From 44509d016ec37be02da34f6dce8512e750f8751e Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Mon, 22 Dec 2025 10:34:53 -0800 Subject: [PATCH] standardize import of "k8s.io/client-go/kubernetes/fake" --- .golangci.yaml | 2 ++ cmd/pinniped/cmd/kubeconfig_test.go | 6 ++-- .../admissionpluginconfig_test.go | 8 +++--- internal/clusterhost/clusterhost_test.go | 4 +-- .../apicerts/apiservice_updater_test.go | 6 ++-- .../controller/apicerts/certs_expirer_test.go | 12 ++++---- .../controller/apicerts/certs_manager_test.go | 10 +++---- .../apicerts/certs_observer_test.go | 6 ++-- .../jwtcachefiller/jwtcachefiller_test.go | 8 +++--- .../webhookcachefiller_test.go | 8 +++--- .../impersonator_config_test.go | 28 +++++++++---------- ...e_account_token_cleanup_controller_test.go | 12 ++++---- .../active_directory_upstream_watcher_test.go | 10 +++---- .../federation_domain_secrets_test.go | 28 +++++++++---------- .../generator/supervisor_secrets_test.go | 26 ++++++++--------- .../github_upstream_watcher_test.go | 16 +++++------ .../supervisorconfig/jwks_observer_test.go | 6 ++-- .../supervisorconfig/jwks_writer_test.go | 18 ++++++------ .../ldap_upstream_watcher_test.go | 10 +++---- .../oidc_client_watcher_test.go | 8 +++--- .../oidc_upstream_watcher_test.go | 8 +++--- .../tls_cert_observer_test.go | 6 ++-- .../garbage_collector_test.go | 10 +++---- .../tlsconfigutil/tls_config_util_test.go | 4 +-- .../controller/creating_test.go | 4 +-- internal/crud/crud_test.go | 4 +-- .../clientregistry/clientregistry_test.go | 8 +++--- .../endpoints/auth/auth_handler_test.go | 12 ++++---- .../callback/callback_handler_test.go | 16 +++++------ .../login/post_login_handler_test.go | 18 ++++++------ .../endpoints/token/token_handler_test.go | 22 +++++++-------- .../endpointsmanager/manager_test.go | 6 ++-- .../accesstoken/accesstoken_test.go | 6 ++-- .../authorizationcode_test.go | 8 +++--- .../openidconnect/openidconnect_test.go | 6 ++-- internal/fositestorage/pkce/pkce_test.go | 6 ++-- .../refreshtoken/refreshtoken_test.go | 6 ++-- .../localuserauthenticator_test.go | 6 ++-- .../oidcclientsecretstorage_test.go | 14 +++++----- .../session_storage_assertions.go | 6 ++-- internal/testutil/psession.go | 8 +++--- internal/tokenclient/tokenclient_test.go | 8 +++--- 42 files changed, 213 insertions(+), 211 deletions(-) diff --git a/.golangci.yaml b/.golangci.yaml index 13665b474..10cff8c61 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -90,6 +90,8 @@ linters: alias: supervisorclientsetscheme - pkg: go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake alias: supervisorfake + - pkg: k8s.io/client-go/kubernetes/fake + alias: kubefake - pkg: go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1 alias: idpv1alpha1 - pkg: go.pinniped.dev/generated/latest/client/concierge/informers/externalversions diff --git a/cmd/pinniped/cmd/kubeconfig_test.go b/cmd/pinniped/cmd/kubeconfig_test.go index 51c767258..5142d0d52 100644 --- a/cmd/pinniped/cmd/kubeconfig_test.go +++ b/cmd/pinniped/cmd/kubeconfig_test.go @@ -19,7 +19,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/kubernetes" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "k8s.io/client-go/tools/clientcmd" v1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" @@ -3860,10 +3860,10 @@ func TestGetKubeconfig(t *testing.T) { } //nolint:staticcheck // as of v0.35.0, this package does not offer a NewClientset() function fakeAggregatorClient := aggregatorfake.NewSimpleClientset(tt.apiServiceObjects...) - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() if tt.kubeObjects != nil { kubeObjects := tt.kubeObjects(string(testServerCA)) - fakeKubeClient = fake.NewClientset(kubeObjects...) + fakeKubeClient = kubefake.NewClientset(kubeObjects...) } //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakeConciergeClient := conciergefake.NewSimpleClientset() diff --git a/internal/admissionpluginconfig/admissionpluginconfig_test.go b/internal/admissionpluginconfig/admissionpluginconfig_test.go index 6dd2c57e1..4a4d14ce2 100644 --- a/internal/admissionpluginconfig/admissionpluginconfig_test.go +++ b/internal/admissionpluginconfig/admissionpluginconfig_test.go @@ -16,7 +16,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apiserver/pkg/server/options" "k8s.io/client-go/discovery" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" k8stesting "k8s.io/client-go/testing" ) @@ -235,7 +235,7 @@ func TestConfigureAdmissionPlugins(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := kubernetesfake.NewClientset() + kubeClient := kubefake.NewClientset() kubeClient.Resources = tt.availableAPIResources // Unfortunately, NewClientset() does not support using reactors to @@ -275,12 +275,12 @@ func TestConfigureAdmissionPlugins(t *testing.T) { } type fakeDiscoveryClient struct { - fakeClientSet *kubernetesfake.Clientset + fakeClientSet *kubefake.Clientset } var _ discovery.ServerResourcesInterface = &fakeDiscoveryClient{} -func newFakeDiscoveryClient(fakeClientSet *kubernetesfake.Clientset) *fakeDiscoveryClient { +func newFakeDiscoveryClient(fakeClientSet *kubefake.Clientset) *fakeDiscoveryClient { return &fakeDiscoveryClient{ fakeClientSet: fakeClientSet, } diff --git a/internal/clusterhost/clusterhost_test.go b/internal/clusterhost/clusterhost_test.go index 44f4af2e9..6eef2a63e 100644 --- a/internal/clusterhost/clusterhost_test.go +++ b/internal/clusterhost/clusterhost_test.go @@ -12,7 +12,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" ) @@ -143,7 +143,7 @@ func TestHasControlPlaneNodes(t *testing.T) { for _, tt := range tests { test := tt t.Run(test.name, func(t *testing.T) { - kubeClient := kubernetesfake.NewClientset() + kubeClient := kubefake.NewClientset() if test.listNodesErr != nil { listNodesErr := test.listNodesErr kubeClient.PrependReactor( diff --git a/internal/controller/apicerts/apiservice_updater_test.go b/internal/controller/apicerts/apiservice_updater_test.go index f367d39e3..603c50101 100644 --- a/internal/controller/apicerts/apiservice_updater_test.go +++ b/internal/controller/apicerts/apiservice_updater_test.go @@ -16,7 +16,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" aggregatorfake "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/fake" @@ -109,7 +109,7 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) { var subject controllerlib.Controller var aggregatorAPIClient *aggregatorfake.Clientset - var kubeInformerClient *kubernetesfake.Clientset + var kubeInformerClient *kubefake.Clientset var kubeInformers k8sinformers.SharedInformerFactory var cancelContext context.Context var cancelContextCancelFunc context.CancelFunc @@ -148,7 +148,7 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) //nolint:staticcheck // as of v0.35.0, this package does not offer a NewClientset() function aggregatorAPIClient = aggregatorfake.NewSimpleClientset() diff --git a/internal/controller/apicerts/certs_expirer_test.go b/internal/controller/apicerts/certs_expirer_test.go index b0af047d5..8fcb6e0b1 100644 --- a/internal/controller/apicerts/certs_expirer_test.go +++ b/internal/controller/apicerts/certs_expirer_test.go @@ -21,7 +21,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/controllerlib" @@ -90,7 +90,7 @@ func TestExpirerControllerFilters(t *testing.T) { t.Parallel() secretsInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() withInformer := testutil.NewObservableWithInformerOption() @@ -127,7 +127,7 @@ func TestExpirerControllerSync(t *testing.T) { name string renewBefore time.Duration fillSecretData func(*testing.T, map[string][]byte) - configKubeAPIClient func(*kubernetesfake.Clientset) + configKubeAPIClient func(*kubefake.Clientset) wantDelete bool wantLog string wantError string @@ -197,7 +197,7 @@ func TestExpirerControllerSync(t *testing.T) { m[fakeTestKey] = certPEM }, - configKubeAPIClient: func(c *kubernetesfake.Clientset) { + configKubeAPIClient: func(c *kubefake.Clientset) { c.PrependReactor("delete", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("delete failed: some delete error") }) @@ -224,7 +224,7 @@ func TestExpirerControllerSync(t *testing.T) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() - kubeAPIClient := kubernetesfake.NewClientset() + kubeAPIClient := kubefake.NewClientset() if test.configKubeAPIClient != nil { test.configKubeAPIClient(kubeAPIClient) } @@ -232,7 +232,7 @@ func TestExpirerControllerSync(t *testing.T) { testRV := "rv_001" testUID := types.UID("uid_002") - kubeInformerClient := kubernetesfake.NewClientset() + kubeInformerClient := kubefake.NewClientset() name := certsSecretResourceName namespace := "some-namespace" if test.fillSecretData != nil { diff --git a/internal/controller/apicerts/certs_manager_test.go b/internal/controller/apicerts/certs_manager_test.go index da718047c..e87f019ed 100644 --- a/internal/controller/apicerts/certs_manager_test.go +++ b/internal/controller/apicerts/certs_manager_test.go @@ -17,7 +17,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/controllerlib" @@ -123,8 +123,8 @@ func TestManagerControllerSync(t *testing.T) { var r *require.Assertions var subject controllerlib.Controller - var kubeAPIClient *kubernetesfake.Clientset - var kubeInformerClient *kubernetesfake.Clientset + var kubeAPIClient *kubefake.Clientset + var kubeInformerClient *kubefake.Clientset var kubeInformers k8sinformers.SharedInformerFactory var cancelContext context.Context var cancelContextCancelFunc context.CancelFunc @@ -170,9 +170,9 @@ func TestManagerControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) - kubeAPIClient = kubernetesfake.NewClientset() + kubeAPIClient = kubefake.NewClientset() }) it.After(func() { diff --git a/internal/controller/apicerts/certs_observer_test.go b/internal/controller/apicerts/certs_observer_test.go index 01b0823e7..f9a501892 100644 --- a/internal/controller/apicerts/certs_observer_test.go +++ b/internal/controller/apicerts/certs_observer_test.go @@ -15,7 +15,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" "go.pinniped.dev/internal/certauthority" "go.pinniped.dev/internal/controllerlib" @@ -105,7 +105,7 @@ func TestObserverControllerSync(t *testing.T) { var r *require.Assertions var subject controllerlib.Controller - var kubeInformerClient *kubernetesfake.Clientset + var kubeInformerClient *kubefake.Clientset var kubeInformers k8sinformers.SharedInformerFactory var cancelContext context.Context var cancelContextCancelFunc context.CancelFunc @@ -144,7 +144,7 @@ func TestObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) dynamicCertProvider = dynamiccert.NewServingCert(name) }) diff --git a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go index 9138af1da..af315f499 100644 --- a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go +++ b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go @@ -35,7 +35,7 @@ import ( "k8s.io/apiserver/pkg/authentication/authenticator" "k8s.io/apiserver/pkg/authentication/user" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -2993,7 +2993,7 @@ func TestController(t *testing.T) { tt.configClient(pinnipedAPIClient) } pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) - kubeInformers := k8sinformers.NewSharedInformerFactory(kubernetesfake.NewClientset(tt.secretsAndConfigMaps...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactory(kubefake.NewClientset(tt.secretsAndConfigMaps...), 0) cache := authncache.New() logger, log := plog.TestLogger(t) @@ -3536,7 +3536,7 @@ func TestControllerFilterSecret(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function @@ -3597,7 +3597,7 @@ func TestControllerFilterConfigMap(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function diff --git a/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go index ff79e3d4e..dfc15f1b7 100644 --- a/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go +++ b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller_test.go @@ -27,7 +27,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" "k8s.io/utils/ptr" @@ -2124,7 +2124,7 @@ func TestController(t *testing.T) { tt.configClient(pinnipedAPIClient) } pinnipedInformers := conciergeinformers.NewSharedInformerFactory(pinnipedAPIClient, 0) - kubeInformers := k8sinformers.NewSharedInformerFactory(kubernetesfake.NewClientset(tt.secretsAndConfigMaps...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactory(kubefake.NewClientset(tt.secretsAndConfigMaps...), 0) cache := authncache.New() logger, log := plog.TestLogger(t) @@ -2378,7 +2378,7 @@ func TestControllerFilterSecret(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function @@ -2442,7 +2442,7 @@ func TestControllerFilterConfigMap(t *testing.T) { nowDoesntMatter := time.Date(1122, time.September, 33, 4, 55, 56, 778899, time.Local) frozenClock := clocktesting.NewFakeClock(nowDoesntMatter) - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function diff --git a/internal/controller/impersonatorconfig/impersonator_config_test.go b/internal/controller/impersonatorconfig/impersonator_config_test.go index bf893f1ed..e7f108afc 100644 --- a/internal/controller/impersonatorconfig/impersonator_config_test.go +++ b/internal/controller/impersonatorconfig/impersonator_config_test.go @@ -31,7 +31,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/intstr" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -282,11 +282,11 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { var r *require.Assertions var subject controllerlib.Controller - var kubeAPIClient *kubernetesfake.Clientset + var kubeAPIClient *kubefake.Clientset var pinnipedAPIClient *conciergefake.Clientset var pinnipedInformerClient *conciergefake.Clientset var pinnipedInformers conciergeinformers.SharedInformerFactory - var kubeInformerClient *kubernetesfake.Clientset + var kubeInformerClient *kubefake.Clientset var kubeInformers k8sinformers.SharedInformerFactory var cancelContext context.Context var cancelContextCancelFunc context.CancelFunc @@ -807,19 +807,19 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { waitForObjectToAppearInInformer(service, informer) } - var addLoadBalancerServiceToTracker = func(resourceName string, client *kubernetesfake.Clientset) { + var addLoadBalancerServiceToTracker = func(resourceName string, client *kubefake.Clientset) { loadBalancerService := newLoadBalancerService(resourceName, corev1.ServiceStatus{}) r.NoError(client.Tracker().Add(loadBalancerService)) } - var addLoadBalancerServiceWithIngressToTracker = func(resourceName string, ingress []corev1.LoadBalancerIngress, client *kubernetesfake.Clientset) { + var addLoadBalancerServiceWithIngressToTracker = func(resourceName string, ingress []corev1.LoadBalancerIngress, client *kubefake.Clientset) { loadBalancerService := newLoadBalancerService(resourceName, corev1.ServiceStatus{ LoadBalancer: corev1.LoadBalancerStatus{Ingress: ingress}, }) r.NoError(client.Tracker().Add(loadBalancerService)) } - var addClusterIPServiceToTracker = func(resourceName string, clusterIP string, client *kubernetesfake.Clientset) { + var addClusterIPServiceToTracker = func(resourceName string, clusterIP string, client *kubefake.Clientset) { clusterIPService := newClusterIPService(resourceName, corev1.ServiceStatus{}, corev1.ServiceSpec{ Type: corev1.ServiceTypeClusterIP, ClusterIP: clusterIP, @@ -835,7 +835,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { r.NoError(client.Tracker().Add(clusterIPService)) } - var addDualStackClusterIPServiceToTracker = func(resourceName string, clusterIP0 string, clusterIP1 string, client *kubernetesfake.Clientset) { + var addDualStackClusterIPServiceToTracker = func(resourceName string, clusterIP0 string, clusterIP1 string, client *kubefake.Clientset) { clusterIPService := newClusterIPService(resourceName, corev1.ServiceStatus{}, corev1.ServiceSpec{ Type: corev1.ServiceTypeClusterIP, ClusterIP: clusterIP0, @@ -852,21 +852,21 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { r.NoError(client.Tracker().Add(clusterIPService)) } - var addSecretToTrackers = func(secret *corev1.Secret, clients ...*kubernetesfake.Clientset) { + var addSecretToTrackers = func(secret *corev1.Secret, clients ...*kubefake.Clientset) { for _, client := range clients { secretCopy := secret.DeepCopy() r.NoError(client.Tracker().Add(secretCopy)) } } - var addServiceToTrackers = func(service *corev1.Service, clients ...*kubernetesfake.Clientset) { + var addServiceToTrackers = func(service *corev1.Service, clients ...*kubefake.Clientset) { for _, client := range clients { serviceCopy := service.DeepCopy() r.NoError(client.Tracker().Add(serviceCopy)) } } - var deleteServiceFromTracker = func(resourceName string, client *kubernetesfake.Clientset) { + var deleteServiceFromTracker = func(resourceName string, client *kubefake.Clientset) { r.NoError(client.Tracker().Delete( schema.GroupVersionResource{Version: "v1", Resource: "services"}, installedInNamespace, @@ -874,7 +874,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { )) } - var deleteSecretFromTracker = func(resourceName string, client *kubernetesfake.Clientset) { + var deleteSecretFromTracker = func(resourceName string, client *kubefake.Clientset) { r.NoError(client.Tracker().Delete( schema.GroupVersionResource{Version: "v1", Resource: "secrets"}, installedInNamespace, @@ -882,7 +882,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { )) } - var addNodeWithRoleToTracker = func(role string, client *kubernetesfake.Clientset) { + var addNodeWithRoleToTracker = func(role string, client *kubefake.Clientset) { r.NoError(client.Tracker().Add( &corev1.Node{ ObjectMeta: metav1.ObjectMeta{ @@ -1132,11 +1132,11 @@ func TestImpersonatorConfigControllerSync(t *testing.T) { pinnipedInformerClient = conciergefake.NewSimpleClientset() pinnipedInformers = conciergeinformers.NewSharedInformerFactoryWithOptions(pinnipedInformerClient, 0) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactoryWithOptions(kubeInformerClient, 0, k8sinformers.WithNamespace(installedInNamespace), ) - kubeAPIClient = kubernetesfake.NewClientset() + kubeAPIClient = kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedAPIClient = conciergefake.NewSimpleClientset() frozenNow = time.Date(2021, time.March, 2, 7, 42, 0, 0, time.Local) diff --git a/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go b/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go index c02d8a310..ec3e4bc40 100644 --- a/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go +++ b/internal/controller/serviceaccounttokencleanup/legacy_service_account_token_cleanup_controller_test.go @@ -14,7 +14,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" kubeinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/controllerlib" @@ -77,7 +77,7 @@ func TestSync(t *testing.T) { name string secretNameToDelete string namespace string - addReactors func(*kubernetesfake.Clientset) + addReactors func(*kubefake.Clientset) expectedErrMessage string expectedActions []kubetesting.Action }{ @@ -106,7 +106,7 @@ func TestSync(t *testing.T) { name: "returns API errors", secretNameToDelete: "secret-to-delete", namespace: "other-namespace", - addReactors: func(clientset *kubernetesfake.Clientset) { + addReactors: func(clientset *kubefake.Clientset) { clientset.PrependReactor( "delete", "secrets", @@ -170,11 +170,11 @@ func TestSync(t *testing.T) { } } -func setupKubernetes(t *testing.T, namespace string) (*kubernetesfake.Clientset, kubeinformers.SharedInformerFactory) { +func setupKubernetes(t *testing.T, namespace string) (*kubefake.Clientset, kubeinformers.SharedInformerFactory) { t.Helper() - kubeAPIClient := kubernetesfake.NewClientset() - kubeInformerClient := kubernetesfake.NewClientset() + kubeAPIClient := kubefake.NewClientset() + kubeInformerClient := kubefake.NewClientset() kubeInformers := kubeinformers.NewSharedInformerFactory( kubeInformerClient, diff --git a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go index b9563202a..79fdff072 100644 --- a/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/activedirectoryupstreamwatcher/active_directory_upstream_watcher_test.go @@ -20,7 +20,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -99,7 +99,7 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterSecrets(t *testing.T) { fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -145,7 +145,7 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterConfigMaps(t *testing.T) fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -191,7 +191,7 @@ func TestActiveDirectoryUpstreamWatcherControllerFilterActiveDirectoryIdentityPr fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) activeDirectoryIDPInformer := pinnipedInformers.IDP().V1alpha1().ActiveDirectoryIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -2313,7 +2313,7 @@ func TestActiveDirectoryUpstreamWatcherControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset(tt.inputK8sObjects...) + fakeKubeClient := kubefake.NewClientset(tt.inputK8sObjects...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetActiveDirectoryIdentityProviders([]upstreamprovider.UpstreamLDAPIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go b/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go index 21777716f..48c695314 100644 --- a/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go +++ b/internal/controller/supervisorconfig/generator/federation_domain_secrets_test.go @@ -19,7 +19,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" @@ -180,7 +180,7 @@ func TestFederationDomainControllerFilterSecret(t *testing.T) { ) secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( @@ -243,7 +243,7 @@ func TestNewFederationDomainSecretsControllerFilterFederationDomain(t *testing.T ) secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( @@ -362,7 +362,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { tests := []struct { name string storage func(**supervisorconfigv1alpha1.FederationDomain, **corev1.Secret) - client func(*supervisorfake.Clientset, *kubernetesfake.Clientset) + client func(*supervisorfake.Clientset, *kubefake.Clientset) secretHelper func(*mocksecrethelper.MockSecretHelper) wantFederationDomainActions []kubetesting.Action wantSecretActions []kubetesting.Action @@ -408,7 +408,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(c *supervisorfake.Clientset, _ *kubernetesfake.Clientset) { + client: func(c *supervisorfake.Clientset, _ *kubefake.Clientset) { c.PrependReactor("get", "federationdomains", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, goodFederationDomainWithJWKS, nil }) @@ -431,7 +431,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(c *supervisorfake.Clientset, _ *kubernetesfake.Clientset) { + client: func(c *supervisorfake.Clientset, _ *kubefake.Clientset) { c.PrependReactor("get", "federationdomains", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, goodFederationDomainWithJWKSAndTokenSigningKey, nil }) @@ -495,7 +495,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) secretHelper.EXPECT().IsValid(goodFederationDomain, goodSecret).Times(1).Return(false) }, - client: func(_ *supervisorfake.Clientset, c *kubernetesfake.Clientset) { + client: func(_ *supervisorfake.Clientset, c *kubefake.Clientset) { c.PrependReactor("get", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some get error") }) @@ -513,7 +513,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper: func(secretHelper *mocksecrethelper.MockSecretHelper) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) }, - client: func(_ *supervisorfake.Clientset, c *kubernetesfake.Clientset) { + client: func(_ *supervisorfake.Clientset, c *kubefake.Clientset) { c.PrependReactor("create", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some create error") }) @@ -530,7 +530,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().Generate(goodFederationDomain).Times(1).Return(goodSecret, nil) secretHelper.EXPECT().IsValid(goodFederationDomain, goodSecret).Times(2).Return(false) }, - client: func(_ *supervisorfake.Clientset, c *kubernetesfake.Clientset) { + client: func(_ *supervisorfake.Clientset, c *kubefake.Clientset) { c.PrependReactor("update", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some update error") }) @@ -551,7 +551,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().IsValid(goodFederationDomain, invalidSecret).Times(3).Return(false) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(_ *supervisorfake.Clientset, c *kubernetesfake.Clientset) { + client: func(_ *supervisorfake.Clientset, c *kubefake.Clientset) { once := sync.Once{} c.PrependReactor("update", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { var err error @@ -580,7 +580,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().IsValid(goodFederationDomain, invalidSecret).Times(2).Return(false) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(c *supervisorfake.Clientset, _ *kubernetesfake.Clientset) { + client: func(c *supervisorfake.Clientset, _ *kubefake.Clientset) { c.PrependReactor("get", "federationdomains", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some get error") }) @@ -604,7 +604,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { secretHelper.EXPECT().IsValid(goodFederationDomain, invalidSecret).Times(2).Return(false) secretHelper.EXPECT().ObserveActiveSecretAndUpdateParentFederationDomain(goodFederationDomain, goodSecret).Times(1).Return(goodFederationDomainWithTokenSigningKey) }, - client: func(c *supervisorfake.Clientset, _ *kubernetesfake.Clientset) { + client: func(c *supervisorfake.Clientset, _ *kubefake.Clientset) { once := sync.Once{} c.PrependReactor("update", "federationdomains", func(_ kubetesting.Action) (bool, runtime.Object, error) { var err error @@ -636,8 +636,8 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient := supervisorfake.NewSimpleClientset() - kubeAPIClient := kubernetesfake.NewClientset() - kubeInformerClient := kubernetesfake.NewClientset() + kubeAPIClient := kubefake.NewClientset() + kubeInformerClient := kubefake.NewClientset() federationDomain := goodFederationDomain.DeepCopy() secret := goodSecret.DeepCopy() diff --git a/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go b/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go index df52d9200..5d305c0f4 100644 --- a/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go +++ b/internal/controller/supervisorconfig/generator/supervisor_secrets_test.go @@ -17,7 +17,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/controllerlib" @@ -104,7 +104,7 @@ func TestSupervisorSecretsControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() withInformer := testutil.NewObservableWithInformerOption() @@ -131,7 +131,7 @@ func TestSupervisorSecretsControllerFilterSecret(t *testing.T) { func TestSupervisorSecretsControllerInitialEvent(t *testing.T) { initialEventOption := testutil.NewObservableWithInitialEventOption() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() _ = NewSupervisorSecretsController( @@ -199,7 +199,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { name string storedSecret func(**corev1.Secret) generateKey func() ([]byte, error) - apiClient func(*testing.T, *kubernetesfake.Clientset) + apiClient func(*testing.T, *kubefake.Clientset) wantError string wantActions []kubetesting.Action wantCallbackSecret []byte @@ -256,7 +256,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { *secret = nil }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("create", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some create error") }) @@ -271,7 +271,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("update", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some update error") }) @@ -287,7 +287,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some get error") }) @@ -302,7 +302,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("update", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { var err error once.Do(func() { @@ -324,7 +324,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, otherGeneratedSecret, nil }) @@ -361,7 +361,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, apierrors.NewNotFound(secretsGVR.GroupResource(), generatedSecretName) }) @@ -380,7 +380,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { storedSecret: func(secret **corev1.Secret) { (*secret).Data["key"] = []byte("too short") // force updating }, - apiClient: func(t *testing.T, client *kubernetesfake.Clientset) { + apiClient: func(t *testing.T, client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action kubetesting.Action) (bool, runtime.Object, error) { return true, nil, apierrors.NewNotFound(secretsGVR.GroupResource(), generatedSecretName) }) @@ -420,11 +420,11 @@ func TestSupervisorSecretsControllerSync(t *testing.T) { } } - apiClient := kubernetesfake.NewClientset() + apiClient := kubefake.NewClientset() if test.apiClient != nil { test.apiClient(t, apiClient) } - informerClient := kubernetesfake.NewClientset() + informerClient := kubefake.NewClientset() storedSecret := generatedSecret.DeepCopy() if test.storedSecret != nil { diff --git a/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go b/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go index 46b25f755..228858c6a 100644 --- a/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/githubupstreamwatcher/github_upstream_watcher_test.go @@ -25,7 +25,7 @@ import ( "k8s.io/apimachinery/pkg/util/cache" utilnet "k8s.io/apimachinery/pkg/util/net" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "k8s.io/utils/clock" clocktesting "k8s.io/utils/clock/testing" @@ -2441,7 +2441,7 @@ func TestController(t *testing.T) { fakeSupervisorClient := supervisorfake.NewSimpleClientset(tt.githubIdentityProviders...) supervisorInformers := supervisorinformers.NewSharedInformerFactory(fakeSupervisorClient, 0) - fakeKubeClient := kubernetesfake.NewClientset(tt.secretsAndConfigMaps...) + fakeKubeClient := kubefake.NewClientset(tt.secretsAndConfigMaps...) kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(fakeKubeClient, 0) idpCache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() @@ -2840,7 +2840,7 @@ func TestController_OnlyWantActions(t *testing.T) { tt.addSupervisorReactors(fakeSupervisorClient) } - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(tt.secrets...), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(tt.secrets...), 0) logger, _ := plog.TestLogger(t) @@ -2960,7 +2960,7 @@ func TestGitHubUpstreamWatcherControllerFilterSecret(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0) + kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0) logger, _ := plog.TestLogger(t) @@ -3023,7 +3023,7 @@ func TestGitHubUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { logger, _ := plog.TestLogger(t) observableInformers := testutil.NewObservableWithInformerOption() - configMapInformer := k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().ConfigMaps() + configMapInformer := k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0).Core().V1().ConfigMaps() _ = New( namespace, @@ -3032,7 +3032,7 @@ func TestGitHubUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { supervisorfake.NewSimpleClientset(), //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorinformers.NewSharedInformerFactory(supervisorfake.NewSimpleClientset(), 0).IDP().V1alpha1().GitHubIdentityProviders(), - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().Secrets(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0).Core().V1().Secrets(), configMapInformer, logger, observableInformers.WithInformer, @@ -3090,8 +3090,8 @@ func TestGitHubUpstreamWatcherControllerFilterGitHubIDP(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorfake.NewSimpleClientset(), gitHubIdentityProviderInformer, - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().Secrets(), - k8sinformers.NewSharedInformerFactoryWithOptions(kubernetesfake.NewClientset(), 0).Core().V1().ConfigMaps(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0).Core().V1().Secrets(), + k8sinformers.NewSharedInformerFactoryWithOptions(kubefake.NewClientset(), 0).Core().V1().ConfigMaps(), logger, observableInformers.WithInformer, clock.RealClock{}, diff --git a/internal/controller/supervisorconfig/jwks_observer_test.go b/internal/controller/supervisorconfig/jwks_observer_test.go index 5730a0b34..a707bd731 100644 --- a/internal/controller/supervisorconfig/jwks_observer_test.go +++ b/internal/controller/supervisorconfig/jwks_observer_test.go @@ -15,7 +15,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -126,7 +126,7 @@ func TestJWKSObserverControllerSync(t *testing.T) { r *require.Assertions subject controllerlib.Controller pinnipedInformerClient *supervisorfake.Clientset - kubeInformerClient *kubernetesfake.Clientset + kubeInformerClient *kubefake.Clientset pinnipedInformers supervisorinformers.SharedInformerFactory kubeInformers k8sinformers.SharedInformerFactory cancelContext context.Context @@ -167,7 +167,7 @@ func TestJWKSObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient = supervisorfake.NewSimpleClientset() diff --git a/internal/controller/supervisorconfig/jwks_writer_test.go b/internal/controller/supervisorconfig/jwks_writer_test.go index e9a401ff8..09636b4d5 100644 --- a/internal/controller/supervisorconfig/jwks_writer_test.go +++ b/internal/controller/supervisorconfig/jwks_writer_test.go @@ -19,7 +19,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" @@ -171,7 +171,7 @@ func TestJWKSWriterControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( @@ -225,7 +225,7 @@ func TestJWKSWriterControllerFilterFederationDomain(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() federationDomainInformer := supervisorinformers.NewSharedInformerFactory( @@ -332,7 +332,7 @@ func TestJWKSWriterControllerSync(t *testing.T) { name string key controllerlib.Key secrets []*corev1.Secret - configKubeClient func(*kubernetesfake.Clientset) + configKubeClient func(*kubefake.Clientset) configPinnipedClient func(*supervisorfake.Clientset) federationDomains []*supervisorconfigv1alpha1.FederationDomain generateKeyErr error @@ -600,7 +600,7 @@ func TestJWKSWriterControllerSync(t *testing.T) { federationDomains: []*supervisorconfigv1alpha1.FederationDomain{ goodFederationDomain, }, - configKubeClient: func(client *kubernetesfake.Clientset) { + configKubeClient: func(client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some get error") }) @@ -613,7 +613,7 @@ func TestJWKSWriterControllerSync(t *testing.T) { federationDomains: []*supervisorconfigv1alpha1.FederationDomain{ goodFederationDomain, }, - configKubeClient: func(client *kubernetesfake.Clientset) { + configKubeClient: func(client *kubefake.Clientset) { client.PrependReactor("create", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some create error") }) @@ -629,7 +629,7 @@ func TestJWKSWriterControllerSync(t *testing.T) { secrets: []*corev1.Secret{ newSecret("", ""), }, - configKubeClient: func(client *kubernetesfake.Clientset) { + configKubeClient: func(client *kubefake.Clientset) { client.PrependReactor("update", "secrets", func(_ kubetesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some update error") }) @@ -675,8 +675,8 @@ func TestJWKSWriterControllerSync(t *testing.T) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() - kubeAPIClient := kubernetesfake.NewClientset() - kubeInformerClient := kubernetesfake.NewClientset() + kubeAPIClient := kubefake.NewClientset() + kubeInformerClient := kubefake.NewClientset() for _, secret := range test.secrets { require.NoError(t, kubeAPIClient.Tracker().Add(secret)) require.NoError(t, kubeInformerClient.Tracker().Add(secret)) diff --git a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go index 62bb5ec27..b17f499e7 100644 --- a/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/ldapupstreamwatcher/ldap_upstream_watcher_test.go @@ -19,7 +19,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -98,7 +98,7 @@ func TestLDAPUpstreamWatcherControllerFilterSecrets(t *testing.T) { fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -144,7 +144,7 @@ func TestLDAPUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -190,7 +190,7 @@ func TestLDAPUpstreamWatcherControllerFilterLDAPIdentityProviders(t *testing.T) fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) ldapIDPInformer := pinnipedInformers.IDP().V1alpha1().LDAPIdentityProviders() - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) secretInformer := kubeInformers.Core().V1().Secrets() configMapInformer := kubeInformers.Core().V1().ConfigMaps() @@ -1411,7 +1411,7 @@ func TestLDAPUpstreamWatcherControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset(tt.inputSecrets...) + fakeKubeClient := kubefake.NewClientset(tt.inputSecrets...