mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
add rbac for tests and kubectl
This commit is contained in:
parent
7bdf4a36d5
commit
323e804f39
@ -58,7 +58,7 @@ KUBE_GOVERALLS_BIN=${KUBE_GOVERALLS_BIN:-}
|
|||||||
# Lists of API Versions of each groups that should be tested, groups are
|
# Lists of API Versions of each groups that should be tested, groups are
|
||||||
# separated by comma, lists are separated by semicolon. e.g.,
|
# separated by comma, lists are separated by semicolon. e.g.,
|
||||||
# "v1,compute/v1alpha1,experimental/v1alpha2;v1,compute/v2,experimental/v1alpha3"
|
# "v1,compute/v1alpha1,experimental/v1alpha2;v1,compute/v2,experimental/v1alpha3"
|
||||||
KUBE_TEST_API_VERSIONS=${KUBE_TEST_API_VERSIONS:-"v1,extensions/v1beta1,metrics/v1alpha1,federation/v1alpha1;v1,autoscaling/v1,batch/v1,batch/v2alpha1,extensions/v1beta1,apps/v1alpha1,metrics/v1alpha1,federation/v1alpha1,policy/v1alpha1"}
|
KUBE_TEST_API_VERSIONS=${KUBE_TEST_API_VERSIONS:-"v1,extensions/v1beta1,metrics/v1alpha1,federation/v1alpha1;v1,autoscaling/v1,batch/v1,batch/v2alpha1,extensions/v1beta1,apps/v1alpha1,metrics/v1alpha1,federation/v1alpha1,policy/v1alpha1,rbac.authorization.k8s.io/v1alpha1"}
|
||||||
# once we have multiple group supports
|
# once we have multiple group supports
|
||||||
# Run tests with the standard (registry) and a custom etcd prefix
|
# Run tests with the standard (registry) and a custom etcd prefix
|
||||||
# (kubernetes.io/registry).
|
# (kubernetes.io/registry).
|
||||||
|
@ -29,7 +29,7 @@ source "${KUBE_ROOT}/hack/lib/init.sh"
|
|||||||
# "v1,compute/v1alpha1,experimental/v1alpha2;v1,compute/v2,experimental/v1alpha3"
|
# "v1,compute/v1alpha1,experimental/v1alpha2;v1,compute/v2,experimental/v1alpha3"
|
||||||
# TODO: It's going to be:
|
# TODO: It's going to be:
|
||||||
# KUBE_TEST_API_VERSIONS=${KUBE_TEST_API_VERSIONS:-"v1,extensions/v1beta1"}
|
# KUBE_TEST_API_VERSIONS=${KUBE_TEST_API_VERSIONS:-"v1,extensions/v1beta1"}
|
||||||
KUBE_TEST_API_VERSIONS=${KUBE_TEST_API_VERSIONS:-"v1,extensions/v1beta1;v1,autoscaling/v1,batch/v1,apps/v1alpha1,policy/v1alpha1,extensions/v1beta1"}
|
KUBE_TEST_API_VERSIONS=${KUBE_TEST_API_VERSIONS:-"v1,extensions/v1beta1;v1,autoscaling/v1,batch/v1,apps/v1alpha1,policy/v1alpha1,extensions/v1beta1,rbac.authorization.k8s.io/v1alpha1"}
|
||||||
|
|
||||||
# Give integration tests longer to run
|
# Give integration tests longer to run
|
||||||
# TODO: allow a larger value to be passed in
|
# TODO: allow a larger value to be passed in
|
||||||
|
@ -74,7 +74,7 @@ APISERVER_PID=$!
