From db185ffc51b4805e0a8be5837fbdec1f949eee76 Mon Sep 17 00:00:00 2001 From: Glenn Pratt Date: Thu, 3 Oct 2024 16:37:30 -0700 Subject: [PATCH 1/5] fake: Add ServiceAccount Token subresource --- pkg/client/fake/client.go | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/pkg/client/fake/client.go b/pkg/client/fake/client.go index 10be14a9df..9d2f84ea09 100644 --- a/pkg/client/fake/client.go +++ b/pkg/client/fake/client.go @@ -33,6 +33,7 @@ import ( jsonpatch "gopkg.in/evanphx/json-patch.v4" appsv1 "k8s.io/api/apps/v1" autoscalingv1 "k8s.io/api/autoscaling/v1" + authenticationv1 "k8s.io/api/authentication/v1" corev1 "k8s.io/api/core/v1" policyv1 "k8s.io/api/policy/v1" policyv1beta1 "k8s.io/api/policy/v1beta1" @@ -1128,7 +1129,7 @@ func (sw *fakeSubResourceClient) Get(ctx context.Context, obj, subResource clien } scale, isScale := subResource.(*autoscalingv1.Scale) if !isScale { - return apierrors.NewBadRequest(fmt.Sprintf("expected Scale, got %t", subResource)) + return apierrors.NewBadRequest(fmt.Sprintf("expected Scale, got %T", subResource)) } scaleOut, err := extractScale(obj) if err != nil { @@ -1149,13 +1150,26 @@ func (sw *fakeSubResourceClient) Create(ctx context.Context, obj client.Object, _, isEviction = subResource.(*policyv1.Eviction) } if !isEviction { - return apierrors.NewBadRequest(fmt.Sprintf("got invalid type %t, expected Eviction", subResource)) + return apierrors.NewBadRequest(fmt.Sprintf("got invalid type %T, expected Eviction", subResource)) } if _, isPod := obj.(*corev1.Pod); !isPod { return apierrors.NewNotFound(schema.GroupResource{}, "") } return sw.client.Delete(ctx, obj) + case "token": + tokenRequest, isTokenRequest := subResource.(*authenticationv1.TokenRequest) + if !isTokenRequest { + return apierrors.NewBadRequest(fmt.Sprintf("got invalid type %T, expected TokenRequest", subResource)) + } + if _, isServiceAccount := obj.(*corev1.ServiceAccount); !isServiceAccount { + return apierrors.NewNotFound(schema.GroupResource{}, "") + } + + tokenRequest.Status.Token = "fake-token" + tokenRequest.Status.ExpirationTimestamp = metav1.Date(6041, 1, 1, 0, 0, 0, 0, time.UTC) + + return nil default: return fmt.Errorf("fakeSubResourceWriter does not support create for %s", sw.subResource) } @@ -1176,7 +1190,7 @@ func (sw *fakeSubResourceClient) Update(ctx context.Context, obj client.Object, scale, isScale := updateOptions.SubResourceBody.(*autoscalingv1.Scale) if !isScale { - return apierrors.NewBadRequest(fmt.Sprintf("expected Scale, got %t", updateOptions.SubResourceBody)) + return apierrors.NewBadRequest(fmt.Sprintf("expected Scale, got %T", updateOptions.SubResourceBody)) } if err := applyScale(obj, scale); err != nil { return err From 8c77a36a398188c3da71f657daa95e1f230bcd7b Mon Sep 17 00:00:00 2001 From: Glenn Pratt Date: Fri, 4 Oct 2024 09:21:04 -0700 Subject: [PATCH 2/5] go fmt --- pkg/client/fake/client.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/client/fake/client.go b/pkg/client/fake/client.go index 9d2f84ea09..24c70d4f0a 100644 --- a/pkg/client/fake/client.go +++ b/pkg/client/fake/client.go @@ -32,8 +32,8 @@ import ( // Using v4 to match upstream jsonpatch "gopkg.in/evanphx/json-patch.v4" appsv1 "k8s.io/api/apps/v1" - autoscalingv1 "k8s.io/api/autoscaling/v1" authenticationv1 "k8s.io/api/authentication/v1" + autoscalingv1 "k8s.io/api/autoscaling/v1" corev1 "k8s.io/api/core/v1" policyv1 "k8s.io/api/policy/v1" policyv1beta1 "k8s.io/api/policy/v1beta1" From 4207b32a678cf04a32682f6d398a324727c8f3ee Mon Sep 17 00:00:00 2001 From: Glenn Pratt Date: Fri, 4 Oct 2024 10:14:46 -0700 Subject: [PATCH 3/5] add tests --- pkg/client/fake/client.go | 2 +- pkg/client/fake/client_test.go | 37 ++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 1 deletion(-) diff --git a/pkg/client/fake/client.go b/pkg/client/fake/client.go index 24c70d4f0a..87a8a8380b 100644 --- a/pkg/client/fake/client.go +++ b/pkg/client/fake/client.go @@ -1169,7 +1169,7 @@ func (sw *fakeSubResourceClient) Create(ctx context.Context, obj client.Object, tokenRequest.Status.Token = "fake-token" tokenRequest.Status.ExpirationTimestamp = metav1.Date(6041, 1, 1, 0, 0, 0, 0, time.UTC) - return nil + return sw.client.Get(ctx, client.ObjectKeyFromObject(obj), obj) default: return fmt.Errorf("fakeSubResourceWriter does not support create for %s", sw.subResource) } diff --git a/pkg/client/fake/client_test.go b/pkg/client/fake/client_test.go index ae537d5b43..507451bcba 100644 --- a/pkg/client/fake/client_test.go +++ b/pkg/client/fake/client_test.go @@ -27,6 +27,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" appsv1 "k8s.io/api/apps/v1" + authenticationv1 "k8s.io/api/authentication/v1" autoscalingv1 "k8s.io/api/autoscaling/v1" coordinationv1 "k8s.io/api/coordination/v1" corev1 "k8s.io/api/core/v1" @@ -1959,6 +1960,42 @@ var _ = Describe("Fake client", func() { Expect(apierrors.IsBadRequest(err)).To(BeTrue()) }) + It("should create a ServiceAccount token through the token subresource", func() { + sa := &corev1.ServiceAccount{ObjectMeta: metav1.ObjectMeta{Name: "foo"}} + cl := NewClientBuilder().WithObjects(sa).Build() + + tokenRequest := &authenticationv1.TokenRequest{} + err := cl.SubResource("token").Create(context.Background(), sa, tokenRequest) + Expect(err).NotTo(HaveOccurred()) + + Expect(tokenRequest.Status.Token).NotTo(Equal("")) + Expect(tokenRequest.Status.ExpirationTimestamp).NotTo(Equal(metav1.Time{})) + }) + + It("should return not found when creating a token for a ServiceAccount that doesn't exist", func() { + sa := &corev1.ServiceAccount{ObjectMeta: metav1.ObjectMeta{Name: "foo"}} + cl := NewClientBuilder().Build() + + tokenRequest := &authenticationv1.TokenRequest{} + err := cl.SubResource("token").Create(context.Background(), sa, tokenRequest) + Expect(err).To(HaveOccurred()) + Expect(apierrors.IsNotFound(err)).To(BeTrue()) + }) + + + + It("should error when creating a token with the wrong subresource type", func() { + cl := NewClientBuilder().Build() + err := cl.SubResource("token").Create(context.Background(), &corev1.ServiceAccount{}, &corev1.Namespace{}) + Expect(apierrors.IsBadRequest(err)).To(BeTrue()) + }) + + It("should error when creating a token with the wrong type", func() { + cl := NewClientBuilder().Build() + err := cl.SubResource("token").Create(context.Background(), &corev1.Secret{}, &corev1.Namespace{}) + Expect(apierrors.IsBadRequest(err)).To(BeTrue()) + }) + It("should leave typemeta empty on typed get", func() { cl := NewClientBuilder().WithObjects(&corev1.Pod{ObjectMeta: metav1.ObjectMeta{ Namespace: "default", From 769bc874e4aa4340467b1238906086ba6932c0ab Mon Sep 17 00:00:00 2001 From: Glenn Pratt Date: Fri, 4 Oct 2024 14:01:41 -0700 Subject: [PATCH 4/5] go fmt --- pkg/client/fake/client_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkg/client/fake/client_test.go b/pkg/client/fake/client_test.go index 507451bcba..d4e281abe5 100644 --- a/pkg/client/fake/client_test.go +++ b/pkg/client/fake/client_test.go @@ -1982,8 +1982,6 @@ var _ = Describe("Fake client", func() { Expect(apierrors.IsNotFound(err)).To(BeTrue()) }) - - It("should error when creating a token with the wrong subresource type", func() { cl := NewClientBuilder().Build() err := cl.SubResource("token").Create(context.Background(), &corev1.ServiceAccount{}, &corev1.Namespace{}) From 60f7536027ce999d5f351e2c5b1fc6a1455b74ad Mon Sep 17 00:00:00 2001 From: Glenn Pratt Date: Fri, 4 Oct 2024 14:30:20 -0700 Subject: [PATCH 5/5] correct wrong type test --- pkg/client/fake/client_test.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkg/client/fake/client_test.go b/pkg/client/fake/client_test.go index d4e281abe5..0a7d17db47 100644 --- a/pkg/client/fake/client_test.go +++ b/pkg/client/fake/client_test.go @@ -1976,8 +1976,7 @@ var _ = Describe("Fake client", func() { sa := &corev1.ServiceAccount{ObjectMeta: metav1.ObjectMeta{Name: "foo"}} cl := NewClientBuilder().Build() - tokenRequest := &authenticationv1.TokenRequest{} - err := cl.SubResource("token").Create(context.Background(), sa, tokenRequest) + err := cl.SubResource("token").Create(context.Background(), sa, &authenticationv1.TokenRequest{}) Expect(err).To(HaveOccurred()) Expect(apierrors.IsNotFound(err)).To(BeTrue()) }) @@ -1985,13 +1984,15 @@ var _ = Describe("Fake client", func() { It("should error when creating a token with the wrong subresource type", func() { cl := NewClientBuilder().Build() err := cl.SubResource("token").Create(context.Background(), &corev1.ServiceAccount{}, &corev1.Namespace{}) + Expect(err).To(HaveOccurred()) Expect(apierrors.IsBadRequest(err)).To(BeTrue()) }) It("should error when creating a token with the wrong type", func() { cl := NewClientBuilder().Build() - err := cl.SubResource("token").Create(context.Background(), &corev1.Secret{}, &corev1.Namespace{}) - Expect(apierrors.IsBadRequest(err)).To(BeTrue()) + err := cl.SubResource("token").Create(context.Background(), &corev1.Secret{}, &authenticationv1.TokenRequest{}) + Expect(err).To(HaveOccurred()) + Expect(apierrors.IsNotFound(err)).To(BeTrue()) }) It("should leave typemeta empty on typed get", func() {