github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-16 14:45:28 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #10523 from liggitt/service_account_api_token_admission

Browse Source 
Add option to require API tokens to exist in admission
This commit is contained in:
Zach Loafman
2015-06-30 15:09:49 -07:00
parent b27da05ce6 ecebac9395
commit f754b8e1df
4 changed files with 63 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
test/e2e/pods.go
View File

@@ -35,19 +35,10 @@ import (
. "github.com/onsi/gomega"
)
// createNamespaceIfDoesNotExist ensures that the namespace with specified name exists, or returns an error
func createNamespaceIfDoesNotExist(c *client.Client, name string) (*api.Namespace, error) {
namespace, err := c.Namespaces().Get(name)
if err != nil {
namespace, err = c.Namespaces().Create(&api.Namespace{ObjectMeta: api.ObjectMeta{Name: name}})
}
return namespace, err
}
func runLivenessTest(c *client.Client, podDescr *api.Pod, expectRestart bool) {
ns := "e2e-test-" + string(util.NewUUID())
_, err := createNamespaceIfDoesNotExist(c, ns)
expectNoError(err, fmt.Sprintf("creating namespace %s", ns))
namespace, err := createTestingNS("pods-liveness", c)
Expect(err).NotTo(HaveOccurred())
ns := namespace.Name
By(fmt.Sprintf("Creating pod %s in namespace %s", podDescr.Name, ns))
_, err = c.Pods(ns).Create(podDescr)
@@ -96,9 +87,9 @@ func runLivenessTest(c *client.Client, podDescr *api.Pod, expectRestart bool) {
// testHostIP tests that a pod gets a host IP
func testHostIP(c *client.Client, pod *api.Pod) {
ns := "e2e-test-" + string(util.NewUUID())
_, err := createNamespaceIfDoesNotExist(c, ns)
expectNoError(err, fmt.Sprintf("creating namespace %s", ns))
namespace, err := createTestingNS("pods-host-ip", c)
Expect(err).NotTo(HaveOccurred())
ns := namespace.Name
podClient := c.Pods(ns)
By("creating pod")

15
test/e2e/util.go
View File

@@ -32,6 +32,7 @@ import (
"time"
"github.com/GoogleCloudPlatform/kubernetes/pkg/api"
apierrs "github.com/GoogleCloudPlatform/kubernetes/pkg/api/errors"
"github.com/GoogleCloudPlatform/kubernetes/pkg/client"
"github.com/GoogleCloudPlatform/kubernetes/pkg/client/cache"
"github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd"
@@ -317,12 +318,20 @@ func waitForPodsRunningReady(ns string, minPods int, timeout time.Duration) erro
func waitForServiceAccountInNamespace(c *client.Client, ns, serviceAccountName string, timeout time.Duration) error {
Logf("Waiting up to %v for service account %s to be provisioned in ns %s", timeout, serviceAccountName, ns)
for start := time.Now(); time.Since(start) < timeout; time.Sleep(poll) {
_, err := c.ServiceAccounts(ns).Get(serviceAccountName)
if err != nil {
sa, err := c.ServiceAccounts(ns).Get(serviceAccountName)
if apierrs.IsNotFound(err) {
Logf("Get service account %s in ns %s failed, ignoring for %v: %v", serviceAccountName, ns, poll, err)
continue
}
Logf("Service account %s in ns %s found. (%v)", serviceAccountName, ns, time.Since(start))
if err != nil {
Logf("Get service account %s in ns %s failed: %v", serviceAccountName, ns, err)
return err
}
if len(sa.Secrets) == 0 {
Logf("Service account %s in ns %s had 0 secrets, ignoring for %v: %v", serviceAccountName, ns, poll, err)
continue
}
Logf("Service account %s in ns %s with secrets found. (%v)", serviceAccountName, ns, time.Since(start))
return nil
}
return fmt.Errorf("Service account %s in namespace %s not ready within %v", serviceAccountName, ns, timeout)