Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Chu Peng 楚鹏
minikube
提交
e37c7053
M
minikube
项目概览
Chu Peng 楚鹏
/
minikube
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
M
minikube
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
e37c7053
编写于
4月 17, 2020
作者:
T
Thomas Strömberg
提交者:
GitHub
4月 17, 2020
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #7544 from prasadkatti/certopts_tests
Update TestCertOptions
上级
ec216a35
492211ff
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
28 addition
and
4 deletion
+28
-4
test/integration/cert_options_test.go
test/integration/cert_options_test.go
+28
-4
未找到文件。
test/integration/cert_options_test.go
浏览文件 @
e37c7053
...
...
@@ -21,6 +21,7 @@ package integration
import
(
"context"
"os/exec"
"strings"
"testing"
)
...
...
@@ -35,7 +36,7 @@ func TestCertOptions(t *testing.T) {
defer
CleanupWithLogs
(
t
,
profile
,
cancel
)
// Use the most verbose logging for the simplest test. If it fails, something is very wrong.
args
:=
append
([]
string
{
"start"
,
"-p"
,
profile
,
"--memory=1900"
,
"--apiserver-ips=127.0.0.1
,192.168.15.15"
,
"--apiserver-names=localhost,
www.google.com"
,
"--apiserver-port=8555"
},
StartArgs
()
...
)
args
:=
append
([]
string
{
"start"
,
"-p"
,
profile
,
"--memory=1900"
,
"--apiserver-ips=127.0.0.1
"
,
"--apiserver-ips=192.168.15.15"
,
"--apiserver-names=localhost"
,
"--apiserver-names=
www.google.com"
,
"--apiserver-port=8555"
},
StartArgs
()
...
)
// We can safely override --apiserver-name with
if
NeedsPortForward
()
{
...
...
@@ -47,10 +48,33 @@ func TestCertOptions(t *testing.T) {
t
.
Errorf
(
"failed to start minikube with args: %q : %v"
,
rr
.
Command
(),
err
)
}
// test that file written from host was read in by the pod via cat /mount-9p/written-by-host;
rr
,
err
=
Run
(
t
,
exec
.
CommandContext
(
ctx
,
"kubectl"
,
"--context"
,
profile
,
"version"
))
// verify that the alternate names/ips are included in the apiserver cert
// in minikube vm, run - openssl x509 -text -noout -in /var/lib/minikube/certs/apiserver.crt
// to inspect the apiserver cert
// can filter further with '-certopt no_subject,no_header,no_version,no_serial,no_signame,no_validity,no_issuer,no_pubkey,no_sigdump,no_aux'
apiserverCertCmd
:=
"openssl x509 -text -noout -in /var/lib/minikube/certs/apiserver.crt"
rr
,
err
=
Run
(
t
,
exec
.
CommandContext
(
ctx
,
Target
(),
"-p"
,
profile
,
"ssh"
,
apiserverCertCmd
))
if
err
!=
nil
{
t
.
Errorf
(
"failed to get kubectl version. args %q : %v"
,
rr
.
Command
(),
err
)
t
.
Errorf
(
"failed to read apiserver cert inside minikube. args %q: %v"
,
rr
.
Command
(),
err
)
}
extraNamesIps
:=
[
4
]
string
{
"127.0.0.1"
,
"192.168.15.15"
,
"localhost"
,
"www.google.com"
}
for
_
,
eni
:=
range
extraNamesIps
{
if
!
strings
.
Contains
(
rr
.
Stdout
.
String
(),
eni
)
{
t
.
Errorf
(
"apiserver cert does not include %s in SAN."
,
eni
)
}
}
// verify that the apiserver is serving on port 8555
rr
,
err
=
Run
(
t
,
exec
.
CommandContext
(
ctx
,
"kubectl"
,
"--context"
,
profile
,
"config"
,
"view"
))
if
err
!=
nil
{
t
.
Errorf
(
"failed to get kubectl config. args %q : %v"
,
rr
.
Command
(),
err
)
}
if
!
strings
.
Contains
(
rr
.
Stdout
.
String
(),
"8555"
)
{
t
.
Errorf
(
"apiserver server port incorrect. Output of 'kubectl config view' = %q"
,
rr
.
Output
())
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录