KEP-3325: Promote SelfSubjectReview to GA

Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>

Kubernetes-commit: 40de26dcff80f29380a4ba90a93ce3ece7482b78

pkg/cmd/auth/whoami.go

@@ -32,6 +32,7 @@ import (
 	"k8s.io/cli-runtime/pkg/genericclioptions"
 	"k8s.io/cli-runtime/pkg/genericiooptions"
 	"k8s.io/cli-runtime/pkg/printers"
+	authenticationv1client "k8s.io/client-go/kubernetes/typed/authentication/v1"
 	authenticationv1alpha1client "k8s.io/client-go/kubernetes/typed/authentication/v1alpha1"
 	authenticationv1beta1client "k8s.io/client-go/kubernetes/typed/authentication/v1beta1"
 	cmdutil "k8s.io/kubectl/pkg/cmd/util"
@@ -85,6 +86,11 @@ func (flags *WhoAmIFlags) ToOptions(ctx context.Context, args []string) (*WhoAmI
 		return nil, err
 	}
 
+	w.authV1Client, err = authenticationv1client.NewForConfig(clientConfig)
+	if err != nil {
+		return nil, err
+	}
+
 	if !flags.PrintFlags.OutputFlagSpecified() {
 		w.resourcePrinterFunc = printTableSelfSubjectAccessReview
 	} else {
@@ -103,6 +109,7 @@ func (flags *WhoAmIFlags) ToOptions(ctx context.Context, args []string) (*WhoAmI
 type WhoAmIOptions struct {
 	authV1alpha1Client authenticationv1alpha1client.AuthenticationV1alpha1Interface
 	authV1beta1Client  authenticationv1beta1client.AuthenticationV1beta1Interface
+	authV1Client       authenticationv1client.AuthenticationV1Interface
 
 	ctx context.Context
 
@@ -166,14 +173,20 @@ func (o WhoAmIOptions) Run() error {
 		err error
 	)
 
-	res, err = o.authV1beta1Client.
+	res, err = o.authV1Client.
 		SelfSubjectReviews().
-		Create(context.TODO(), &authenticationv1beta1.SelfSubjectReview{}, metav1.CreateOptions{})
+		Create(context.TODO(), &authenticationv1.SelfSubjectReview{}, metav1.CreateOptions{})
 	if err != nil && errors.IsNotFound(err) {
-		// Fallback to Alpha API if Beta is not enabled
-		res, err = o.authV1alpha1Client.
+		// Fallback to Beta API if Beta is not enabled
+		res, err = o.authV1beta1Client.
 			SelfSubjectReviews().
-			Create(context.TODO(), &authenticationv1alpha1.SelfSubjectReview{}, metav1.CreateOptions{})
+			Create(context.TODO(), &authenticationv1beta1.SelfSubjectReview{}, metav1.CreateOptions{})
+		if err != nil && errors.IsNotFound(err) {
+			// Fallback to Alpha API if Beta is not enabled
+			res, err = o.authV1alpha1Client.
+				SelfSubjectReviews().
+				Create(context.TODO(), &authenticationv1alpha1.SelfSubjectReview{}, metav1.CreateOptions{})
+		}
 	}
 	if err != nil {
 		switch {
@@ -194,6 +207,8 @@ func getUserInfo(obj runtime.Object) (authenticationv1.UserInfo, error) {
 		return obj.(*authenticationv1alpha1.SelfSubjectReview).Status.UserInfo, nil
 	case *authenticationv1beta1.SelfSubjectReview:
 		return obj.(*authenticationv1beta1.SelfSubjectReview).Status.UserInfo, nil
+	case *authenticationv1.SelfSubjectReview:
+		return obj.(*authenticationv1.SelfSubjectReview).Status.UserInfo, nil
 	default:
 		return authenticationv1.UserInfo{}, fmt.Errorf("unexpected response type %T, expected SelfSubjectReview", obj)
 	}

pkg/cmd/auth/whoami_test.go

@@ -38,12 +38,13 @@ import (
 
 func TestWhoAmIRun(t *testing.T) {
 	tests := []struct {
-		name          string
-		o             *WhoAmIOptions
-		args          []string
-		serverErr     error
-		alphaDisabled bool
-		betaDisabled  bool
+		name           string
+		o              *WhoAmIOptions
+		args           []string
+		serverErr      error
+		alphaDisabled  bool
+		betaDisabled   bool
+		stableDisabled bool
 
 		expectedError       error
 		expectedBodyStrings []string
@@ -73,7 +74,7 @@ func TestWhoAmIRun(t *testing.T) {
 			expectedBodyStrings: []string{
 				`{
     "kind": "SelfSubjectReview",
-    "apiVersion": "authentication.k8s.io/v1beta1",
+    "apiVersion": "authentication.k8s.io/v1",
     "metadata": {
         "creationTimestamp": null
     },
@@ -119,12 +120,13 @@ func TestWhoAmIRun(t *testing.T) {
 			},
 		},
 		{
-			name: "JSON test no alpha",
+			name: "JSON test no alpha and stable",
 			o: &WhoAmIOptions{
 				resourcePrinterFunc: printers.NewTypeSetter(scheme.Scheme).ToPrinter(&printers.JSONPrinter{}).PrintObj,
 			},
-			args:          []string{},
-			alphaDisabled: true,
+			args:           []string{},
+			alphaDisabled:  true,
+			stableDisabled: true,
 			expectedBodyStrings: []string{
 				`{
     "kind": "SelfSubjectReview",
@@ -183,7 +185,7 @@ func TestWhoAmIRun(t *testing.T) {
 			expectedBodyStrings: []string{
 				`{
     "kind": "SelfSubjectReview",
-    "apiVersion": "authentication.k8s.io/v1alpha1",
+    "apiVersion": "authentication.k8s.io/v1",
     "metadata": {
         "creationTimestamp": null
     },
@@ -212,14 +214,15 @@ func TestWhoAmIRun(t *testing.T) {
 			},
 		},
 		{
-			name: "both API disabled",
+			name: "all API disabled",
 			o: &WhoAmIOptions{
 				resourcePrinterFunc: printTableSelfSubjectAccessReview,
 			},
-			args:          []string{},
-			betaDisabled:  true,
-			alphaDisabled: true,
-			expectedError: notEnabledErr,
+			args:           []string{},
+			betaDisabled:   true,
+			alphaDisabled:  true,
+			stableDisabled: true,
+			expectedError:  notEnabledErr,
 		},
 		{
 			name: "Forbidden error",
@@ -304,12 +307,23 @@ func TestWhoAmIRun(t *testing.T) {
 							},
 						}
 						return true, res, nil
+					case "authentication.k8s.io/v1":
+						if test.stableDisabled {
+							return true, nil, errors.NewNotFound(corev1.Resource("selfsubjectreviews"), "foo")
+						}
+						res := &authenticationv1.SelfSubjectReview{
+							Status: authenticationv1.SelfSubjectReviewStatus{
+								UserInfo: ui,
+							},
+						}
+						return true, res, nil
 					default:
 						return false, nil, fmt.Errorf("unknown API")
 					}
 				})
 			test.o.authV1beta1Client = fakeAuthClientSet.AuthenticationV1beta1()
 			test.o.authV1alpha1Client = fakeAuthClientSet.AuthenticationV1alpha1()
+			test.o.authV1Client = fakeAuthClientSet.AuthenticationV1()
 
 			err := test.o.Run()
 			switch {