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetLDAPIdentityProviders([]upstreamprovider.UpstreamLDAPIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go index 475491cb9..43a1a1b31 100644 --- a/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go +++ b/internal/controller/supervisorconfig/oidcclientwatcher/oidc_client_watcher_test.go @@ -14,7 +14,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -63,7 +63,7 @@ func TestOIDCClientWatcherControllerFilterSecret(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() oidcClientsInformer := supervisorinformers.NewSharedInformerFactory( @@ -133,7 +133,7 @@ func TestOIDCClientWatcherControllerFilterOIDCClient(t *testing.T) { t.Parallel() secretInformer := k8sinformers.NewSharedInformerFactory( - kubernetesfake.NewClientset(), + kubefake.NewClientset(), 0, ).Core().V1().Secrets() oidcClientsInformer := supervisorinformers.NewSharedInformerFactory( @@ -963,7 +963,7 @@ func TestOIDCClientWatcherControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClientForInformers := supervisorfake.NewSimpleClientset(tt.inputObjects...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClientForInformers, 0) - fakeKubeClient := kubernetesfake.NewClientset(tt.inputSecrets...) + fakeKubeClient := kubefake.NewClientset(tt.inputSecrets...) kubeInformers := k8sinformers.NewSharedInformerFactoryWithOptions(fakeKubeClient, 0) controller := NewOIDCClientWatcherController( diff --git a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go index 62a7f5eca..7cae9fead 100644 --- a/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go +++ b/internal/controller/supervisorconfig/oidcupstreamwatcher/oidc_upstream_watcher_test.go @@ -25,7 +25,7 @@ import ( "k8s.io/apimachinery/pkg/util/net" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -104,7 +104,7 @@ func TestOIDCUpstreamWatcherControllerFilterSecret(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ @@ -165,7 +165,7 @@ func TestOIDCUpstreamWatcherControllerFilterConfigMaps(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset() pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset() + fakeKubeClient := kubefake.NewClientset() kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ @@ -1765,7 +1765,7 @@ func TestOIDCUpstreamWatcherControllerSync(t *testing.T) { //nolint:staticcheck // our codegen does not yet generate a NewClientset() function fakePinnipedClient := supervisorfake.NewSimpleClientset(tt.inputUpstreams...) pinnipedInformers := supervisorinformers.NewSharedInformerFactory(fakePinnipedClient, 0) - fakeKubeClient := fake.NewClientset(tt.inputResources...) + fakeKubeClient := kubefake.NewClientset(tt.inputResources...) kubeInformers := informers.NewSharedInformerFactory(fakeKubeClient, 0) cache := dynamicupstreamprovider.NewDynamicUpstreamIDPProvider() cache.SetOIDCIdentityProviders([]upstreamprovider.UpstreamOIDCIdentityProviderI{ diff --git a/internal/controller/supervisorconfig/tls_cert_observer_test.go b/internal/controller/supervisorconfig/tls_cert_observer_test.go index 1ec1f8660..e8f7d1eb7 100644 --- a/internal/controller/supervisorconfig/tls_cert_observer_test.go +++ b/internal/controller/supervisorconfig/tls_cert_observer_test.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -132,7 +132,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) { r *require.Assertions subject controllerlib.Controller pinnipedInformerClient *supervisorfake.Clientset - kubeInformerClient *kubernetesfake.Clientset + kubeInformerClient *kubefake.Clientset pinnipedInformers supervisorinformers.SharedInformerFactory kubeInformers k8sinformers.SharedInformerFactory cancelContext context.Context @@ -180,7 +180,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) //nolint:staticcheck // our codegen does not yet generate a NewClientset() function pinnipedInformerClient = supervisorfake.NewSimpleClientset() diff --git a/internal/controller/supervisorstorage/garbage_collector_test.go b/internal/controller/supervisorstorage/garbage_collector_test.go index 1f80fc8eb..85c150cf9 100644 --- a/internal/controller/supervisorstorage/garbage_collector_test.go +++ b/internal/controller/supervisorstorage/garbage_collector_test.go @@ -20,7 +20,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" k8sinformers "k8s.io/client-go/informers" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" kubetesting "k8s.io/client-go/testing" "k8s.io/utils/clock" clocktesting "k8s.io/utils/clock/testing" @@ -131,8 +131,8 @@ func TestGarbageCollectorControllerSync(t *testing.T) { var ( r *require.Assertions subject controllerlib.Controller - kubeInformerClient *kubernetesfake.Clientset - kubeClient *kubernetesfake.Clientset + kubeInformerClient *kubefake.Clientset + kubeClient *kubefake.Clientset kubeInformers k8sinformers.SharedInformerFactory cancelContext context.Context cancelContextCancelFunc context.CancelFunc @@ -179,8 +179,8 @@ func TestGarbageCollectorControllerSync(t *testing.T) { cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background()) - kubeInformerClient = kubernetesfake.NewClientset() - kubeClient = kubernetesfake.NewClientset() + kubeInformerClient = kubefake.NewClientset() + kubeClient = kubefake.NewClientset() kubeInformers = k8sinformers.NewSharedInformerFactory(kubeInformerClient, 0) frozenNow = time.Now().UTC() fakeClock = clocktesting.NewFakeClock(frozenNow) diff --git a/internal/controller/tlsconfigutil/tls_config_util_test.go b/internal/controller/tlsconfigutil/tls_config_util_test.go index 34733855f..ad8a896ae 100644 --- a/internal/controller/tlsconfigutil/tls_config_util_test.go +++ b/internal/controller/tlsconfigutil/tls_config_util_test.go @@ -15,7 +15,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/informers" corev1informers "k8s.io/client-go/informers/core/v1" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" authenticationv1alpha1 "go.pinniped.dev/generated/latest/apis/concierge/authentication/v1alpha1" idpv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/idp/v1alpha1" @@ -474,7 +474,7 @@ func TestValidateTLSConfig(t *testing.T) { var secretsInformer corev1informers.SecretInformer var configMapInformer corev1informers.ConfigMapInformer - fakeClient := fake.NewClientset(tt.k8sObjects...) + fakeClient := kubefake.NewClientset(tt.k8sObjects...) sharedInformers := informers.NewSharedInformerFactory(fakeClient, 0) configMapInformer = sharedInformers.Core().V1().ConfigMaps() secretsInformer = sharedInformers.Core().V1().Secrets() diff --git a/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go b/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go index 4d5b48d35..bfcb45dc8 100644 --- a/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go +++ b/internal/controllerlib/test/integration/examplecontroller/controller/creating_test.go @@ -13,7 +13,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/client-go/informers" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "k8s.io/client-go/tools/events" @@ -93,7 +93,7 @@ func TestNewExampleCreatingController(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() for i := range tt.args.services { service := tt.args.services[i] err := kubeClient.Tracker().Add(service) diff --git a/internal/crud/crud_test.go b/internal/crud/crud_test.go index 6800b47bf..9dd396c30 100644 --- a/internal/crud/crud_test.go +++ b/internal/crud/crud_test.go @@ -20,7 +20,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" ) @@ -1292,7 +1292,7 @@ func TestStorage(t *testing.T) { t.Parallel() //nolint:staticcheck // using NewClientset() is possible here, but it will require updating test expectations - client := fake.NewSimpleClientset() + client := kubefake.NewSimpleClientset() if tt.mocks != nil { tt.mocks(t, client) } diff --git a/internal/federationdomain/clientregistry/clientregistry_test.go b/internal/federationdomain/clientregistry/clientregistry_test.go index 5606c98ee..98a908150 100644 --- a/internal/federationdomain/clientregistry/clientregistry_test.go +++ b/internal/federationdomain/clientregistry/clientregistry_test.