Merge pull request #60464 from roycaihw/loadconfig

Automatic merge from submit-queue (batch tested with PRs 63598, 63913, 63459, 63963, 60464). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Client-go raises error on duplicated name in kubeconfig

(for NamedCluster, NamedContext, NamedUser, NamedExtension)



**What this PR does / why we need it**:
Client should detect duplicated name when loading `name-value` based lists in kubeconfig: `users`, `clusters`, `contexts`. Currently if there are multiple value with same name, `client-python` will pick the first one, while `client-go` will pick the last.

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
ref: kubernetes-client/python#445, kubernetes-client/python-base#47

**Special notes for your reviewer**:

**Release note**:

```release-note
kubectl and client-go now detects duplicated name for user, cluster and context when loading kubeconfig and reports error 
```

/sig api-machinery

cc @brendandburns @mbohlool
This commit is contained in:
Kubernetes Submit Queue 2018-05-19 06:49:27 -07:00 committed by GitHub
commit 7909712ca5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 189 additions and 4 deletions

View File

@ -17,6 +17,7 @@ limitations under the License.
package v1
import (
"fmt"
"sort"
"k8s.io/apimachinery/pkg/conversion"
@ -105,7 +106,11 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
if err := s.Convert(&curr.Cluster, newCluster, 0); err != nil {
return err
}
(*out)[curr.Name] = newCluster
if (*out)[curr.Name] == nil {
(*out)[curr.Name] = newCluster
} else {
return fmt.Errorf("error converting *[]NamedCluster into *map[string]*api.Cluster: duplicate name \"%v\" in list: %v", curr.Name, *in)
}
}
return nil
@ -136,7 +141,11 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
if err := s.Convert(&curr.AuthInfo, newAuthInfo, 0); err != nil {
return err
}
(*out)[curr.Name] = newAuthInfo
if (*out)[curr.Name] == nil {
(*out)[curr.Name] = newAuthInfo
} else {
return fmt.Errorf("error converting *[]NamedAuthInfo into *map[string]*api.AuthInfo: duplicate name \"%v\" in list: %v", curr.Name, *in)
}
}
return nil
@ -167,7 +176,11 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
if err := s.Convert(&curr.Context, newContext, 0); err != nil {
return err
}
(*out)[curr.Name] = newContext
if (*out)[curr.Name] == nil {
(*out)[curr.Name] = newContext
} else {
return fmt.Errorf("error converting *[]NamedContext into *map[string]*api.Context: duplicate name \"%v\" in list: %v", curr.Name, *in)
}
}
return nil
@ -198,7 +211,11 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
if err := s.Convert(&curr.Extension, &newExtension, 0); err != nil {
return err
}
(*out)[curr.Name] = newExtension
if (*out)[curr.Name] == nil {
(*out)[curr.Name] = newExtension
} else {
return fmt.Errorf("error converting *[]NamedExtension into *map[string]runtime.Object: duplicate name \"%v\" in list: %v", curr.Name, *in)
}
}
return nil

