diff --git a/cmd/pinniped/cmd/kubeconfig.go b/cmd/pinniped/cmd/kubeconfig.go index 35c46f6a5..82c4401a7 100644 --- a/cmd/pinniped/cmd/kubeconfig.go +++ b/cmd/pinniped/cmd/kubeconfig.go @@ -193,7 +193,7 @@ func runGetKubeconfig(ctx context.Context, out io.Writer, deps kubeconfigDeps, f ctx, cancel := context.WithTimeout(ctx, flags.timeout) defer cancel() - // the log statements in this file assume that Info logs are unconditionally printed so we set the global level to info + // the log statements in this file assume that Info logs are unconditionally printed, so we set the global level to info if err := plog.ValidateAndSetLogLevelAndFormatGlobally(ctx, plog.LogSpec{Level: plog.LevelInfo, Format: plog.FormatCLI}); err != nil { return err } diff --git a/cmd/pinniped/cmd/kubeconfig_test.go b/cmd/pinniped/cmd/kubeconfig_test.go index d31938a2a..6f063fcd8 100644 --- a/cmd/pinniped/cmd/kubeconfig_test.go +++ b/cmd/pinniped/cmd/kubeconfig_test.go @@ -297,7 +297,7 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, } }, wantError: true, @@ -321,7 +321,7 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, } }, wantError: true, @@ -345,7 +345,7 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, } }, wantError: true, @@ -367,7 +367,7 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, } }, conciergeReactions: []kubetesting.Reactor{ @@ -407,7 +407,7 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, } }, wantError: true, @@ -429,7 +429,7 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, } }, wantError: true, @@ -455,11 +455,11 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupAuthenticator","message":"found JWTAuthenticator","name":"test-authenticator-1"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupAuthenticator","message":"found JWTAuthenticator","name":"test-authenticator-2"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupAuthenticator","message":"found WebhookAuthenticator","name":"test-authenticator-3"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupAuthenticator","message":"found WebhookAuthenticator","name":"test-authenticator-4"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: found JWTAuthenticator {"name": "test-authenticator-1"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: found JWTAuthenticator {"name": "test-authenticator-2"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: found WebhookAuthenticator {"name": "test-authenticator-3"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: found WebhookAuthenticator {"name": "test-authenticator-4"}`, } }, wantError: true, @@ -492,8 +492,8 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.logStrategies","message":"found CredentialIssuer strategy","type":"SomeType","status":"Error","reason":"SomeReason","message":"Some message"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: found CredentialIssuer strategy {"type": "SomeType", "status": "Error", "reason": "SomeReason", "message": "Some message"}`, } }, wantError: true, @@ -553,9 +553,9 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in impersonation proxy mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://impersonation-endpoint"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in impersonation proxy mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://impersonation-endpoint"}`, } }, wantError: true, @@ -578,11 +578,11 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered WebhookAuthenticator {"name": "test-authenticator"}`, } }, wantError: true, @@ -631,13 +631,13 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"some-test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "some-test-audience"}`, } }, wantError: true, @@ -670,14 +670,14 @@ func TestGetKubeconfig(t *testing.T) { oidcDiscoveryResponse: happyOIDCDiscoveryResponse, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"some-test-audience.pinniped.dev-invalid-substring"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "some-test-audience.pinniped.dev-invalid-substring"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -702,13 +702,13 @@ func TestGetKubeconfig(t *testing.T) { oidcDiscoveryResponse: happyOIDCDiscoveryResponse, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -733,14 +733,14 @@ func TestGetKubeconfig(t *testing.T) { oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -765,11 +765,11 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered WebhookAuthenticator {"name": "test-authenticator"}`, } }, wantError: true, @@ -806,14 +806,14 @@ func TestGetKubeconfig(t *testing.T) { oidcDiscoveryStatusCode: http.StatusBadRequest, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -842,14 +842,14 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -877,14 +877,14 @@ func TestGetKubeconfig(t *testing.T) { idpsDiscoveryStatusCode: http.StatusBadRequest, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -916,14 +916,14 @@ func TestGetKubeconfig(t *testing.T) { }`), wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -952,14 +952,14 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -985,14 +985,14 @@ func TestGetKubeconfig(t *testing.T) { idpsDiscoveryResponse: "this is not valid JSON", wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -1022,13 +1022,13 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, } }, wantError: true, @@ -1061,12 +1061,12 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, } }, wantError: true, @@ -1099,14 +1099,14 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantError: true, @@ -1384,7 +1384,9 @@ func TestGetKubeconfig(t *testing.T) { base64.StdEncoding.EncodeToString([]byte(issuerCABundle))) }, wantLogs: func(_ string, _ string) []string { - return []string{`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.selectUpstreamIDPFlow","message":"multiple client flows found, selecting first value as default","idpName":"some-ldap-idp","idpType":"ldap","selectedFlow":"cli_password","availableFlows":["cli_password","flow2"]}`} + return []string{ + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: multiple client flows found, selecting first value as default {"idpName": "some-ldap-idp", "idpType": "ldap", "selectedFlow": "cli_password", "availableFlows": ["cli_password","flow2"]}`, + } }, }, { @@ -1404,11 +1406,11 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered WebhookAuthenticator {"name": "test-authenticator"}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -1468,11 +1470,11 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered WebhookAuthenticator {"name": "test-authenticator"}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -1532,14 +1534,14 @@ func TestGetKubeconfig(t *testing.T) { oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -1732,13 +1734,13 @@ func TestGetKubeconfig(t *testing.T) { oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://impersonation-proxy-endpoint.test"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":1}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://impersonation-proxy-endpoint.test"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -1840,14 +1842,14 @@ func TestGetKubeconfig(t *testing.T) { oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in impersonation proxy mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://impersonation-proxy-endpoint.test"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in impersonation proxy mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://impersonation-proxy-endpoint.test"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -1917,14 +1919,14 @@ func TestGetKubeconfig(t *testing.T) { }`), wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -1996,14 +1998,14 @@ func TestGetKubeconfig(t *testing.T) { }`), wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -2073,14 +2075,14 @@ func TestGetKubeconfig(t *testing.T) { }`), wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -2146,14 +2148,14 @@ func TestGetKubeconfig(t *testing.T) { idpsDiscoveryStatusCode: http.StatusBadRequest, // IDPs endpoint shouldn't be called by this test wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -2226,14 +2228,14 @@ func TestGetKubeconfig(t *testing.T) { idpsDiscoveryStatusCode: http.StatusBadRequest, // IDP discovery endpoint shouldn't be called by this test wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -2311,16 +2313,16 @@ func TestGetKubeconfig(t *testing.T) { }`), wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.pinnipedSupervisorDiscovery.func1","message":"removed scope from --oidc-scopes list because it is not supported by this Supervisor","scope":"username"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.pinnipedSupervisorDiscovery.func1","message":"removed scope from --oidc-scopes list because it is not supported by this Supervisor","scope":"groups"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: removed scope from --oidc-scopes list because it is not supported by this Supervisor {"scope": "username"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: removed scope from --oidc-scopes list because it is not supported by this Supervisor {"scope": "groups"}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -2399,16 +2401,16 @@ func TestGetKubeconfig(t *testing.T) { }`), wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.pinnipedSupervisorDiscovery.func1","message":"removed scope from --oidc-scopes list because it is not supported by this Supervisor","scope":"username"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.pinnipedSupervisorDiscovery.func1","message":"removed scope from --oidc-scopes list because it is not supported by this Supervisor","scope":"groups"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: removed