Use a temporary directory for the APIServer's certs
While doing that we found that we needed to refactor the fakes to handle command line arguments which are not known up front; we do this by using regular expresseions.
This commit is contained in:
Gareth Smith
parent
63de385c65
commit
7df93be2ab
|
|
@ -5,6 +5,7 @@ import (
|
|||
"os/exec"
|
||||
"time"
|
||||
|
||||
"github.com/onsi/gomega"
|
||||
"github.com/onsi/gomega/gbytes"
|
||||
"github.com/onsi/gomega/gexec"
|
||||
)
|
||||
|
|
@ -12,18 +13,30 @@ import (
|
|||
// APIServer knows how to run a kubernetes apiserver. Set it up with the path to a precompiled binary.
|
||||
type APIServer struct {
|
||||
// The path to the apiserver binary
|
||||
Path string
|
||||
EtcdURL string
|
||||
session *gexec.Session
|
||||
stdOut *gbytes.Buffer
|
||||
stdErr *gbytes.Buffer
|
||||
Path string
|
||||
EtcdURL string
|
||||
session *gexec.Session
|
||||
stdOut *gbytes.Buffer
|
||||
stdErr *gbytes.Buffer
|
||||
certDirManager certDirManager
|
||||
}
|
||||
|
||||
type certDirManager interface {
|
||||
Create() (string, error)
|
||||
Destroy() error
|
||||
}
|
||||
|
||||
// Start starts the apiserver, and returns a gexec.Session. To stop it again, call Terminate and Wait on that session.
|
||||
func (s *APIServer) Start() error {
|
||||
s.certDirManager = NewTempDirManager()
|
||||
s.stdOut = gbytes.NewBuffer()
|
||||
s.stdErr = gbytes.NewBuffer()
|
||||
|
||||
certDir, err := s.certDirManager.Create()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
args := []string{
|
||||
"--authorization-mode=Node,RBAC",
|
||||
"--runtime-config=admissionregistration.k8s.io/v1alpha1",
|
||||
|
|
@ -35,13 +48,13 @@ func (s *APIServer) Start() error {
|
|||
"--insecure-port=8080",
|
||||
"--storage-backend=etcd3",
|
||||
fmt.Sprintf("--etcd-servers=%s", s.EtcdURL),
|
||||
fmt.Sprintf("--cert-dir=%s", certDir),
|
||||
}
|
||||
|
||||
detectedStart := s.stdErr.Detect("Serving insecurely on 127.0.0.1:8080")
|
||||
timedOut := time.After(20 * time.Second)
|
||||
|
||||
command := exec.Command(s.Path, args...)
|
||||
var err error
|
||||
s.session, err = gexec.Start(command, s.stdOut, s.stdErr)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -59,6 +72,8 @@ func (s *APIServer) Start() error {
|
|||
func (s *APIServer) Stop() {
|
||||
if s.session != nil {
|
||||
s.session.Terminate().Wait(20 * time.Second)
|
||||
err := s.certDirManager.Destroy()
|
||||
gomega.Expect(err).NotTo(gomega.HaveOccurred())
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -3,21 +3,24 @@ package main
|
|||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"regexp"
|
||||
"time"
|
||||
)
|
||||
|
||||
func main() {
|
||||
expectedArgs := []string{
|
||||
"--authorization-mode=Node,RBAC",
|
||||
"--runtime-config=admissionregistration.k8s.io/v1alpha1",
|
||||
"--v=3", "--vmodule=",
|
||||
"--admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,SecurityContextDeny,DefaultStorageClass,DefaultTolerationSeconds,GenericAdmissionWebhook,ResourceQuota",
|
||||
"--admission-control-config-file=",
|
||||
"--bind-address=0.0.0.0",
|
||||
"--insecure-bind-address=127.0.0.1",
|
||||
"--insecure-port=8080",
|
||||
"--storage-backend=etcd3",
|
||||
"--etcd-servers=the etcd url",
|
||||
expectedArgs := []*regexp.Regexp{
|
||||
regexp.MustCompile("^--authorization-mode=Node,RBAC$"),
|
||||
regexp.MustCompile("^--runtime-config=admissionregistration.k8s.io/v1alpha1$"),
|
||||
regexp.MustCompile("^--v=3$"),
|
||||
regexp.MustCompile("^--vmodule=$"),
|
||||
regexp.MustCompile("^--admission-control=Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,SecurityContextDeny,DefaultStorageClass,DefaultTolerationSeconds,GenericAdmissionWebhook,ResourceQuota$"),
|
||||
regexp.MustCompile("^--admission-control-config-file=$"),
|
||||
regexp.MustCompile("^--bind-address=0.0.0.0$"),
|
||||
regexp.MustCompile("^--insecure-bind-address=127.0.0.1$"),
|
||||
regexp.MustCompile("^--insecure-port=8080$"),
|
||||
regexp.MustCompile("^--storage-backend=etcd3$"),
|
||||
regexp.MustCompile("^--etcd-servers=the etcd url$"),
|
||||
regexp.MustCompile("^--cert-dir=.*"),
|
||||
}
|
||||
numExpectedArgs := len(expectedArgs)
|
||||
numGivenArgs := len(os.Args) - 1
|
||||
|
|
@ -27,10 +30,10 @@ func main() {
|
|||
os.Exit(2)
|
||||
}
|
||||
|
||||
for i, arg := range expectedArgs {
|
||||
for i, argRegexp := range expectedArgs {
|
||||
givenArg := os.Args[i+1]
|
||||
if arg != givenArg {
|
||||
fmt.Printf("Expected arg %s, got arg %s\n", arg, givenArg)
|
||||
if !argRegexp.MatchString(givenArg) {
|
||||
fmt.Printf("Expected arg '%s' to match '%s'\n", givenArg, argRegexp.String())
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,17 +3,19 @@ package main
|
|||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"regexp"
|
||||
"time"
|
||||
)
|
||||
|
||||
func main() {
|
||||
expectedArgs := []string{
|
||||
"--debug",
|
||||
"--advertise-client-urls",
|
||||
"our etcd url",
|
||||
"--listen-client-urls",
|
||||
"our etcd url",
|
||||
"--data-dir",
|
||||
expectedArgs := []*regexp.Regexp{
|
||||
regexp.MustCompile("^--debug$"),
|
||||
regexp.MustCompile("^--advertise-client-urls$"),
|
||||
regexp.MustCompile("^our etcd url$"),
|
||||
regexp.MustCompile("^--listen-client-urls$"),
|
||||
regexp.MustCompile("^our etcd url$"),
|
||||
regexp.MustCompile("^--data-dir$"),
|
||||
regexp.MustCompile("^.+"),
|
||||
}
|
||||
numExpectedArgs := len(expectedArgs)
|
||||
numGivenArgs := len(os.Args) - 1
|
||||
|
|
@ -23,10 +25,10 @@ func main() {
|
|||
os.Exit(2)
|
||||
}
|
||||
|
||||
for i, arg := range expectedArgs {
|
||||
for i, argRegexp := range expectedArgs {
|
||||
givenArg := os.Args[i+1]
|
||||
if arg != givenArg {
|
||||
fmt.Printf("Expected arg %s, got arg %s\n", arg, givenArg)
|
||||
if !argRegexp.MatchString(givenArg) {
|
||||
fmt.Printf("Expected arg '%s' to match '%s'\n", givenArg, argRegexp.String())
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue