forked from k0sproject/k0s
-
Notifications
You must be signed in to change notification settings - Fork 0
/
kubeconfig_test.go
159 lines (141 loc) · 5.56 KB
/
kubeconfig_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
/*
Copyright 2022 k0s authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package kubeconfig
import (
"bytes"
"encoding/base64"
"os"
"path"
"testing"
"github.com/stretchr/testify/suite"
"k8s.io/client-go/tools/clientcmd"
"github.com/k0sproject/k0s/internal/pkg/file"
"github.com/k0sproject/k0s/internal/testutil"
"github.com/k0sproject/k0s/pkg/certificate"
"github.com/k0sproject/k0s/pkg/constant"
)
// Define the suite, and absorb the built-in basic suite
// functionality from testify - including a T() method which
// returns the current testing context
type CLITestSuite struct {
suite.Suite
}
func (s *CLITestSuite) TestKubeConfigCreate() {
yamlData := `
apiVersion: k0s.k0sproject.io/v1beta1
kind: ClusterConfig
spec:
api:
externalAddress: 10.0.0.86
`
configGetter := testutil.NewConfigGetter(yamlData, false, constant.GetConfig(""))
cfg, err := configGetter.FakeConfigFromFile()
s.NoError(err)
defer os.Remove(testutil.RuntimeFakePath)
caCert := `
-----BEGIN CERTIFICATE-----
MIIDADCCAeigAwIBAgIUW+2hawM8HgHrfxmDRV51wOq95icwDQYJKoZIhvcNAQEL
BQAwGDEWMBQGA1UEAxMNa3ViZXJuZXRlcy1jYTAeFw0yMTEwMjExMjAxMDBaFw0z
MTEwMTkxMjAxMDBaMBgxFjAUBgNVBAMTDWt1YmVybmV0ZXMtY2EwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQqkq9cu49/The1CUQSqFNeGaNNblnHYZo
CFcrJYtuimTPc7Abs9vIp6Ax5wqtqGTYzdg0hZc4dKXFDpvVzn8yU17IUpfDY7Ix
j2q8wBDI7bJCJw5Mw8/lcAqI1ub+DEYrdg6sRvCcByCK9qPlvuabc6YAbB0mmES6
rqCXE/Xr8byW9QYPwD+p6wKZoRXm9WlSwCvFT9OCk2OT8G5o+9RagHhmYgsg9vHf
LrDoPUtu/W5zE+fmIaAHGoWoo9yaBGsavPRkFzjbPI7mK1Zci6phnP/YWtLpyIx1
n+evNhdZj7UE9CMrzyhUU45vriK/Arc7co/WAk6pqO82tWsj38zJAgMBAAGjQjBA
MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ6hhbj
kcCmAK0BSTI5bU+hkwO00zANBgkqhkiG9w0BAQsFAAOCAQEAITD7bXxrpbS2kHl4
4Z3MKo59+KXHo9ut4a7L+oGwKX694g0/BrEAGHXRZrF5hEY0q8R0g3TdlHax0A6t
jpKePa+9ifNE+34gCz07xvAclcljk87zUM1mYYu1kgSc0XWeHnzMVXalo+gWzTBL
q8mVPQ4v+nk+MVP06r7GA42GsqTZGhH1xDQF0GLa25UHw4pzEX1olwaBWybl7Wql
K3icRdyke+TCLl+YqsCKG2n95cK4CMMEm8a1KVWRZKwDqLD7rFdemNdmzCNlpFW/
1uC/IeGA0XwM6CLsS7VAe0wbgxbgw0vLvkAnAEl6+VAOqr2ux3js1BbQ5g0d/x1L
nzXu8A==
-----END CERTIFICATE-----
`
caCertPath, err := file.WriteTmpFile(caCert, "ca-cert")
s.NoError(err)
caCertKey := `
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA0KpKvXLuPf04XtQlEEqhTXhmjTW5Zx2GaAhXKyWLbopkz3Ow
G7PbyKegMecKrahk2M3YNIWXOHSlxQ6b1c5/MlNeyFKXw2OyMY9qvMAQyO2yQicO
TMPP5XAKiNbm/gxGK3YOrEbwnAcgivaj5b7mm3OmAGwdJphEuq6glxP16/G8lvUG
D8A/qesCmaEV5vVpUsArxU/TgpNjk/BuaPvUWoB4ZmILIPbx3y6w6D1Lbv1ucxPn
