Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bug: fix mocks and add KubeConfig #55

Closed
wants to merge 5 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion client/aad.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

package client

//go:generate ../../bin/mockgen -copyright_file=../../hack/copyright_header.txt -destination=./mocks/mock_aad.go -package=mocks github.com/Azure/aks-secure-tls-bootstrap/client AadClient
//go:generate ../bin/mockgen -copyright_file=../hack/copyright_header.txt -destination=pkg/mocks/mock_aad.go -package=mocks github.com/Azure/aks-secure-tls-bootstrap/client AadClient

import (
"context"
Expand Down
13 changes: 13 additions & 0 deletions client/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,31 +30,44 @@ type tlsBootstrapClientImpl struct {

imdsClient ImdsClient
aadClient AadClient
kubeClient KubeClient
azureConfig *datamodel.AzureConfig

customClientID string
nextProto string
resource string
kubeConfigPath string
}

func NewTLSBootstrapClient(logger *zap.Logger, opts SecureTLSBootstrapClientOpts) TLSBootstrapClient {
reader := newOSFileReader()
imdsClient := NewImdsClient(logger)
aadClient := NewAadClient(reader, logger)
kubeClient := NewKubeClient(logger)

return &tlsBootstrapClientImpl{
reader: reader,
logger: logger,
serviceClientFactory: secureTLSBootstrapServiceClientFactory,
imdsClient: imdsClient,
aadClient: aadClient,
kubeClient: kubeClient,
customClientID: opts.CustomClientID,
nextProto: opts.NextProto,
resource: opts.AADResource,
kubeConfigPath: opts.KubeconfigPath,
}
}

func (c *tlsBootstrapClientImpl) GetBootstrapToken(ctx context.Context) (string, error) {
isValid, err := c.kubeClient.IsKubeConfigStillValid(c.kubeConfigPath)
if err != nil {
return "", err
}
if isValid {
return "", nil
}

c.logger.Debug("loading exec credential...")
execCredential, err := loadExecCredential()
if err != nil {
Expand Down
14 changes: 14 additions & 0 deletions client/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,7 @@ var _ = Describe("TLS Bootstrap client tests", func() {
mockCtrl *gomock.Controller
imdsClient *mocks.MockImdsClient
aadClient *mocks.MockAadClient
kubeClient *mocks.MockKubeClient
serviceClient *mocks_secureTLSBootstrapService.MockSecureTLSBootstrapServiceClient
tlsBootstrapClient *tlsBootstrapClientImpl
mockReader *mocks.MockfileReader
Expand All @@ -175,12 +176,14 @@ var _ = Describe("TLS Bootstrap client tests", func() {
imdsClient = mocks.NewMockImdsClient(mockCtrl)
aadClient = mocks.NewMockAadClient(mockCtrl)
mockReader = mocks.NewMockfileReader(mockCtrl)
kubeClient = mocks.NewMockKubeClient(mockCtrl)
serviceClient = mocks_secureTLSBootstrapService.NewMockSecureTLSBootstrapServiceClient(mockCtrl)

tlsBootstrapClient = &tlsBootstrapClientImpl{
logger: testLogger,
imdsClient: imdsClient,
aadClient: aadClient,
kubeClient: kubeClient,
reader: mockReader,
}
tlsBootstrapClient.serviceClientFactory = func(
Expand All @@ -201,6 +204,8 @@ var _ = Describe("TLS Bootstrap client tests", func() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()

kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)

token, err := tlsBootstrapClient.GetBootstrapToken(ctx)
Expect(token).To(BeEmpty())
Expect(err).ToNot(BeNil())
Expand All @@ -213,6 +218,8 @@ var _ = Describe("TLS Bootstrap client tests", func() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
setDefaultMockExecCredential()

kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)
mockReader.EXPECT().ReadFile(gomock.Any()).
Return([]byte(emptyJSON), nil).
Times(1)
Expand All @@ -229,6 +236,7 @@ var _ = Describe("TLS Bootstrap client tests", func() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
setDefaultMockExecCredential()
kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)
mockReader.EXPECT().ReadFile(gomock.Any()).
Return(defaultMockAzureConfigBytes, nil).
Times(1)
Expand All @@ -249,6 +257,7 @@ var _ = Describe("TLS Bootstrap client tests", func() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
setDefaultMockExecCredential()
kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)
mockReader.EXPECT().ReadFile(gomock.Any()).
Return(defaultMockAzureConfigBytes, nil).
Times(1)
Expand All @@ -275,6 +284,7 @@ var _ = Describe("TLS Bootstrap client tests", func() {
mockReader.EXPECT().ReadFile(gomock.Any()).
Return(defaultMockAzureConfigBytes, nil).
Times(1)
kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)
aadClient.EXPECT().GetAadToken(gomock.Any(), gomock.Any(), gomock.Any()).
Return("spToken", nil).
Times(1)
Expand All @@ -298,6 +308,7 @@ var _ = Describe("TLS Bootstrap client tests", func() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
setDefaultMockExecCredential()
kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)
mockReader.EXPECT().ReadFile(gomock.Any()).
Return(defaultMockAzureConfigBytes, nil).
Times(1)
Expand Down Expand Up @@ -327,6 +338,7 @@ var _ = Describe("TLS Bootstrap client tests", func() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
setDefaultMockExecCredential()
kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)
mockReader.EXPECT().ReadFile(gomock.Any()).
Return(defaultMockAzureConfigBytes, nil).
Times(1)
Expand Down Expand Up @@ -359,6 +371,7 @@ var _ = Describe("TLS Bootstrap client tests", func() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
setDefaultMockExecCredential()
kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)
mockReader.EXPECT().ReadFile(gomock.Any()).
Return(defaultMockAzureConfigBytes, nil).
Times(1)
Expand Down Expand Up @@ -391,6 +404,7 @@ var _ = Describe("TLS Bootstrap client tests", func() {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
setDefaultMockExecCredential()
kubeClient.EXPECT().IsKubeConfigStillValid(gomock.Any()).Return(false, nil).Times(1)
mockReader.EXPECT().ReadFile(gomock.Any()).
Return(defaultMockAzureConfigBytes, nil).
Times(1)
Expand Down
2 changes: 1 addition & 1 deletion client/file.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

