diff --git a/test/e2e/auth/service_accounts.go b/test/e2e/auth/service_accounts.go index 654600d7e32..3b7c3f9ba58 100644 --- a/test/e2e/auth/service_accounts.go +++ b/test/e2e/auth/service_accounts.go @@ -838,6 +838,33 @@ var _ = SIGDescribe("ServiceAccounts", func() { gomega.Expect(updatedServiceAccount.AutomountServiceAccountToken).To(gomega.Equal(utilptr.Bool(true)), "Failed to set AutomountServiceAccountToken") framework.Logf("AutomountServiceAccountToken: %v", *updatedServiceAccount.AutomountServiceAccountToken) }) + + ginkgo.It("should create a serviceAccountToken and ensure a successful TokenReview", func(ctx context.Context) { + ns := f.Namespace.Name + saClient := f.ClientSet.CoreV1().ServiceAccounts(ns) + saName := "e2e-sa-" + utilrand.String(5) + + ginkgo.By(fmt.Sprintf("Creating a Serviceaccount %q in namespace %q", saName, ns)) + _, err := f.ClientSet.CoreV1().ServiceAccounts(ns).Create(context.TODO(), &v1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: saName, + }, + }, metav1.CreateOptions{}) + framework.ExpectNoError(err, "Unable to create serviceaccount %q", saName) + + ginkgo.By(fmt.Sprintf("Creating a ServiceaccountToken %q in namespace %q", saName, ns)) + request := &authenticationv1.TokenRequest{} + response, err := saClient.CreateToken(context.TODO(), saName, request, metav1.CreateOptions{}) + framework.ExpectNoError(err, "Unable to create serviceAccountToken") + gomega.Expect(response.Status.Token).ToNot(gomega.BeEmpty(), "confirm that a Token has been created") + + ginkgo.By(fmt.Sprintf("Creating a TokenReview for %q in namespace %q", response.Name, ns)) + tokenReview := &authenticationv1.TokenReview{Spec: authenticationv1.TokenReviewSpec{Token: response.Status.Token}} + tokenReview, err = f.ClientSet.AuthenticationV1().TokenReviews().Create(ctx, tokenReview, metav1.CreateOptions{}) + framework.ExpectNoError(err, "failed to create a TokenReview") + gomega.Expect(tokenReview.Status.Authenticated).To(gomega.BeTrueBecause("expect that the TokenReview is authenticated")) + gomega.Expect(tokenReview.Status.Error).To(gomega.BeEmpty(), "confirm that there are no TokenReview errors") + }) }) var reportLogsParser = regexp.MustCompile("([a-zA-Z0-9-_]*)=([a-zA-Z0-9-_]*)$")