5iGgBxqFqKPcmgRrGrz0ZBc42zyO5itWXIuqYZz/2FrS6ciMdZ/nrzYXWY+1BPQj
K88oVFOOb64ivwK3O3KP1gJOqajvNrVrI9/MyQIDAQABAoIBAQCMFieDNIuZdkzH
7SjM3S2ZcwF2P+EuxvWbFi5fOx92oNa5J3PNxVwCQ/caSYAzwd+iZd+Gs0Eol7dK
qloYmj9uq+XwGvLkLCRPfXctLMyX+Gw6WToSc0s5P5Ty9UOyvs7FEscbBa03Mtm4
MYkrDpSHPIbvtaWEaamKov4RL0dklHh/HQPXOujCPGiwbqHMIIQ0+sQwEDCVcC+Z
eHw4GCiC4GPgABRyhMO1CHdLxvU7xWUGTsPM4jzVmfWT5ZUx6mGi/v+weE600GU6
qSKt6fP4oygGISRA8ya9rtGQe2qQpeMlw0QhJWdRb2KAwbyQKCr1/f9uWTrhhwJ1
T1kezEUBAoGBAPxNdLjjh+UAQ9vF0UWDiTdC5wLi6YCbrcXvIcWfh7AXDinPOpKN
VxSx6cj9KQS/tWWJS8awDNZ+R/vItHJJsmyBBtY2yTQSa+LM44gRpuhdFdKhPvqN
thZVnRWbrY3xgR26Qb8F9iZy3qjkGYH8KCuBwd0a969HwVv8dqJjDhf5AoGBANO5
IAYdzy4TOkh870diAEjigVpBP/QHTRu4SXQgafqn0jPG2qRCEOpCBEjLQzCvzSf/
QMfIpcvT7xaxkSxil7mzt1X0qAjrrzpCsa6fWbiQqiFHrES10b0j4IT5bRRH4Nvz
lKXe4IKsRZ3Hmi7HRX51V1eBy7fQxRhXDy/R/69RAoGAdYebZPlQ96NM+RbIaqpg
hCadOGH9xhQ/OeIwiD/NVIEY7u8C6PwAYbqTHjaYIgcv+BGiA/dEs7J109tl+4tL
G3JrfeRdi+085pTtNRiL+NhL7yeAD/Vtqi/NkiBIE8Q5kmCOee7MAJMoF+LR4xRU
nhe++EG0uakicLhFh1W/XfkCgYBMEuyKxhM3PvlmKl3fjDsF9Tz9LQzJpgXyu9jI
vQzXX42LxRuygXqKcYYQkdhmmgRhJrokDthj0JbL1KmRBSv3MbfiTrJB4k1n5abq
U59tTa2Tn6kqVxoxl76IiQbEjr8gyPjUUKzixvuMobeorzktIwRrENweBAmNoVp3
mEECwQKBgQDCYi2EubaseSNu25UQY7ij1TsxPZpBvPlQFUtwmpz9MmBvqZcJYsco
z+5UodDFCnUsfprMjfTdY2Vk99PT4++SrJ5iTOn7xgKRrd1MPkBv7SXwnPtxCBAK
yJm2KSue0toWmkBFK8WMTjAvmAw3Z/qUhJRKoqCu3k6Mf8DNl6t+Uw==
-----END RSA PRIVATE KEY-----
`
caKeyPath, err := file.WriteTmpFile(caCertKey, "ca-key")
s.NoError(err)
userReq := certificate.Request{
Name: "test-user",
CN: "test-user",
O: groups,
CACert: caCertPath,
CAKey: caKeyPath,
}
k0sVars := constant.GetConfig(os.TempDir())
certManager := certificate.Manager{
K0sVars: k0sVars,
}
pkiPath := path.Join(k0sVars.CertRootDir)
err = os.Mkdir(pkiPath, 0o755)
s.NoError(err)
defer os.RemoveAll(pkiPath)
userCert, err := certManager.EnsureCertificate(userReq, "root")
s.NoError(err)
clusterAPIURL := cfg.Spec.API.APIAddressURL()
data := struct {
CACert string
ClientCert string
ClientKey string
User string
JoinURL string
}{
CACert: base64.StdEncoding.EncodeToString([]byte(caCert)),
ClientCert: base64.StdEncoding.EncodeToString([]byte(userCert.Cert)),
ClientKey: base64.StdEncoding.EncodeToString([]byte(userCert.Key)),
User: "test-user",
JoinURL: clusterAPIURL,
}
var buf bytes.Buffer
err = userKubeconfigTemplate.Execute(&buf, &data)
s.NoError(err)
kubeconfigPath, err := file.WriteTmpFile(buf.String(), "kubeconfig")
s.NoError(err)
config, err := clientcmd.BuildConfigFromFlags("", kubeconfigPath)
s.NoError(err)
s.Equal("https://10.0.0.86:6443", config.Host)
}
func TestCLITestSuite(t *testing.T) {
suite.Run(t, new(CLITestSuite))
}