diff --git a/src/KubeConfigModels/User.cs b/src/KubeConfigModels/User.cs
index 2a3baa1..1c1290e 100644
--- a/src/KubeConfigModels/User.cs
+++ b/src/KubeConfigModels/User.cs
@@ -6,7 +6,7 @@
public class User
{
[YamlMember(Alias = "user")]
- public UserCrednetials UserCredentials { get; set; }
+ public UserCredentials UserCredentials { get; set; }
[YamlMember(Alias = "name")]
public string Name { get; set; }
diff --git a/src/KubeConfigModels/UserCrednetials.cs b/src/KubeConfigModels/UserCredentials.cs
similarity index 85%
rename from src/KubeConfigModels/UserCrednetials.cs
rename to src/KubeConfigModels/UserCredentials.cs
index 2078814..04bef99 100644
--- a/src/KubeConfigModels/UserCrednetials.cs
+++ b/src/KubeConfigModels/UserCredentials.cs
@@ -3,7 +3,7 @@
using YamlDotNet.RepresentationModel;
using YamlDotNet.Serialization;
- public class UserCrednetials
+ public class UserCredentials
{
[YamlMember(Alias = "client-certificate-data")]
public string ClientCertificateData { get; set; }
@@ -14,7 +14,7 @@
[YamlMember(Alias = "token")]
public string Token { get; set; }
- [YamlMember(Alias = "userName")]
+ [YamlMember(Alias = "username")]
public string UserName { get; set; }
[YamlMember(Alias = "password")]
diff --git a/src/KubernetesClient.csproj b/src/KubernetesClient.csproj
index 6cf6d0a..3162f0c 100644
--- a/src/KubernetesClient.csproj
+++ b/src/KubernetesClient.csproj
@@ -3,8 +3,8 @@
Library
netcoreapp1.1
-
-
+
+
diff --git a/src/KubernetesClientConfiguration.cs b/src/KubernetesClientConfiguration.cs
index 33e3e5b..d6c6d1c 100644
--- a/src/KubernetesClientConfiguration.cs
+++ b/src/KubernetesClientConfiguration.cs
@@ -96,13 +96,14 @@ namespace k8s
{
Context activeContext;
+ if (k8SConfig.Contexts == null)
+ {
+ throw new KubeConfigException("No contexts found in kubeconfig");
+ }
+
// set the currentCOntext to passed context if not null
if (!string.IsNullOrWhiteSpace(currentContext))
{
- if (k8SConfig.Contexts == null)
- {
- throw new KubeConfigException("No contexts found in kubeconfig");
- }
activeContext = k8SConfig.Contexts.FirstOrDefault(c => c.Name.Equals(currentContext, StringComparison.OrdinalIgnoreCase));
if (activeContext != null)
@@ -127,6 +128,11 @@ namespace k8s
this.CurrentContext = activeContext.Name;
}
+ if (k8SConfig.Clusters == null)
+ {
+ throw new KubeConfigException($"clusters not found for current-context :{activeContext} in kubeconfig");
+ }
+
var clusterDetails = k8SConfig.Clusters.FirstOrDefault(c => c.Name.Equals(activeContext.ContextDetails.Cluster, StringComparison.OrdinalIgnoreCase));
if (clusterDetails?.ClusterEndpoint != null)
{
diff --git a/tests/KubernetesClientConfigurationTests.cs b/tests/KubernetesClientConfigurationTests.cs
index d1d0c89..4ceb796 100755
--- a/tests/KubernetesClientConfigurationTests.cs
+++ b/tests/KubernetesClientConfigurationTests.cs
@@ -1,11 +1,68 @@
using System;
using Xunit;
using k8s;
+using System.IO;
namespace k8s.Tests
{
public class KubernetesClientConfigurationTests
{
+
+ ///
+ /// This file contains a sample kubeconfig file
+ ///
+ private static readonly string kubeConfigFileName = "assets/kubeconfig.yml";
+
+ ///
+ /// Invalid test file with no context on purpose
+ ///
+ private static readonly string kubeConfigNoContexts = "assets/kubeconfig-no-context.yml";
+
+ ///
+ /// Sample configuration file with user/password authentication
+ ///
+ private static readonly string kubeConfigUserPassword = "assets/kubeconfig.user-pass.yml";
+
+ ///
+ /// Sample configuration file with incorrect user credentials structures on purpose
