mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Merge pull request #60464 from roycaihw/loadconfig
Automatic merge from submit-queue (batch tested with PRs 63598, 63913, 63459, 63963, 60464). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Client-go raises error on duplicated name in kubeconfig (for NamedCluster, NamedContext, NamedUser, NamedExtension) **What this PR does / why we need it**: Client should detect duplicated name when loading `name-value` based lists in kubeconfig: `users`, `clusters`, `contexts`. Currently if there are multiple value with same name, `client-python` will pick the first one, while `client-go` will pick the last. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: ref: kubernetes-client/python#445, kubernetes-client/python-base#47 **Special notes for your reviewer**: **Release note**: ```release-note kubectl and client-go now detects duplicated name for user, cluster and context when loading kubeconfig and reports error ``` /sig api-machinery cc @brendandburns @mbohlool
This commit is contained in:
commit
7909712ca5
@ -17,6 +17,7 @@ limitations under the License.
|
||||
package v1
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"sort"
|
||||
|
||||
"k8s.io/apimachinery/pkg/conversion"
|
||||
@ -105,7 +106,11 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
|
||||
if err := s.Convert(&curr.Cluster, newCluster, 0); err != nil {
|
||||
return err
|
||||
}
|
||||
(*out)[curr.Name] = newCluster
|
||||
if (*out)[curr.Name] == nil {
|
||||
(*out)[curr.Name] = newCluster
|
||||
} else {
|
||||
return fmt.Errorf("error converting *[]NamedCluster into *map[string]*api.Cluster: duplicate name \"%v\" in list: %v", curr.Name, *in)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
@ -136,7 +141,11 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
|
||||
if err := s.Convert(&curr.AuthInfo, newAuthInfo, 0); err != nil {
|
||||
return err
|
||||
}
|
||||
(*out)[curr.Name] = newAuthInfo
|
||||
if (*out)[curr.Name] == nil {
|
||||
(*out)[curr.Name] = newAuthInfo
|
||||
} else {
|
||||
return fmt.Errorf("error converting *[]NamedAuthInfo into *map[string]*api.AuthInfo: duplicate name \"%v\" in list: %v", curr.Name, *in)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
@ -167,7 +176,11 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
|
||||
if err := s.Convert(&curr.Context, newContext, 0); err != nil {
|
||||
return err
|
||||
}
|
||||
(*out)[curr.Name] = newContext
|
||||
if (*out)[curr.Name] == nil {
|
||||
(*out)[curr.Name] = newContext
|
||||
} else {
|
||||
return fmt.Errorf("error converting *[]NamedContext into *map[string]*api.Context: duplicate name \"%v\" in list: %v", curr.Name, *in)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
@ -198,7 +211,11 @@ func addConversionFuncs(scheme *runtime.Scheme) error {
|
||||
if err := s.Convert(&curr.Extension, &newExtension, 0); err != nil {
|
||||
return err
|
||||
}
|
||||
(*out)[curr.Name] = newExtension
|
||||
if (*out)[curr.Name] == nil {
|
||||
(*out)[curr.Name] = newExtension
|
||||
} else {
|
||||
return fmt.Errorf("error converting *[]NamedExtension into *map[string]runtime.Object: duplicate name \"%v\" in list: %v", curr.Name, *in)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
|
@ -201,6 +201,174 @@ func TestLoadingEmptyMaps(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestDuplicateClusterName(t *testing.T) {
|
||||
configFile, _ := ioutil.TempFile("", "")
|
||||
defer os.Remove(configFile.Name())
|
||||
|
||||
err := ioutil.WriteFile(configFile.Name(), []byte(`
|
||||
kind: Config
|
||||
apiVersion: v1
|
||||
clusters:
|
||||
- cluster:
|
||||
api-version: v1
|
||||
server: https://kubernetes.default.svc:443
|
||||
certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
name: kubeconfig-cluster
|
||||
- cluster:
|
||||
api-version: v2
|
||||
server: https://test.example.server:443
|
||||
certificate-authority: /var/run/secrets/test.example.io/serviceaccount/ca.crt
|
||||
name: kubeconfig-cluster
|
||||
contexts:
|
||||
- context:
|
||||
cluster: kubeconfig-cluster
|
||||
namespace: default
|
||||
user: kubeconfig-user
|
||||
name: kubeconfig-context
|
||||
current-context: kubeconfig-context
|
||||
users:
|
||||
- name: kubeconfig-user
|
||||
user:
|
||||
tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
`), os.FileMode(0755))
|
||||
|
||||
if err != nil {
|
||||
t.Errorf("Unexpected error: %v", err)
|
||||
}
|
||||
|
||||
_, err = LoadFromFile(configFile.Name())
|
||||
if err == nil || !strings.Contains(err.Error(),
