github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Test anonymous and RBAC handling via config file

Browse Source
This commit is contained in:
Jordan Liggitt
2023-11-08 11:24:55 -06:00
parent 264cd64824
commit b53134f129
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
test/integration/auth/authz_config_test.go
View File

@@ -17,6 +17,7 @@ limitations under the License.
package auth package auth
import ( import (
"bytes"
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
@@ -34,6 +35,7 @@ import (
"k8s.io/apiserver/pkg/features" "k8s.io/apiserver/pkg/features"
utilfeature "k8s.io/apiserver/pkg/util/feature" utilfeature "k8s.io/apiserver/pkg/util/feature"
clientset "k8s.io/client-go/kubernetes" clientset "k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
featuregatetesting "k8s.io/component-base/featuregate/testing" featuregatetesting "k8s.io/component-base/featuregate/testing"
kubeapiservertesting "k8s.io/kubernetes/cmd/kube-apiserver/app/testing" kubeapiservertesting "k8s.io/kubernetes/cmd/kube-apiserver/app/testing"
"k8s.io/kubernetes/test/integration/authutil" "k8s.io/kubernetes/test/integration/authutil"
@@ -63,6 +65,16 @@ authorizers:
) )
t.Cleanup(server.TearDownFn) t.Cleanup(server.TearDownFn)
// Make sure anonymous requests work
anonymousClient := clientset.NewForConfigOrDie(rest.AnonymousClientConfig(server.ClientConfig))
healthzResult, err := anonymousClient.DiscoveryClient.RESTClient().Get().AbsPath("/healthz").Do(context.TODO()).Raw()
if !bytes.Equal(healthzResult, []byte(`ok`)) {
t.Fatalf("expected 'ok', got %s", string(healthzResult))
}
if err != nil {
t.Fatal(err)
}
adminClient := clientset.NewForConfigOrDie(server.ClientConfig) adminClient := clientset.NewForConfigOrDie(server.ClientConfig)
sar := &authorizationv1.SubjectAccessReview{Spec: authorizationv1.SubjectAccessReviewSpec{ sar := &authorizationv1.SubjectAccessReview{Spec: authorizationv1.SubjectAccessReviewSpec{