+ ///
+ private static readonly string kubeConfigNoCredentials = "assets/kubeconfig.no-credentials.yml";
+
+ ///
+ /// Sample configuration file with incorrect cluster/server structure on purpose
+ ///
+ private static readonly string kubeConfigNoServer = "assets/kubeconfig.no-server.yml";
+
+ ///
+ /// Sample configuration file with incorrect cluster/server structure on purpose
+ ///
+ private static readonly string kubeConfigNoCluster = "assets/kubeconfig.no-cluster.yml";
+
+ ///
+ /// Sample configuration file with incorrect match in cluster name
+ ///
+ private static readonly string kubeConfigClusterMissmatch = "assets/kubeconfig.cluster-missmatch.yml";
+
+ ///
+ /// Sample configuration file with incorrect TLS configuration in cluster section
+ ///
+ private static readonly string kubeConfigTlsNoSkipError = "assets/kubeconfig.tls-no-skip-error.yml";
+
+ ///
+ /// Sample configuration file with incorrect TLS configuration in cluster section
+ ///
+ private static readonly string kubeConfigTlsSkip = "assets/kubeconfig.tls-skip.yml";
+
+ ///
+ /// The configuration file is not present. An KubeConfigException should be thrown
+ ///
+ [Fact]
+ public void ConfigurationFileNotFound()
+ {
+ var fi = new FileInfo("/path/to/nowhere");
+ Assert.Throws(() => new KubernetesClientConfiguration(fi));
+ }
+
///
/// Checks Host is loaded from the default configuration file
///
@@ -15,18 +72,170 @@ namespace k8s.Tests
var cfg = new KubernetesClientConfiguration();
Assert.NotNull(cfg.Host);
}
+
+ ///
+ /// Check if host is properly loaded, per context
+ ///
+ [Theory]
+ [InlineData("federal-context", "https://horse.org:4443")]
+ [InlineData("queen-anne-context", "https://pig.org:443")]
+ public void ContextHostTest(string context, string host)
+ {
+ var fi = new FileInfo(kubeConfigFileName);
+ var cfg = new KubernetesClientConfiguration(fi, context);
+ Assert.Equal(host, cfg.Host);
+ }
///
- /// Checks if the are pods
+ /// Checks if user-based token is loaded properly from the config file, per context
+ ///
+ ///
+ ///
+ ///
+ [Theory]
+ [InlineData("queen-anne-context", "black-token")]
+ public void ContextUserTokenTest(string context, string token)
+ {
+ var fi = new FileInfo(kubeConfigFileName);
+ var cfg = new KubernetesClientConfiguration(fi, context);
+ Assert.Equal(context, cfg.CurrentContext);
+ Assert.Null(cfg.Username);
+ Assert.Equal(token, cfg.AccessToken);
+ }
+
+ ///
+ /// Checks if certificate-based authentication is loaded properly from the config file, per context
+ ///
+ /// Context to retreive the configuration
+ /// 'client-certificate-data' node content
+ /// 'client-key-data' content
+ [Theory]
+ [InlineData("federal-context", "path/to/my/client/cert" ,"path/to/my/client/key")]
+ public void ContextCertificateTest(string context, string clientCertData, string clientCertKey)
+ {
+ var fi = new FileInfo(kubeConfigFileName);
+ var cfg = new KubernetesClientConfiguration(fi, context);
+ Assert.Equal(context, cfg.CurrentContext);
+ Assert.Equal(cfg.ClientCertificateData, clientCertData);
+ Assert.Equal(cfg.ClientCertificateKey, clientCertKey);
+ }
+
+ ///
+ /// Test that an Exception is thrown when initializating a KubernetClientConfiguration whose config file Context is not present
///
[Fact]
- public void ListDefaultNamespacedPod()
+ public void ContextNotFoundTest()
{
- var k8sClientConfig = new KubernetesClientConfiguration();
- IKubernetes client = new Kubernetes(k8sClientConfig);
- var listTask = client.ListNamespacedPodWithHttpMessagesAsync("default").Result;
- var list = listTask.Body;
- Assert.NotEqual(0, list.Items.Count);
+ var fi = new FileInfo(kubeConfigFileName);
+ Assert.Throws(() => new KubernetesClientConfiguration(fi, "context-not-found"));
}
+
+ ///
+ /// Test if KubeConfigException is thrown when no Contexts and we use the default context name
+ ///
+ [Fact]
+ public void NoContexts()
+ {
+ var fi = new FileInfo(kubeConfigNoContexts);
+ Assert.Throws(() => new KubernetesClientConfiguration(fi));
+ }
+
+ ///
+ /// Test if KubeConfigException is thrown when no Contexts are set and we specify a concrete context name
+ ///
+ [Fact]
+ public void NoContextsExplicit()
+ {
+ var fi = new FileInfo(kubeConfigNoContexts);
+ Assert.Throws(() => new KubernetesClientConfiguration(fi, "context"));
+ }
+
+ ///
+ /// Checks user/password authentication information is read properly
+ ///
+ [Fact]
+ public void UserPasswordAuthentication()
+ {
+ var fi = new FileInfo(kubeConfigUserPassword);
+ var cfg = new KubernetesClientConfiguration(fi);
+ Assert.Equal("admin", cfg.Username);
+ Assert.Equal("secret", cfg.Password);
+ }
+
+ ///
+ /// Checks that a KubeConfigException is thrown when incomplete user credentials
+ ///
+ [Fact]
+ public void IncompleteUserCredentials()
+ {
+ var fi = new FileInfo(kubeConfigNoCredentials);
+ Assert.Throws(() => new KubernetesClientConfiguration(fi));
+ }
+
+ ///
+ /// Checks that a KubeConfigException is thrown when the server property is not set in cluster
+ ///
+ [Fact]
+ public void ServerNotFound()
+ {
+ var fi = new FileInfo(kubeConfigNoServer);
+ Assert.Throws(() => new KubernetesClientConfiguration(fi));
+ }
+
+ ///
+ /// Checks that a KubeConfigException is thrown when the clusters section is missing
+ ///
+ [Fact]
+ public void ClusterNotFound()
+ {
+ var fi = new FileInfo(kubeConfigNoCluster);
+ Assert.Throws(() => new KubernetesClientConfiguration(fi));
+ }
+
+ ///
+ /// Checks that a KubeConfigException is thrown when the cluster defined in clusters and contexts do not match
+ ///
+ [Fact]
+ public void ClusterNameMissmatch()
+ {
+ var fi = new FileInfo(kubeConfigClusterMissmatch);
+ Assert.Throws(() => new KubernetesClientConfiguration(fi));
+ }
+
+ ///
+ /// Checks that a KubeConfigException is thrown when no certificate-authority-data is set and user do not require tls skip
+ ///
+ [Fact]
+ public void CheckClusterTlsCorrectness()
+ {
+ var fi = new FileInfo(kubeConfigTlsNoSkipError);
+ Assert.Throws(() => new KubernetesClientConfiguration(fi));
+ }
+
+ ///
+ /// Checks that a KubeConfigException is thrown when no certificate-authority-data is set and user do not require tls skip
+ ///
+ [Fact]
+ public void CheckClusterTlsSkipCorrectness()
+ {
+ var fi = new FileInfo(kubeConfigTlsSkip);
+ var cfg = new KubernetesClientConfiguration(fi);
+ Assert.NotNull(cfg.Host);
+ Assert.Null(cfg.SslCaCert);
+ Assert.True(cfg.SkipTlsVerify);
+ }
+
+ // ///
+ // /// Checks if the are pods
+ // ///
+ // [Fact]
+ // public void ListDefaultNamespacedPod()
+ // {
+ // var k8sClientConfig = new KubernetesClientConfiguration();
+ // IKubernetes client = new Kubernetes(k8sClientConfig);
+ // var listTask = client.ListNamespacedPodWithHttpMessagesAsync("default").Result;
+ // var list = listTask.Body;
+ // Assert.NotEqual(0, list.Items.Count);
+ // }
}
}
diff --git a/tests/KubernetesClientCredentialsTests.cs b/tests/KubernetesClientCredentialsTests.cs
new file mode 100644
index 0000000..1f36728
--- /dev/null
+++ b/tests/KubernetesClientCredentialsTests.cs
@@ -0,0 +1,60 @@
+using System;
+using Xunit;
+using k8s;
+using System.IO;
+
+namespace k8s.Tests
+{
+ public class KubernetesClientCredentialsTests
+ {
+ ///
+ /// Checks that a ArgumentNullException is thrown when trying to create a KubernetesClientCredentials with null token
+ ///
+ [Fact]
+ public void TokenNull()
+ {
+ Assert.Throws(() => new KubernetesClientCredentials(null));
+ }
+
+ ///
+ /// Checks that a ArgumentNullException is thrown when trying to create a KubernetesClientCredentials with null username
+ ///
+ [Fact]
+ public void UsernameNull()
+ {
+ Assert.Throws(() => new KubernetesClientCredentials(null,"password"));
+ }
+
+ ///
+ /// Checks that a ArgumentNullException is thrown when trying to create a KubernetesClientCredentials with null password
+ ///
+ [Fact]
+ public void PasswordNull()
+ {
+ Assert.Throws(() => new KubernetesClientCredentials("username", null));
+ }
+
+ ///
+ /// Checks that the Token is set with no exceptions
+ ///
+ [Fact]
+ public void ValidTokenIsSet()
+ {
+ var token = "mytoken";
+ var credentials = new KubernetesClientCredentials(token);
+ Assert.NotNull(credentials);
+ }
+
+ ///
+ /// Checks that the Username and Password is set with no exceptions
+ ///
+ [Fact]
+ public void ValidUserPasswordIsSet()
+ {
+ var username = "myuser";
+ var password = "mypassword";
+ var credentials = new KubernetesClientCredentials(username, password);
+ Assert.NotNull(credentials);
+ }
+ }
+}
\ No newline at end of file
diff --git a/tests/assets/kubeconfig-no-context.yml b/tests/assets/kubeconfig-no-context.yml
new file mode 100644
index 0000000..46230a5
--- /dev/null
+++ b/tests/assets/kubeconfig-no-context.yml
@@ -0,0 +1,29 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+ server: http://cow.org:8080
+ name: cow-cluster
+- cluster:
+ certificate-authority-data: path/to/my/cafile
+ server: https://horse.org:4443
+ name: horse-cluster
+- cluster:
+ insecure-skip-tls-verify: true
+ server: https://pig.org:443
+ name: pig-cluster
+kind: Config
+users:
+- name: blue-user
+ user:
+ token: blue-token
+- name: green-user
+ user:
+ client-certificate-data: path/to/my/client/cert
+ client-key-data: path/to/my/client/key
+- name: black-user
+ user:
+ token: black-token
\ No newline at end of file
diff --git a/tests/assets/kubeconfig.cluster-missmatch.yml b/tests/assets/kubeconfig.cluster-missmatch.yml
new file mode 100644
index 0000000..43fab47
--- /dev/null
+++ b/tests/assets/kubeconfig.cluster-missmatch.yml
@@ -0,0 +1,22 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+ certificate-authority-data: path/to/my/cafile
+ server: https://horse.org:4443
+ name: bad-name-cluster
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+kind: Config
+users:
+- name: green-user
+ user:
+ password: secret
+ username: admin
\ No newline at end of file
diff --git a/tests/assets/kubeconfig.no-cluster.yml b/tests/assets/kubeconfig.no-cluster.yml
new file mode 100644
index 0000000..a3a79c2
--- /dev/null
+++ b/tests/assets/kubeconfig.no-cluster.yml
@@ -0,0 +1,17 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+kind: Config
+users:
+- name: green-user
+ user:
+ password: secret
+ username: admin
\ No newline at end of file
diff --git a/tests/assets/kubeconfig.no-credentials.yml b/tests/assets/kubeconfig.no-credentials.yml
new file mode 100644
index 0000000..5dffa7e
--- /dev/null
+++ b/tests/assets/kubeconfig.no-credentials.yml
@@ -0,0 +1,20 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+ certificate-authority-data: path/to/my/cafile
