"))
actualErrors := len(actual) > 0 actualErrors := len(actual) > 0
if actualErrors != tc.expectedErrors { if actualErrors != tc.expectedErrors {
t.Errorf("Error: \n\texpected: %t\n\t actual: %t", t.Errorf("Error: \n\texpected: %t\n\t actual: %t\n\t encountered errors: %v",
tc.expectedErrors, tc.expectedErrors,
actualErrors, actualErrors,
actual,
) )
} }
} }

View File

@ -25,7 +25,7 @@ import (
) )
func TestGetStaticPodDirectory(t *testing.T) { func TestGetStaticPodDirectory(t *testing.T) {
expected := "/etc/kubernetes/manifests" expected := filepath.FromSlash("/etc/kubernetes/manifests")
actual := GetStaticPodDirectory() actual := GetStaticPodDirectory()
if actual != expected { if actual != expected {
@ -51,7 +51,7 @@ func TestGetAdminKubeConfigPath(t *testing.T) {
} }
func TestGetBootstrapKubeletKubeConfigPath(t *testing.T) { func TestGetBootstrapKubeletKubeConfigPath(t *testing.T) {
expected := "/etc/kubernetes/bootstrap-kubelet.conf" expected := filepath.FromSlash("/etc/kubernetes/bootstrap-kubelet.conf")
actual := GetBootstrapKubeletKubeConfigPath() actual := GetBootstrapKubeletKubeConfigPath()
if actual != expected { if actual != expected {
@ -64,7 +64,7 @@ func TestGetBootstrapKubeletKubeConfigPath(t *testing.T) {
} }
func TestGetKubeletKubeConfigPath(t *testing.T) { func TestGetKubeletKubeConfigPath(t *testing.T) {
expected := "/etc/kubernetes/kubelet.conf" expected := filepath.FromSlash("/etc/kubernetes/kubelet.conf")
actual := GetKubeletKubeConfigPath() actual := GetKubeletKubeConfigPath()
if actual != expected { if actual != expected {
@ -99,7 +99,8 @@ func TestGetStaticPodFilepath(t *testing.T) {
for _, rt := range tests { for _, rt := range tests {
t.Run(rt.componentName, func(t *testing.T) { t.Run(rt.componentName, func(t *testing.T) {
actual := GetStaticPodFilepath(rt.componentName, rt.manifestsDir) actual := GetStaticPodFilepath(rt.componentName, rt.manifestsDir)
if actual != rt.expected { expected := filepath.FromSlash(rt.expected)
if actual != expected {
t.Errorf( t.Errorf(
"failed GetStaticPodFilepath:\n\texpected: %s\n\t actual: %s", "failed GetStaticPodFilepath:\n\texpected: %s\n\t actual: %s",
rt.expected, rt.expected,