package client

//go:generate ../../bin/mockgen -source=file.go -copyright_file=../../hack/copyright_header.txt -destination=./mocks/mock_file.go -package=mocks github.com/Azure/aks-secure-tls-bootstrap/client FileReader
//go:generate ../bin/mockgen -source=file.go -copyright_file=../hack/copyright_header.txt -destination=pkg/mocks/mock_file.go -package=mocks github.com/Azure/aks-secure-tls-bootstrap/client FileReader

import "os"

Expand Down
2 changes: 1 addition & 1 deletion client/imds.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

package client

//go:generate ../../bin/mockgen -copyright_file=../../hack/copyright_header.txt -destination=./mocks/mock_imds.go -package=mocks github.com/Azure/aks-secure-tls-bootstrap/client ImdsClient
//go:generate ../bin/mockgen -copyright_file=../hack/copyright_header.txt -destination=pkg/mocks/mock_imds.go -package=mocks github.com/Azure/aks-secure-tls-bootstrap/client ImdsClient

import (
"context"
Expand Down
30 changes: 23 additions & 7 deletions client/kubeconfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@

package client

//go:generate ../bin/mockgen -source=kubeconfig.go -copyright_file=../hack/copyright_header.txt -destination=pkg/mocks/mock_kube.go -package=mocks github.com/Azure/aks-secure-tls-bootstrap/client KubeClient

import (
"fmt"
"os"
Expand All @@ -15,29 +17,43 @@ import (
certutil "k8s.io/client-go/util/cert"
)

func isKubeConfigStillValid(kubeConfigPath string, logger *zap.Logger) (bool, error) {
logger.Debug("checking if kubeconfig exists...")
type KubeClient interface {
IsKubeConfigStillValid(kubeConfigPath string) (bool, error)
}

func NewKubeClient(logger *zap.Logger) KubeClient {
return &kubeClientImpl{
logger: logger,
}
}

type kubeClientImpl struct {
logger *zap.Logger
}

func (c *kubeClientImpl) IsKubeConfigStillValid(kubeConfigPath string) (bool, error) {
c.logger.Debug("checking if kubeconfig exists...")

_, err := os.Stat(kubeConfigPath)
if os.IsNotExist(err) {
logger.Debug("kubeconfig does not exist. bootstrapping will continue")
c.logger.Debug("kubeconfig does not exist. bootstrapping will continue")
return false, nil
}
if err != nil {
logger.Error("error reading existing bootstrap kubeconfig. bootstrapping will continue", zap.Error(err))
c.logger.Error("error reading existing bootstrap kubeconfig. bootstrapping will continue", zap.Error(err))
return false, nil // not returning an error so bootstrap can continue
}

isValid, err := isClientConfigStillValid(kubeConfigPath, logger)
isValid, err := isClientConfigStillValid(kubeConfigPath, c.logger)
if err != nil {
return false, fmt.Errorf("unable to load kubeconfig: %v", err)
}
if isValid {
logger.Debug("kubeconfig is valid. bootstrapping will not continue")
c.logger.Debug("kubeconfig is valid. bootstrapping will not continue")
return true, nil
}

logger.Debug("kubeconfig is invalid. bootstrapping will continue")
c.logger.Debug("kubeconfig is invalid. bootstrapping will continue")
return false, nil
}

Expand Down
34 changes: 12 additions & 22 deletions client/kubeconfig_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ import (
"strings"
"time"

mocks "github.com/Azure/aks-secure-tls-bootstrap/client/pkg/mocks"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
"go.uber.org/mock/gomock"
Expand All @@ -27,26 +26,17 @@ const (

var _ = Describe("TLS Bootstrap kubeconfig tests", func() {
var (
mockCtrl *gomock.Controller
imdsClient *mocks.MockImdsClient
aadClient *mocks.MockAadClient
tlsBootstrapClient *tlsBootstrapClientImpl
mockReader *mocks.MockfileReader
mockCtrl *gomock.Controller
kubeClient KubeClient
)