+ server: https://horse.org:4443
+ name: horse-cluster
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+kind: Config
+users:
+- name: green-user
+ user:
\ No newline at end of file
diff --git a/tests/assets/kubeconfig.no-server.yml b/tests/assets/kubeconfig.no-server.yml
new file mode 100644
index 0000000..db5a3b6
--- /dev/null
+++ b/tests/assets/kubeconfig.no-server.yml
@@ -0,0 +1,21 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+ certificate-authority-data: path/to/my/cafile
+ name: horse-cluster
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+kind: Config
+users:
+- name: green-user
+ user:
+ password: secret
+ username: admin
\ No newline at end of file
diff --git a/tests/assets/kubeconfig.tls-no-skip-error.yml b/tests/assets/kubeconfig.tls-no-skip-error.yml
new file mode 100644
index 0000000..1dce816
--- /dev/null
+++ b/tests/assets/kubeconfig.tls-no-skip-error.yml
@@ -0,0 +1,25 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+ server: http://cow.org:8080
+ name: cow-cluster
+- cluster:
+ # certificate-authority-data: path/to/my/cafile
+ server: https://horse.org:4443
+ name: horse-cluster
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+kind: Config
+users:
+- name: green-user
+ user:
+ client-certificate-data: path/to/my/client/cert
+ client-key-data: path/to/my/client/key
\ No newline at end of file
diff --git a/tests/assets/kubeconfig.tls-skip.yml b/tests/assets/kubeconfig.tls-skip.yml
new file mode 100644
index 0000000..3e29aa4
--- /dev/null
+++ b/tests/assets/kubeconfig.tls-skip.yml
@@ -0,0 +1,22 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+ insecure-skip-tls-verify: true
+ server: https://horse.org:443
+ name: horse-cluster
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+kind: Config
+users:
+- name: green-user
+ user:
+ password: secret
+ username: admin
\ No newline at end of file
diff --git a/tests/assets/kubeconfig.user-pass.yml b/tests/assets/kubeconfig.user-pass.yml
new file mode 100644
index 0000000..b426ef5
--- /dev/null
+++ b/tests/assets/kubeconfig.user-pass.yml
@@ -0,0 +1,22 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+ certificate-authority-data: path/to/my/cafile
+ server: https://horse.org:4443
+ name: horse-cluster
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+kind: Config
+users:
+- name: green-user
+ user:
+ password: secret
+ username: admin
\ No newline at end of file
diff --git a/tests/assets/kubeconfig.yml b/tests/assets/kubeconfig.yml
new file mode 100644
index 0000000..98730d2
--- /dev/null
+++ b/tests/assets/kubeconfig.yml
@@ -0,0 +1,40 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+ server: http://cow.org:8080
+ name: cow-cluster
+- cluster:
+ certificate-authority-data: path/to/my/cafile
+ server: https://horse.org:4443
+ name: horse-cluster
+- cluster:
+ insecure-skip-tls-verify: true
+ server: https://pig.org:443
+ name: pig-cluster
+contexts:
+- context:
+ cluster: horse-cluster
+ namespace: chisel-ns
+ user: green-user
+ name: federal-context
+- context:
+ cluster: pig-cluster
+ namespace: saw-ns
+ user: black-user
+ name: queen-anne-context
+kind: Config
+users:
+- name: blue-user
+ user:
+ token: blue-token
+- name: green-user
+ user:
+ client-certificate-data: path/to/my/client/cert
+ client-key-data: path/to/my/client/key
+- name: black-user
+ user:
+ token: black-token
\ No newline at end of file
diff --git a/tests/tests.csproj b/tests/tests.csproj
index c10375e..757be8e 100755
--- a/tests/tests.csproj
+++ b/tests/tests.csproj
@@ -10,6 +10,9 @@
+
+
+