|
|||||||
kube::util::wait_for_url "http://127.0.0.1:${API_PORT}/healthz" "apiserver: "
|
kube::util::wait_for_url "http://127.0.0.1:${API_PORT}/healthz" "apiserver: "
|
||||||
|
|
||||||
SWAGGER_API_PATH="http://127.0.0.1:${API_PORT}/swaggerapi/"
|
SWAGGER_API_PATH="http://127.0.0.1:${API_PORT}/swaggerapi/"
|
||||||
DEFAULT_GROUP_VERSIONS="v1 autoscaling/v1 batch/v1 batch/v2alpha1 extensions/v1beta1 apps/v1alpha1 policy/v1alpha1"
|
DEFAULT_GROUP_VERSIONS="v1 autoscaling/v1 batch/v1 batch/v2alpha1 extensions/v1beta1 apps/v1alpha1 policy/v1alpha1 rbac.authorization.k8s.io/v1alpha1"
|
||||||
VERSIONS=${VERSIONS:-$DEFAULT_GROUP_VERSIONS}
|
VERSIONS=${VERSIONS:-$DEFAULT_GROUP_VERSIONS}
|
||||||
|
|
||||||
kube::log::status "Updating " ${SWAGGER_ROOT_DIR}
|
kube::log::status "Updating " ${SWAGGER_ROOT_DIR}
|
||||||
|
@ -34,6 +34,7 @@ import (
|
|||||||
"k8s.io/kubernetes/pkg/apis/batch"
|
"k8s.io/kubernetes/pkg/apis/batch"
|
||||||
"k8s.io/kubernetes/pkg/apis/extensions"
|
"k8s.io/kubernetes/pkg/apis/extensions"
|
||||||
"k8s.io/kubernetes/pkg/apis/policy"
|
"k8s.io/kubernetes/pkg/apis/policy"
|
||||||
|
"k8s.io/kubernetes/pkg/apis/rbac"
|
||||||
"k8s.io/kubernetes/pkg/runtime"
|
"k8s.io/kubernetes/pkg/runtime"
|
||||||
"k8s.io/kubernetes/pkg/runtime/serializer/recognizer"
|
"k8s.io/kubernetes/pkg/runtime/serializer/recognizer"
|
||||||
|
|
||||||
@ -46,6 +47,7 @@ import (
|
|||||||
_ "k8s.io/kubernetes/pkg/apis/extensions/install"
|
_ "k8s.io/kubernetes/pkg/apis/extensions/install"
|
||||||
_ "k8s.io/kubernetes/pkg/apis/metrics/install"
|
_ "k8s.io/kubernetes/pkg/apis/metrics/install"
|
||||||
_ "k8s.io/kubernetes/pkg/apis/policy/install"
|
_ "k8s.io/kubernetes/pkg/apis/policy/install"
|
||||||
|
_ "k8s.io/kubernetes/pkg/apis/rbac/install"
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -57,6 +59,7 @@ var (
|
|||||||
Apps TestGroup
|
Apps TestGroup
|
||||||
Policy TestGroup
|
Policy TestGroup
|
||||||
Federation TestGroup
|
Federation TestGroup
|
||||||
|
Rbac TestGroup
|
||||||
|
|
||||||
serializer runtime.SerializerInfo
|
serializer runtime.SerializerInfo
|
||||||
storageSerializer runtime.SerializerInfo
|
storageSerializer runtime.SerializerInfo
|
||||||
@ -191,6 +194,13 @@ func init() {
|
|||||||
internalTypes: api.Scheme.KnownTypes(federation.SchemeGroupVersion),
|
internalTypes: api.Scheme.KnownTypes(federation.SchemeGroupVersion),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if _, ok := Groups[rbac.GroupName]; !ok {
|
||||||
|
Groups[rbac.GroupName] = TestGroup{
|
||||||
|
externalGroupVersions: []unversioned.GroupVersion{{Group: rbac.GroupName, Version: registered.GroupOrDie(rbac.GroupName).GroupVersion.Version}},
|
||||||
|
internalGroupVersion: rbac.SchemeGroupVersion,
|
||||||
|
internalTypes: api.Scheme.KnownTypes(rbac.SchemeGroupVersion),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Default = Groups[api.GroupName]
|
Default = Groups[api.GroupName]
|
||||||
Autoscaling = Groups[autoscaling.GroupName]
|
Autoscaling = Groups[autoscaling.GroupName]
|
||||||
@ -199,6 +209,7 @@ func init() {
|
|||||||
Policy = Groups[policy.GroupName]
|
Policy = Groups[policy.GroupName]
|
||||||
Extensions = Groups[extensions.GroupName]
|
Extensions = Groups[extensions.GroupName]
|
||||||
Federation = Groups[federation.GroupName]
|
Federation = Groups[federation.GroupName]
|
||||||
|
Rbac = Groups[rbac.GroupName]
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g TestGroup) ContentConfig() (string, *unversioned.GroupVersion, runtime.Codec) {
|
func (g TestGroup) ContentConfig() (string, *unversioned.GroupVersion, runtime.Codec) {
|
||||||
|
@ -49,6 +49,7 @@ import (
|
|||||||
"k8s.io/kubernetes/pkg/apis/extensions"
|
"k8s.io/kubernetes/pkg/apis/extensions"
|
||||||
"k8s.io/kubernetes/pkg/apis/metrics"
|
"k8s.io/kubernetes/pkg/apis/metrics"
|
