github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-13 13:14:05 +00:00
Code Issues Projects Releases Wiki Activity

unittests: Fixes cmd unit tests for Windows

Browse Source 
Currently, there are some unit tests that are failing on Windows due to
various reasons:

- filepath.IsAbs does not consider "/" or "\" as absolute paths, even
  though files can be addressed as such.
- paths not properly joined (filepath.Join should be used).
- files not closed, which means that they cannot be removed / renamed.
- some assertions fail due to slashes / backslashes not matching.
- backslashes need to be escaped in yaml files, or put between ''
instead of "".
This commit is contained in:
Claudiu Belu
2022-07-11 23:10:05 +03:00
parent 76277917b9
commit d192029e6a
13 changed files with 340 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

370
cmd/kubeadm/app/phases/controlplane/manifests_test.go
View File

@@ -205,31 +205,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver",
"--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub",
"--service-account-signing-key-file=" + testCertsDir + "/sa.key",
"--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--tls-cert-file=" + testCertsDir + "/apiserver.crt",
"--tls-private-key-file=" + testCertsDir + "/apiserver.key",
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt",
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key",
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true",
"--secure-port=123",
"--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt",
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key",
"--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=1.2.3.4",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
"--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
},
},
{
@@ -243,31 +243,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver",
"--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub",
"--service-account-signing-key-file=" + testCertsDir + "/sa.key",
"--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--tls-cert-file=" + testCertsDir + "/apiserver.crt",
"--tls-private-key-file=" + testCertsDir + "/apiserver.key",
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt",
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key",
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true",
fmt.Sprintf("--secure-port=%d", 123),
"--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt",
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key",
"--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=2001:db8::1",
fmt.Sprintf("--etcd-servers=https://[::1]:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
"--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
},
},
{
@@ -289,24 +289,24 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver",
"--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub",
"--service-account-signing-key-file=" + testCertsDir + "/sa.key",
"--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--tls-cert-file=" + testCertsDir + "/apiserver.crt",
"--tls-private-key-file=" + testCertsDir + "/apiserver.key",
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt",
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key",
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
fmt.Sprintf("--secure-port=%d", 123),
"--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--enable-bootstrap-token-auth=true",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt",
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key",
"--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=2001:db8::1",
@@ -332,24 +332,24 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver",
"--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub",
"--service-account-signing-key-file=" + testCertsDir + "/sa.key",
"--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--tls-cert-file=" + testCertsDir + "/apiserver.crt",
"--tls-private-key-file=" + testCertsDir + "/apiserver.key",
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt",
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key",
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
fmt.Sprintf("--secure-port=%d", 123),
"--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--enable-bootstrap-token-auth=true",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt",
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key",
"--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=2001:db8::1",
@@ -377,31 +377,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver",
"--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=baz",
"--service-account-key-file=" + testCertsDir + "/sa.pub",
"--service-account-signing-key-file=" + testCertsDir + "/sa.key",
"--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--tls-cert-file=" + testCertsDir + "/apiserver.crt",
"--tls-private-key-file=" + testCertsDir + "/apiserver.key",
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt",
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key",
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true",
"--secure-port=123",
"--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt",
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key",
"--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC",
"--advertise-address=9.9.9.9",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
"--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
"--audit-policy-file=/etc/config/audit.yaml",
"--audit-log-path=/var/log/kubernetes",
},
@@ -424,31 +424,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver",
"--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub",
"--service-account-signing-key-file=" + testCertsDir + "/sa.key",
"--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--tls-cert-file=" + testCertsDir + "/apiserver.crt",
"--tls-private-key-file=" + testCertsDir + "/apiserver.key",
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt",
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key",
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true",
"--secure-port=123",
"--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt",
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key",
"--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=ABAC",
"--advertise-address=1.2.3.4",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
"--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
},
},
{
@@ -473,31 +473,31 @@ func TestGetAPIServerCommand(t *testing.T) {
"kube-apiserver",
"--enable-admission-plugins=NodeRestriction",
