def _SetUpEnvTest(self):
config1 = kubeconfig.Kubeconfig.Default()
cluster1 = kubeconfig.Cluster('cluster1',
'https://1.1.1.1',
ca_data='FAKE_CA_DATA')
cluster2 = kubeconfig.Cluster('cluster2',
'https://2.2.2.2',
ca_data=None)
user = kubeconfig.User('user',
cert_data='FAKECERTDATA',
key_data='FAKE_KEY_DATA')
context = kubeconfig.Context('context', 'cluster1', 'user')
config1.clusters['cluster1'] = cluster1
config1.clusters['cluster2'] = cluster2
config1.users['user'] = user
config1.contexts['context'] = context
config1.SetCurrentContext('context')
config2 = kubeconfig.Kubeconfig.Default()
modified_cluster1 = kubeconfig.Cluster('cluster1',
'https://2.2.2.2',
ca_data=None)
other_cluster2 = kubeconfig.Cluster('other_cluster2',
'https://3.3.3.3',
ca_data='FAKE_CA_DATA')
user = kubeconfig.User('user',
cert_data='FAKECERTDATA',
key_data='FAKE_KEY_DATA')
other_context = kubeconfig.Context('other_context', 'cluster1', 'user')
config2.clusters['cluster1'] = modified_cluster1
config2.clusters['other_cluster2'] = other_cluster2
config2.users['user'] = user
config2.contexts['other_context'] = other_context
config2.SetCurrentContext('other_context')
self.expected_configs = {
'/some/path1': config1,
'/some/path2': config2
}
def _KubeconfigLoadFromFile(path):
if path in self.expected_configs:
return self.expected_configs[path]
else:
raise kubeconfig.Error('Invalid path', path)
self.StartObjectPatch(kubeconfig.Kubeconfig,
'LoadFromFile',
side_effect=_KubeconfigLoadFromFile)
def GenKubeconfig(self):
"""Generate kubeconfig for this cluster."""
context = self.kube_context
kubeconfig = kconfig.Kubeconfig.Default()
cluster_kwargs = {}
user_kwargs = {
'auth_provider': self.auth_provider,
}
if self.has_ca_cert:
cluster_kwargs['ca_data'] = self.ca_data
if self.has_cert_data:
user_kwargs['cert_data'] = self.client_cert_data
user_kwargs['key_data'] = self.client_key_data
# Use same key for context, cluster, and user
kubeconfig.contexts[context] = kconfig.Context(context, context,
context)
kubeconfig.users[context] = kconfig.User(context, **user_kwargs)
kubeconfig.clusters[context] = kconfig.Cluster(context, self.server,
**cluster_kwargs)
kubeconfig.SetCurrentContext(context)
kubeconfig.SaveToFile()
path = kconfig.Kubeconfig.DefaultPath()
log.debug('Saved kubeconfig to %s', path)
log.status.Print(
KUBECONFIG_USAGE_FMT.format(cluster=self.cluster_name,
context=context))
def testExistingKubeconfig(self):
path = kconfig.Kubeconfig.DefaultPath()
file_utils.MakeDir(os.path.dirname(path))
with open(path, 'w') as fp:
fp.write(_EXISTING_KUBECONFIG)
existing = kconfig.Kubeconfig.Default()
cluster = self._RunningCluster()
config = c_util.ClusterConfig.Persist(cluster, self.PROJECT_ID)
kubeconfig = kconfig.Kubeconfig.Default()
cluster = kconfig.Cluster(config.kube_context,
config.server,
ca_data=config.ca_data)
user = kconfig.User(config.kube_context, auth_provider='gcp')
context = kconfig.Context(config.kube_context, config.kube_context,
config.kube_context)
# verify added kubeconfig data is correct
self.assertEqual(kubeconfig.clusters[config.kube_context], cluster)
self.assertEqual(kubeconfig.users[config.kube_context], user)
self.assertEqual(kubeconfig.contexts[config.kube_context], context)
self.assertEqual(kubeconfig.current_context, config.kube_context)
# verify purge clears cluster data from kubeconfig
c_util.ClusterConfig.Purge(config.cluster_name, config.zone_id,
config.project_id)
# reload kubeconfig
kubeconfig = kconfig.Kubeconfig.Default()
# Purge unsets current-context if it was set to the deleted
# cluster's context
existing.SetCurrentContext('')
self.assertEqual(kubeconfig._data, existing._data)
def testLoadStoreKubeconfig(self):
kubeconfig = kconfig.Kubeconfig.Default()
cluster1 = kconfig.Cluster('cluster1',
'https://1.1.1.1',
ca_data='FAKE_CA_DATA')
cluster2 = kconfig.Cluster('cluster2', 'https://2.2.2.2', ca_data=None)
user = kconfig.User('user',
cert_data='FAKECERTDATA',
key_data='FAKE_KEY_DATA')
context = kconfig.Context('context', 'cluster1', 'user')
kubeconfig.clusters['cluster1'] = cluster1
kubeconfig.clusters['cluster2'] = cluster2
kubeconfig.users['user'] = user
kubeconfig.contexts['context'] = context
kubeconfig.SaveToFile()
# reload
kubeconfig = kconfig.Kubeconfig.Default()
self.assertEqual(kubeconfig.users[user['name']], user)
self.assertEqual(kubeconfig.contexts[context['name']], context)
for c in cluster1, cluster2:
self.assertEqual(kubeconfig.clusters[c['name']], c)
self.assertTrue(kubeconfig.clusters['cluster2']['cluster']
['insecure-skip-tls-verify'])
def _ConnectGatewayKubeconfig(kubeconfig, cluster, context, cmd_path):
"""Generates the Connect Gateway kubeconfig entry.
Args:
kubeconfig: object, Kubeconfig object.
cluster: object, Anthos Multi-cloud cluster.
context: str, context for the kubeconfig entry.
cmd_path: str, authentication provider command path.
Raises:
errors.MissingClusterField: cluster is missing required fields.
"""
if cluster.fleet is None:
raise errors.MissingClusterField('fleet')
if cluster.fleet.membership is None:
raise errors.MissingClusterField('fleet.membership')
membership_resource = resources.REGISTRY.ParseRelativeName(
cluster.fleet.membership,
collection='gkehub.projects.locations.memberships')
# Connect Gateway only supports project number.
# TODO(b/198380839): Use the url with locations once rolled out.
server = 'https://{}/v1/projects/{}/memberships/{}'.format(
_GetConnectGatewayEndpoint(),
project_util.GetProjectNumber(membership_resource.projectsId),
membership_resource.membershipsId)
user_kwargs = {'auth_provider': 'gcp', 'auth_provider_cmd_path': cmd_path}
kubeconfig.users[context] = kubeconfig_util.User(context, **user_kwargs)
kubeconfig.clusters[context] = gwkubeconfig_util.Cluster(context, server)
def testMergeKubeconfig(self):
kubeconfig = kconfig.Kubeconfig.Default()
cluster1 = kconfig.Cluster('cluster1',
'https://1.1.1.1',
ca_data='FAKE_CA_DATA')
cluster2 = kconfig.Cluster('cluster2', 'https://2.2.2.2', ca_data=None)
user = kconfig.User('user',
cert_data='FAKECERTDATA',
key_data='FAKE_KEY_DATA')
context = kconfig.Context('context', 'cluster1', 'user')
kubeconfig.clusters['cluster1'] = cluster1
kubeconfig.clusters['cluster2'] = cluster2
kubeconfig.users['user'] = user
kubeconfig.contexts['context'] = context
kubeconfig.SetCurrentContext('context')
other_kubeconfig = kconfig.Kubeconfig.Default()
modified_cluster1 = kconfig.Cluster('cluster1',
'https://2.2.2.2',
ca_data=None)
other_cluster2 = kconfig.Cluster('other_cluster2',
'https://3.3.3.3',
ca_data='FAKE_CA_DATA')
user = kconfig.User('user',
cert_data='FAKECERTDATA',
key_data='FAKE_KEY_DATA')
other_context = kconfig.Context('other_context', 'cluster1', 'user')
other_kubeconfig.clusters['cluster1'] = modified_cluster1
other_kubeconfig.clusters['other_cluster2'] = other_cluster2
other_kubeconfig.users['user'] = user
other_kubeconfig.contexts['other_context'] = other_context
other_kubeconfig.SetCurrentContext('other_context')
kubeconfig.Merge(other_kubeconfig)
self.assertEqual(kubeconfig.current_context, 'context')
self.assertEqual(len(kubeconfig.users), 1)
self.assertEqual(kubeconfig.users[user['name']], user)
self.assertEqual(len(kubeconfig.contexts), 2)
for c in context, other_context:
self.assertEqual(kubeconfig.contexts[c['name']], c)
self.assertEqual(len(kubeconfig.clusters), 3)
for c in cluster1, cluster2, other_cluster2:
self.assertEqual(kubeconfig.clusters[c['name']], c)
def testConnectToKubeconfigClusterWithSpecifiedContext(self, version):
config = kubeconfig.Kubeconfig.Default()
cluster = kubeconfig.Cluster('cluster1',
'https://2.2.2.2',
ca_data='=')
user = kubeconfig.User('user', cert_data='aGF0', key_data='c2FsYWQ=')
context = kubeconfig.Context('context', 'cluster1', 'user')
config.clusters['cluster1'] = cluster
config.users['user'] = user
config.contexts['context'] = context
config.SetCurrentContext('some_other_context')
with connection_context._KubeconfigConnectionContext(
config, 'run', version, 'context'):
if six.PY3:
self.assertEqual(
properties.VALUES.api_endpoint_overrides.run.Get(),
'https://2.2.2.2/')
else:
self.assertEqual(
properties.VALUES.api_endpoint_overrides.run.Get(),
'https://kubernetes.default/')
def testUserGCPAuthProvider(self):
user = kconfig.User(name='user', auth_provider='gcp')
self.assertIsNotNone(user)
self.assertEqual(user['name'], 'user')
self.assertEqual(user['user']['auth-provider']['name'], 'gcp')
