From 9dbb4eabfc47acbd586549d28bc9f8867d07f2e8 Mon Sep 17 00:00:00 2001
From: Taahir Ahmed <taahm@google.com>
Date: Fri, 30 Aug 2024 07:47:15 +0000
Subject: [PATCH] Pod Certificates: Basic implementation

* Define feature gate
* Define and serve PodCertificateRequest
* Implement Kubelet projected volume source
* kube-controller-manager GCs PodCertificateRequests
* Add agnhost subcommand that implements a toy signer for testing

Change-Id: Id7ed030d449806410a4fa28aab0f2ce4e01d3b10

Kubernetes-commit: 4624cb9bb92186358e001be392e50e5d23b5cdd9
---
 pkg/registry/generic/testing/tester.go |  5 +++++
 pkg/registry/rest/resttest/resttest.go | 15 ++++++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/pkg/registry/generic/testing/tester.go b/pkg/registry/generic/testing/tester.go
index 78cc15bf1..dc2172ede 100644
--- a/pkg/registry/generic/testing/tester.go
+++ b/pkg/registry/generic/testing/tester.go
@@ -27,6 +27,7 @@ import (
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apiserver/pkg/authentication/user"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	"k8s.io/apiserver/pkg/registry/rest/resttest"
@@ -55,6 +56,10 @@ func (t *Tester) ClusterScope() *Tester {
 	return t
 }
 
+func (t *Tester) SetUserInfo(userInfo user.Info) {
+	t.tester.SetUserInfo(userInfo)
+}
+
 func (t *Tester) Namer(namer func(int) string) *Tester {
 	t.tester = t.tester.Namer(namer)
 	return t
diff --git a/pkg/registry/rest/resttest/resttest.go b/pkg/registry/rest/resttest/resttest.go
index f4f3519b5..000bb5249 100644
--- a/pkg/registry/rest/resttest/resttest.go
+++ b/pkg/registry/rest/resttest/resttest.go
@@ -37,6 +37,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
+	"k8s.io/apiserver/pkg/authentication/user"
 	genericapirequest "k8s.io/apiserver/pkg/endpoints/request"
 	"k8s.io/apiserver/pkg/registry/rest"
 )
@@ -52,6 +53,7 @@ type Tester struct {
 	generatesName       bool
 	returnDeletedObject bool
 	namer               func(int) string
+	userInfo            user.Info
 }
 
 func New(t *testing.T, storage rest.Storage) *Tester {
@@ -102,10 +104,21 @@ func (t *Tester) TestNamespace() string {
 	return "test"
 }
 
+// SetUserInfo sets the UserInfo that should be present in the context when the
+// storage operation is called.
+func (t *Tester) SetUserInfo(userInfo user.Info) {
+	t.userInfo = userInfo
+}
+
 // TestContext returns a namespaced context that will be used when making storage calls.
 // Namespace is determined by TestNamespace()
 func (t *Tester) TestContext() context.Context {
-	return genericapirequest.WithNamespace(genericapirequest.NewContext(), t.TestNamespace())
+	ctx := genericapirequest.NewContext()
+	ctx = genericapirequest.WithNamespace(ctx, t.TestNamespace())
+	if t.userInfo != nil {
+		ctx = genericapirequest.WithUser(ctx, t.userInfo)
+	}
+	return ctx
 }
 
 func (t *Tester) getObjectMetaOrFail(obj runtime.Object) metav1.Object {