|
||||
"error converting *[]NamedCluster into *map[string]*api.Cluster: duplicate name \"kubeconfig-cluster\" in list") {
|
||||
t.Error("Expected error in loading duplicate cluster name, got none")
|
||||
}
|
||||
}
|
||||
|
||||
func TestDuplicateContextName(t *testing.T) {
|
||||
configFile, _ := ioutil.TempFile("", "")
|
||||
defer os.Remove(configFile.Name())
|
||||
|
||||
err := ioutil.WriteFile(configFile.Name(), []byte(`
|
||||
kind: Config
|
||||
apiVersion: v1
|
||||
clusters:
|
||||
- cluster:
|
||||
api-version: v1
|
||||
server: https://kubernetes.default.svc:443
|
||||
certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
name: kubeconfig-cluster
|
||||
contexts:
|
||||
- context:
|
||||
cluster: kubeconfig-cluster
|
||||
namespace: default
|
||||
user: kubeconfig-user
|
||||
name: kubeconfig-context
|
||||
- context:
|
||||
cluster: test-example-cluster
|
||||
namespace: test-example
|
||||
user: test-example-user
|
||||
name: kubeconfig-context
|
||||
current-context: kubeconfig-context
|
||||
users:
|
||||
- name: kubeconfig-user
|
||||
user:
|
||||
tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
`), os.FileMode(0755))
|
||||
|
||||
if err != nil {
|
||||
t.Errorf("Unexpected error: %v", err)
|
||||
}
|
||||
|
||||
_, err = LoadFromFile(configFile.Name())
|
||||
if err == nil || !strings.Contains(err.Error(),
|
||||
"error converting *[]NamedContext into *map[string]*api.Context: duplicate name \"kubeconfig-context\" in list") {
|
||||
t.Error("Expected error in loading duplicate context name, got none")
|
||||
}
|
||||
}
|
||||
|
||||
func TestDuplicateUserName(t *testing.T) {
|
||||
configFile, _ := ioutil.TempFile("", "")
|
||||
defer os.Remove(configFile.Name())
|
||||
|
||||
err := ioutil.WriteFile(configFile.Name(), []byte(`
|
||||
kind: Config
|
||||
apiVersion: v1
|
||||
clusters:
|
||||
- cluster:
|
||||
api-version: v1
|
||||
server: https://kubernetes.default.svc:443
|
||||
certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
name: kubeconfig-cluster
|
||||
contexts:
|
||||
- context:
|
||||
cluster: kubeconfig-cluster
|
||||
namespace: default
|
||||
user: kubeconfig-user
|
||||
name: kubeconfig-context
|
||||
current-context: kubeconfig-context
|
||||
users:
|
||||
- name: kubeconfig-user
|
||||
user:
|
||||
tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
- name: kubeconfig-user
|
||||
user:
|
||||
tokenFile: /var/run/secrets/test.example.com/serviceaccount/token
|
||||
`), os.FileMode(0755))
|
||||
|
||||
if err != nil {
|
||||
t.Errorf("Unexpected error: %v", err)
|
||||
}
|
||||
|
||||
_, err = LoadFromFile(configFile.Name())
|
||||
if err == nil || !strings.Contains(err.Error(),
|
||||
"error converting *[]NamedAuthInfo into *map[string]*api.AuthInfo: duplicate name \"kubeconfig-user\" in list") {
|
||||
t.Error("Expected error in loading duplicate user name, got none")
|
||||
}
|
||||
}
|
||||
|
||||
func TestDuplicateExtensionName(t *testing.T) {
|
||||
configFile, _ := ioutil.TempFile("", "")
|
||||
defer os.Remove(configFile.Name())
|
||||
|
||||
err := ioutil.WriteFile(configFile.Name(), []byte(`
|
||||
kind: Config
|
||||
apiVersion: v1
|
||||
clusters:
|
||||
- cluster:
|
||||
api-version: v1
|
||||
server: https://kubernetes.default.svc:443
|
||||
certificate-authority: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
name: kubeconfig-cluster
|
||||
contexts:
|
||||
- context:
|
||||
cluster: kubeconfig-cluster
|
||||
namespace: default
|
||||
user: kubeconfig-user
|
||||
name: kubeconfig-context
|
||||
current-context: kubeconfig-context
|
||||
users:
|
||||
- name: kubeconfig-user
|
||||
user:
|
||||
tokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
extensions:
|
||||
- extension:
|
||||
bytes: test
|
||||
name: test-extension
|
||||
- extension:
|
||||
bytes: some-example
|
||||
name: test-extension
|
||||
`), os.FileMode(0755))
|
||||
|
||||
if err != nil {
|
||||
t.Errorf("Unexpected error: %v", err)
|
||||
}
|
||||
|
||||
_, err = LoadFromFile(configFile.Name())
|
||||
if err == nil || !strings.Contains(err.Error(),
|
||||
"error converting *[]NamedExtension into *map[string]runtime.Object: duplicate name \"test-extension\" in list") {
|
||||
t.Error("Expected error in loading duplicate extension name, got none")
|
||||
}
|
||||
}
|
||||
|
||||
func TestResolveRelativePaths(t *testing.T) {
|
||||
pathResolutionConfig1 := clientcmdapi.Config{
|
||||
AuthInfos: map[string]*clientcmdapi.AuthInfo{
|
||||
|
Loading…
Reference in New Issue
Block a user