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "k8s.io/utils/ptr" @@ -40,7 +40,7 @@ func TestClientManager(t *testing.T) { name string secrets []*corev1.Secret oidcClients []*supervisorconfigv1alpha1.OIDCClient - addKubeReactions func(client *fake.Clientset) + addKubeReactions func(client *kubefake.Clientset) addSupervisorReactions func(client *supervisorfake.Clientset) run func(t *testing.T, subject *ClientManager) }{ @@ -169,7 +169,7 @@ func TestClientManager(t *testing.T) { oidcClients: []*supervisorconfigv1alpha1.OIDCClient{ {ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: testName, Generation: 1234, UID: testUID}}, }, - addKubeReactions: func(client *fake.Clientset) { + addKubeReactions: func(client *kubefake.Clientset) { client.PrependReactor("get", "secrets", func(action coretesting.Action) (handled bool, ret runtime.Object, err error) { return true, nil, fmt.Errorf("some get Secrets error") }) @@ -256,7 +256,7 @@ func TestClientManager(t *testing.T) { t.Run(test.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() secrets := kubeClient.CoreV1().Secrets(testNamespace) //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() diff --git a/internal/federationdomain/endpoints/auth/auth_handler_test.go b/internal/federationdomain/endpoints/auth/auth_handler_test.go index da45bdea0..206176e11 100644 --- a/internal/federationdomain/endpoints/auth/auth_handler_test.go +++ b/internal/federationdomain/endpoints/auth/auth_handler_test.go @@ -24,7 +24,7 @@ import ( "golang.org/x/oauth2" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apiserver/pkg/authentication/user" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" v1 "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/utils/ptr" @@ -642,7 +642,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo return ©OfCustomSession } - addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", dynamicClientID, dynamicClientUID, downstreamRedirectURI, nil, []string{testutil.HashedPassword1AtGoMinCost}, oidcclientvalidator.Validate) @@ -664,7 +664,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo name string idps *testidplister.UpstreamIDPListerBuilder - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) generateCSRF func() (csrftoken.CSRFToken, error) generatePKCE func() (pkce.Code, error) generateNonce func() (nonce.Nonce, error) @@ -4098,7 +4098,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo subject http.Handler, kubeOauthStore *storage.KubeStorage, supervisorClient *supervisorfake.Clientset, - kubeClient *fake.Clientset, + kubeClient *kubefake.Clientset, secretsClient v1.SecretInterface, actualAuditLog *bytes.Buffer, ) { @@ -4232,7 +4232,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo for _, test := range tests { t.Run(test.name, func(t *testing.T) { - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") @@ -4269,7 +4269,7 @@ func TestAuthorizationEndpoint(t *testing.T) { //nolint:gocyclo // Double-check that we are re-using the happy path test case here as we intend. require.Equal(t, "OIDC upstream browser flow happy path using GET without a CSRF cookie", test.name) - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") diff --git a/internal/federationdomain/endpoints/callback/callback_handler_test.go b/internal/federationdomain/endpoints/callback/callback_handler_test.go index 04ff0d343..03d7bef1d 100644 --- a/internal/federationdomain/endpoints/callback/callback_handler_test.go +++ b/internal/federationdomain/endpoints/callback/callback_handler_test.go @@ -19,7 +19,7 @@ import ( "github.com/stretchr/testify/require" "golang.org/x/crypto/bcrypt" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -212,7 +212,7 @@ func TestCallbackEndpoint(t *testing.T) { // Note that fosite puts the granted scopes as a param in the redirect URI even though the spec doesn't seem to require it happyDownstreamRedirectLocationRegexp := downstreamRedirectURI + `\?code=([^&]+)&scope=openid\+username\+groups&state=` + happyDownstreamState - addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, downstreamRedirectURI, nil, []string{testutil.HashedPassword1AtGoMinCost}, oidcclientvalidator.Validate) @@ -227,7 +227,7 @@ func TestCallbackEndpoint(t *testing.T) { name string idps *testidplister.UpstreamIDPListerBuilder - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) method string path string body string @@ -1054,7 +1054,7 @@ func TestCallbackEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request username scope, and does not actually request username scope in authorize request, does not get username in ID token", idps: testidplister.NewUpstreamIDPListerBuilder().WithOIDC(happyOIDCUpstream().Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude username scope) @@ -1097,7 +1097,7 @@ func TestCallbackEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request groups scope, and does not actually request groups scope in authorize request, does not get groups in ID token", idps: testidplister.NewUpstreamIDPListerBuilder().WithOIDC(happyOIDCUpstream().Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -1566,7 +1566,7 @@ func TestCallbackEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request username scope in authorize request but requests it anyway", idps: testidplister.NewUpstreamIDPListerBuilder().WithOIDC(happyOIDCUpstream().Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude username scope) @@ -1595,7 +1595,7 @@ func TestCallbackEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request groups scope in authorize request but requests it anyway", idps: testidplister.NewUpstreamIDPListerBuilder().WithOIDC(happyOIDCUpstream().Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -2166,7 +2166,7 @@ func TestCallbackEndpoint(t *testing.T) { for _, test := range tests { t.Run(test.name, func(t *testing.T) { - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secrets := kubeClient.CoreV1().Secrets("some-namespace") diff --git a/internal/federationdomain/endpoints/login/post_login_handler_test.go b/internal/federationdomain/endpoints/login/post_login_handler_test.go index 6147f1569..2b2bc0e7b 100644 --- a/internal/federationdomain/endpoints/login/post_login_handler_test.go +++ b/internal/federationdomain/endpoints/login/post_login_handler_test.go @@ -15,7 +15,7 @@ import ( "github.com/stretchr/testify/require" "golang.org/x/crypto/bcrypt" "k8s.io/apiserver/pkg/authentication/user" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" @@ -280,7 +280,7 @@ func TestPostLoginEndpoint(t *testing.T) { return urlToReturn } - addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + addFullyCapableDynamicClientAndSecretToKubeResources := func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, downstreamRedirectURI, nil, []string{testutil.HashedPassword1AtGoMinCost}, oidcclientvalidator.Validate) @@ -298,7 +298,7 @@ func TestPostLoginEndpoint(t *testing.T) { tests := []struct { name string idps *testidplister.UpstreamIDPListerBuilder - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) decodedState *oidc.UpstreamStateParamData formParams url.Values reqURIQuery url.Values @@ -707,7 +707,7 @@ func TestPostLoginEndpoint(t *testing.T) { { name: "happy LDAP login when there are additional allowed downstream requested scopes with dynamic client, when dynamic client is not allowed to request username and does not request username", idps: testidplister.NewUpstreamIDPListerBuilder().WithLDAP(upstreamLDAPIdentityProvider), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude username scope) @@ -741,7 +741,7 @@ func TestPostLoginEndpoint(t *testing.T) { { name: "happy LDAP login when there are additional allowed downstream requested scopes with dynamic client, when dynamic client is not allowed to request groups and does not request groups", idps: testidplister.NewUpstreamIDPListerBuilder().WithLDAP(upstreamLDAPIdentityProvider), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -785,7 +785,7 @@ func TestPostLoginEndpoint(t *testing.T) { }, }), ).Build()), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -1225,7 +1225,7 @@ func TestPostLoginEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request username scope in authorize request but requests it anyway", idps: testidplister.NewUpstreamIDPListerBuilder().WithLDAP(upstreamLDAPIdentityProvider), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude username scope) @@ -1245,7 +1245,7 @@ func TestPostLoginEndpoint(t *testing.T) { { name: "using dynamic client which is not allowed to request groups scope in authorize request but requests it anyway", idps: testidplister.NewUpstreamIDPListerBuilder().WithLDAP(upstreamLDAPIdentityProvider), - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.OIDCClientAndStorageSecret(t, "some-namespace", downstreamDynamicClientID, downstreamDynamicClientUID, []supervisorconfigv1alpha1.GrantType{"authorization_code", "refresh_token"}, // token exchange not allowed (required to exclude groups scope) @@ -1296,7 +1296,7 @@ func TestPostLoginEndpoint(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") diff --git a/internal/federationdomain/endpoints/token/token_handler_test.go b/internal/federationdomain/endpoints/token/token_handler_test.go index 7ce6814a0..f722bc7a0 100644 --- a/internal/federationdomain/endpoints/token/token_handler_test.go +++ b/internal/federationdomain/endpoints/token/token_handler_test.go @@ -38,7 +38,7 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" "k8s.io/apiserver/pkg/warning" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" v1 "k8s.io/client-go/kubernetes/typed/core/v1" "k8s.io/utils/ptr" @@ -343,7 +343,7 @@ type authcodeExchangeInputs struct { want tokenEndpointResponseExpectedValues } -func addFullyCapableDynamicClientAndSecretToKubeResources(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { +func addFullyCapableDynamicClientAndSecretToKubeResources(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", dynamicClientID, @@ -357,8 +357,8 @@ func addFullyCapableDynamicClientAndSecretToKubeResources(t *testing.T, supervis require.NoError(t, kubeClient.Tracker().Add(secret)) } -func addFullyCapableDynamicClientWithCustomIDTokenLifetimeAndSecretToKubeResources(idTokenLifetime int32) func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { - return func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { +func addFullyCapableDynamicClientWithCustomIDTokenLifetimeAndSecretToKubeResources(idTokenLifetime int32) func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { + return func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { oidcClient, secret := testutil.FullyCapableOIDCClientAndStorageSecret(t, "some-namespace", dynamicClientID, @@ -390,7 +390,7 @@ func TestTokenEndpointAuthcodeExchange(t *testing.T) { tests := []struct { name string authcodeExchange authcodeExchangeInputs - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) }{ // happy path { @@ -1067,7 +1067,7 @@ func TestTokenEndpointWhenAuthcodeIsUsedTwice(t *testing.T) { tests := []struct { name string authcodeExchange authcodeExchangeInputs - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) }{ { name: "authcode exchange succeeds once and then fails when the same authcode is used again", @@ -1181,7 +1181,7 @@ func TestTokenEndpointTokenExchange(t *testing.T) { // tests for grant_type "urn modifyRequestHeaders func(r *http.Request) modifyStorage func(t *testing.T, storage *storage.KubeStorage, secrets v1.SecretInterface, pendingRequest *http.Request) requestedAudience string - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) wantStatus int wantErrorType string @@ -1404,7 +1404,7 @@ func TestTokenEndpointTokenExchange(t *testing.T) { // tests for grant_type "urn }, { name: "dynamic client lacks the required urn:ietf:params:oauth:grant-type:token-exchange grant type", - kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) { + kubeResources: func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) { namespace, clientID, clientUID, redirectURI := "some-namespace", dynamicClientID, dynamicClientUID, goodRedirectURI oidcClient := &supervisorconfigv1alpha1.OIDCClient{ ObjectMeta: metav1.ObjectMeta{Namespace: namespace, Name: clientID, Generation: 1, UID: types.UID(clientUID)}, @@ -2375,7 +2375,7 @@ func TestRefreshGrant(t *testing.T) { tests := []struct { name string idps *testidplister.UpstreamIDPListerBuilder - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset) + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset) authcodeExchange authcodeExchangeInputs refreshRequest refreshRequestInputs modifyRefreshTokenStorage func(t *testing.T, oauthStore *storage.KubeStorage, secrets v1.SecretInterface, refreshToken string) @@ -5200,7 +5200,7 @@ func exchangeAuthcodeForTokens( t *testing.T, test authcodeExchangeInputs, idps federationdomainproviders.FederationDomainIdentityProvidersListerFinderI, - kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *fake.Clientset), + kubeResources func(t *testing.T, supervisorClient *supervisorfake.Clientset, kubeClient *kubefake.Clientset), ) ( subject http.Handler, rsp *httptest.ResponseRecorder, @@ -5216,7 +5216,7 @@ func exchangeAuthcodeForTokens( test.modifyAuthRequest(authRequest) } - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() //nolint:staticcheck // our codegen does not yet generate a NewClientset() function supervisorClient := supervisorfake.NewSimpleClientset() secrets = kubeClient.CoreV1().Secrets("some-namespace") diff --git a/internal/federationdomain/endpointsmanager/manager_test.go b/internal/federationdomain/endpointsmanager/manager_test.go index cd990fa58..4f2d965c8 100644 --- a/internal/federationdomain/endpointsmanager/manager_test.go +++ b/internal/federationdomain/endpointsmanager/manager_test.go @@ -17,7 +17,7 @@ import ( "github.com/go-jose/go-jose/v4" "github.com/sclevine/spec" "github.com/stretchr/testify/require" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" supervisorfake "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned/fake" "go.pinniped.dev/internal/config/supervisor" @@ -43,7 +43,7 @@ func TestManager(t *testing.T) { fallbackHandlerWasCalled bool dynamicJWKSProvider jwks.DynamicJWKSProvider federationDomainIDPs []*federationdomainproviders.FederationDomainIdentityProvider - kubeClient *fake.Clientset + kubeClient *kubefake.Clientset ) const ( @@ -345,7 +345,7 @@ func TestManager(t *testing.T) { Build(), ).BuildDynamicUpstreamIDPProvider() - kubeClient = fake.NewClientset() + kubeClient = kubefake.NewClientset() secretsClient := kubeClient.CoreV1().Secrets("some-namespace") //nolint:staticcheck // our codegen does not yet generate a NewClientset() function oidcClientsClient := supervisorfake.NewSimpleClientset().ConfigV1alpha1().OIDCClients("some-namespace") diff --git a/internal/fositestorage/accesstoken/accesstoken_test.go b/internal/fositestorage/accesstoken/accesstoken_test.go index d0f64cf8b..2cbda7dd0 100644 --- a/internal/fositestorage/accesstoken/accesstoken_test.go +++ b/internal/fositestorage/accesstoken/accesstoken_test.go @@ -17,7 +17,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -293,8 +293,8 @@ func TestCreateWithoutRequesterID(t *testing.T) { require.Equal(t, request.ID, actualSecret.Labels["storage.pinniped.dev/request-id"]) } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, RevocationStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, RevocationStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/authorizationcode/authorizationcode_test.go b/internal/fositestorage/authorizationcode/authorizationcode_test.go index 41443b0a7..81df23a4e 100644 --- a/internal/fositestorage/authorizationcode/authorizationcode_test.go +++ b/internal/fositestorage/authorizationcode/authorizationcode_test.go @@ -29,7 +29,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" kubetesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -276,8 +276,8 @@ func TestCreateWithWrongRequesterDataTypes(t *testing.T) { require.EqualError(t, err, "requester's client must be of type clientregistry.Client") } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, fositeoauth2.AuthorizeCodeStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, fositeoauth2.AuthorizeCodeStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, @@ -387,7 +387,7 @@ func TestFuzzAndJSONNewValidEmptyAuthorizeCodeSession(t *testing.T) { const name = "fuzz" // value is irrelevant ctx := context.Background() - secrets := fake.NewClientset().CoreV1().Secrets(name) + secrets := kubefake.NewClientset().CoreV1().Secrets(name) storage := New(secrets, func() time.Time { return fakeNow }, func(requester fosite.Requester) time.Duration { return lifetime }) // issue a create using the fuzzed request to confirm that marshalling works diff --git a/internal/fositestorage/openidconnect/openidconnect_test.go b/internal/fositestorage/openidconnect/openidconnect_test.go index 2dbd2b91d..b4b3094b0 100644 --- a/internal/fositestorage/openidconnect/openidconnect_test.go +++ b/internal/fositestorage/openidconnect/openidconnect_test.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -216,8 +216,8 @@ func TestAuthcodeHasNoDot(t *testing.T) { require.EqualError(t, err, "malformed authorization code") } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, openid.OpenIDConnectRequestStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, openid.OpenIDConnectRequestStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/pkce/pkce_test.go b/internal/fositestorage/pkce/pkce_test.go index b5b845bd9..98ed1b1e1 100644 --- a/internal/fositestorage/pkce/pkce_test.go +++ b/internal/fositestorage/pkce/pkce_test.go @@ -16,7 +16,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -214,8 +214,8 @@ func TestCreateWithWrongRequesterDataTypes(t *testing.T) { require.EqualError(t, err, "requester's client must be of type clientregistry.Client") } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, pkce.PKCERequestStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, pkce.PKCERequestStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/fositestorage/refreshtoken/refreshtoken_test.go b/internal/fositestorage/refreshtoken/refreshtoken_test.go index 3fe1bd092..4bb7d087f 100644 --- a/internal/fositestorage/refreshtoken/refreshtoken_test.go +++ b/internal/fositestorage/refreshtoken/refreshtoken_test.go @@ -17,7 +17,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" clocktesting "k8s.io/utils/clock/testing" @@ -350,8 +350,8 @@ func TestCreateWithoutRequesterID(t *testing.T) { require.Equal(t, request.ID, actualSecret.Labels["storage.pinniped.dev/request-id"]) } -func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *fake.Clientset, corev1client.SecretInterface, RevocationStorage) { - client := fake.NewClientset() +func makeTestSubject(lifetimeFunc timeouts.StorageLifetime) (context.Context, *kubefake.Clientset, corev1client.SecretInterface, RevocationStorage) { + client := kubefake.NewClientset() secrets := client.CoreV1().Secrets(namespace) return context.Background(), client, diff --git a/internal/localuserauthenticator/localuserauthenticator_test.go b/internal/localuserauthenticator/localuserauthenticator_test.go index 01c0931a9..eb1e80ab6 100644 --- a/internal/localuserauthenticator/localuserauthenticator_test.go +++ b/internal/localuserauthenticator/localuserauthenticator_test.go @@ -27,7 +27,7 @@ import ( k8sinformers "k8s.io/client-go/informers" corev1informers "k8s.io/client-go/informers/core/v1" "k8s.io/client-go/kubernetes" - kubernetesfake "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" "go.pinniped.dev/internal/certauthority" "go.pinniped.dev/internal/dynamiccert" @@ -50,7 +50,7 @@ func TestWebhook(t *testing.T) { group0, group1 := "some-group-0", "some-group-1" groups := group0 + " , " + group1 - kubeClient := kubernetesfake.NewClientset() + kubeClient := kubefake.NewClientset() addSecretToFakeClientTracker(t, kubeClient, user, password, groups) addSecretToFakeClientTracker(t, kubeClient, otherUser, otherPassword, groups) addSecretToFakeClientTracker(t, kubeClient, colonUser, colonPassword, groups) @@ -550,7 +550,7 @@ func authenticatedResponseJSON(user string, groups []string) *authenticationv1be } } -func addSecretToFakeClientTracker(t *testing.T, kubeClient *kubernetesfake.Clientset, username, password, groups string) { +func addSecretToFakeClientTracker(t *testing.T, kubeClient *kubefake.Clientset, username, password, groups string) { passwordHash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.MinCost) require.NoError(t, err) diff --git a/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go b/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go index 8509426c8..a1b7cb300 100644 --- a/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go +++ b/internal/oidcclientsecretstorage/oidcclientsecretstorage_test.go @@ -14,7 +14,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" coretesting "k8s.io/client-go/testing" "go.pinniped.dev/internal/testutil" @@ -117,7 +117,7 @@ func TestGet(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() if tt.secret != nil { require.NoError(t, kubeClient.Tracker().Add(tt.secret)) } @@ -148,7 +148,7 @@ func TestSet(t *testing.T) { oidcClientUID types.UID hashes []string seedSecret *corev1.Secret - addReactors func(*fake.Clientset) + addReactors func(*kubefake.Clientset) wantErr string wantActions []coretesting.Action }{ @@ -236,7 +236,7 @@ func TestSet(t *testing.T) { oidcClientName: "some-client", oidcClientUID: types.UID("some-example-uid1"), hashes: []string{"foo", "bar"}, - addReactors: func(clientSet *fake.Clientset) { + addReactors: func(clientSet *kubefake.Clientset) { clientSet.PrependReactor("create", "secrets", func(action coretesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some create error") }) @@ -291,7 +291,7 @@ func TestSet(t *testing.T) { "pinniped-storage-version": []byte("1"), }, }, - addReactors: func(clientSet *fake.Clientset) { + addReactors: func(clientSet *kubefake.Clientset) { clientSet.PrependReactor("update", "secrets", func(action coretesting.Action) (bool, runtime.Object, error) { return true, nil, errors.New("some update error maybe a conflict or something else") }) @@ -326,7 +326,7 @@ func TestSet(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() if tt.seedSecret != nil { require.NoError(t, kubeClient.Tracker().Add(tt.seedSecret)) } @@ -390,7 +390,7 @@ func TestGetStorageSecret(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - kubeClient := fake.NewClientset() + kubeClient := kubefake.NewClientset() require.NoError(t, kubeClient.Tracker().Add(tt.secret)) subject := New(kubeClient.CoreV1().Secrets("some-namespace")) diff --git a/internal/testutil/oidctestutil/session_storage_assertions.go b/internal/testutil/oidctestutil/session_storage_assertions.go index 143aac071..cfa9952dd 100644 --- a/internal/testutil/oidctestutil/session_storage_assertions.go +++ b/internal/testutil/oidctestutil/session_storage_assertions.go @@ -1,4 +1,4 @@ -// Copyright 2020-2024 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package oidctestutil @@ -15,7 +15,7 @@ import ( "github.com/ory/fosite" "github.com/stretchr/testify/require" "k8s.io/apimachinery/pkg/labels" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" v1 "k8s.io/client-go/kubernetes/typed/core/v1" kubetesting "k8s.io/client-go/testing" @@ -32,7 +32,7 @@ func RequireAuthCodeRegexpMatch( t *testing.T, actualContent string, wantRegexp string, - kubeClient *fake.Clientset, + kubeClient *kubefake.Clientset, secretsClient v1.SecretInterface, oauthStore fositestoragei.AllFositeStorage, wantDownstreamGrantedScopes []string, diff --git a/internal/testutil/psession.go b/internal/testutil/psession.go index bd3d5ad2e..6bfa9a6ba 100644 --- a/internal/testutil/psession.go +++ b/internal/testutil/psession.go @@ -1,4 +1,4 @@ -// Copyright 2021-2023 the Pinniped contributors. All Rights Reserved. +// Copyright 2021-2025 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package testutil @@ -8,7 +8,7 @@ import ( "github.com/ory/fosite/handler/openid" corev1 "k8s.io/api/core/v1" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" testing2 "k8s.io/client-go/testing" "go.pinniped.dev/internal/psession" @@ -39,10 +39,10 @@ func NewFakePinnipedSession() *psession.PinnipedSession { } } -func LogActualJSONFromCreateAction(t *testing.T, client *fake.Clientset, actionIndex int) { +func LogActualJSONFromCreateAction(t *testing.T, client *kubefake.Clientset, actionIndex int) { t.Log("actual value of CreateAction secret data", string(client.Actions()[actionIndex].(testing2.CreateActionImpl).Object.(*corev1.Secret).Data["pinniped-storage-data"])) } -func LogActualJSONFromUpdateAction(t *testing.T, client *fake.Clientset, actionIndex int) { +func LogActualJSONFromUpdateAction(t *testing.T, client *kubefake.Clientset, actionIndex int) { t.Log("actual value of UpdateAction secret data", string(client.Actions()[actionIndex].(testing2.UpdateActionImpl).Object.(*corev1.Secret).Data["pinniped-storage-data"])) } diff --git a/internal/tokenclient/tokenclient_test.go b/internal/tokenclient/tokenclient_test.go index a4fcbbd28..1abaf63c5 100644 --- a/internal/tokenclient/tokenclient_test.go +++ b/internal/tokenclient/tokenclient_test.go @@ -14,7 +14,7 @@ import ( authenticationv1 "k8s.io/api/authentication/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - "k8s.io/client-go/kubernetes/fake" + kubefake "k8s.io/client-go/kubernetes/fake" corev1client "k8s.io/client-go/kubernetes/typed/core/v1" coretesting "k8s.io/client-go/testing" "k8s.io/utils/clock" @@ -30,7 +30,7 @@ const ( func TestNew(t *testing.T) { mockWhatToDoWithTokenFunc := *new(WhatToDoWithTokenFunc) - mockClient := fake.NewClientset().CoreV1().ServiceAccounts("") + mockClient := kubefake.NewClientset().CoreV1().ServiceAccounts("") mockTime := time.Now() mockClock := clocktesting.NewFakeClock(mockTime) logger, _ := plog.TestLogger(t) @@ -171,7 +171,7 @@ func TestFetchToken(t *testing.T) { require.NotEmpty(t, tt.serviceAccountName) - mockClient := fake.NewClientset() + mockClient := kubefake.NewClientset() tokenClient := New( tt.serviceAccountName, mockClient.CoreV1().ServiceAccounts("any-namespace-works"), @@ -322,7 +322,7 @@ func TestStart(t *testing.T) { t.Run(tt.name, func(t *testing.T) { t.Parallel() - mockClient := fake.NewClientset() + mockClient := kubefake.NewClientset() logger, _ := plog.TestLogger(t) var mutex sync.Mutex