scope from --oidc-scopes list because it is not supported by this Supervisor {"scope": "username"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: removed scope from --oidc-scopes list because it is not supported by this Supervisor {"scope": "groups"}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -2489,14 +2491,14 @@ func TestGetKubeconfig(t *testing.T) { }`), wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -2567,14 +2569,14 @@ func TestGetKubeconfig(t *testing.T) { idpsDiscoveryStatusCode: http.StatusNotFound, // should not get called by the client in this case wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -2650,14 +2652,14 @@ func TestGetKubeconfig(t *testing.T) { }`), wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered JWTAuthenticator {"name": "test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC issuer {"issuer": "` + issuerURL + `"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC audience {"audience": "test-audience"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered OIDC CA bundle {"roots": 1}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -3152,11 +3154,11 @@ func TestGetKubeconfig(t *testing.T) { }, wantLogs: func(issuerCABundle string, issuerURL string) []string { return []string{ - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, - `{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered CredentialIssuer {"name": "test-credential-issuer"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge operating in TokenCredentialRequest API mode`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered Concierge certificate authority bundle {"roots": 0}`, + `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go: discovered WebhookAuthenticator {"name": "test-authenticator"}`, } }, wantStdout: func(issuerCABundle string, issuerURL string) string { @@ -3259,7 +3261,7 @@ func TestGetKubeconfig(t *testing.T) { } return fake, nil }, - log: plog.TestLogger(t, &log), + log: plog.TestConsoleLogger(t, &log), }) require.NotNil(t, cmd) diff --git a/cmd/pinniped/cmd/login_oidc.go b/cmd/pinniped/cmd/login_oidc.go index ea93a6678..877a39e85 100644 --- a/cmd/pinniped/cmd/login_oidc.go +++ b/cmd/pinniped/cmd/login_oidc.go @@ -176,9 +176,8 @@ func runOIDCLogin(cmd *cobra.Command, deps oidcLoginCommandDeps, flags oidcLogin // If the hidden --debug-session-cache option is passed, log all the errors from the session cache. if flags.debugSessionCache { - logger := plog.WithName("session") sessionOptions = append(sessionOptions, filesession.WithErrorReporter(func(err error) { - logger.Error("error during session cache operation", err) + pLogger.Error("error during session cache operation", err) })) } sessionCache := filesession.New(flags.sessionCachePath, sessionOptions...) @@ -186,7 +185,7 @@ func runOIDCLogin(cmd *cobra.Command, deps oidcLoginCommandDeps, flags oidcLogin // Initialize the login handler. opts := []oidcclient.Option{ deps.optionsFactory.WithContext(cmd.Context()), - deps.optionsFactory.WithLoginLogger(plog.New()), + deps.optionsFactory.WithLoginLogger(pLogger), deps.optionsFactory.WithScopes(flags.scopes), deps.optionsFactory.WithSessionCache(sessionCache), } @@ -339,8 +338,7 @@ func SetLogLevel(ctx context.Context, lookupEnv func(string) (string, bool)) (pl return nil, err } } - logger := plog.New().WithName("pinniped-login") - return logger, nil + return plog.New(), nil } /* diff --git a/cmd/pinniped/cmd/login_oidc_test.go b/cmd/pinniped/cmd/login_oidc_test.go index ce631c22c..88796383f 100644 --- a/cmd/pinniped/cmd/login_oidc_test.go +++ b/cmd/pinniped/cmd/login_oidc_test.go @@ -274,8 +274,8 @@ func TestLoginOIDCCommand(t *testing.T) { wantOptionsCount: 4, wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"expirationTimestamp":"3020-10-12T13:14:15Z","token":"test-id-token"}}` + "\n", wantLogs: []string{ - nowStr + ` pinniped-login cmd/login_oidc.go:268 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`, - nowStr + ` pinniped-login cmd/login_oidc.go:288 No concierge configured, skipping token credential exchange`, + nowStr + ` cmd/login_oidc.go:267 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`, + nowStr + ` cmd/login_oidc.go:287 No concierge configured, skipping token credential exchange`, }, }, { @@ -319,10 +319,10 @@ func TestLoginOIDCCommand(t *testing.T) { wantOptionsCount: 12, wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"token":"exchanged-token"}}` + "\n", wantLogs: []string{ - nowStr + ` pinniped-login cmd/login_oidc.go:268 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`, - nowStr + ` pinniped-login cmd/login_oidc.go:278 Exchanging token for cluster credential {"endpoint": "https://127.0.0.1:1234/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`, - nowStr + ` pinniped-login cmd/login_oidc.go:286 Successfully exchanged token for cluster credential.