View File

@ -205,31 +205,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver", "kube-apiserver",
"--enable-admission-plugins=NodeRestriction", "--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar", "--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub", "--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + testCertsDir + "/sa.key", "--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local", "--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + testCertsDir + "/apiserver.crt", "--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + testCertsDir + "/apiserver.key", "--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt", "--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key", "--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true", "--enable-bootstrap-token-auth=true",
"--secure-port=123", "--secure-port=123",
"--allow-privileged=true", "--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt", "--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key", "--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User", "--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group", "--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client", "--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC", "--authorization-mode=Node,RBAC",
"--advertise-address=1.2.3.4", "--advertise-address=1.2.3.4",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort), fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt", "--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt", "--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key", "--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
}, },
}, },
{ {
@ -243,31 +243,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver", "kube-apiserver",
"--enable-admission-plugins=NodeRestriction", "--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar", "--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub", "--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + testCertsDir + "/sa.key", "--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local", "--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + testCertsDir + "/apiserver.crt", "--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + testCertsDir + "/apiserver.key", "--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt", "--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key", "--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true", "--enable-bootstrap-token-auth=true",
fmt.Sprintf("--secure-port=%d", 123), fmt.Sprintf("--secure-port=%d", 123),
"--allow-privileged=true", "--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt", "--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key", "--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User", "--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group", "--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client", "--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC", "--authorization-mode=Node,RBAC",
"--advertise-address=2001:db8::1", "--advertise-address=2001:db8::1",
fmt.Sprintf("--etcd-servers=https://[::1]:%d", kubeadmconstants.EtcdListenClientPort), fmt.Sprintf("--etcd-servers=https://[::1]:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt", "--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt", "--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key", "--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
}, },
}, },
{ {
@ -289,24 +289,24 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver", "kube-apiserver",
"--enable-admission-plugins=NodeRestriction", "--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar", "--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub", "--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + testCertsDir + "/sa.key", "--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local", "--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + testCertsDir + "/apiserver.crt", "--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + testCertsDir + "/apiserver.key", "--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt", "--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key", "--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
fmt.Sprintf("--secure-port=%d", 123), fmt.Sprintf("--secure-port=%d", 123),
"--allow-privileged=true", "--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--enable-bootstrap-token-auth=true", "--enable-bootstrap-token-auth=true",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt", "--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key", "--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User", "--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group", "--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client", "--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC", "--authorization-mode=Node,RBAC",
"--advertise-address=2001:db8::1", "--advertise-address=2001:db8::1",
@ -332,24 +332,24 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver", "kube-apiserver",
"--enable-admission-plugins=NodeRestriction", "--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar", "--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub", "--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + testCertsDir + "/sa.key", "--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local", "--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + testCertsDir + "/apiserver.crt", "--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + testCertsDir + "/apiserver.key", "--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt", "--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key", "--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
fmt.Sprintf("--secure-port=%d", 123), fmt.Sprintf("--secure-port=%d", 123),
"--allow-privileged=true", "--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--enable-bootstrap-token-auth=true", "--enable-bootstrap-token-auth=true",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt", "--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key", "--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User", "--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group", "--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client", "--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC", "--authorization-mode=Node,RBAC",
"--advertise-address=2001:db8::1", "--advertise-address=2001:db8::1",
@ -377,31 +377,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver", "kube-apiserver",
"--enable-admission-plugins=NodeRestriction", "--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=baz", "--service-cluster-ip-range=baz",
"--service-account-key-file=" + testCertsDir + "/sa.pub", "--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + testCertsDir + "/sa.key", "--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local", "--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + testCertsDir + "/apiserver.crt", "--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + testCertsDir + "/apiserver.key", "--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt", "--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key", "--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true", "--enable-bootstrap-token-auth=true",
"--secure-port=123", "--secure-port=123",
"--allow-privileged=true", "--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt", "--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key", "--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User", "--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group", "--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client", "--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC", "--authorization-mode=Node,RBAC",
"--advertise-address=9.9.9.9", "--advertise-address=9.9.9.9",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort), fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt", "--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt", "--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key", "--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
"--audit-policy-file=/etc/config/audit.yaml", "--audit-policy-file=/etc/config/audit.yaml",