"--service-cluster-ip-range=bar",
"--service-account-key-file=" + testCertsDir + "/sa.pub",
"--service-account-signing-key-file=" + testCertsDir + "/sa.key",
"--service-account-key-file=" + filepath.Join(testCertsDir, "sa.pub"),
"--service-account-signing-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--service-account-issuer=https://kubernetes.default.svc.cluster.local",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--tls-cert-file=" + testCertsDir + "/apiserver.crt",
"--tls-private-key-file=" + testCertsDir + "/apiserver.key",
"--kubelet-client-certificate=" + testCertsDir + "/apiserver-kubelet-client.crt",
"--kubelet-client-key=" + testCertsDir + "/apiserver-kubelet-client.key",
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--tls-cert-file=" + filepath.Join(testCertsDir, "apiserver.crt"),
"--tls-private-key-file=" + filepath.Join(testCertsDir, "apiserver.key"),
"--kubelet-client-certificate=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.crt"),
"--kubelet-client-key=" + filepath.Join(testCertsDir, "apiserver-kubelet-client.key"),
"--enable-bootstrap-token-auth=true",
"--secure-port=123",
"--allow-privileged=true",
"--kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname",
"--proxy-client-cert-file=/var/lib/certs/front-proxy-client.crt",
"--proxy-client-key-file=/var/lib/certs/front-proxy-client.key",
"--proxy-client-cert-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.crt"),
"--proxy-client-key-file=" + filepath.FromSlash("/var/lib/certs/front-proxy-client.key"),
"--requestheader-username-headers=X-Remote-User",
"--requestheader-group-headers=X-Remote-Group",
"--requestheader-extra-headers-prefix=X-Remote-Extra-",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--requestheader-allowed-names=front-proxy-client",
"--authorization-mode=Node,RBAC,Webhook",
"--advertise-address=1.2.3.4",
fmt.Sprintf("--etcd-servers=https://127.0.0.1:%d", kubeadmconstants.EtcdListenClientPort),
"--etcd-cafile=" + testCertsDir + "/etcd/ca.crt",
"--etcd-certfile=" + testCertsDir + "/apiserver-etcd-client.crt",
"--etcd-keyfile=" + testCertsDir + "/apiserver-etcd-client.key",
"--etcd-cafile=" + filepath.Join(testCertsDir, "etcd/ca.crt"),
"--etcd-certfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.crt"),
"--etcd-keyfile=" + filepath.Join(testCertsDir, "apiserver-etcd-client.key"),
},
},
}
@@ -549,17 +549,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--cluster-name=some-other-cluster-name",
},
},
@@ -573,17 +573,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
},
},
{
@@ -597,17 +597,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true",
"--cluster-cidr=10.0.1.15/16",
},
@@ -627,17 +627,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true",
"--cluster-cidr=10.0.1.15/16",
"--service-cluster-ip-range=172.20.0.0/24",
@@ -657,17 +657,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true",
"--cluster-cidr=10.0.1.15/16",
"--node-cidr-mask-size=20",
@@ -689,17 +689,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true",
"--cluster-cidr=2001:db8::/64",
"--service-cluster-ip-range=fd03::/112",
@@ -723,17 +723,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=false",
"--cluster-cidr=2001:db8::/64",
"--service-cluster-ip-range=fd03::/112",
@@ -754,17 +754,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true",
"--cluster-cidr=2001:db8::/64,10.1.0.0/16",
"--service-cluster-ip-range=fd03::/112,192.168.0.0/16",
@@ -787,17 +787,17 @@ func TestGetControllerManagerCommand(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + testCertsDir + "/ca.crt",
"--service-account-private-key-file=" + testCertsDir + "/sa.key",
"--cluster-signing-cert-file=" + testCertsDir + "/ca.crt",
"--cluster-signing-key-file=" + testCertsDir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + testCertsDir + "/ca.crt",
"--requestheader-client-ca-file=" + testCertsDir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(testCertsDir, "front-proxy-ca.crt"),
"--allocate-node-cidrs=true",
"--cluster-cidr=10.0.1.15/16,2001:db8::/64",
"--node-cidr-mask-size-ipv4=20",
@@ -840,17 +840,17 @@ func TestGetControllerManagerCommandExternalCA(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + tmpdir + "/ca.crt",
"--service-account-private-key-file=" + tmpdir + "/sa.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(tmpdir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(tmpdir, "sa.key"),
"--cluster-signing-cert-file=",
"--cluster-signing-key-file=",
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + tmpdir + "/ca.crt",
"--requestheader-client-ca-file=" + tmpdir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(tmpdir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(tmpdir, "front-proxy-ca.crt"),
}
},
},
@@ -869,17 +869,17 @@ func TestGetControllerManagerCommandExternalCA(t *testing.T) {
"kube-controller-manager",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--root-ca-file=" + tmpdir + "/ca.crt",
"--service-account-private-key-file=" + tmpdir + "/sa.key",
"--cluster-signing-cert-file=" + tmpdir + "/ca.crt",
"--cluster-signing-key-file=" + tmpdir + "/ca.key",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--root-ca-file=" + filepath.Join(tmpdir, "ca.crt"),
"--service-account-private-key-file=" + filepath.Join(tmpdir, "sa.key"),
"--cluster-signing-cert-file=" + filepath.Join(tmpdir, "ca.crt"),
"--cluster-signing-key-file=" + filepath.Join(tmpdir, "ca.key"),
"--use-service-account-credentials=true",
"--controllers=*,bootstrapsigner,tokencleaner",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/controller-manager.conf",
"--client-ca-file=" + tmpdir + "/ca.crt",
"--requestheader-client-ca-file=" + tmpdir + "/front-proxy-ca.crt",
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "controller-manager.conf"),
"--client-ca-file=" + filepath.Join(tmpdir, "ca.crt"),
"--requestheader-client-ca-file=" + filepath.Join(tmpdir, "front-proxy-ca.crt"),
}
},
},
@@ -932,9 +932,9 @@ func TestGetSchedulerCommand(t *testing.T) {
"kube-scheduler",
"--bind-address=127.0.0.1",
"--leader-elect=true",
"--kubeconfig=" + kubeadmconstants.KubernetesDir + "/scheduler.conf",
"--authentication-kubeconfig=" + kubeadmconstants.KubernetesDir + "/scheduler.conf",
"--authorization-kubeconfig=" + kubeadmconstants.KubernetesDir + "/scheduler.conf",
"--kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "scheduler.conf"),
"--authentication-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "scheduler.conf"),
"--authorization-kubeconfig=" + filepath.Join(kubeadmconstants.KubernetesDir, "scheduler.conf"),
},
},
}

