Don't assume we always SSH as the current user

This works on gcloud (where the user is dynamically created by the tool), but doesn't hold on other clouds (e.g. AWS). The function in pkg/util now takes a user arg, and it is called only from the e2e tests, which now check for env-var KUBE_SSH_USER, and then fall back to the existing behaviour of env-var USER. I am using this from Jenkins by directly setting the env-var: export KUBE_SSH_USER=jenkins ... hack/jenkins/e2e.sh
2015-06-16 07:12:25 -04:00
parent ff0546da4f
commit efdd03a6a9
3 changed files with 115 additions and 8 deletions
--- a/pkg/util/ssh_test.go
+++ b/pkg/util/ssh_test.go
@@ -24,6 +24,9 @@ import (

 	"github.com/golang/glog"
 	"golang.org/x/crypto/ssh"
+	"io"
+	"os"
+	"strings"
 )

 type testSSHServer struct {
@@ -159,3 +162,84 @@ func TestSSHTunnel(t *testing.T) {
 		t.Errorf("unexpected error: %v", err)
 	}
 }
+
+type mockSSHDialer struct {
+	network string
+	addr    string
+	config  *ssh.ClientConfig
+}
+
+func (d *mockSSHDialer) Dial(network, addr string, config *ssh.ClientConfig) (*ssh.Client, error) {
+	d.network = network
+	d.addr = addr
+	d.config = config
+	return nil, fmt.Errorf("mock error from Dial")
+}
+
+type mockSigner struct {
+}
+
+func (s *mockSigner) PublicKey() ssh.PublicKey {
+	panic("mockSigner.PublicKey not implemented")
+}
+
+func (s *mockSigner) Sign(rand io.Reader, data []byte) (*ssh.Signature, error) {
+	panic("mockSigner.Sign not implemented")
+}
+
+func TestSSHUser(t *testing.T) {
+	signer := &mockSigner{}
+
+	table := []struct {
+		title      string
+		user       string
+		host       string
+		signer     ssh.Signer
+		command    string
+		expectUser string
+	}{
+		{
+			title:      "all values provided",
+			user:       "testuser",
+			host:       "testhost",
+			signer:     signer,
+			command:    "uptime",
+			expectUser: "testuser",
+		},
+		{
+			title:      "empty user defaults to GetEnv(USER)",
+			user:       "",
+			host:       "testhost",
+			signer:     signer,
+			command:    "uptime",
+			expectUser: os.Getenv("USER"),
+		},
+	}
+
+	for _, item := range table {
+		dialer := &mockSSHDialer{}
+
+		_, _, _, err := runSSHCommand(dialer, item.command, item.user, item.host, item.signer)
+		if err == nil {
+			t.Errorf("expected error (as mock returns error); did not get one")
+		}
+		errString := err.Error()
+		if !strings.HasPrefix(errString, fmt.Sprintf("error getting SSH client to %s@%s:", item.expectUser, item.host)) {
+			t.Errorf("unexpected error: %v", errString)
+		}
+
+		if dialer.network != "tcp" {
+			t.Errorf("unexpected network: %v", dialer.network)
+		}
+
+		if dialer.config.User != item.expectUser {
+			t.Errorf("unexpected user: %v", dialer.config.User)
+		}
+		if len(dialer.config.Auth) != 1 {
+			t.Errorf("unexpected auth: %v", dialer.config.Auth)
+		}
+		// (No way to test Auth - nothing exported?)
+
+	}
+
+}