mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2025-12-23 14:25:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove plog.Logr, make plog.TestZapr private, and CLI logs do not need a name

Browse Source 
Co-authored-by: Ryan Richard <richardry@vmware.com>
This commit is contained in:
Joshua Casey
2024-06-11 17:27:45 -05:00
parent 9296d95084
commit 011d6ba71b
10 changed files with 334 additions and 340 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/pinniped/cmd/kubeconfig.go
View File

@@ -193,7 +193,7 @@ func runGetKubeconfig(ctx context.Context, out io.Writer, deps kubeconfigDeps, f
ctx, cancel := context.WithTimeout(ctx, flags.timeout) ctx, cancel := context.WithTimeout(ctx, flags.timeout)
defer cancel() defer cancel()
// the log statements in this file assume that Info logs are unconditionally printed so we set the global level to info // the log statements in this file assume that Info logs are unconditionally printed, so we set the global level to info
if err := plog.ValidateAndSetLogLevelAndFormatGlobally(ctx, plog.LogSpec{Level: plog.LevelInfo, Format: plog.FormatCLI}); err != nil { if err := plog.ValidateAndSetLogLevelAndFormatGlobally(ctx, plog.LogSpec{Level: plog.LevelInfo, Format: plog.FormatCLI}); err != nil {
return err return err
} }

500
cmd/pinniped/cmd/kubeconfig_test.go
View File

@@ -297,7 +297,7 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
} }
}, },
wantError: true, wantError: true,
@@ -321,7 +321,7 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
} }
}, },
wantError: true, wantError: true,
@@ -345,7 +345,7 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
} }
}, },
wantError: true, wantError: true,
@@ -367,7 +367,7 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
} }
}, },
conciergeReactions: []kubetesting.Reactor{ conciergeReactions: []kubetesting.Reactor{
@@ -407,7 +407,7 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
} }
}, },
wantError: true, wantError: true,
@@ -429,7 +429,7 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
} }
}, },
wantError: true, wantError: true,
@@ -455,11 +455,11 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupAuthenticator","message":"found JWTAuthenticator","name":"test-authenticator-1"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> found JWTAuthenticator {"name": "test-authenticator-1"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupAuthenticator","message":"found JWTAuthenticator","name":"test-authenticator-2"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> found JWTAuthenticator {"name": "test-authenticator-2"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupAuthenticator","message":"found WebhookAuthenticator","name":"test-authenticator-3"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> found WebhookAuthenticator {"name": "test-authenticator-3"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupAuthenticator","message":"found WebhookAuthenticator","name":"test-authenticator-4"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> found WebhookAuthenticator {"name": "test-authenticator-4"}`,
} }
}, },
wantError: true, wantError: true,
@@ -492,8 +492,8 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.logStrategies","message":"found CredentialIssuer strategy","type":"SomeType","status":"Error","reason":"SomeReason","message":"Some message"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> found CredentialIssuer strategy {"type": "SomeType", "status": "Error", "reason": "SomeReason", "message": "Some message"}`,
} }
}, },
wantError: true, wantError: true,
@@ -553,9 +553,9 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in impersonation proxy mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in impersonation proxy mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://impersonation-endpoint"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://impersonation-endpoint"}`,
} }
}, },
wantError: true, wantError: true,
@@ -578,11 +578,11 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered WebhookAuthenticator {"name": "test-authenticator"}`,
} }
}, },
wantError: true, wantError: true,
@@ -631,13 +631,13 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"some-test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "some-test-audience"}`,
} }
}, },
wantError: true, wantError: true,
@@ -670,14 +670,14 @@ func TestGetKubeconfig(t *testing.T) {
oidcDiscoveryResponse: happyOIDCDiscoveryResponse, oidcDiscoveryResponse: happyOIDCDiscoveryResponse,
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"some-test-audience.pinniped.dev-invalid-substring"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "some-test-audience.pinniped.dev-invalid-substring"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -702,13 +702,13 @@ func TestGetKubeconfig(t *testing.T) {
oidcDiscoveryResponse: happyOIDCDiscoveryResponse, oidcDiscoveryResponse: happyOIDCDiscoveryResponse,
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -733,14 +733,14 @@ func TestGetKubeconfig(t *testing.T) {
oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse, oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse,
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -765,11 +765,11 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered WebhookAuthenticator {"name": "test-authenticator"}`,
} }
}, },
wantError: true, wantError: true,
@@ -806,14 +806,14 @@ func TestGetKubeconfig(t *testing.T) {
oidcDiscoveryStatusCode: http.StatusBadRequest, oidcDiscoveryStatusCode: http.StatusBadRequest,
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -842,14 +842,14 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -877,14 +877,14 @@ func TestGetKubeconfig(t *testing.T) {
idpsDiscoveryStatusCode: http.StatusBadRequest, idpsDiscoveryStatusCode: http.StatusBadRequest,
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -916,14 +916,14 @@ func TestGetKubeconfig(t *testing.T) {
}`), }`),
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -952,14 +952,14 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -985,14 +985,14 @@ func TestGetKubeconfig(t *testing.T) {
idpsDiscoveryResponse: "this is not valid JSON", idpsDiscoveryResponse: "this is not valid JSON",
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -1022,13 +1022,13 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
} }
}, },
wantError: true, wantError: true,
@@ -1061,12 +1061,12 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
} }
}, },
wantError: true, wantError: true,
@@ -1099,14 +1099,14 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantError: true, wantError: true,
@@ -1384,7 +1384,9 @@ func TestGetKubeconfig(t *testing.T) {
base64.StdEncoding.EncodeToString([]byte(issuerCABundle))) base64.StdEncoding.EncodeToString([]byte(issuerCABundle)))
}, },
wantLogs: func(_ string, _ string) []string { wantLogs: func(_ string, _ string) []string {
return []string{`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.selectUpstreamIDPFlow","message":"multiple client flows found, selecting first value as default","idpName":"some-ldap-idp","idpType":"ldap","selectedFlow":"cli_password","availableFlows":["cli_password","flow2"]}`} return []string{
`2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> multiple client flows found, selecting first value as default {"idpName": "some-ldap-idp", "idpType": "ldap", "selectedFlow": "cli_password", "availableFlows": ["cli_password","flow2"]}`,
}
}, },
}, },
{ {
@@ -1404,11 +1406,11 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered WebhookAuthenticator {"name": "test-authenticator"}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -1468,11 +1470,11 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered WebhookAuthenticator {"name": "test-authenticator"}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -1532,14 +1534,14 @@ func TestGetKubeconfig(t *testing.T) {
oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse, oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse,
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -1732,13 +1734,13 @@ func TestGetKubeconfig(t *testing.T) {
oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse, oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse,
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://impersonation-proxy-endpoint.test"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://impersonation-proxy-endpoint.test"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 1}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -1840,14 +1842,14 @@ func TestGetKubeconfig(t *testing.T) {
oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse, oidcDiscoveryResponse: onlyIssuerOIDCDiscoveryResponse,
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in impersonation proxy mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in impersonation proxy mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://impersonation-proxy-endpoint.test"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://impersonation-proxy-endpoint.test"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -1917,14 +1919,14 @@ func TestGetKubeconfig(t *testing.T) {
}`), }`),
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -1996,14 +1998,14 @@ func TestGetKubeconfig(t *testing.T) {
}`), }`),
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -2073,14 +2075,14 @@ func TestGetKubeconfig(t *testing.T) {
}`), }`),
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -2146,14 +2148,14 @@ func TestGetKubeconfig(t *testing.T) {
idpsDiscoveryStatusCode: http.StatusBadRequest, // IDPs endpoint shouldn't be called by this test idpsDiscoveryStatusCode: http.StatusBadRequest, // IDPs endpoint shouldn't be called by this test
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -2226,14 +2228,14 @@ func TestGetKubeconfig(t *testing.T) {
idpsDiscoveryStatusCode: http.StatusBadRequest, // IDP discovery endpoint shouldn't be called by this test idpsDiscoveryStatusCode: http.StatusBadRequest, // IDP discovery endpoint shouldn't be called by this test
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -2311,16 +2313,16 @@ func TestGetKubeconfig(t *testing.T) {
}`), }`),
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.pinnipedSupervisorDiscovery.func1","message":"removed scope from --oidc-scopes list because it is not supported by this Supervisor","scope":"username"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> removed scope from --oidc-scopes list because it is not supported by this Supervisor {"scope": "username"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.pinnipedSupervisorDiscovery.func1","message":"removed scope from --oidc-scopes list because it is not supported by this Supervisor","scope":"groups"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> removed scope from --oidc-scopes list because it is not supported by this Supervisor {"scope": "groups"}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -2399,16 +2401,16 @@ func TestGetKubeconfig(t *testing.T) {
}`), }`),
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.pinnipedSupervisorDiscovery.func1","message":"removed scope from --oidc-scopes list because it is not supported by this Supervisor","scope":"username"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> removed scope from --oidc-scopes list because it is not supported by this Supervisor {"scope": "username"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.pinnipedSupervisorDiscovery.func1","message":"removed scope from --oidc-scopes list because it is not supported by this Supervisor","scope":"groups"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> removed scope from --oidc-scopes list because it is not supported by this Supervisor {"scope": "groups"}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -2489,14 +2491,14 @@ func TestGetKubeconfig(t *testing.T) {
}`), }`),
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -2567,14 +2569,14 @@ func TestGetKubeconfig(t *testing.T) {
idpsDiscoveryStatusCode: http.StatusNotFound, // should not get called by the client in this case idpsDiscoveryStatusCode: http.StatusNotFound, // should not get called by the client in this case
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -2650,14 +2652,14 @@ func TestGetKubeconfig(t *testing.T) {
}`), }`),
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered JWTAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered JWTAuthenticator {"name": "test-authenticator"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC issuer","issuer":"` + issuerURL + `"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC issuer {"issuer": "` + issuerURL + `"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC audience","audience":"test-audience"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC audience {"audience": "test-audience"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered OIDC CA bundle","roots":1}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered OIDC CA bundle {"roots": 1}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -3152,11 +3154,11 @@ func TestGetKubeconfig(t *testing.T) {
}, },
wantLogs: func(issuerCABundle string, issuerURL string) []string { wantLogs: func(issuerCABundle string, issuerURL string) []string {
return []string{ return []string{
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.lookupCredentialIssuer","message":"discovered CredentialIssuer","name":"test-credential-issuer"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered CredentialIssuer {"name": "test-credential-issuer"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge operating in TokenCredentialRequest API mode"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge operating in TokenCredentialRequest API mode`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge endpoint","endpoint":"https://fake-server-url-value"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge endpoint {"endpoint": "https://fake-server-url-value"}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverConciergeParams","message":"discovered Concierge certificate authority bundle","roots":0}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered Concierge certificate authority bundle {"roots": 0}`,
`{"level":"info","timestamp":"2099-08-08T13:57:36.123456Z","caller":"cmd/kubeconfig.go:<line>$cmd.discoverAuthenticatorParams","message":"discovered WebhookAuthenticator","name":"test-authenticator"}`, `2099-08-08T13:57:36.123456Z info cmd/kubeconfig.go:<line> discovered WebhookAuthenticator {"name": "test-authenticator"}`,
} }
}, },
wantStdout: func(issuerCABundle string, issuerURL string) string { wantStdout: func(issuerCABundle string, issuerURL string) string {
@@ -3259,7 +3261,7 @@ func TestGetKubeconfig(t *testing.T) {
} }
return fake, nil return fake, nil
}, },
log: plog.TestLogger(t, &log), log: plog.TestConsoleLogger(t, &log),
}) })
require.NotNil(t, cmd) require.NotNil(t, cmd)

8
cmd/pinniped/cmd/login_oidc.go
View File

@@ -176,9 +176,8 @@ func runOIDCLogin(cmd *cobra.Command, deps oidcLoginCommandDeps, flags oidcLogin
// If the hidden --debug-session-cache option is passed, log all the errors from the session cache. // If the hidden --debug-session-cache option is passed, log all the errors from the session cache.
if flags.debugSessionCache { if flags.debugSessionCache {
logger := plog.WithName("session")
sessionOptions = append(sessionOptions, filesession.WithErrorReporter(func(err error) { sessionOptions = append(sessionOptions, filesession.WithErrorReporter(func(err error) {
logger.Error("error during session cache operation", err) pLogger.Error("error during session cache operation", err)
})) }))
} }
sessionCache := filesession.New(flags.sessionCachePath, sessionOptions...) sessionCache := filesession.New(flags.sessionCachePath, sessionOptions...)
@@ -186,7 +185,7 @@ func runOIDCLogin(cmd *cobra.Command, deps oidcLoginCommandDeps, flags oidcLogin
// Initialize the login handler. // Initialize the login handler.
opts := []oidcclient.Option{ opts := []oidcclient.Option{
deps.optionsFactory.WithContext(cmd.Context()), deps.optionsFactory.WithContext(cmd.Context()),
deps.optionsFactory.WithLoginLogger(plog.New()), deps.optionsFactory.WithLoginLogger(pLogger),
deps.optionsFactory.WithScopes(flags.scopes), deps.optionsFactory.WithScopes(flags.scopes),
deps.optionsFactory.WithSessionCache(sessionCache), deps.optionsFactory.WithSessionCache(sessionCache),
} }
@@ -339,8 +338,7 @@ func SetLogLevel(ctx context.Context, lookupEnv func(string) (string, bool)) (pl
return nil, err return nil, err
} }
} }
logger := plog.New().WithName("pinniped-login") return plog.New(), nil
return logger, nil
} }
/* /*

12
cmd/pinniped/cmd/login_oidc_test.go
View File

@@ -274,8 +274,8 @@ func TestLoginOIDCCommand(t *testing.T) {
wantOptionsCount: 4, wantOptionsCount: 4,
wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"expirationTimestamp":"3020-10-12T13:14:15Z","token":"test-id-token"}}` + "\n", wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"expirationTimestamp":"3020-10-12T13:14:15Z","token":"test-id-token"}}` + "\n",
wantLogs: []string{ wantLogs: []string{
nowStr + ` pinniped-login cmd/login_oidc.go:268 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`, nowStr + ` cmd/login_oidc.go:267 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`,
nowStr + ` pinniped-login cmd/login_oidc.go:288 No concierge configured, skipping token credential exchange`, nowStr + ` cmd/login_oidc.go:287 No concierge configured, skipping token credential exchange`,
}, },
}, },
{ {
@@ -319,10 +319,10 @@ func TestLoginOIDCCommand(t *testing.T) {
wantOptionsCount: 12, wantOptionsCount: 12,
wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"token":"exchanged-token"}}` + "\n", wantStdout: `{"kind":"ExecCredential","apiVersion":"client.authentication.k8s.io/v1beta1","spec":{"interactive":false},"status":{"token":"exchanged-token"}}` + "\n",
wantLogs: []string{ wantLogs: []string{
nowStr + ` pinniped-login cmd/login_oidc.go:268 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`, nowStr + ` cmd/login_oidc.go:267 Performing OIDC login {"issuer": "test-issuer", "client id": "test-client-id"}`,
nowStr + ` pinniped-login cmd/login_oidc.go:278 Exchanging token for cluster credential {"endpoint": "https://127.0.0.1:1234/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`, nowStr + ` cmd/login_oidc.go:277 Exchanging token for cluster credential {"endpoint": "https://127.0.0.1:1234/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`,
nowStr + ` pinniped-login cmd/login_oidc.go:286 Successfully exchanged token for cluster credential.`, nowStr + ` cmd/login_oidc.go:285 Successfully exchanged token for cluster credential.`,
nowStr + ` pinniped-login cmd/login_oidc.go:293 caching cluster credential for future use.`, nowStr + ` cmd/login_oidc.go:292 caching cluster credential for future use.`,
}, },
}, },
} }

2
cmd/pinniped/cmd/login_static_test.go
View File

@@ -147,7 +147,7 @@ func TestLoginStaticCommand(t *testing.T) {
Error: could not complete Concierge credential exchange: some concierge error Error: could not complete Concierge credential exchange: some concierge error
`), `),
wantLogs: []string{ wantLogs: []string{
nowStr + ` pinniped-login cmd/login_static.go:159 exchanging static token for cluster credential {"endpoint": "https://127.0.0.1/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`, nowStr + ` cmd/login_static.go:159 exchanging static token for cluster credential {"endpoint": "https://127.0.0.1/", "authenticator type": "webhook", "authenticator name": "test-authenticator"}`,
}, },
}, },
{ {

8
internal/plog/config_test.go
View File

@@ -55,7 +55,7 @@ func TestFormat(t *testing.T) {
"duration": "1h1m0s" "duration": "1h1m0s"
}`, wd, getLineNumberOfCaller()-11), scanner.Text()) }`, wd, getLineNumberOfCaller()-11), scanner.Text())
Logr().WithName("burrito").Error(errInvalidLogLevel, "wee", "a", "b") New().WithName("burrito").Error("wee", errInvalidLogLevel, "a", "b")
require.True(t, scanner.Scan()) require.True(t, scanner.Scan())
require.NoError(t, scanner.Err()) require.NoError(t, scanner.Err())
require.JSONEq(t, fmt.Sprintf(` require.JSONEq(t, fmt.Sprintf(`
@@ -69,7 +69,7 @@ func TestFormat(t *testing.T) {
"logger": "burrito" "logger": "burrito"
}`, wd, getLineNumberOfCaller()-12), scanner.Text()) }`, wd, getLineNumberOfCaller()-12), scanner.Text())
Logr().V(klogLevelWarning).Info("hey") // note that this fails to set the custom warning key because it is not via plog New().Info("hey")
require.True(t, scanner.Scan()) require.True(t, scanner.Scan())
require.NoError(t, scanner.Err()) require.NoError(t, scanner.Err())
require.JSONEq(t, fmt.Sprintf(` require.JSONEq(t, fmt.Sprintf(`
@@ -108,7 +108,7 @@ func TestFormat(t *testing.T) {
Trace("should not be logged", "for", "sure") Trace("should not be logged", "for", "sure")
require.Empty(t, buf.String()) require.Empty(t, buf.String())
Logr().V(klogLevelAll).Info("also should not be logged", "open", "close") New().All("also should not be logged", "open", "close")
require.Empty(t, buf.String()) require.Empty(t, buf.String())
ctx = AddZapOverridesToContext(ctx, t, &buf, nil, fakeClock, zap.AddStacktrace(LevelInfo)) ctx = AddZapOverridesToContext(ctx, t, &buf, nil, fakeClock, zap.AddStacktrace(LevelInfo))
@@ -151,7 +151,7 @@ testing.tRunner
require.Equal(t, fmt.Sprintf(nowStr+` plog/config_test.go:%d something happened {"error": "invalid log format, valid choices are the empty string or 'json'", "an": "item"}`, require.Equal(t, fmt.Sprintf(nowStr+` plog/config_test.go:%d something happened {"error": "invalid log format, valid choices are the empty string or 'json'", "an": "item"}`,
getLineNumberOfCaller()-4), scanner.Text()) getLineNumberOfCaller()-4), scanner.Text())
Logr().WithName("burrito").Error(errInvalidLogLevel, "wee", "a", "b", "slightly less than a year", 363*24*time.Hour, "slightly more than 2 years", 2*367*24*time.Hour) New().WithName("burrito").Error("wee", errInvalidLogLevel, "a", "b", "slightly less than a year", 363*24*time.Hour, "slightly more than 2 years", 2*367*24*time.Hour)
require.True(t, scanner.Scan()) require.True(t, scanner.Scan())
require.NoError(t, scanner.Err()) require.NoError(t, scanner.Err())
require.Equal(t, fmt.Sprintf(nowStr+` burrito plog/config_test.go:%d wee {"a": "b", "slightly less than a year": "363d", "slightly more than 2 years": "2y4d", "error": "invalid log level, valid choices are the empty string, info, debug, trace and all"}`, require.Equal(t, fmt.Sprintf(nowStr+` burrito plog/config_test.go:%d wee {"a": "b", "slightly less than a year": "363d", "slightly more than 2 years": "2y4d", "error": "invalid log level, valid choices are the empty string, info, debug, trace and all"}`,

8
internal/plog/global.go
View File

@@ -1,4 +1,4 @@
// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // Copyright 2020-2024 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: Apache-2.0
package plog package plog
@@ -54,12 +54,6 @@ func init() {
} }
} }
// Deprecated: Use New instead. This is meant for old code only.
// New provides a more ergonomic API and correctly responds to global log config change.
func Logr() logr.Logger {
return globalLogger
}
func Setup() func() { func Setup() func() {
logs.InitLogs() logs.InitLogs()
return func() { return func() {

2
internal/plog/plog.go
View File

@@ -190,7 +190,7 @@ func (p pLogger) withLogrMod(mod func(logr.Logger) logr.Logger) Logger {
} }
func (p pLogger) logr() logr.Logger { func (p pLogger) logr() logr.Logger {
l := Logr() // grab the current global logger and its current config l := globalLogger // grab the current global logger and its current config
for _, mod := range p.mods { for _, mod := range p.mods {
l = mod(l) // and then update it with all modifications l = mod(l) // and then update it with all modifications
} }

21
internal/plog/testing.go
View File

@@ -1,4 +1,4 @@
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved. // Copyright 2020-2024 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: Apache-2.0
package plog package plog
@@ -63,11 +63,19 @@ func TestLogger(t *testing.T, w io.Writer) Logger {
t.Helper() t.Helper()
return New().withLogrMod(func(l logr.Logger) logr.Logger { return New().withLogrMod(func(l logr.Logger) logr.Logger {
return l.WithSink(TestZapr(t, w).GetSink()) return l.WithSink(testZapr(t, w, "json").GetSink())
}) })
} }
func TestZapr(t *testing.T, w io.Writer) logr.Logger { func TestConsoleLogger(t *testing.T, w io.Writer) Logger {
t.Helper()
return New().withLogrMod(func(l logr.Logger) logr.Logger {
return l.WithSink(testZapr(t, w, "console").GetSink())
})
}
func testZapr(t *testing.T, w io.Writer, encoding string) logr.Logger {
t.Helper() t.Helper()
now, err := time.Parse(time.RFC3339Nano, "2099-08-08T13:57:36.123456789Z") now, err := time.Parse(time.RFC3339Nano, "2099-08-08T13:57:36.123456789Z")
@@ -86,7 +94,10 @@ func TestZapr(t *testing.T, w io.Writer) logr.Logger {
if idx := strings.LastIndexByte(trimmed, ':'); idx != -1 { if idx := strings.LastIndexByte(trimmed, ':'); idx != -1 {
trimmed = trimmed[:idx+1] + "<line>" trimmed = trimmed[:idx+1] + "<line>"
} }
enc.AppendString(trimmed + funcEncoder(caller)) if encoding != "console" {
trimmed += funcEncoder(caller)
}
enc.AppendString(trimmed)
} }
}, },
clocktesting.NewFakeClock(now), // have the clock be static during tests clocktesting.NewFakeClock(now), // have the clock be static during tests
@@ -94,7 +105,7 @@ func TestZapr(t *testing.T, w io.Writer) logr.Logger {
) )
// there is no buffering so we can ignore flush // there is no buffering so we can ignore flush
zl, _, err := newLogr(ctx, "json", 0) zl, _, err := newLogr(ctx, encoding, 0)
require.NoError(t, err) require.NoError(t, err)
return zl return zl

91
internal/registry/clientsecretrequest/rest_test.go
View File

@@ -4,10 +4,8 @@
package clientsecretrequest package clientsecretrequest
import ( import (
"bytes"
"context" "context"
"encoding/hex" "encoding/hex"
"encoding/json"
"errors" "errors"
"fmt" "fmt"
"io" "io"
@@ -15,6 +13,7 @@ import (
"strings" "strings"
"testing" "testing"
"github.com/go-logr/logr"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
corev1 "k8s.io/api/core/v1" corev1 "k8s.io/api/core/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors" apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -32,7 +31,6 @@ import (
supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1"
supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake"
"go.pinniped.dev/internal/oidcclientsecretstorage" "go.pinniped.dev/internal/oidcclientsecretstorage"
"go.pinniped.dev/internal/plog"
"go.pinniped.dev/internal/testutil" "go.pinniped.dev/internal/testutil"
) )
@@ -121,7 +119,7 @@ func TestCreate(t *testing.T) {
want runtime.Object want runtime.Object
wantErrStatus *metav1.Status wantErrStatus *metav1.Status
wantHashes *wantHashes wantHashes *wantHashes
wantLogLines []string wantLogStepSubstrings []string
}{ }{
{ {
name: "wrong type of request object provided", name: "wrong type of request object provided",
@@ -138,7 +136,7 @@ func TestCreate(t *testing.T) {
Reason: metav1.StatusReasonBadRequest, Reason: metav1.StatusReasonBadRequest,
Code: http.StatusBadRequest, Code: http.StatusBadRequest,
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:not an OIDCClientSecretRequest`, `failureType:request validation,msg:not an OIDCClientSecretRequest`,
`END`, `END`,
@@ -173,7 +171,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:dryRun not supported`, `failureType:request validation,msg:dryRun not supported`,
`END`, `END`,
@@ -196,7 +194,7 @@ func TestCreate(t *testing.T) {
Reason: metav1.StatusReasonBadRequest, Reason: metav1.StatusReasonBadRequest,
Code: http.StatusBadRequest, Code: http.StatusBadRequest,
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:namespace must be some-namespace on OIDCClientSecretRequest, was wrong-namespace`, `failureType:request validation,msg:namespace must be some-namespace on OIDCClientSecretRequest, was wrong-namespace`,
`END`, `END`,
@@ -227,7 +225,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:validation webhook,msg:Internal error occurred: some-error-here`, `failureType:validation webhook,msg:Internal error occurred: some-error-here`,
`END`, `END`,
@@ -255,7 +253,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:no namespace information found in request context`, `failureType:request validation,msg:no namespace information found in request context`,
`END`, `END`,
@@ -279,7 +277,7 @@ func TestCreate(t *testing.T) {
Reason: metav1.StatusReasonBadRequest, Reason: metav1.StatusReasonBadRequest,
Code: http.StatusBadRequest, Code: http.StatusBadRequest,
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:the namespace of the provided object does not match the namespace sent on the request`, `failureType:request validation,msg:the namespace of the provided object does not match the namespace sent on the request`,
`END`, `END`,
@@ -317,7 +315,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:[metadata.generateName: Invalid value: "foo": generateName is not supported, metadata.name: Required value: name or generateName is required]`, `failureType:request validation,msg:[metadata.generateName: Invalid value: "foo": generateName is not supported, metadata.name: Required value: name or generateName is required]`,
`END`, `END`,
@@ -351,7 +349,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:metadata.name: Invalid value: "client.oauth.pinniped.dev-": must not equal 'client.oauth.pinniped.dev-'`, `failureType:request validation,msg:metadata.name: Invalid value: "client.oauth.pinniped.dev-": must not equal 'client.oauth.pinniped.dev-'`,
`END`, `END`,
@@ -385,7 +383,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:metadata.name: Invalid value: "does-not-contain-the-prefix": must start with 'client.oauth.pinniped.dev-'`, `failureType:request validation,msg:metadata.name: Invalid value: "does-not-contain-the-prefix": must start with 'client.oauth.pinniped.dev-'`,
`END`, `END`,
@@ -419,7 +417,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:metadata.name: Invalid value: "client.oauth.pinniped.dev-contains/invalid/characters": may not contain '/'`, `failureType:request validation,msg:metadata.name: Invalid value: "client.oauth.pinniped.dev-contains/invalid/characters": may not contain '/'`,
`END`, `END`,
@@ -464,7 +462,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`failureType:request validation,msg:[metadata.generateName: Invalid value: "no-generate-allowed": generateName is not supported, metadata.name: Invalid value: "multiple/errors/aggregated": must start with 'client.oauth.pinniped.dev-', metadata.name: Invalid value: "multiple/errors/aggregated": may not contain '/']`, `failureType:request validation,msg:[metadata.generateName: Invalid value: "no-generate-allowed": generateName is not supported, metadata.name: Invalid value: "multiple/errors/aggregated": must start with 'client.oauth.pinniped.dev-', metadata.name: Invalid value: "multiple/errors/aggregated": may not contain '/']`,
`END`, `END`,
@@ -498,7 +496,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`failureType:oidcClientsClient.Get,msg:oidcclients.config.supervisor.pinniped.dev "client.oauth.pinniped.dev-oidc-client-does-not-exist-404" not found`, `failureType:oidcClientsClient.Get,msg:oidcclients.config.supervisor.pinniped.dev "client.oauth.pinniped.dev-oidc-client-does-not-exist-404" not found`,
@@ -531,7 +529,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`failureType:oidcClientsClient.Get,msg:unexpected error darn`, `failureType:oidcClientsClient.Get,msg:unexpected error darn`,
@@ -570,7 +568,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -610,7 +608,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -653,7 +651,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -706,7 +704,7 @@ func TestCreate(t *testing.T) {
fakeBcryptRandomBytes, fakeBcryptRandomBytes,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -775,7 +773,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 3, TotalClientSecrets: 3,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -841,7 +839,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 1, TotalClientSecrets: 1,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -907,7 +905,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 1, TotalClientSecrets: 1,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -969,7 +967,7 @@ func TestCreate(t *testing.T) {
Reason: metav1.StatusReasonBadRequest, Reason: metav1.StatusReasonBadRequest,
Code: http.StatusBadRequest, Code: http.StatusBadRequest,
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1036,7 +1034,7 @@ func TestCreate(t *testing.T) {
Reason: metav1.StatusReasonBadRequest, Reason: metav1.StatusReasonBadRequest,
Code: http.StatusBadRequest, Code: http.StatusBadRequest,
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1086,7 +1084,7 @@ func TestCreate(t *testing.T) {
Name: "client.oauth.pinniped.dev-some-client", Name: "client.oauth.pinniped.dev-some-client",
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1140,7 +1138,7 @@ func TestCreate(t *testing.T) {
Name: "client.oauth.pinniped.dev-some-client", Name: "client.oauth.pinniped.dev-some-client",
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1188,7 +1186,7 @@ func TestCreate(t *testing.T) {
}}, }},
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1235,7 +1233,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 0, TotalClientSecrets: 0,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1279,7 +1277,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 0, TotalClientSecrets: 0,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1343,7 +1341,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 2, TotalClientSecrets: 2,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1405,7 +1403,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 1, TotalClientSecrets: 1,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1474,7 +1472,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 1, TotalClientSecrets: 1,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1544,7 +1542,7 @@ func TestCreate(t *testing.T) {
TotalClientSecrets: 1, TotalClientSecrets: 1,
}, },
}, },
wantLogLines: []string{ wantLogStepSubstrings: []string{
`"create"`, `"create"`,
`"validateRequest"`, `"validateRequest"`,
`oidcClientsClient.Get`, `oidcClientsClient.Get`,
@@ -1559,9 +1557,8 @@ func TestCreate(t *testing.T) {
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
// t.Parallel() should not be used because we are mutating the global logger. // t.Parallel() should not be used because we are mutating the global logger.
var log bytes.Buffer logger := testutil.NewTranscriptLogger(t) //nolint:staticcheck // old test with lots of log statements
logger := plog.TestZapr(t, &log) klog.SetLogger(logr.New(logger))
klog.SetLogger(logger)
originalKLogLevel := testutil.GetGlobalKlogLevel() originalKLogLevel := testutil.GetGlobalKlogLevel()
// trace.Log() utility will only log at level 2 or above, so set that for this test. // trace.Log() utility will only log at level 2 or above, so set that for this test.
testutil.SetGlobalKlogLevel(t, 2) //nolint:staticcheck // old test of code using trace.Log() testutil.SetGlobalKlogLevel(t, 2) //nolint:staticcheck // old test of code using trace.Log()
@@ -1648,7 +1645,7 @@ func TestCreate(t *testing.T) {
require.Empty(t, secrets.Items) require.Empty(t, secrets.Items)
} }
requireLogLinesContain(t, log.String(), tt.wantLogLines) requireExactlyOneLogLineWithMultipleSteps(t, logger, tt.wantLogStepSubstrings)
}) })
} }
} }
@@ -1659,18 +1656,10 @@ func (r readerAlwaysErrors) Read(_ []byte) (n int, err error) {
return 0, errors.New("always errors") return 0, errors.New("always errors")
} }
func requireLogLinesContain(t *testing.T, fullLog string, wantLines []string) { func requireExactlyOneLogLineWithMultipleSteps(t *testing.T, logger *testutil.TranscriptLogger, wantLines []string) {
if len(wantLines) == 0 { transcript := logger.Transcript()
require.Empty(t, fullLog) require.Len(t, transcript, 1)
return lines := strings.Split(strings.TrimSpace(transcript[0].Message), "\n")
}
var jsonLog map[string]any
err := json.Unmarshal([]byte(fullLog), &jsonLog)
require.NoError(t, err)
require.Contains(t, jsonLog, "message")
message := jsonLog["message"]
require.IsType(t, "type of string", message)
lines := strings.Split(strings.TrimSpace(message.(string)), "\n")
require.Lenf(t, lines, len(wantLines), "actual log lines length should match expected length, actual lines:\n\n%s", strings.Join(lines, "\n")) require.Lenf(t, lines, len(wantLines), "actual log lines length should match expected length, actual lines:\n\n%s", strings.Join(lines, "\n"))
for i := range wantLines { for i := range wantLines {