Rename project

2026-01-07 05:57:02 +00:00 · 2020-08-20 10:54:15 -07:00
parent 43888e9e0a
commit 3929fa672e
121 changed files with 1641 additions and 1652 deletions
--- a/internal/registry/credentialrequest/rest.go
+++ b/internal/registry/credentialrequest/rest.go
@@ -21,7 +21,7 @@ import (
 	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/utils/trace"

-	placeholderapi "github.com/suzerain-io/placeholder-name/kubernetes/1.19/api/apis/placeholder"
+	pinnipedapi "github.com/suzerain-io/pinniped/kubernetes/1.19/api/apis/pinniped"
 )

 // clientCertificateTTL is the TTL for short-lived client certificates returned by this API.
@@ -51,7 +51,7 @@ type REST struct {
 }

 func (r *REST) New() runtime.Object {
-	return &placeholderapi.CredentialRequest{}
+	return &pinnipedapi.CredentialRequest{}
 }

 func (r *REST) NamespaceScoped() bool {
@@ -107,9 +107,9 @@ func (r *REST) Create(ctx context.Context, obj runtime.Object, createValidation

 	traceSuccess(t, authResponse.User, authenticated, true)

-	return &placeholderapi.CredentialRequest{
-		Status: placeholderapi.CredentialRequestStatus{
-			Credential: &placeholderapi.CredentialRequestCredential{
+	return &pinnipedapi.CredentialRequest{
+		Status: pinnipedapi.CredentialRequestStatus{
+			Credential: &pinnipedapi.CredentialRequestCredential{
 				ExpirationTimestamp:   metav1.NewTime(time.Now().UTC().Add(clientCertificateTTL)),
 				ClientCertificateData: string(certPEM),
 				ClientKeyData:         string(keyPEM),
@@ -118,8 +118,8 @@ func (r *REST) Create(ctx context.Context, obj runtime.Object, createValidation
 	}, nil
 }

-func validateRequest(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions, t *trace.Trace) (*placeholderapi.CredentialRequest, error) {
-	credentialRequest, ok := obj.(*placeholderapi.CredentialRequest)
+func validateRequest(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions, t *trace.Trace) (*pinnipedapi.CredentialRequest, error) {
+	credentialRequest, ok := obj.(*pinnipedapi.CredentialRequest)
 	if !ok {
 		traceValidationFailure(t, "not a CredentialRequest")
 		return nil, apierrors.NewBadRequest(fmt.Sprintf("not a CredentialRequest: %#v", obj))
@@ -128,20 +128,20 @@ func validateRequest(ctx context.Context, obj runtime.Object, createValidation r
 	if len(credentialRequest.Spec.Type) == 0 {
 		traceValidationFailure(t, "type must be supplied")
 		errs := field.ErrorList{field.Required(field.NewPath("spec", "type"), "type must be supplied")}
-		return nil, apierrors.NewInvalid(placeholderapi.Kind(credentialRequest.Kind), credentialRequest.Name, errs)
+		return nil, apierrors.NewInvalid(pinnipedapi.Kind(credentialRequest.Kind), credentialRequest.Name, errs)
 	}

-	if credentialRequest.Spec.Type != placeholderapi.TokenCredentialType {
+	if credentialRequest.Spec.Type != pinnipedapi.TokenCredentialType {
 		traceValidationFailure(t, "unrecognized type")
 		errs := field.ErrorList{field.Invalid(field.NewPath("spec", "type"), credentialRequest.Spec.Type, "unrecognized type")}
-		return nil, apierrors.NewInvalid(placeholderapi.Kind(credentialRequest.Kind), credentialRequest.Name, errs)
+		return nil, apierrors.NewInvalid(pinnipedapi.Kind(credentialRequest.Kind), credentialRequest.Name, errs)
 	}

 	token := credentialRequest.Spec.Token
 	if token == nil || len(token.Value) == 0 {
 		traceValidationFailure(t, "token must be supplied")
 		errs := field.ErrorList{field.Required(field.NewPath("spec", "token", "value"), "token must be supplied")}
-		return nil, apierrors.NewInvalid(placeholderapi.Kind(credentialRequest.Kind), credentialRequest.Name, errs)
+		return nil, apierrors.NewInvalid(pinnipedapi.Kind(credentialRequest.Kind), credentialRequest.Name, errs)
 	}

 	// just a sanity check, not sure how to honor a dry run on a virtual API
@@ -149,7 +149,7 @@ func validateRequest(ctx context.Context, obj runtime.Object, createValidation r
 		if len(options.DryRun) != 0 {
 			traceValidationFailure(t, "dryRun not supported")
 			errs := field.ErrorList{field.NotSupported(field.NewPath("dryRun"), options.DryRun, nil)}
-			return nil, apierrors.NewInvalid(placeholderapi.Kind(credentialRequest.Kind), credentialRequest.Name, errs)
+			return nil, apierrors.NewInvalid(pinnipedapi.Kind(credentialRequest.Kind), credentialRequest.Name, errs)
 		}
 	}

@@ -160,7 +160,7 @@ func validateRequest(ctx context.Context, obj runtime.Object, createValidation r
 	//   they already got the token.
 	if createValidation != nil {
 		requestForValidation := obj.DeepCopyObject()
-		credentialRequestCopy, _ := requestForValidation.(*placeholderapi.CredentialRequest)
+		credentialRequestCopy, _ := requestForValidation.(*pinnipedapi.CredentialRequest)
 		credentialRequestCopy.Spec.Token.Value = ""
 		if err := createValidation(ctx, requestForValidation); err != nil {
 			traceFailureWithError(t, "validation webhook", err)
@@ -171,7 +171,7 @@ func validateRequest(ctx context.Context, obj runtime.Object, createValidation r
 	return credentialRequest, nil
 }

-func traceSuccess(t *trace.Trace, user user.Info, webhookAuthenticated bool, placeholderNameAuthenticated bool) {
+func traceSuccess(t *trace.Trace, user user.Info, webhookAuthenticated bool, pinnipedAuthenticated bool) {
 	userID := "<none>"
 	if user != nil {
 		userID = user.GetUID()
@@ -179,7 +179,7 @@ func traceSuccess(t *trace.Trace, user user.Info, webhookAuthenticated bool, pla
 	t.Step("success",
 		trace.Field{Key: "userID", Value: userID},
 		trace.Field{Key: "idpAuthenticated", Value: webhookAuthenticated},
-		trace.Field{Key: "placeholderNameAuthenticated", Value: placeholderNameAuthenticated},
+		trace.Field{Key: "pinnipedAuthenticated", Value: pinnipedAuthenticated},
 	)
 }

@@ -197,10 +197,10 @@ func traceFailureWithError(t *trace.Trace, failureType string, err error) {
 	)
 }

-func failureResponse() *placeholderapi.CredentialRequest {
+func failureResponse() *pinnipedapi.CredentialRequest {
 	m := "authentication failed"
-	return &placeholderapi.CredentialRequest{
-		Status: placeholderapi.CredentialRequestStatus{
+	return &pinnipedapi.CredentialRequest{
+		Status: pinnipedapi.CredentialRequestStatus{
 			Credential: nil,
 			Message:    &m,
 		},
--- a/internal/registry/credentialrequest/rest_test.go
+++ b/internal/registry/credentialrequest/rest_test.go
@@ -25,9 +25,9 @@ import (
 	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/klog/v2"

-	"github.com/suzerain-io/placeholder-name/internal/mocks/mockcertissuer"
-	"github.com/suzerain-io/placeholder-name/internal/testutil"
-	placeholderapi "github.com/suzerain-io/placeholder-name/kubernetes/1.19/api/apis/placeholder"
+	"github.com/suzerain-io/pinniped/internal/mocks/mockcertissuer"
+	"github.com/suzerain-io/pinniped/internal/testutil"
+	pinnipedapi "github.com/suzerain-io/pinniped/kubernetes/1.19/api/apis/pinniped"
 )

 type contextKey struct{}
@@ -105,16 +105,16 @@ func TestCreate(t *testing.T) {
 			response, err := callCreate(context.Background(), storage, validCredentialRequestWithToken(requestToken))

 			r.NoError(err)
-			r.IsType(&placeholderapi.CredentialRequest{}, response)
+			r.IsType(&pinnipedapi.CredentialRequest{}, response)

-			expires := response.(*placeholderapi.CredentialRequest).Status.Credential.ExpirationTimestamp
+			expires := response.(*pinnipedapi.CredentialRequest).Status.Credential.ExpirationTimestamp
 			r.NotNil(expires)
 			r.InDelta(time.Now().Add(1*time.Hour).Unix(), expires.Unix(), 5)
-			response.(*placeholderapi.CredentialRequest).Status.Credential.ExpirationTimestamp = metav1.Time{}
+			response.(*pinnipedapi.CredentialRequest).Status.Credential.ExpirationTimestamp = metav1.Time{}

-			r.Equal(response, &placeholderapi.CredentialRequest{
-				Status: placeholderapi.CredentialRequestStatus{
-					Credential: &placeholderapi.CredentialRequestCredential{
+			r.Equal(response, &pinnipedapi.CredentialRequest{
+				Status: pinnipedapi.CredentialRequestStatus{
+					Credential: &pinnipedapi.CredentialRequestCredential{
 						ExpirationTimestamp:   metav1.Time{},
 						ClientCertificateData: "test-cert",
 						ClientKeyData:         "test-key",
@@ -164,7 +164,7 @@ func TestCreate(t *testing.T) {

 			requireSuccessfulResponseWithAuthenticationFailureMessage(t, err, response)
 			r.Equal(requestToken, webhook.calledWithToken)
-			requireOneLogStatement(r, logger, `"success" userID:test-user-uid,idpAuthenticated:false,placeholderNameAuthenticated:false`)
+			requireOneLogStatement(r, logger, `"success" userID:test-user-uid,idpAuthenticated:false,pinnipedAuthenticated:false`)
 		})

 		it("CreateSucceedsWithAnUnauthenticatedStatusWhenGivenATokenAndTheWebhookReturnsUnauthenticatedWithNilUser", func() {
@@ -179,7 +179,7 @@ func TestCreate(t *testing.T) {

 			requireSuccessfulResponseWithAuthenticationFailureMessage(t, err, response)
 			r.Equal(requestToken, webhook.calledWithToken)
-			requireOneLogStatement(r, logger, `"success" userID:<none>,idpAuthenticated:false,placeholderNameAuthenticated:false`)
+			requireOneLogStatement(r, logger, `"success" userID:<none>,idpAuthenticated:false,pinnipedAuthenticated:false`)
 		})

 		it("CreateSucceedsWithAnUnauthenticatedStatusWhenWebhookFails", func() {
@@ -204,7 +204,7 @@ func TestCreate(t *testing.T) {
 			response, err := callCreate(context.Background(), storage, validCredentialRequest())

 			requireSuccessfulResponseWithAuthenticationFailureMessage(t, err, response)
-			requireOneLogStatement(r, logger, `"success" userID:<none>,idpAuthenticated:true,placeholderNameAuthenticated:false`)
+			requireOneLogStatement(r, logger, `"success" userID:<none>,idpAuthenticated:true,pinnipedAuthenticated:false`)
 		})

 		it("CreateSucceedsWithAnUnauthenticatedStatusWhenWebhookReturnsAnEmptyUsername", func() {
@@ -220,7 +220,7 @@ func TestCreate(t *testing.T) {
 			response, err := callCreate(context.Background(), storage, validCredentialRequest())

 			requireSuccessfulResponseWithAuthenticationFailureMessage(t, err, response)
-			requireOneLogStatement(r, logger, `"success" userID:,idpAuthenticated:true,placeholderNameAuthenticated:false`)
+			requireOneLogStatement(r, logger, `"success" userID:,idpAuthenticated:true,pinnipedAuthenticated:false`)
 		})

 		it("CreateDoesNotPassAdditionalContextInfoToTheWebhook", func() {
@@ -250,49 +250,49 @@ func TestCreate(t *testing.T) {

 		it("CreateFailsWhenTokenIsNilInRequest", func() {
 			storage := NewREST(&FakeToken{}, nil)
-			response, err := callCreate(context.Background(), storage, credentialRequest(placeholderapi.CredentialRequestSpec{
-				Type:  placeholderapi.TokenCredentialType,
+			response, err := callCreate(context.Background(), storage, credentialRequest(pinnipedapi.CredentialRequestSpec{
+				Type:  pinnipedapi.TokenCredentialType,
 				Token: nil,
 			}))

 			requireAPIError(t, response, err, apierrors.IsInvalid,
-				`.placeholder.suzerain-io.github.io "request name" is invalid: spec.token.value: Required value: token must be supplied`)
+				`.pinniped.dev "request name" is invalid: spec.token.value: Required value: token must be supplied`)
 			requireOneLogStatement(r, logger, `"failure" failureType:request validation,msg:token must be supplied`)
 		})

 		it("CreateFailsWhenTypeInRequestIsMissing", func() {
 			storage := NewREST(&FakeToken{}, nil)
-			response, err := callCreate(context.Background(), storage, credentialRequest(placeholderapi.CredentialRequestSpec{
+			response, err := callCreate(context.Background(), storage, credentialRequest(pinnipedapi.CredentialRequestSpec{
 				Type:  "",
-				Token: &placeholderapi.CredentialRequestTokenCredential{Value: "a token"},
+				Token: &pinnipedapi.CredentialRequestTokenCredential{Value: "a token"},
 			}))

 			requireAPIError(t, response, err, apierrors.IsInvalid,
-				`.placeholder.suzerain-io.github.io "request name" is invalid: spec.type: Required value: type must be supplied`)
+				`.pinniped.dev "request name" is invalid: spec.type: Required value: type must be supplied`)
 			requireOneLogStatement(r, logger, `"failure" failureType:request validation,msg:type must be supplied`)
 		})

 		it("CreateFailsWhenTypeInRequestIsNotLegal", func() {
 			storage := NewREST(&FakeToken{}, nil)
-			response, err := callCreate(context.Background(), storage, credentialRequest(placeholderapi.CredentialRequestSpec{
+			response, err := callCreate(context.Background(), storage, credentialRequest(pinnipedapi.CredentialRequestSpec{
 				Type:  "this in an invalid type",
-				Token: &placeholderapi.CredentialRequestTokenCredential{Value: "a token"},
+				Token: &pinnipedapi.CredentialRequestTokenCredential{Value: "a token"},
 			}))

 			requireAPIError(t, response, err, apierrors.IsInvalid,
-				`.placeholder.suzerain-io.github.io "request name" is invalid: spec.type: Invalid value: "this in an invalid type": unrecognized type`)
+				`.pinniped.dev "request name" is invalid: spec.type: Invalid value: "this in an invalid type": unrecognized type`)
 			requireOneLogStatement(r, logger, `"failure" failureType:request validation,msg:unrecognized type`)
 		})

 		it("CreateFailsWhenTokenValueIsEmptyInRequest", func() {
 			storage := NewREST(&FakeToken{}, nil)
-			response, err := callCreate(context.Background(), storage, credentialRequest(placeholderapi.CredentialRequestSpec{
-				Type:  placeholderapi.TokenCredentialType,
-				Token: &placeholderapi.CredentialRequestTokenCredential{Value: ""},
+			response, err := callCreate(context.Background(), storage, credentialRequest(pinnipedapi.CredentialRequestSpec{
+				Type:  pinnipedapi.TokenCredentialType,
+				Token: &pinnipedapi.CredentialRequestTokenCredential{Value: ""},
 			}))

 			requireAPIError(t, response, err, apierrors.IsInvalid,
-				`.placeholder.suzerain-io.github.io "request name" is invalid: spec.token.value: Required value: token must be supplied`)
+				`.pinniped.dev "request name" is invalid: spec.token.value: Required value: token must be supplied`)
 			requireOneLogStatement(r, logger, `"failure" failureType:request validation,msg:token must be supplied`)
 		})

@@ -320,7 +320,7 @@ func TestCreate(t *testing.T) {
 				context.Background(),
 				validCredentialRequestWithToken(requestToken),
 				func(ctx context.Context, obj runtime.Object) error {
-					credentialRequest, _ := obj.(*placeholderapi.CredentialRequest)
+					credentialRequest, _ := obj.(*pinnipedapi.CredentialRequest)
 					credentialRequest.Spec.Token.Value = "foobaz"
 					return nil
 				},
@@ -342,7 +342,7 @@ func TestCreate(t *testing.T) {
 				context.Background(),
 				validCredentialRequest(),
 				func(ctx context.Context, obj runtime.Object) error {
-					credentialRequest, _ := obj.(*placeholderapi.CredentialRequest)
+					credentialRequest, _ := obj.(*pinnipedapi.CredentialRequest)
 					validationFunctionWasCalled = true
 					validationFunctionSawTokenValue = credentialRequest.Spec.Token.Value
 					return nil
@@ -364,7 +364,7 @@ func TestCreate(t *testing.T) {
 				})

 			requireAPIError(t, response, err, apierrors.IsInvalid,
-				`.placeholder.suzerain-io.github.io "request name" is invalid: dryRun: Unsupported value: []string{"some dry run flag"}`)
+				`.pinniped.dev "request name" is invalid: dryRun: Unsupported value: []string{"some dry run flag"}`)
 			requireOneLogStatement(r, logger, `"failure" failureType:request validation,msg:dryRun not supported`)
 		})

@@ -431,7 +431,7 @@ func requireOneLogStatement(r *require.Assertions, logger *testutil.TranscriptLo
 	r.Contains(transcript[0].Message, messageContains)
 }

-func callCreate(ctx context.Context, storage *REST, credentialRequest *placeholderapi.CredentialRequest) (runtime.Object, error) {
+func callCreate(ctx context.Context, storage *REST, credentialRequest *pinnipedapi.CredentialRequest) (runtime.Object, error) {
 	return storage.Create(
 		ctx,
 		credentialRequest,
@@ -441,19 +441,19 @@ func callCreate(ctx context.Context, storage *REST, credentialRequest *placehold
 		})
 }

-func validCredentialRequest() *placeholderapi.CredentialRequest {
+func validCredentialRequest() *pinnipedapi.CredentialRequest {
 	return validCredentialRequestWithToken("some token")
 }

-func validCredentialRequestWithToken(token string) *placeholderapi.CredentialRequest {
-	return credentialRequest(placeholderapi.CredentialRequestSpec{
-		Type:  placeholderapi.TokenCredentialType,
-		Token: &placeholderapi.CredentialRequestTokenCredential{Value: token},
+func validCredentialRequestWithToken(token string) *pinnipedapi.CredentialRequest {
+	return credentialRequest(pinnipedapi.CredentialRequestSpec{
+		Type:  pinnipedapi.TokenCredentialType,
+		Token: &pinnipedapi.CredentialRequestTokenCredential{Value: token},
 	})
 }

-func credentialRequest(spec placeholderapi.CredentialRequestSpec) *placeholderapi.CredentialRequest {
-	return &placeholderapi.CredentialRequest{
+func credentialRequest(spec pinnipedapi.CredentialRequestSpec) *pinnipedapi.CredentialRequest {
+	return &pinnipedapi.CredentialRequest{
 		TypeMeta: metav1.TypeMeta{},
 		ObjectMeta: metav1.ObjectMeta{
 			Name: "request name",
@@ -483,8 +483,8 @@ func requireAPIError(t *testing.T, response runtime.Object, err error, expectedE
 func requireSuccessfulResponseWithAuthenticationFailureMessage(t *testing.T, err error, response runtime.Object) {
 	t.Helper()
 	require.NoError(t, err)
-	require.Equal(t, response, &placeholderapi.CredentialRequest{
-		Status: placeholderapi.CredentialRequestStatus{
+	require.Equal(t, response, &pinnipedapi.CredentialRequest{
+		Status: pinnipedapi.CredentialRequestStatus{
 			Credential: nil,
 			Message:    stringPtr("authentication failed"),
 		},