add unit test for func ToAuthenticationConfig

This commit is contained in:
hangaoshuai 2018-08-16 19:24:11 +08:00
parent 4157f5a1ae
commit cacf18f859
2 changed files with 85 additions and 0 deletions

View File

@ -97,8 +97,11 @@ go_test(
],
embed = [":go_default_library"],
deps = [
"//pkg/kubeapiserver/authenticator:go_default_library",
"//pkg/kubeapiserver/authorizer/modes:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/authentication/authenticatorfactory:go_default_library",
"//staging/src/k8s.io/apiserver/pkg/server/options:go_default_library",
],
)

View File

@ -17,10 +17,15 @@ limitations under the License.
package options
import (
"reflect"
"strings"
"testing"
"time"
utilerrors "k8s.io/apimachinery/pkg/util/errors"
"k8s.io/apiserver/pkg/authentication/authenticatorfactory"
apiserveroptions "k8s.io/apiserver/pkg/server/options"
"k8s.io/kubernetes/pkg/kubeapiserver/authenticator"
)
func TestAuthenticationValidate(t *testing.T) {
@ -88,3 +93,80 @@ func TestAuthenticationValidate(t *testing.T) {
})
}
}
func TestToAuthenticationConfig(t *testing.T) {
testOptions := &BuiltInAuthenticationOptions{
Anonymous: &AnonymousAuthenticationOptions{
Allow: false,
},
ClientCert: &apiserveroptions.ClientCertAuthenticationOptions{
ClientCA: "/client-ca",
},
WebHook: &WebHookAuthenticationOptions{
CacheTTL: 180000000000,
ConfigFile: "/token-webhook-config",
},
BootstrapToken: &BootstrapTokenAuthenticationOptions{
Enable: false,
},
OIDC: &OIDCAuthenticationOptions{
CAFile: "/testCAFile",
UsernameClaim: "sub",
SigningAlgs: []string{"RS256"},
IssuerURL: "testIssuerURL",
ClientID: "testClientID",
},
PasswordFile: &PasswordFileAuthenticationOptions{
BasicAuthFile: "/testBasicAuthFile",
},
RequestHeader: &apiserveroptions.RequestHeaderAuthenticationOptions{
UsernameHeaders: []string{"x-remote-user"},
GroupHeaders: []string{"x-remote-group"},
ExtraHeaderPrefixes: []string{"x-remote-extra-"},
ClientCAFile: "/testClientCAFile",
AllowedNames: []string{"kube-aggregator"},
},
ServiceAccounts: &ServiceAccountAuthenticationOptions{
Lookup: true,
Issuer: "http://foo.bar.com",
},
TokenFile: &TokenFileAuthenticationOptions{
TokenFile: "/testTokenFile",
},
TokenSuccessCacheTTL: 10 * time.Second,
TokenFailureCacheTTL: 0,
}
expectConfig := authenticator.AuthenticatorConfig{
Anonymous: false,
BasicAuthFile: "/testBasicAuthFile",
BootstrapToken: false,
ClientCAFile: "/client-ca",
TokenAuthFile: "/testTokenFile",
OIDCIssuerURL: "testIssuerURL",
OIDCClientID: "testClientID",
OIDCCAFile: "/testCAFile",
OIDCUsernameClaim: "sub",
OIDCSigningAlgs: []string{"RS256"},
ServiceAccountLookup: true,
ServiceAccountIssuer: "http://foo.bar.com",
WebhookTokenAuthnConfigFile: "/token-webhook-config",
WebhookTokenAuthnCacheTTL: 180000000000,
TokenSuccessCacheTTL: 10 * time.Second,
TokenFailureCacheTTL: 0,
RequestHeaderConfig: &authenticatorfactory.RequestHeaderConfig{
UsernameHeaders: []string{"x-remote-user"},
GroupHeaders: []string{"x-remote-group"},
ExtraHeaderPrefixes: []string{"x-remote-extra-"},
ClientCA: "/testClientCAFile",
AllowedClientNames: []string{"kube-aggregator"},
},
}
resultConfig := testOptions.ToAuthenticationConfig()
if !reflect.DeepEqual(resultConfig, expectConfig) {
t.Errorf("Got AuthenticationConfig: %v, Expected AuthenticationConfig: %v", resultConfig, expectConfig)
}
}