Context("isKubeConfigStillValid Tests", func() {
BeforeEach(func() {

mockCtrl = gomock.NewController(GinkgoT())
imdsClient = mocks.NewMockImdsClient(mockCtrl)
aadClient = mocks.NewMockAadClient(mockCtrl)
mockReader = mocks.NewMockfileReader(mockCtrl)

tlsBootstrapClient = &tlsBootstrapClientImpl{
logger: testLogger,
imdsClient: imdsClient,
aadClient: aadClient,
reader: mockReader,

kubeClient = &kubeClientImpl{
logger: testLogger,
}
})

Expand All @@ -73,7 +63,7 @@ var _ = Describe("TLS Bootstrap kubeconfig tests", func() {
err = writeKubeconfigFromBootstrapping(bootstrapClientConfig, tempFile.Name(), false)
Expect(err).To(BeNil())

isValid, err := isKubeConfigStillValid(tempFile.Name(), tlsBootstrapClient.logger)
isValid, err := kubeClient.IsKubeConfigStillValid(tempFile.Name())
Expect(isValid).To(Equal(true))
Expect(err).To(BeNil())
})
Expand All @@ -85,7 +75,7 @@ var _ = Describe("TLS Bootstrap kubeconfig tests", func() {
Expect(err).To(BeNil())
defer os.Remove(tempFile.Name())

isValid, err := isKubeConfigStillValid(tempFile.Name(), tlsBootstrapClient.logger)
isValid, err := kubeClient.IsKubeConfigStillValid(tempFile.Name())
Expect(isValid).To(Equal(false))
Expect(err).ToNot(BeNil())
Expect(err.Error()).To(ContainSubstring("unable to load kubeconfig"))
Expand All @@ -95,7 +85,7 @@ var _ = Describe("TLS Bootstrap kubeconfig tests", func() {
When("kubeconfig path is malformed", func() {
It("should return false and not error", func() {
longPath := strings.Repeat("a", 1<<16) // a string with 65536 characters
isValid, err := isKubeConfigStillValid(longPath, tlsBootstrapClient.logger)
isValid, err := kubeClient.IsKubeConfigStillValid(longPath)
Expect(isValid).To(Equal(false))
Expect(err).To(BeNil())
})
Expand All @@ -122,7 +112,7 @@ var _ = Describe("TLS Bootstrap kubeconfig tests", func() {
err = writeKubeconfigFromBootstrapping(bootstrapClientConfig, tempFile.Name(), false)
Expect(err).To(BeNil())

isValid, err := isKubeConfigStillValid(tempFile.Name(), tlsBootstrapClient.logger)
isValid, err := kubeClient.IsKubeConfigStillValid(tempFile.Name())
Expect(isValid).To(Equal(false))
Expect(err).ToNot(BeNil())
Expect(err.Error()).To(ContainSubstring("private key does not match public key"))
Expand All @@ -148,7 +138,7 @@ var _ = Describe("TLS Bootstrap kubeconfig tests", func() {
err = writeKubeconfigFromBootstrapping(bootstrapClientConfig, tempFile.Name(), false)
Expect(err).To(BeNil())

isValid, err := isKubeConfigStillValid(tempFile.Name(), tlsBootstrapClient.logger)
isValid, err := kubeClient.IsKubeConfigStillValid(tempFile.Name())
Expect(isValid).To(Equal(false))
Expect(err).To(BeNil())
})
Expand Down Expand Up @@ -179,7 +169,7 @@ var _ = Describe("TLS Bootstrap kubeconfig tests", func() {
err = writeKubeconfigFromBootstrapping(bootstrapClientConfig, tempFile.Name(), true)
Expect(err).To(BeNil())

isValid, err := isKubeConfigStillValid(tempFile.Name(), tlsBootstrapClient.logger)
isValid, err := kubeClient.IsKubeConfigStillValid(tempFile.Name())
Expect(isValid).To(Equal(false))
Expect(err).ToNot(BeNil())
Expect(err.Error()).To(ContainSubstring("exec plugin: invalid apiVersion"))
Expand All @@ -188,7 +178,7 @@ var _ = Describe("TLS Bootstrap kubeconfig tests", func() {

When("kubeconfig does not exist", func() {
It("should return false and not have an error", func() {
isValid, err := isKubeConfigStillValid("dummy", tlsBootstrapClient.logger)
isValid, err := kubeClient.IsKubeConfigStillValid("dummy")
Expect(isValid).To(Equal(false))
Expect(err).To(BeNil())
})
Expand Down
1 change: 1 addition & 0 deletions client/opts.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ type SecureTLSBootstrapClientOpts struct {
NextProto string
AADResource string
LogFormat string
KubeconfigPath string
Verbose bool
}

Expand Down
2 changes: 1 addition & 1 deletion client/pkg/mocks/mock_aad.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion client/pkg/mocks/mock_imds.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading