mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-08 15:21:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/main' into callback-endpoint

Browse Source 
Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer
2020-12-02 16:09:08 -06:00
parent f40144e1a9 be8f11fe5a
commit c0f13ef4ac
6 changed files with 51 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
test/integration/cli_test.go
View File

@@ -25,6 +25,7 @@ import (
"gopkg.in/square/go-jose.v2"
clientauthenticationv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1"
"go.pinniped.dev/internal/testutil"
"go.pinniped.dev/pkg/oidcclient"
"go.pinniped.dev/pkg/oidcclient/filesession"
"go.pinniped.dev/test/library"
@@ -121,7 +122,7 @@ func TestCLILoginOIDC(t *testing.T) {
pinnipedExe := buildPinnipedCLI(t)
// Make a temp directory to hold the session cache for this test.
sessionCachePath := t.TempDir() + "/sessions.yaml"
sessionCachePath := testutil.TempDir(t) + "/sessions.yaml"
// Start the CLI running the "alpha login oidc [...]" command with stdout/stderr connected to pipes.
cmd := oidcLoginCommand(ctx, t, pinnipedExe, sessionCachePath)
@@ -319,7 +320,7 @@ func oidcLoginCommand(ctx context.Context, t *testing.T, pinnipedExe string, ses
// If there is a custom CA bundle, pass it via --ca-bundle and a temporary file.
if env.CLITestUpstream.CABundle != "" {
path := filepath.Join(t.TempDir(), "test-ca.pem")
path := filepath.Join(testutil.TempDir(t), "test-ca.pem")
require.NoError(t, ioutil.WriteFile(path, []byte(env.CLITestUpstream.CABundle), 0600))
cmd.Args = append(cmd.Args, "--ca-bundle", path)
}

5
test/integration/supervisor_discovery_test.go
View File

@@ -231,7 +231,8 @@ func TestSupervisorTLSTerminationWithDefaultCerts(t *testing.T) {
if len(hostAndPortSegments) > 1 {
port = hostAndPortSegments[1]
}
ips, err := net.DefaultResolver.LookupIP(ctx, "ip4", hostname)
ips, err := net.DefaultResolver.LookupIPAddr(ctx, hostname)
require.NoError(t, err)
ip := ips[0]
ipAsString := ip.String()
@@ -248,7 +249,7 @@ func TestSupervisorTLSTerminationWithDefaultCerts(t *testing.T) {
requireEndpointHasTLSErrorBecauseCertificatesAreNotReady(t, issuerUsingIPAddress)
// Create a Secret at the special name which represents the default TLS cert.
defaultCA := createTLSCertificateSecret(ctx, t, ns, "cert-hostname-doesnt-matter", []net.IP{ip}, defaultTLSCertSecretName(env), kubeClient)
defaultCA := createTLSCertificateSecret(ctx, t, ns, "cert-hostname-doesnt-matter", []net.IP{ip.IP}, defaultTLSCertSecretName(env), kubeClient)
// Now that the Secret exists, we should be able to access the endpoints by IP address using the CA.
_ = requireDiscoveryEndpointsAreWorking(t, scheme, ipWithPort, string(defaultCA.Bundle()), issuerUsingIPAddress, nil)