Merge pull request #110 from JoshVanL/e2e-ginko

Creates proper e2e testing suite

Author: jetstack-bot

.dockerignore

@@ -1,2 +1,2 @@
 *
-!kube-oidc-proxy
+!/bin/kube-oidc-proxy

Dockerfile

@@ -1,8 +1,9 @@
 # Copyright Jetstack Ltd. See LICENSE for details.
-FROM alpine:3.9
+FROM alpine:3.10
+LABEL description="OIDC reverse proxy authenticator based on Kubernetes"
 
 RUN apk --no-cache --update add ca-certificates
 
-COPY kube-oidc-proxy /usr/bin/
+COPY ./bin/kube-oidc-proxy /usr/bin/kube-oidc-proxy
 
 CMD ["/usr/bin/kube-oidc-proxy"]

Makefile

@@ -65,16 +65,17 @@ go_fmt:
 	fi
 
 go_vet:
-	go vet
+	go vet ./cmd
 
 go_lint: $(BINDIR)/golangci-lint ## lint golang code for problems
 	$(BINDIR)/golangci-lint run
 
 clean: ## clean up created files
 	rm -rf \
 		$(BINDIR) \
-		kube-oidc-proxy \
-		pkg/mocks/authenticator.go
+		pkg/mocks/authenticator.go \
+		demo/bin \
+		test/e2e/framework/issuer/bin
 
 verify: depend verify_boilerplate go_fmt go_vet go_lint ## verify code and mod
 
@@ -84,29 +85,21 @@ generate: depend ## generates mocks and assets files
 test: generate verify ## run all go tests
 	go test $$(go list ./pkg/... ./cmd/... | grep -v pkg/e2e)
 
-e2e: e2e-1.15 ## run end to end tests
-
-e2e-1.15: build ## run end to end tests for kubernetes version 1.15
-	KUBE_OIDC_PROXY_NODE_IMAGE=1.15.0 go test ./pkg/e2e/. -v --count=1
-
-e2e-1.14: build ## run end to end tests for kubernetes version 1.14
-	KUBE_OIDC_PROXY_NODE_IMAGE=1.14.3 go test ./pkg/e2e/. -v --count=1
-
-e2e-1.13: build ## run end to end tests for kubernetes version 1.13
-	KUBE_OIDC_PROXY_NODE_IMAGE=1.13.7 go test ./pkg/e2e/. -v --count=1
-
-e2e-1.12: build ## run end to end tests for kubernetes version 1.12
-	KUBE_OIDC_PROXY_NODE_IMAGE=1.12.8 go test ./pkg/e2e/. -v --count=1
-
-e2e-1.11: build ## run end to end tests for kubernetes version 1.11
-	KUBE_OIDC_PROXY_NODE_IMAGE=1.11.10 go test ./pkg/e2e/. -v --count=1
+e2e: ## run end to end tests
+	KUBE_OIDC_PROXY_ROOT_PATH="$$(pwd)" go test -timeout 30m -v --count=1 ./test/e2e/suite/.
 
 build: generate ## build kube-oidc-proxy
-	CGO_ENABLED=0 go build -ldflags '-w $(shell hack/version-ldflags.sh)'
+	CGO_ENABLED=0 go build -ldflags '-w $(shell hack/version-ldflags.sh)' -o ./bin/kube-oidc-proxy ./cmd/.
 
 docker_build: generate test build ## build docker image
 	docker build -t kube-oidc-proxy .
 
 all: test build ## runs tests, build
 
 image: all docker_build ## runs tests, build and docker build
+
+dev_cluster_create: ## create dev cluster for development testing
+	KUBE_OIDC_PROXY_ROOT_PATH="$$(pwd)" go run -v ./test/environment/dev create
+
+dev_cluster_destroy: ## destroy dev cluster
+	KUBE_OIDC_PROXY_ROOT_PATH="$$(pwd)" go run -v ./test/environment/dev destroy

cmd/options/client.go renamed to cmd/app/options/client.go

@@ -18,10 +18,10 @@ type KubeOIDCProxyOptions struct {
 func (t *TokenPassthroughOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.StringSliceVar(&t.Audiences, "token-passthrough-audiences", t.Audiences, ""+
 		"(Alpha) List of the identifiers that the resource server presented with the token "+
-		"identifies as. The resoure server will verify that non OIDC tokens are intended "+
+		"identifies as. The resource server will verify that non OIDC tokens are intended "+
 		"for at least one of the audiences in this list. If no audiences are "+
 		"provided, the audience will default to the audience of the Kubernetes "+
-		"apiserver.")
+		"apiserver. Only used when --token-passthrough is also enabled.")
 
 	fs.BoolVar(&t.Enabled, "token-passthrough", t.Enabled, ""+
 		"(Alpha) Requests with Bearer tokens that fail OIDC validation are tried against "+

cmd/options/kube_oidc_proxy.go renamed to cmd/app/options/kube_oidc_proxy.go

@@ -1,5 +1,5 @@
 // Copyright Jetstack Ltd. See LICENSE for details.
-package cmd
+package options
 
 import (
 	// This package is required to be imported to register all client

cmd/options/oidc.go renamed to cmd/app/options/oidc.go

@@ -1,5 +1,5 @@
 // Copyright Jetstack Ltd. See LICENSE for details.
-package cmd
+package app
 
 import (
 	"errors"
@@ -18,7 +18,7 @@ import (
 	cliflag "k8s.io/component-base/cli/flag"
 	"k8s.io/component-base/cli/globalflag"
 
-	"github.com/jetstack/kube-oidc-proxy/cmd/options"
+	"github.com/jetstack/kube-oidc-proxy/cmd/app/options"
 	"github.com/jetstack/kube-oidc-proxy/pkg/probe"
 	"github.com/jetstack/kube-oidc-proxy/pkg/proxy"
 	"github.com/jetstack/kube-oidc-proxy/pkg/proxy/tokenreview"

cmd/plugin.go renamed to cmd/app/options/plugin.go

@@ -5,13 +5,13 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/jetstack/kube-oidc-proxy/cmd"
+	"github.com/jetstack/kube-oidc-proxy/cmd/app"
 	"github.com/jetstack/kube-oidc-proxy/pkg/util"
 )
 
 func main() {
 	stopCh := util.SignalHandler()
-	cmd := cmd.NewRunCommand(stopCh)
+	cmd := app.NewRunCommand(stopCh)
 
 	if err := cmd.Execute(); err != nil {
 		fmt.Fprintf(os.Stderr, "error: %v\n", err)

cmd/run.go renamed to cmd/app/run.go

@@ -135,5 +135,7 @@ rules:
   - "authentication.k8s.io"
   resources:
   - "userextras/scopes"
+  - "tokenreviews"
   verbs:
+  - "create"
   - "impersonate"