Merge pull request #56769 from dixudx/forbid_unnamed_context

Automatic merge from submit-queue (batch tested with PRs 57521, 56769). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

forbid unnamed context

**What this PR does / why we need it**:
forbid unnamed contexts with validation

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #56747

**Special notes for your reviewer**:
/assign @sttts @fabianofranz 

**Release note**:

```release-note
forbid unnamed context
```

pkg/kubectl/cmd/config/use_context.go

@@ -88,7 +88,7 @@ func (o *useContextOptions) complete(cmd *cobra.Command) error {
 
 func (o useContextOptions) validate(config *clientcmdapi.Config) error {
 	if len(o.contextName) == 0 {
-		return errors.New("you must specify a current-context")
+		return errors.New("empty context names are not allowed")
 	}
 
 	for name := range config.Contexts {

staging/src/k8s.io/apiserver/pkg/util/webhook/webhook_test.go

@@ -114,15 +114,15 @@ func TestKubeConfigFile(t *testing.T) {
 			errRegex: errNoConfiguration,
 		},
 		{
-			test:           "missing context (specified context is missing)",
+			test:     "missing context (specified context is missing)",
-			cluster:        &namedCluster,
+			cluster:  &namedCluster,
-			currentContext: "missing-context",
+			errRegex: errNoConfiguration,
-			errRegex:       errNoConfiguration,
 		},
 		{
 			test: "context without cluster",
 			context: &v1.NamedContext{
 				Context: v1.Context{},
+				Name:    "testing-context",
 			},
 			currentContext: "testing-context",
 			errRegex:       errNoConfiguration,
@@ -134,6 +134,7 @@ func TestKubeConfigFile(t *testing.T) {
 				Context: v1.Context{
 					Cluster: namedCluster.Name,
 				},
+				Name: "testing-context",
 			},
 			currentContext: "testing-context",
 			errRegex:       "", // Not an error at parse time, only when using the webhook
@@ -145,6 +146,7 @@ func TestKubeConfigFile(t *testing.T) {
 				Context: v1.Context{
 					Cluster: "missing-cluster",
 				},
+				Name: "fake",
 			},
 			errRegex: errNoConfiguration,
 		},
@@ -156,6 +158,7 @@ func TestKubeConfigFile(t *testing.T) {
 					Cluster:  namedCluster.Name,
 					AuthInfo: "missing-user",
 				},
+				Name: "testing-context",
 			},
 			currentContext: "testing-context",
 			errRegex:       "", // Not an error at parse time, only when using the webhook
@@ -267,6 +270,8 @@ func TestKubeConfigFile(t *testing.T) {
 				kubeConfig.AuthInfos = []v1.NamedAuthInfo{*tt.user}
 			}
 
+			kubeConfig.CurrentContext = tt.currentContext
+
 			kubeConfigFile, err := newKubeConfigFile(kubeConfig)
 
 			if err == nil {

staging/src/k8s.io/client-go/tools/clientcmd/validation.go

@@ -253,6 +253,10 @@ func validateAuthInfo(authInfoName string, authInfo clientcmdapi.AuthInfo) []err
 func validateContext(contextName string, context clientcmdapi.Context, config clientcmdapi.Config) []error {
 	validationErrors := make([]error, 0)
 
+	if len(contextName) == 0 {
+		validationErrors = append(validationErrors, fmt.Errorf("empty context name for %#v is not allowed", context))
+	}
+
 	if len(context.AuthInfo) == 0 {
 		validationErrors = append(validationErrors, fmt.Errorf("user was not specified for context %q", contextName))
 	} else if _, exists := config.AuthInfos[context.AuthInfo]; !exists {

staging/src/k8s.io/client-go/tools/clientcmd/validation_test.go

@@ -62,6 +62,7 @@ func TestConfirmUsableBadInfoButOkConfig(t *testing.T) {
 	okTest.testConfirmUsable("clean", t)
 	badValidation.testConfig(t)
 }
+
 func TestConfirmUsableBadInfoConfig(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	config.Clusters["missing ca"] = &clientcmdapi.Cluster{
@@ -83,6 +84,7 @@ func TestConfirmUsableBadInfoConfig(t *testing.T) {
 
 	test.testConfirmUsable("first", t)
 }
+
 func TestConfirmUsableEmptyConfig(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	test := configValidationTest{
@@ -92,6 +94,7 @@ func TestConfirmUsableEmptyConfig(t *testing.T) {
 
 	test.testConfirmUsable("", t)
 }
+
 func TestConfirmUsableMissingConfig(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	test := configValidationTest{
@@ -101,6 +104,7 @@ func TestConfirmUsableMissingConfig(t *testing.T) {
 
 	test.testConfirmUsable("not-here", t)
 }
+
 func TestValidateEmptyConfig(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	test := configValidationTest{
@@ -110,6 +114,7 @@ func TestValidateEmptyConfig(t *testing.T) {
 
 	test.testConfig(t)
 }
+
 func TestValidateMissingCurrentContextConfig(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	config.CurrentContext = "anything"
@@ -120,6 +125,7 @@ func TestValidateMissingCurrentContextConfig(t *testing.T) {
 
 	test.testConfig(t)
 }
+
 func TestIsContextNotFound(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	config.CurrentContext = "anything"
@@ -172,6 +178,7 @@ func TestValidateMissingReferencesConfig(t *testing.T) {
 	test.testContext("anything", t)
 	test.testConfig(t)
 }
+
 func TestValidateEmptyContext(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	config.CurrentContext = "anything"
@@ -185,6 +192,19 @@ func TestValidateEmptyContext(t *testing.T) {
 	test.testConfig(t)
 }
 
+func TestValidateEmptyContextName(t *testing.T) {
+	config := clientcmdapi.NewConfig()
+	config.CurrentContext = "anything"
+	config.Contexts[""] = &clientcmdapi.Context{Cluster: "missing", AuthInfo: "missing"}
+	test := configValidationTest{
+		config:                 config,
+		expectedErrorSubstring: []string{"empty context name", "is not allowed"},
+	}
+
+	test.testContext("", t)
+	test.testConfig(t)
+}
+
 func TestValidateEmptyClusterInfo(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	config.Clusters["empty"] = clientcmdapi.NewCluster()
@@ -223,6 +243,7 @@ func TestValidateMissingCAFileClusterInfo(t *testing.T) {
 	test.testCluster("missing ca", t)
 	test.testConfig(t)
 }
+
 func TestValidateCleanClusterInfo(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	config.Clusters["clean"] = &clientcmdapi.Cluster{
@@ -235,6 +256,7 @@ func TestValidateCleanClusterInfo(t *testing.T) {
 	test.testCluster("clean", t)
 	test.testConfig(t)
 }
+
 func TestValidateCleanWithCAClusterInfo(t *testing.T) {
 	tempFile, _ := ioutil.TempFile("", "")
 	defer os.Remove(tempFile.Name())
@@ -262,6 +284,7 @@ func TestValidateEmptyAuthInfo(t *testing.T) {
 	test.testAuthInfo("error", t)
 	test.testConfig(t)
 }
+
 func TestValidateCertFilesNotFoundAuthInfo(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	config.AuthInfos["error"] = &clientcmdapi.AuthInfo{
@@ -276,6 +299,7 @@ func TestValidateCertFilesNotFoundAuthInfo(t *testing.T) {
 	test.testAuthInfo("error", t)
 	test.testConfig(t)
 }
+
 func TestValidateCertDataOverridesFiles(t *testing.T) {
 	tempFile, _ := ioutil.TempFile("", "")
 	defer os.Remove(tempFile.Name())
@@ -295,6 +319,7 @@ func TestValidateCertDataOverridesFiles(t *testing.T) {
 	test.testAuthInfo("clean", t)
 	test.testConfig(t)
 }
+
 func TestValidateCleanCertFilesAuthInfo(t *testing.T) {
 	tempFile, _ := ioutil.TempFile("", "")
 	defer os.Remove(tempFile.Name())
@@ -311,6 +336,7 @@ func TestValidateCleanCertFilesAuthInfo(t *testing.T) {
 	test.testAuthInfo("clean", t)
 	test.testConfig(t)
 }
+
 func TestValidateCleanTokenAuthInfo(t *testing.T) {
 	config := clientcmdapi.NewConfig()
 	config.AuthInfos["clean"] = &clientcmdapi.AuthInfo{
@@ -363,6 +389,7 @@ func (c configValidationTest) testContext(contextName string, t *testing.T) {
 		}
 	}
 }
+
 func (c configValidationTest) testConfirmUsable(contextName string, t *testing.T) {
 	err := ConfirmUsable(*c.config, contextName)
 
@@ -382,6 +409,7 @@ func (c configValidationTest) testConfirmUsable(contextName string, t *testing.T
 		}
 	}
 }
+
 func (c configValidationTest) testConfig(t *testing.T) {
 	err := Validate(*c.config)
 
@@ -404,6 +432,7 @@ func (c configValidationTest) testConfig(t *testing.T) {
 		}
 	}
 }
+
 func (c configValidationTest) testCluster(clusterName string, t *testing.T) {
 	errs := validateClusterInfo(clusterName, *c.config.Clusters[clusterName])