2
cmd/kubeadm/app/phases/controlplane/volumes.go
View File

@@ -177,7 +177,7 @@ func getEtcdCertVolumes(etcdCfg *kubeadmapi.ExternalEtcd, k8sCertificatesDir str
certPaths := []string{etcdCfg.CAFile, etcdCfg.CertFile, etcdCfg.KeyFile}
certDirs := sets.NewString()
for _, certPath := range certPaths {
certDir := filepath.Dir(certPath)
certDir := filepath.ToSlash(filepath.Dir(certPath))
// Ignore ".", which is the result of passing an empty path.
// Also ignore the cert directories that already may be mounted; /etc/ssl/certs, /etc/pki or Kubernetes CertificatesDir
// If the etcd certs are in there, it's okay, we don't have to do anything

19
cmd/kubeadm/app/phases/controlplane/volumes_test.go
View File

@@ -19,6 +19,7 @@ package controlplane
import (
"fmt"
"os"
"path/filepath"
"reflect"
"testing"
@@ -260,6 +261,8 @@ func TestGetEtcdCertVolumes(t *testing.T) {
func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
hostPathDirectoryOrCreate := v1.HostPathDirectoryOrCreate
hostPathFileOrCreate := v1.HostPathFileOrCreate
controllerManagerConfig := filepath.FromSlash("/etc/kubernetes/controller-manager.conf")
schedulerConfig := filepath.FromSlash("/etc/kubernetes/scheduler.conf")
volMap := make(map[string]map[string]v1.Volume)
volMap[kubeadmconstants.KubeAPIServer] = map[string]v1.Volume{}
volMap[kubeadmconstants.KubeAPIServer]["k8s-certs"] = v1.Volume{
@@ -303,7 +306,7 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
Name: "kubeconfig",
VolumeSource: v1.VolumeSource{
HostPath: &v1.HostPathVolumeSource{
Path: "/etc/kubernetes/controller-manager.conf",
Path: controllerManagerConfig,
Type: &hostPathFileOrCreate,
},
},
@@ -313,7 +316,7 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
Name: "kubeconfig",
VolumeSource: v1.VolumeSource{
HostPath: &v1.HostPathVolumeSource{
Path: "/etc/kubernetes/scheduler.conf",
Path: schedulerConfig,
Type: &hostPathFileOrCreate,
},
},
@@ -343,13 +346,13 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
}
volMountMap[kubeadmconstants.KubeControllerManager]["kubeconfig"] = v1.VolumeMount{
Name: "kubeconfig",
MountPath: "/etc/kubernetes/controller-manager.conf",
MountPath: controllerManagerConfig,
ReadOnly: true,
}
volMountMap[kubeadmconstants.KubeScheduler] = map[string]v1.VolumeMount{}
volMountMap[kubeadmconstants.KubeScheduler]["kubeconfig"] = v1.VolumeMount{
Name: "kubeconfig",
MountPath: "/etc/kubernetes/scheduler.conf",
MountPath: schedulerConfig,
ReadOnly: true,
}
@@ -414,7 +417,7 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
Name: "kubeconfig",
VolumeSource: v1.VolumeSource{
HostPath: &v1.HostPathVolumeSource{
Path: "/etc/kubernetes/controller-manager.conf",
Path: controllerManagerConfig,
Type: &hostPathFileOrCreate,
},
},
@@ -424,7 +427,7 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
Name: "kubeconfig",
VolumeSource: v1.VolumeSource{
HostPath: &v1.HostPathVolumeSource{
Path: "/etc/kubernetes/scheduler.conf",
Path: schedulerConfig,
Type: &hostPathFileOrCreate,
},
},
@@ -464,13 +467,13 @@ func TestGetHostPathVolumesForTheControlPlane(t *testing.T) {
}
volMountMap2[kubeadmconstants.KubeControllerManager]["kubeconfig"] = v1.VolumeMount{
Name: "kubeconfig",
MountPath: "/etc/kubernetes/controller-manager.conf",
MountPath: controllerManagerConfig,
ReadOnly: true,
}
volMountMap2[kubeadmconstants.KubeScheduler] = map[string]v1.VolumeMount{}
volMountMap2[kubeadmconstants.KubeScheduler]["kubeconfig"] = v1.VolumeMount{
Name: "kubeconfig",
MountPath: "/etc/kubernetes/scheduler.conf",
MountPath: schedulerConfig,
ReadOnly: true,
}
var tests = []struct {

