From 44b044ab0af6ab9fa00556c40c59fabc759f5e9a Mon Sep 17 00:00:00 2001
From: Paulo Pires <pires@apprenda.com>
Date: Mon, 16 Jan 2017 19:11:37 +0000
Subject: [PATCH] kubeadm: token generation must respect Kubernetes DNS
 labeling rules. Refs kubernetes/kubeadm#104

---
 cmd/kubeadm/app/cmd/token.go        |  6 +++---
 cmd/kubeadm/app/util/tokens.go      |  7 +++++--
 cmd/kubeadm/app/util/tokens_test.go | 15 ++++++++-------
 3 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/cmd/kubeadm/app/cmd/token.go b/cmd/kubeadm/app/cmd/token.go
index 600ee3c8341..20234cf262c 100644
--- a/cmd/kubeadm/app/cmd/token.go
+++ b/cmd/kubeadm/app/cmd/token.go
@@ -152,13 +152,13 @@ func RunCreateToken(out io.Writer, cmd *cobra.Command, tokenDuration time.Durati
 }
 
 func RunGenerateToken(out io.Writer) error {
-	d := &kubeadmapi.TokenDiscovery{}
-	err := kubeadmutil.GenerateToken(d)
+	td := &kubeadmapi.TokenDiscovery{}
+	err := kubeadmutil.GenerateToken(td)
 	if err != nil {
 		return err
 	}
 
-	fmt.Fprintln(out, kubeadmutil.BearerToken(d))
+	fmt.Fprintln(out, kubeadmutil.BearerToken(td))
 	return nil
 }
 
diff --git a/cmd/kubeadm/app/util/tokens.go b/cmd/kubeadm/app/util/tokens.go
index 4af28d1a7f5..80d04dc1462 100644
--- a/cmd/kubeadm/app/util/tokens.go
+++ b/cmd/kubeadm/app/util/tokens.go
@@ -51,6 +51,9 @@ func randBytes(length int) (string, error) {
 	return hex.EncodeToString(b), nil
 }
 
+// GenerateToken generates a new token with a token ID that is valid as a
+// Kubernetes DNS label.
+// For more info, see kubernetes/pkg/util/validation/validation.go.
 func GenerateToken(d *kubeadmapi.TokenDiscovery) error {
 	tokenID, err := randBytes(TokenIDBytes)
 	if err != nil {
@@ -62,8 +65,8 @@ func GenerateToken(d *kubeadmapi.TokenDiscovery) error {
 		return err
 	}
 
-	d.ID = tokenID
-	d.Secret = token
+	d.ID = strings.ToLower(tokenID)
+	d.Secret = strings.ToLower(token)
 	return nil
 }
 
diff --git a/cmd/kubeadm/app/util/tokens_test.go b/cmd/kubeadm/app/util/tokens_test.go
index 1dd547b16e1..bd6495874a3 100644
--- a/cmd/kubeadm/app/util/tokens_test.go
+++ b/cmd/kubeadm/app/util/tokens_test.go
@@ -41,14 +41,15 @@ func TestTokenParse(t *testing.T) {
 }
 
 func TestGenerateToken(t *testing.T) {
-	var cfg kubeadmapi.TokenDiscovery
-
-	GenerateToken(&cfg)
-	if len(cfg.ID) != 6 {
-		t.Errorf("failed GenerateToken first part length:\n\texpected: 6\n\t  actual: %d", len(cfg.ID))
+	td := &kubeadmapi.TokenDiscovery{}
+	if err := GenerateToken(td); err != nil {
+		t.Fatalf("GenerateToken returned an unexpected error: %+v", err)
 	}
-	if len(cfg.Secret) != 16 {
-		t.Errorf("failed GenerateToken first part length:\n\texpected: 16\n\t  actual: %d", len(cfg.Secret))
+	if len(td.ID) != 6 {
+		t.Errorf("failed GenerateToken first part length:\n\texpected: 6\n\t  actual: %d", len(td.ID))
+	}
+	if len(td.Secret) != 16 {
+		t.Errorf("failed GenerateToken second part length:\n\texpected: 16\n\t  actual: %d", len(td.Secret))
 	}
 }