Skip to content

Commit

Permalink
Avoid overwriting entire KubeCredentials block (#397)
Browse files Browse the repository at this point in the history
* Avoid overwriting entire KubeCredentials block

* Add test for cached credentials (credit to @bigkevmcd)

* Add field name

* Reuse existing context
  • Loading branch information
idogada-akamai authored Nov 11, 2024
1 parent 3d831ec commit f5d2eaa
Show file tree
Hide file tree
Showing 2 changed files with 57 additions and 2 deletions.
3 changes: 2 additions & 1 deletion cmd/kubectl_token.go
Original file line number Diff line number Diff line change
Expand Up @@ -296,11 +296,12 @@ func cacheCredential(ctx *cli.Context, cred *config.ExecCredential, id string) e
return err
}

if sc.KubeCredentials[id] == nil {
if sc.KubeCredentials == nil {
sc.KubeCredentials = make(map[string]*config.ExecCredential)
}
sc.KubeCredentials[id] = cred
cf.Servers[server] = sc

return cf.Write()
}

Expand Down
56 changes: 55 additions & 1 deletion cmd/kubectl_token_test.go
Original file line number Diff line number Diff line change
@@ -1,17 +1,20 @@
package cmd

import (
"flag"
"fmt"
"net/http"
"net/http/httptest"
"testing"
"time"

"github.com/rancher/cli/config"
apiv3 "github.com/rancher/rancher/pkg/apis/management.cattle.io/v3"
"github.com/stretchr/testify/assert"
"github.com/urfave/cli"
)

func Test_getAuthProviders(t *testing.T) {

setupServer := func(response string) *httptest.Server {
return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprint(w, response)
Expand Down Expand Up @@ -114,3 +117,54 @@ var responseOK = `{
}
]
}`

func Test_cacheCredential(t *testing.T) {
tempDir := t.TempDir()

cred := &config.ExecCredential{Status: &config.ExecCredentialStatus{Token: "test-token"}}
flagSet := flag.NewFlagSet("test", 0)
flagSet.String("server", "rancher.example.com", "doc")
flagSet.String("config", tempDir, "doc")
cliCtx := cli.NewContext(nil, flagSet, nil)

err := cacheCredential(cliCtx, cred, "dev-server")
if err != nil {
t.Fatal(err)
}

cfg, err := loadConfig(cliCtx)
if err != nil {
t.Fatal(err)
}
expires := &config.Time{Time: time.Now().Add(time.Hour * 2)}
cfg.CurrentServer = "rancher.example.com"
cfg.Servers["rancher.example.com"].KubeCredentials["dev-server"].Status.ClientKeyData = "this-is-not-real"
cfg.Servers["rancher.example.com"].KubeCredentials["dev-server"].Status.ExpirationTimestamp = expires
if err := cfg.Write(); err != nil {
t.Fatal(err)
}

_, err = cfg.FocusedServer()
if err != nil {
t.Fatal(err)
}

cred = &config.ExecCredential{Status: &config.ExecCredentialStatus{Token: "new-token"}}
err = cacheCredential(cliCtx, cred, "local")
if err != nil {
t.Fatal(err)
}

cfg, err = loadConfig(cliCtx)
if err != nil {
t.Fatal(err)
}

if v := cfg.Servers["rancher.example.com"].KubeCredentials["dev-server"].Status.ClientKeyData; v != "this-is-not-real" {
t.Errorf("got ClientKeyData %q, want \"this-is-not-real\"", v)
}
if v := cfg.Servers["rancher.example.com"].KubeCredentials["dev-server"].Status.ExpirationTimestamp; !v.Time.Equal(expires.Time) {
t.Errorf("got ExpirationTimestamp %v, want %v", v, expires)
}

}

0 comments on commit f5d2eaa

Please sign in to comment.