"--audit-log-path=/var/log/kubernetes", "--audit-log-path=/var/log/kubernetes",
}, },
@ -424,31 +424,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver", "kube-apiserver",
"--enable-admission-plugins=NodeRestriction", "--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar", "--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub", "--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + testCertsDir + "/sa.key", "--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local", "--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + testCertsDir + "/apiserver.crt", "--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + testCertsDir + "/apiserver.key", "--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt", "--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key", "--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true", "--enable-bootstrap-token-auth=true",
"--secure-port=123", "--secure-port=123",
"--allow-privileged=true", "--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt", "--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key", "--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User", "--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group", "--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client", "--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=ABAC", "--authorization-mode=ABAC",
"--advertise-address=1.2.3.4", "--advertise-address=1.2.3.4",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort), fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt", "--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt", "--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key", "--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
}, },
}, },
{ {
@ -473,31 +473,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver", "kube-apiserver",
"--enable-admission-plugins=NodeRestriction", "--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar", "--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub", "--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + testCertsDir + "/sa.key", "--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local", "--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + testCertsDir + "/apiserver.crt", "--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + testCertsDir + "/apiserver.key", "--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt", "--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key", "--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true", "--enable-bootstrap-token-auth=true",
"--secure-port=123", "--secure-port=123",
"--allow-privileged=true", "--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname", "--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt", "--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key", "--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User", "--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group", "--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-", "--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client", "--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC,Webhook", "--authorization-mode=Node,RBAC,Webhook",
"--advertise-address=1.2.3.4", "--advertise-address=1.2.3.4",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort), fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt", "--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt", "--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key", "--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
}, },
}, },
} }
@ -549,17 +549,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--cluster-name=some-other-cluster-name", "--cluster-name=some-other-cluster-name",
}, },
}, },
@ -573,17 +573,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
}, },
}, },
{ {
@ -597,17 +597,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true", "--allocate-node-cidrs=true",
"--cluster-cidr=10.0.1.15/16", "--cluster-cidr=10.0.1.15/16",
}, },
@ -627,17 +627,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true", "--allocate-node-cidrs=true",
"--cluster-cidr=10.0.1.15/16", "--cluster-cidr=10.0.1.15/16",
"--service-cluster-ip-range=172.20.0.0/24", "--service-cluster-ip-range=172.20.0.0/24",
@ -657,17 +657,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true", "--allocate-node-cidrs=true",
"--cluster-cidr=10.0.1.15/16", "--cluster-cidr=10.0.1.15/16",
"--node-cidr-mask-size=20", "--node-cidr-mask-size=20",
@ -689,17 +689,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true", "--allocate-node-cidrs=true",
"--cluster-cidr=2001:db8::/64", "--cluster-cidr=2001:db8::/64",
"--service-cluster-ip-range=fd03::/112", "--service-cluster-ip-range=fd03::/112",
@ -723,17 +723,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=false", "--allocate-node-cidrs=false",
"--cluster-cidr=2001:db8::/64", "--cluster-cidr=2001:db8::/64",
"--service-cluster-ip-range=fd03::/112", "--service-cluster-ip-range=fd03::/112",
@ -754,17 +754,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true", "--allocate-node-cidrs=true",
"--cluster-cidr=2001:db8::/64,10.1.0.0/16", "--cluster-cidr=2001:db8::/64,10.1.0.0/16",
"--service-cluster-ip-range=fd03::/112,192.168.0.0/16", "--service-cluster-ip-range=fd03::/112,192.168.0.0/16",
@ -787,17 +787,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + testCertsDir + "/ca.crt", "--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + testCertsDir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + testCertsDir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + testCertsDir + "/ca.crt", "--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true", "--allocate-node-cidrs=true",
"--cluster-cidr=10.0.1.15/16,2001:db8::/64", "--cluster-cidr=10.0.1.15/16,2001:db8::/64",
"--node-cidr-mask-size-ipv4=20", "--node-cidr-mask-size-ipv4=20",
@ -840,17 +840,17 @@ func TestGetControllerManagerCommandExternalCA(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + tmpdir + "/ca.crt", "--root-ca-file=" + filepath.Join(tmpdir, "ca.crt"),
"--service-account-private-key-file=" + tmpdir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(tmpdir, "sa.key"),
"--cluster-signing-cert-file=", "--cluster-signing-cert-file=",
"--cluster-signing-key-file=", "--cluster-signing-key-file=",
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + tmpdir + "/ca.crt", "--client-ca-file=" + filepath.Join(tmpdir, "ca.crt"),
"--requestheader-client-ca-file=" + tmpdir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(tmpdir, "front-proxy-ca.crt"),
} }
}, },
}, },
@ -869,17 +869,17 @@ func TestGetControllerManagerCommandExternalCA(t *testing.T) {
"kube-controller-manager", "kube-controller-manager",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + tmpdir + "/ca.crt", "--root-ca-file=" + filepath.Join(tmpdir, "ca.crt"),
"--service-account-private-key-file=" + tmpdir + "/sa.key", "--service-account-private-key-file=" + filepath.Join(tmpdir, "sa.key"),
"--cluster-signing-cert-file=" + tmpdir + "/ca.crt", "--cluster-signing-cert-file=" + filepath.Join(tmpdir, "ca.crt"),
"--cluster-signing-key-file=" + tmpdir + "/ca.key", "--cluster-signing-key-file=" + filepath.Join(tmpdir, "ca.key"),
"--use-service-account-credentials=true", "--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner", "--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + tmpdir + "/ca.crt", "--client-ca-file=" + filepath.Join(tmpdir, "ca.crt"),
"--requestheader-client-ca-file=" + tmpdir + "/front-proxy-ca.crt", "--requestheader-client-ca-file=" + filepath.Join(tmpdir, "front-proxy-ca.crt"),
} }
}, },
}, },
@ -932,9 +932,9 @@ func TestGetSchedulerCommand(t *testing.T) {
"kube-scheduler", "kube-scheduler",
"--bind-address=127.0.0.1", "--bind-address=127.0.0.1",
"--leader-elect=true", "--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/scheduler.conf", "--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "scheduler.conf"),
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/scheduler.conf", "--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "scheduler.conf"),
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/scheduler.conf", "--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "scheduler.conf"),
}, },
}, },
} }

View File

@ -177,7 +177,7 @@ func getEtcdCertVolumes(etcdCfg *kubeadmapi.ExternalEtcd, k8sCertificatesDir str
certPaths := []string{etcdCfg.CAFile, etcdCfg.CertFile, etcdCfg.KeyFile} certPaths := []string{etcdCfg.CAFile, etcdCfg.CertFile, etcdCfg.KeyFile}
certDirs := sets.NewString() certDirs := sets.NewString()
for _, certPath := range certPaths { for _, certPath := range certPaths {
certDir := filepath.Dir(certPath) certDir := filepath.ToSlash(filepath.Dir(certPath))
// Ignore ".", which is the result of passing an empty path. // Ignore ".", which is the result of passing an empty path.
// Also ignore the cert directories that already may be mounted; /etc/ssl/certs, /etc/pki or Kubernetes CertificatesDir // Also ignore the cert directories that already may be mounted; /etc/ssl/certs, /etc/pki or Kubernetes CertificatesDir
// If the etcd certs are in there, it's okay, we don't have to do anything // If the etcd certs are in there, it's okay, we don't have to do anything

View File

@ -19,6 +19,7 @@ package controlplane
import ( import (
"fmt" "fmt"
"os" "os"
"path/filepath"
"reflect" "reflect"
"testing" "testing"
@ -260,6 +261,8 @@ func TestGetEtcdCertVolumes(t *testing.T) {
func TestGetHostPathVolumesForTheControlPlane(t *testing.T) { func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
hostPathDirectoryOrCreate := v1.HostPathDirectoryOrCreate hostPathDirectoryOrCreate := v1.HostPathDirectoryOrCreate
hostPathFileOrCreate := v1.HostPathFileOrCreate hostPathFileOrCreate := v1.HostPathFileOrCreate
controllerManagerConfig := filepath.FromSlash("/etc/kubernetes/controller-manager.conf")
schedulerConfig := filepath.FromSlash("/etc/kubernetes/scheduler.conf")
volMap := make(map[string]map[string]v1.Volume) volMap := make(map[string]map[string]v1.Volume)
volMap[kubeadmconstants.KubeAPIServer] = map[string]v1.Volume{} volMap[kubeadmconstants.KubeAPIServer] = map[string]v1.Volume{}
volMap[kubeadmconstants.KubeAPIServer]["k8s-certs"] = v1.Volume{ volMap[kubeadmconstants.KubeAPIServer]["k8s-certs"] = v1.Volume{
@ -303,7 +306,7 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
Name: "kubeconfig", Name: "kubeconfig",
VolumeSource: v1.VolumeSource{ VolumeSource: v1.VolumeSource{
HostPath: &v1.HostPathVolumeSource{ HostPath: &v1.HostPathVolumeSource{
Path: "/etc/kubernetes/controller-manager.conf", Path: controllerManagerConfig,
Type: &hostPathFileOrCreate, Type: &hostPathFileOrCreate,
}, },
}, },
@ -313,7 +316,7 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
Name: "kubeconfig", Name: "kubeconfig",
VolumeSource: v1.VolumeSource{ VolumeSource: v1.VolumeSource{
HostPath: &v1.HostPathVolumeSource{ HostPath: &v1.HostPathVolumeSource{
Path: "/etc/kubernetes/scheduler.conf", Path: schedulerConfig,
Type: &hostPathFileOrCreate, Type: &hostPathFileOrCreate,
}, },
}, },
@ -343,13 +346,13 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
} }
volMountMap[kubeadmconstants.KubeControllerManager]["kubeconfig"] = v1.VolumeMount{ volMountMap[kubeadmconstants.KubeControllerManager]["kubeconfig"] = v1.VolumeMount{
Name: "kubeconfig", Name: "kubeconfig",
MountPath: "/etc/kubernetes/controller-manager.conf", MountPath: controllerManagerConfig,
ReadOnly: true, ReadOnly: true,
} }
volMountMap[kubeadmconstants.KubeScheduler] = map[string]v1.VolumeMount{} volMountMap[kubeadmconstants.KubeScheduler] = map[string]v1.VolumeMount{}
volMountMap[kubeadmconstants.KubeScheduler]["kubeconfig"] = v1.VolumeMount{ volMountMap[kubeadmconstants.KubeScheduler]["kubeconfig"] = v1.VolumeMount{
Name: "kubeconfig", Name: "kubeconfig",
MountPath: "/etc/kubernetes/scheduler.conf", MountPath: schedulerConfig,
ReadOnly: true, ReadOnly: true,
} }
@ -414,7 +417,7 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
Name: "kubeconfig", Name: "kubeconfig",
VolumeSource: v1.VolumeSource{ VolumeSource: v1.VolumeSource{
HostPath: &v1.HostPathVolumeSource{ HostPath: &v1.HostPathVolumeSource{
Path: "/etc/kubernetes/controller-manager.conf", Path: controllerManagerConfig,
Type: &hostPathFileOrCreate, Type: &hostPathFileOrCreate,
}, },
}, },
@ -424,7 +427,7 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
Name: "kubeconfig", Name: "kubeconfig",
VolumeSource: v1.VolumeSource{ VolumeSource: v1.VolumeSource{
HostPath: &v1.HostPathVolumeSource{ HostPath: &v1.HostPathVolumeSource{
Path: "/etc/kubernetes/scheduler.conf", Path: schedulerConfig,
Type: &hostPathFileOrCreate, Type: &hostPathFileOrCreate,
}, },
}, },
@ -464,13 +467,13 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
} }
volMountMap2[kubeadmconstants.KubeControllerManager]["kubeconfig"] = v1.VolumeMount{ volMountMap2[kubeadmconstants.KubeControllerManager]["kubeconfig"] = v1.VolumeMount{
Name: "kubeconfig", Name: "kubeconfig",
MountPath: "/etc/kubernetes/controller-manager.conf", MountPath: controllerManagerConfig,
ReadOnly: true, ReadOnly: true,
} }
volMountMap2[kubeadmconstants.KubeScheduler] = map[string]v1.VolumeMount{} volMountMap2[kubeadmconstants.KubeScheduler] = map[string]v1.VolumeMount{}
volMountMap2[kubeadmconstants.KubeScheduler]["kubeconfig"] = v1.VolumeMount{ volMountMap2[kubeadmconstants.KubeScheduler]["kubeconfig"] = v1.VolumeMount{
Name: "kubeconfig", Name: "kubeconfig",
MountPath: "/etc/kubernetes/scheduler.conf", MountPath: schedulerConfig,
ReadOnly: true, ReadOnly: true,
} }
var tests = []struct { var tests = []struct {

View File

@ -184,13 +184,13 @@ func TestGetEtcdCommand(t *testing.T) {
fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd", "--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName, "--cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerCertName),
"--key-file=" + kubeadmconstants.EtcdServerKeyName, "--key-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerKeyName),
"--trusted-ca-file=" + kubeadmconstants.EtcdCACertName, "--trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--client-cert-auth=true", "--client-cert-auth=true",
"--peer-cert-file=" + kubeadmconstants.EtcdPeerCertName, "--peer-cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerCertName),
"--peer-key-file=" + kubeadmconstants.EtcdPeerKeyName, "--peer-key-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerKeyName),
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName, "--peer-trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--snapshot-count=10000", "--snapshot-count=10000",
"--peer-client-cert-auth=true", "--peer-client-cert-auth=true",
fmt.Sprintf("--initial-cluster=foo=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--initial-cluster=foo=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
@ -215,13 +215,13 @@ func TestGetEtcdCommand(t *testing.T) {
fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd", "--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName, "--cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerCertName),
"--key-file=" + kubeadmconstants.EtcdServerKeyName, "--key-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerKeyName),
"--trusted-ca-file=" + kubeadmconstants.EtcdCACertName, "--trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--client-cert-auth=true", "--client-cert-auth=true",
"--peer-cert-file=" + kubeadmconstants.EtcdPeerCertName, "--peer-cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerCertName),
"--peer-key-file=" + kubeadmconstants.EtcdPeerKeyName, "--peer-key-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerKeyName),
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName, "--peer-trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--snapshot-count=10000", "--snapshot-count=10000",
"--peer-client-cert-auth=true", "--peer-client-cert-auth=true",
"--initial-cluster-state=existing", "--initial-cluster-state=existing",
@ -247,13 +247,13 @@ func TestGetEtcdCommand(t *testing.T) {
fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd", "--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName, "--cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerCertName),
"--key-file=" + kubeadmconstants.EtcdServerKeyName, "--key-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerKeyName),
"--trusted-ca-file=" + kubeadmconstants.EtcdCACertName, "--trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--client-cert-auth=true", "--client-cert-auth=true",
"--peer-cert-file=" + kubeadmconstants.EtcdPeerCertName, "--peer-cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerCertName),
"--peer-key-file=" + kubeadmconstants.EtcdPeerKeyName, "--peer-key-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerKeyName),
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName, "--peer-trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--snapshot-count=10000", "--snapshot-count=10000",
"--peer-client-cert-auth=true", "--peer-client-cert-auth=true",
fmt.Sprintf("--initial-cluster=bar=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--initial-cluster=bar=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
@ -274,13 +274,13 @@ func TestGetEtcdCommand(t *testing.T) {
fmt.Sprintf("--listen-peer-urls=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--listen-peer-urls=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--initial-advertise-peer-urls=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd", "--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName, "--cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerCertName),
"--key-file=" + kubeadmconstants.EtcdServerKeyName, "--key-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerKeyName),
"--trusted-ca-file=" + kubeadmconstants.EtcdCACertName, "--trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--client-cert-auth=true", "--client-cert-auth=true",
"--peer-cert-file=" + kubeadmconstants.EtcdPeerCertName, "--peer-cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerCertName),
"--peer-key-file=" + kubeadmconstants.EtcdPeerKeyName, "--peer-key-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerKeyName),
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName, "--peer-trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--snapshot-count=10000", "--snapshot-count=10000",
"--peer-client-cert-auth=true", "--peer-client-cert-auth=true",
fmt.Sprintf("--initial-cluster=foo=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort), fmt.Sprintf("--initial-cluster=foo=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort),