||||||
"k8s.io/kubernetes/pkg/apis/policy"
|
"k8s.io/kubernetes/pkg/apis/policy"
|
||||||
|
"k8s.io/kubernetes/pkg/apis/rbac"
|
||||||
"k8s.io/kubernetes/pkg/client/restclient"
|
"k8s.io/kubernetes/pkg/client/restclient"
|
||||||
client "k8s.io/kubernetes/pkg/client/unversioned"
|
client "k8s.io/kubernetes/pkg/client/unversioned"
|
||||||
clientset "k8s.io/kubernetes/pkg/client/unversioned/adapters/internalclientset"
|
clientset "k8s.io/kubernetes/pkg/client/unversioned/adapters/internalclientset"
|
||||||
@ -347,6 +348,8 @@ func NewFactory(optionalClientConfig clientcmd.ClientConfig) *Factory {
|
|||||||
return c.ExtensionsClient.RESTClient, nil
|
return c.ExtensionsClient.RESTClient, nil
|
||||||
case federation.GroupName:
|
case federation.GroupName:
|
||||||
return clients.FederationClientForVersion(&mappingVersion)
|
return clients.FederationClientForVersion(&mappingVersion)
|
||||||
|
case rbac.GroupName:
|
||||||
|
return c.RbacClient.RESTClient, nil
|
||||||
default:
|
default:
|
||||||
if !registered.IsThirdPartyAPIGroupVersion(gvk.GroupVersion()) {
|
if !registered.IsThirdPartyAPIGroupVersion(gvk.GroupVersion()) {
|
||||||
return nil, fmt.Errorf("unknown api group/version: %s", gvk.String())
|
return nil, fmt.Errorf("unknown api group/version: %s", gvk.String())
|
||||||
@ -1017,6 +1020,12 @@ func (c *clientSwaggerSchema) ValidateBytes(data []byte) error {
|
|||||||
}
|
}
|
||||||
return getSchemaAndValidate(c.c.BatchClient.RESTClient, data, "apis/", gvk.GroupVersion().String(), c.cacheDir, c)
|
return getSchemaAndValidate(c.c.BatchClient.RESTClient, data, "apis/", gvk.GroupVersion().String(), c.cacheDir, c)
|
||||||
}
|
}
|
||||||
|
if gvk.Group == rbac.GroupName {
|
||||||
|
if c.c.RbacClient == nil {
|
||||||
|
return errors.New("unable to validate: no rbac client")
|
||||||
|
}
|
||||||
|
return getSchemaAndValidate(c.c.RbacClient.RESTClient, data, "apis/", gvk.GroupVersion().String(), c.cacheDir, c)
|
||||||
|
}
|
||||||
if registered.IsThirdPartyAPIGroupVersion(gvk.GroupVersion()) {
|
if registered.IsThirdPartyAPIGroupVersion(gvk.GroupVersion()) {
|
||||||
// Don't attempt to validate third party objects
|
// Don't attempt to validate third party objects
|
||||||
return nil
|
return nil
|
||||||
|
@ -35,6 +35,7 @@ import (
|
|||||||
"k8s.io/kubernetes/pkg/apis/batch"
|
"k8s.io/kubernetes/pkg/apis/batch"
|
||||||
"k8s.io/kubernetes/pkg/apis/extensions"
|
"k8s.io/kubernetes/pkg/apis/extensions"
|
||||||
"k8s.io/kubernetes/pkg/apis/policy"
|
"k8s.io/kubernetes/pkg/apis/policy"
|
||||||
|
"k8s.io/kubernetes/pkg/apis/rbac"
|
||||||
"k8s.io/kubernetes/pkg/apiserver"
|
"k8s.io/kubernetes/pkg/apiserver"
|
||||||
clientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
|
clientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
|
||||||
"k8s.io/kubernetes/pkg/client/record"
|
"k8s.io/kubernetes/pkg/client/record"
|
||||||
@ -183,6 +184,10 @@ func NewMasterConfig() *master.Config {
|
|||||||
unversioned.GroupResource{Group: policy.GroupName, Resource: genericapiserver.AllResources},
|
unversioned.GroupResource{Group: policy.GroupName, Resource: genericapiserver.AllResources},
|
||||||
"",
|
"",
|
||||||
NewSingleContentTypeSerializer(api.Scheme, testapi.Policy.Codec(), runtime.ContentTypeJSON))
|
NewSingleContentTypeSerializer(api.Scheme, testapi.Policy.Codec(), runtime.ContentTypeJSON))
|
||||||
|
storageFactory.SetSerializer(
|
||||||
|
unversioned.GroupResource{Group: rbac.GroupName, Resource: genericapiserver.AllResources},
|
||||||
|
"",
|
||||||
|
NewSingleContentTypeSerializer(api.Scheme, testapi.Rbac.Codec(), runtime.ContentTypeJSON))
|
||||||
|
|
||||||
return &master.Config{
|
return &master.Config{
|
||||||
Config: &genericapiserver.Config{
|
Config: &genericapiserver.Config{
|
||||||
|
Loading…
Reference in New Issue
Block a user