`, - nowStr + ` pinniped-login cmd/login_oidc.go:293 caching cluster credential for future use.`, + nowStr + ` cmd/login_oidc.go:267 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`, + nowStr + ` cmd/login_oidc.go:277 Exchanging token for cluster credential {"endpoint": "https://127.0.0.1:1234/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`, + nowStr + ` cmd/login_oidc.go:285 Successfully exchanged token for cluster credential.`, + nowStr + ` cmd/login_oidc.go:292 caching cluster credential for future use.`, }, }, } diff --git a/cmd/pinniped/cmd/login_static_test.go b/cmd/pinniped/cmd/login_static_test.go index e70a8afb7..4663b761e 100644 --- a/cmd/pinniped/cmd/login_static_test.go +++ b/cmd/pinniped/cmd/login_static_test.go @@ -147,7 +147,7 @@ func TestLoginStaticCommand(t *testing.T) { Error: could not complete Concierge credential exchange: some concierge error `), wantLogs: []string{ - nowStr + ` pinniped-login cmd/login_static.go:159 exchanging static token for cluster credential {"endpoint": "https://127.0.0.1/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`, + nowStr + ` cmd/login_static.go:159 exchanging static token for cluster credential {"endpoint": "https://127.0.0.1/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`, }, }, { diff --git a/internal/plog/config_test.go b/internal/plog/config_test.go index 462610180..be4ff9c9f 100644 --- a/internal/plog/config_test.go +++ b/internal/plog/config_test.go @@ -55,7 +55,7 @@ func TestFormat(t *testing.T) { "duration": "1h1m0s" }`, wd, getLineNumberOfCaller()-11), scanner.Text()) - Logr().WithName("burrito").Error(errInvalidLogLevel, "wee", "a", "b") + New().WithName("burrito").Error("wee", errInvalidLogLevel, "a", "b") require.True(t, scanner.Scan()) require.NoError(t, scanner.Err()) require.JSONEq(t, fmt.Sprintf(` @@ -69,7 +69,7 @@ func TestFormat(t *testing.T) { "logger": "burrito" }`, wd, getLineNumberOfCaller()-12), scanner.Text()) - Logr().V(klogLevelWarning).Info("hey") // note that this fails to set the custom warning key because it is not via plog + New().Info("hey") require.True(t, scanner.Scan()) require.NoError(t, scanner.Err()) require.JSONEq(t, fmt.Sprintf(` @@ -108,7 +108,7 @@ func TestFormat(t *testing.T) { Trace("should not be logged", "for", "sure") require.Empty(t, buf.String()) - Logr().V(klogLevelAll).Info("also should not be logged", "open", "close") + New().All("also should not be logged", "open", "close") require.Empty(t, buf.String()) ctx = AddZapOverridesToContext(ctx, t, &buf, nil, fakeClock, zap.AddStacktrace(LevelInfo)) @@ -151,7 +151,7 @@ testing.tRunner require.Equal(t, fmt.Sprintf(nowStr+` plog/config_test.go:%d something happened {"error": "invalid log format, valid choices are the empty string or 'json'", "an": "item"}`, getLineNumberOfCaller()-4), scanner.Text()) - Logr().WithName("burrito").Error(errInvalidLogLevel, "wee", "a", "b", "slightly less than a year", 363*24*time.Hour, "slightly more than 2 years", 2*367*24*time.Hour) + New().WithName("burrito").Error("wee", errInvalidLogLevel, "a", "b", "slightly less than a year", 363*24*time.Hour, "slightly more than 2 years", 2*367*24*time.Hour) require.True(t, scanner.Scan()) require.NoError(t, scanner.Err()) require.Equal(t, fmt.Sprintf(nowStr+` burrito plog/config_test.go:%d wee {"a": "b", "slightly less than a year": "363d", "slightly more than 2 years": "2y4d", "error": "invalid log level, valid choices are the empty string, info, debug, trace and all"}`, diff --git a/internal/plog/global.go b/internal/plog/global.go index c6bbc578f..e529aa166 100644 --- a/internal/plog/global.go +++ b/internal/plog/global.go @@ -1,4 +1,4 @@ -// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package plog @@ -54,12 +54,6 @@ func init() { } } -// Deprecated: Use New instead. This is meant for old code only. -// New provides a more ergonomic API and correctly responds to global log config change. -func Logr() logr.Logger { - return globalLogger -} - func Setup() func() { logs.InitLogs() return func() { diff --git a/internal/plog/plog.go b/internal/plog/plog.go index 085416cf6..1f989c25c 100644 --- a/internal/plog/plog.go +++ b/internal/plog/plog.go @@ -190,7 +190,7 @@ func (p pLogger) withLogrMod(mod func(logr.Logger) logr.Logger) Logger { } func (p pLogger) logr() logr.Logger { - l := Logr() // grab the current global logger and its current config + l := globalLogger // grab the current global logger and its current config for _, mod := range p.mods { l = mod(l) // and then update it with all modifications } diff --git a/internal/plog/testing.go b/internal/plog/testing.go index 2d74a705c..d8a6b14bc 100644 --- a/internal/plog/testing.go +++ b/internal/plog/testing.go @@ -1,4 +1,4 @@ -// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package plog @@ -63,11 +63,19 @@ func TestLogger(t *testing.T, w io.Writer) Logger { t.Helper() return New().withLogrMod(func(l logr.Logger) logr.Logger { - return l.WithSink(TestZapr(t, w).GetSink()) + return l.WithSink(testZapr(t, w, "json").GetSink()) }) } -func TestZapr(t *testing.T, w io.Writer) logr.Logger { +func TestConsoleLogger(t *testing.T, w io.Writer) Logger { + t.Helper() + + return New().withLogrMod(func(l logr.Logger) logr.Logger { + return l.WithSink(testZapr(t, w, "console").GetSink()) + }) +} + +func testZapr(t *testing.T, w io.Writer, encoding string) logr.Logger { t.Helper() now, err := time.Parse(time.RFC3339Nano, "2099-08-08T13:57:36.123456789Z") @@ -86,7 +94,10 @@ func TestZapr(t *testing.T, w io.Writer) logr.Logger { if idx := strings.LastIndexByte(trimmed, ':'); idx != -1 { trimmed = trimmed[:idx+1] + "" } - enc.AppendString(trimmed + funcEncoder(caller)) + if encoding != "console" { + trimmed += funcEncoder(caller) + } + enc.AppendString(trimmed) } }, clocktesting.NewFakeClock(now), // have the clock be static during tests @@ -94,7 +105,7 @@ func TestZapr(t *testing.T, w io.Writer) logr.Logger { ) // there is no buffering so we can ignore flush - zl, _, err := newLogr(ctx, "json", 0) + zl, _, err := newLogr(ctx, encoding, 0) require.NoError(t, err) return zl diff --git a/internal/registry/clientsecretrequest/rest_test.go b/internal/registry/clientsecretrequest/rest_test.go index 480268a7e..365f97d75 100644 --- a/internal/registry/clientsecretrequest/rest_test.go +++ b/internal/registry/clientsecretrequest/rest_test.go @@ -4,10 +4,8 @@ package clientsecretrequest import ( - "bytes" "context" "encoding/hex" - "encoding/json" "errors" "fmt" "io" @@ -15,6 +13,7 @@ import ( "strings" "testing" + "github.com/go-logr/logr" "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -32,7 +31,6 @@ import ( supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" "go.pinniped.dev/internal/oidcclientsecretstorage" - "go.pinniped.dev/internal/plog" "go.pinniped.dev/internal/testutil" ) @@ -111,17 +109,17 @@ func TestCreate(t *testing.T) { fakeTimeNowFunc := func() metav1.Time { return fakeNow } tests := []struct { - name string - args args - seedOIDCClients []*supervisorconfigv1alpha1.OIDCClient - seedHashes func(storage *oidcclientsecretstorage.OIDCClientSecretStorage) - addReactors func(*kubefake.Clientset, *supervisorfake.Clientset) - fakeByteGenerator io.Reader - fakeHasher byteHasher - want runtime.Object - wantErrStatus *metav1.Status - wantHashes *wantHashes - wantLogLines []string + name string + args args + seedOIDCClients []*supervisorconfigv1alpha1.OIDCClient + seedHashes func(storage *oidcclientsecretstorage.OIDCClientSecretStorage) + addReactors func(*kubefake.Clientset, *supervisorfake.Clientset) + fakeByteGenerator io.Reader + fakeHasher byteHasher + want runtime.Object + wantErrStatus *metav1.Status + wantHashes *wantHashes + wantLogStepSubstrings []string }{ { name: "wrong type of request object provided", @@ -138,7 +136,7 @@ func TestCreate(t *testing.T) { Reason: metav1.StatusReasonBadRequest, Code: http.StatusBadRequest, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:not an OIDCClientSecretRequest`, `END`, @@ -173,7 +171,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:dryRun not supported`, `END`, @@ -196,7 +194,7 @@ func TestCreate(t *testing.T) { Reason: metav1.StatusReasonBadRequest, Code: http.StatusBadRequest, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:namespace must be some-namespace on OIDCClientSecretRequest, was wrong-namespace`, `END`, @@ -227,7 +225,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:validation webhook,msg:Internal error occurred: some-error-here`, `END`, @@ -255,7 +253,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:no namespace information found in request context`, `END`, @@ -279,7 +277,7 @@ func TestCreate(t *testing.T) { Reason: metav1.StatusReasonBadRequest, Code: http.StatusBadRequest, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:the namespace of the provided object does not match the namespace sent on the request`, `END`, @@ -317,7 +315,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:[metadata.generateName: Invalid value: "foo": generateName is not supported, metadata.name: Required value: name or generateName is required]`, `END`, @@ -351,7 +349,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:metadata.name: Invalid value: "client.oauth.pinniped.dev-": must not equal 'client.oauth.pinniped.dev-'`, `END`, @@ -385,7 +383,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:metadata.name: Invalid value: "does-not-contain-the-prefix": must start with 'client.oauth.pinniped.dev-'`, `END`, @@ -419,7 +417,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:metadata.name: Invalid value: "client.oauth.pinniped.dev-contains/invalid/characters": may not contain '/'`, `END`, @@ -464,7 +462,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `failureType:request validation,msg:[metadata.generateName: Invalid value: "no-generate-allowed": generateName is not supported, metadata.name: Invalid value: "multiple/errors/aggregated": must start with 'client.oauth.pinniped.dev-', metadata.name: Invalid value: "multiple/errors/aggregated": may not contain '/']`, `END`, @@ -498,7 +496,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `failureType:oidcClientsClient.Get,msg:oidcclients.config.supervisor.pinniped.dev "client.oauth.pinniped.dev-oidc-client-does-not-exist-404" not found`, @@ -531,7 +529,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `failureType:oidcClientsClient.Get,msg:unexpected error darn`, @@ -570,7 +568,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -610,7 +608,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -653,7 +651,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -706,7 +704,7 @@ func TestCreate(t *testing.T) { fakeBcryptRandomBytes, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -775,7 +773,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 3, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -841,7 +839,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 1, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -907,7 +905,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 1, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -969,7 +967,7 @@ func TestCreate(t *testing.T) { Reason: metav1.StatusReasonBadRequest, Code: http.StatusBadRequest, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1036,7 +1034,7 @@ func TestCreate(t *testing.T) { Reason: metav1.StatusReasonBadRequest, Code: http.StatusBadRequest, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1086,7 +1084,7 @@ func TestCreate(t *testing.T) { Name: "client.oauth.pinniped.dev-some-client", }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1140,7 +1138,7 @@ func TestCreate(t *testing.T) { Name: "client.oauth.pinniped.dev-some-client", }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1188,7 +1186,7 @@ func TestCreate(t *testing.T) { }}, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1235,7 +1233,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 0, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1279,7 +1277,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 0, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1343,7 +1341,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 2, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1405,7 +1403,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 1, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1474,7 +1472,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 1, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1544,7 +1542,7 @@ func TestCreate(t *testing.T) { TotalClientSecrets: 1, }, }, - wantLogLines: []string{ + wantLogStepSubstrings: []string{ `"create"`, `"validateRequest"`, `oidcClientsClient.Get`, @@ -1559,9 +1557,8 @@ func TestCreate(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { // t.Parallel() should not be used because we are mutating the global logger. - var log bytes.Buffer - logger := plog.TestZapr(t, &log) - klog.SetLogger(logger) + logger := testutil.NewTranscriptLogger(t) //nolint:staticcheck // old test with lots of log statements + klog.SetLogger(logr.New(logger)) originalKLogLevel := testutil.GetGlobalKlogLevel() // trace.Log() utility will only log at level 2 or above, so set that for this test. testutil.SetGlobalKlogLevel(t, 2) //nolint:staticcheck // old test of code using trace.Log() @@ -1648,7 +1645,7 @@ func TestCreate(t *testing.T) { require.Empty(t, secrets.Items) } - requireLogLinesContain(t, log.String(), tt.wantLogLines) + requireExactlyOneLogLineWithMultipleSteps(t, logger, tt.wantLogStepSubstrings) }) } } @@ -1659,18 +1656,10 @@ func (r readerAlwaysErrors) Read(_ []byte) (n int, err error) { return 0, errors.New("always errors") } -func requireLogLinesContain(t *testing.T, fullLog string, wantLines []string) { - if len(wantLines) == 0 { - require.Empty(t, fullLog) - return - } - var jsonLog map[string]any - err := json.Unmarshal([]byte(fullLog), &jsonLog) - require.NoError(t, err) - require.Contains(t, jsonLog, "message") - message := jsonLog["message"] - require.IsType(t, "type of string", message) - lines := strings.Split(strings.TrimSpace(message.(string)), "\n") +func requireExactlyOneLogLineWithMultipleSteps(t *testing.T, logger *testutil.TranscriptLogger, wantLines []string) { + transcript := logger.Transcript() + require.Len(t, transcript, 1) + lines := strings.Split(strings.TrimSpace(transcript[0].Message), "\n") require.Lenf(t, lines, len(wantLines), "actual log lines length should match expected length, actual lines:\n\n%s", strings.Join(lines, "\n")) for i := range wantLines {