48
cmd/kubeadm/app/phases/etcd/local_test.go
View File

@@ -184,13 +184,13 @@ func TestGetEtcdCommand(t *testing.T) {
fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName,
"--key-file=" + kubeadmconstants.EtcdServerKeyName,
"--trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerCertName),
"--key-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerKeyName),
"--trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--client-cert-auth=true",
"--peer-cert-file=" + kubeadmconstants.EtcdPeerCertName,
"--peer-key-file=" + kubeadmconstants.EtcdPeerKeyName,
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--peer-cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerCertName),
"--peer-key-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerKeyName),
"--peer-trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--snapshot-count=10000",
"--peer-client-cert-auth=true",
fmt.Sprintf("--initial-cluster=foo=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
@@ -215,13 +215,13 @@ func TestGetEtcdCommand(t *testing.T) {
fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName,
"--key-file=" + kubeadmconstants.EtcdServerKeyName,
"--trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerCertName),
"--key-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerKeyName),
"--trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--client-cert-auth=true",
"--peer-cert-file=" + kubeadmconstants.EtcdPeerCertName,
"--peer-key-file=" + kubeadmconstants.EtcdPeerKeyName,
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--peer-cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerCertName),
"--peer-key-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerKeyName),
"--peer-trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--snapshot-count=10000",
"--peer-client-cert-auth=true",
"--initial-cluster-state=existing",
@@ -247,13 +247,13 @@ func TestGetEtcdCommand(t *testing.T) {
fmt.Sprintf("--listen-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName,
"--key-file=" + kubeadmconstants.EtcdServerKeyName,
"--trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerCertName),
"--key-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerKeyName),
"--trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--client-cert-auth=true",
"--peer-cert-file=" + kubeadmconstants.EtcdPeerCertName,
"--peer-key-file=" + kubeadmconstants.EtcdPeerKeyName,
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--peer-cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerCertName),
"--peer-key-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerKeyName),
"--peer-trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--snapshot-count=10000",
"--peer-client-cert-auth=true",
fmt.Sprintf("--initial-cluster=bar=https://1.2.3.4:%d", kubeadmconstants.EtcdListenPeerPort),
@@ -274,13 +274,13 @@ func TestGetEtcdCommand(t *testing.T) {
fmt.Sprintf("--listen-peer-urls=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort),
fmt.Sprintf("--initial-advertise-peer-urls=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort),
"--data-dir=/var/lib/etcd",
"--cert-file=" + kubeadmconstants.EtcdServerCertName,
"--key-file=" + kubeadmconstants.EtcdServerKeyName,
"--trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerCertName),
"--key-file=" + filepath.FromSlash(kubeadmconstants.EtcdServerKeyName),
"--trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--client-cert-auth=true",
"--peer-cert-file=" + kubeadmconstants.EtcdPeerCertName,
"--peer-key-file=" + kubeadmconstants.EtcdPeerKeyName,
"--peer-trusted-ca-file=" + kubeadmconstants.EtcdCACertName,
"--peer-cert-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerCertName),
"--peer-key-file=" + filepath.FromSlash(kubeadmconstants.EtcdPeerKeyName),
"--peer-trusted-ca-file=" + filepath.FromSlash(kubeadmconstants.EtcdCACertName),
"--snapshot-count=10000",
"--peer-client-cert-auth=true",
fmt.Sprintf("--initial-cluster=foo=https://[2001:db8::3]:%d", kubeadmconstants.EtcdListenPeerPort),

4
cmd/kubeadm/app/phases/upgrade/postupgrade_test.go
View File

@@ -39,14 +39,14 @@ func TestMoveFiles(t *testing.T) {
if err != nil {
t.Fatalf("Failed to create cert file %s: %v", certPath, err)
}
defer certFile.Close()
certFile.Close()
keyPath := filepath.Join(tmpdir, constants.APIServerKeyName)
keyFile, err := os.OpenFile(keyPath, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0666)
if err != nil {
t.Fatalf("Failed to create key file %s: %v", keyPath, err)
}
defer keyFile.Close()
keyFile.Close()
subDir := filepath.Join(tmpdir, "expired")
if err := os.Mkdir(subDir, 0766); err != nil {