diff --git a/test/integration/.import-restrictions b/test/integration/.import-restrictions index e246ff68500..c9e8a06aebd 100644 --- a/test/integration/.import-restrictions +++ b/test/integration/.import-restrictions @@ -1,7 +1,5 @@ rules: # Discourage import of k8s.io/kubernetes/test/e2e - selectorRegexp: k8s[.]io/kubernetes/test/e2e - # TODO: import-boss --include-test-files is catching these; drive to zero - allowedPrefixes: - # test/integration/auth/bootstraptoken_test.go is using this - - k8s.io/kubernetes/test/e2e/lifecycle/bootstrap + forbiddenPrefixes: + - "" diff --git a/test/integration/auth/bootstraptoken_test.go b/test/integration/auth/bootstraptoken_test.go index 06ef1c89b5c..1fb610f60ba 100644 --- a/test/integration/auth/bootstraptoken_test.go +++ b/test/integration/auth/bootstraptoken_test.go @@ -30,7 +30,6 @@ import ( "k8s.io/apiserver/pkg/authentication/request/bearertoken" bootstrapapi "k8s.io/cluster-bootstrap/token/api" "k8s.io/kubernetes/plugin/pkg/auth/authenticator/token/bootstrap" - bootstraputil "k8s.io/kubernetes/test/e2e/lifecycle/bootstrap" "k8s.io/kubernetes/test/integration" "k8s.io/kubernetes/test/integration/framework" ) @@ -47,14 +46,8 @@ func (b bootstrapSecrets) Get(name string) (*corev1.Secret, error) { // TestBootstrapTokenAuth tests the bootstrap token auth provider func TestBootstrapTokenAuth(t *testing.T) { - tokenID, err := bootstraputil.GenerateTokenID() - if err != nil { - t.Fatalf("unexpected error: %v", err) - } - secret, err := bootstraputil.GenerateTokenSecret() - if err != nil { - t.Fatalf("unexpected error: %v", err) - } + validTokenID := "token1" + validSecret := "validtokensecret" var bootstrapSecretValid = &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ Namespace: metav1.NamespaceSystem, @@ -62,8 +55,8 @@ func TestBootstrapTokenAuth(t *testing.T) { }, Type: corev1.SecretTypeBootstrapToken, Data: map[string][]byte{ - bootstrapapi.BootstrapTokenIDKey: []byte(tokenID), - bootstrapapi.BootstrapTokenSecretKey: []byte(secret), + bootstrapapi.BootstrapTokenIDKey: []byte(validTokenID), + bootstrapapi.BootstrapTokenSecretKey: []byte(validSecret), bootstrapapi.BootstrapTokenUsageAuthentication: []byte("true"), }, } @@ -74,11 +67,12 @@ func TestBootstrapTokenAuth(t *testing.T) { }, Type: corev1.SecretTypeBootstrapToken, Data: map[string][]byte{ - bootstrapapi.BootstrapTokenIDKey: []byte(tokenID), + bootstrapapi.BootstrapTokenIDKey: []byte(validTokenID), bootstrapapi.BootstrapTokenSecretKey: []byte("invalid"), bootstrapapi.BootstrapTokenUsageAuthentication: []byte("true"), }, } + tokenExpiredTime := time.Now().Add(-time.Hour).Format(time.RFC3339) var expiredBootstrapToken = &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ Namespace: metav1.NamespaceSystem, @@ -86,10 +80,10 @@ func TestBootstrapTokenAuth(t *testing.T) { }, Type: corev1.SecretTypeBootstrapToken, Data: map[string][]byte{ - bootstrapapi.BootstrapTokenIDKey: []byte(tokenID), + bootstrapapi.BootstrapTokenIDKey: []byte(validTokenID), bootstrapapi.BootstrapTokenSecretKey: []byte("invalid"), bootstrapapi.BootstrapTokenUsageAuthentication: []byte("true"), - bootstrapapi.BootstrapTokenExpirationKey: []byte(bootstraputil.TimeStringFromNow(-time.Hour)), + bootstrapapi.BootstrapTokenExpirationKey: []byte(tokenExpiredTime), }, } type request struct { @@ -134,7 +128,7 @@ func TestBootstrapTokenAuth(t *testing.T) { previousResourceVersion := make(map[string]float64) transport := http.DefaultTransport - token := tokenID + "." + secret + token := validTokenID + "." + validSecret var bodyStr string if test.request.body != "" { sub := ""