View File

@ -201,6 +201,174 @@ func TestLoadingEmptyMaps(t *testing.T) {
}
}
func TestDuplicateClusterName(t *testing.T) {
configFile, _ := ioutil.TempFile("", "")
defer os.Remove(configFile.Name())
err := ioutil.WriteFile(configFile.Name(), []byte(`
kind: Config
apiVersion: v1
clusters:
- cluster:
api-version: v1
server: https://kubernetes.default.svc:443
certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
name: kubeconfig-cluster
- cluster:
api-version: v2
server: https://test.example.server:443
certificate-authority: /var/run/secrets/test.example.io/serviceaccount/ca.crt
name: kubeconfig-cluster
contexts:
- context:
cluster: kubeconfig-cluster
namespace: default
user: kubeconfig-user
name: kubeconfig-context
current-context: kubeconfig-context
users:
- name: kubeconfig-user
user:
tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
`), os.FileMode(0755))
if err != nil {
t.Errorf("Unexpected error: %v", err)
}
_, err = LoadFromFile(configFile.Name())
if err == nil || !strings.Contains(err.Error(),
"error converting *[]NamedCluster into *map[string]*api.Cluster: duplicate name \"kubeconfig-cluster\" in list") {
t.Error("Expected error in loading duplicate cluster name, got none")
}
}
func TestDuplicateContextName(t *testing.T) {
configFile, _ := ioutil.TempFile("", "")
defer os.Remove(configFile.Name())
err := ioutil.WriteFile(configFile.Name(), []byte(`
kind: Config
apiVersion: v1
clusters:
- cluster:
api-version: v1
server: https://kubernetes.default.svc:443
certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
name: kubeconfig-cluster
contexts:
- context:
cluster: kubeconfig-cluster
namespace: default
user: kubeconfig-user
name: kubeconfig-context
- context:
cluster: test-example-cluster
namespace: test-example
user: test-example-user
name: kubeconfig-context
current-context: kubeconfig-context
users:
- name: kubeconfig-user
user:
tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
`), os.FileMode(0755))
if err != nil {
t.Errorf("Unexpected error: %v", err)
}
_, err = LoadFromFile(configFile.Name())
if err == nil || !strings.Contains(err.Error(),
"error converting *[]NamedContext into *map[string]*api.Context: duplicate name \"kubeconfig-context\" in list") {
t.Error("Expected error in loading duplicate context name, got none")
}
}
func TestDuplicateUserName(t *testing.T) {
configFile, _ := ioutil.TempFile("", "")
defer os.Remove(configFile.Name())
err := ioutil.WriteFile(configFile.Name(), []byte(`
kind: Config
apiVersion: v1
clusters:
- cluster:
api-version: v1
server: https://kubernetes.default.svc:443
certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
name: kubeconfig-cluster
contexts:
- context:
cluster: kubeconfig-cluster
namespace: default
user: kubeconfig-user
name: kubeconfig-context
current-context: kubeconfig-context
users:
- name: kubeconfig-user
user:
tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
- name: kubeconfig-user
user:
tokenFile: /var/run/secrets/test.example.com/serviceaccount/token
`), os.FileMode(0755))
if err != nil {
t.Errorf("Unexpected error: %v", err)
}
_, err = LoadFromFile(configFile.Name())
if err == nil || !strings.Contains(err.Error(),
"error converting *[]NamedAuthInfo into *map[string]*api.AuthInfo: duplicate name \"kubeconfig-user\" in list") {
t.Error("Expected error in loading duplicate user name, got none")
}
}
func TestDuplicateExtensionName(t *testing.T) {
configFile, _ := ioutil.TempFile("", "")
defer os.Remove(configFile.Name())
err := ioutil.WriteFile(configFile.Name(), []byte(`
kind: Config
apiVersion: v1
clusters:
- cluster:
api-version: v1
server: https://kubernetes.default.svc:443
certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
name: kubeconfig-cluster
contexts:
- context:
cluster: kubeconfig-cluster
namespace: default
user: kubeconfig-user
name: kubeconfig-context
current-context: kubeconfig-context
users:
- name: kubeconfig-user
user:
tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
extensions:
- extension:
bytes: test
name: test-extension
- extension:
bytes: some-example
name: test-extension
`), os.FileMode(0755))
if err != nil {
t.Errorf("Unexpected error: %v", err)
}
_, err = LoadFromFile(configFile.Name())
if err == nil || !strings.Contains(err.Error(),
"error converting *[]NamedExtension into *map[string]runtime.Object: duplicate name \"test-extension\" in list") {
t.Error("Expected error in loading duplicate extension name, got none")
}
}
func TestResolveRelativePaths(t *testing.T) {
pathResolutionConfig1 := clientcmdapi.Config{
AuthInfos: map[string]*clientcmdapi.AuthInfo{