Merge pull request #102089 from ardaguclu/test-node-authn-ipv6-formating

Add Node IP IPv6 formatting in NodeAuthenticator tests
This commit is contained in:
Kubernetes Prow Robot 2021-05-21 05:10:46 -07:00 committed by GitHub
commit fed3a4520d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -19,6 +19,8 @@ package auth
import ( import (
"context" "context"
"fmt" "fmt"
"net"
"strconv"
v1 "k8s.io/api/core/v1" v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@ -60,7 +62,8 @@ var _ = SIGDescribe("[Feature:NodeAuthenticator]", func() {
pod := createNodeAuthTestPod(f) pod := createNodeAuthTestPod(f)
for _, nodeIP := range nodeIPs { for _, nodeIP := range nodeIPs {
// Anonymous authentication is disabled by default // Anonymous authentication is disabled by default
result := framework.RunHostCmdOrDie(ns, pod.Name, fmt.Sprintf("curl -sIk -o /dev/null -w '%s' https://%s:%v/metrics", "%{http_code}", nodeIP, ports.KubeletPort)) host := net.JoinHostPort(nodeIP, strconv.Itoa(ports.KubeletPort))
result := framework.RunHostCmdOrDie(ns, pod.Name, fmt.Sprintf("curl -sIk -o /dev/null -w '%s' https://%s/metrics", "%{http_code}", host))
gomega.Expect(result).To(gomega.Or(gomega.Equal("401"), gomega.Equal("403")), "the kubelet's main port 10250 should reject requests with no credentials") gomega.Expect(result).To(gomega.Or(gomega.Equal("401"), gomega.Equal("403")), "the kubelet's main port 10250 should reject requests with no credentials")
} }
}) })
@ -81,12 +84,13 @@ var _ = SIGDescribe("[Feature:NodeAuthenticator]", func() {
pod := createNodeAuthTestPod(f) pod := createNodeAuthTestPod(f)
for _, nodeIP := range nodeIPs { for _, nodeIP := range nodeIPs {
host := net.JoinHostPort(nodeIP, strconv.Itoa(ports.KubeletPort))
result := framework.RunHostCmdOrDie(ns, result := framework.RunHostCmdOrDie(ns,
pod.Name, pod.Name,
fmt.Sprintf("curl -sIk -o /dev/null -w '%s' --header \"Authorization: Bearer `%s`\" https://%s:%v/metrics", fmt.Sprintf("curl -sIk -o /dev/null -w '%s' --header \"Authorization: Bearer `%s`\" https://%s/metrics",
"%{http_code}", "%{http_code}",
"cat /var/run/secrets/kubernetes.io/serviceaccount/token", "cat /var/run/secrets/kubernetes.io/serviceaccount/token",
nodeIP, ports.KubeletPort)) host))
gomega.Expect(result).To(gomega.Or(gomega.Equal("401"), gomega.Equal("403")), "the kubelet can delegate ServiceAccount tokens to the API server") gomega.Expect(result).To(gomega.Or(gomega.Equal("401"), gomega.Equal("403")), "the kubelet can delegate ServiceAccount tokens to the API server")
} }
}) })