View File

@ -39,14 +39,14 @@ func TestMoveFiles(t *testing.T) {
if err != nil { if err != nil {
t.Fatalf("Failed to create cert file %s: %v", certPath, err) t.Fatalf("Failed to create cert file %s: %v", certPath, err)
} }
defer certFile.Close() certFile.Close()
keyPath := filepath.Join(tmpdir, constants.APIServerKeyName) keyPath := filepath.Join(tmpdir, constants.APIServerKeyName)
keyFile, err := os.OpenFile(keyPath, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0666) keyFile, err := os.OpenFile(keyPath, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0666)
if err != nil { if err != nil {
t.Fatalf("Failed to create key file %s: %v", keyPath, err) t.Fatalf("Failed to create key file %s: %v", keyPath, err)
} }
defer keyFile.Close() keyFile.Close()
subDir := filepath.Join(tmpdir, "expired") subDir := filepath.Join(tmpdir, "expired")
if err := os.Mkdir(subDir, 0766); err != nil { if err := os.Mkdir(subDir, 0766); err != nil {

View File

@ -25,6 +25,7 @@ import (
"fmt" "fmt"
"net" "net"
"os" "os"
"path/filepath"
"reflect" "reflect"
"testing" "testing"
@ -538,38 +539,44 @@ func TestTryLoadKeyFromDisk(t *testing.T) {
func TestPathsForCertAndKey(t *testing.T) { func TestPathsForCertAndKey(t *testing.T) {
crtPath, keyPath := PathsForCertAndKey("/foo", "bar") crtPath, keyPath := PathsForCertAndKey("/foo", "bar")
if crtPath != "/foo/bar.crt" { expectedPath := filepath.FromSlash("/foo/bar.crt")
if crtPath != expectedPath {
t.Errorf("unexpected certificate path: %s", crtPath) t.Errorf("unexpected certificate path: %s", crtPath)
} }
if keyPath != "/foo/bar.key" { expectedPath = filepath.FromSlash("/foo/bar.key")
if keyPath != expectedPath {
t.Errorf("unexpected key path: %s", keyPath) t.Errorf("unexpected key path: %s", keyPath)
} }
} }
func TestPathForCert(t *testing.T) { func TestPathForCert(t *testing.T) {
crtPath := pathForCert("/foo", "bar") crtPath := pathForCert("/foo", "bar")
if crtPath != "/foo/bar.crt" { expectedPath := filepath.FromSlash("/foo/bar.crt")
if crtPath != expectedPath {
t.Errorf("unexpected certificate path: %s", crtPath) t.Errorf("unexpected certificate path: %s", crtPath)
} }
} }
func TestPathForKey(t *testing.T) { func TestPathForKey(t *testing.T) {
keyPath := pathForKey("/foo", "bar") keyPath := pathForKey("/foo", "bar")
if keyPath != "/foo/bar.key" { expectedPath := filepath.FromSlash("/foo/bar.key")
if keyPath != expectedPath {
t.Errorf("unexpected certificate path: %s", keyPath) t.Errorf("unexpected certificate path: %s", keyPath)
} }
} }
func TestPathForPublicKey(t *testing.T) { func TestPathForPublicKey(t *testing.T) {
pubPath := pathForPublicKey("/foo", "bar") pubPath := pathForPublicKey("/foo", "bar")
if pubPath != "/foo/bar.pub" { expectedPath := filepath.FromSlash("/foo/bar.pub")
if pubPath != expectedPath {
t.Errorf("unexpected certificate path: %s", pubPath) t.Errorf("unexpected certificate path: %s", pubPath)
} }
} }
func TestPathForCSR(t *testing.T) { func TestPathForCSR(t *testing.T) {
csrPath := pathForCSR("/foo", "bar") csrPath := pathForCSR("/foo", "bar")
if csrPath != "/foo/bar.csr" { expectedPath := filepath.FromSlash("/foo/bar.csr")
if csrPath != expectedPath {
t.Errorf("unexpected certificate path: %s", csrPath) t.Errorf("unexpected certificate path: %s", csrPath)
} }
} }