From c4c3073cd166eecfd9918472110e055a9e1555e7 Mon Sep 17 00:00:00 2001 From: Joshua Casey Date: Thu, 21 Sep 2023 11:48:49 -0500 Subject: [PATCH] Allow 'pinniped get kubeconfig' to override the client-go credential plugin command --- cmd/pinniped/cmd/kubeconfig.go | 5 +++++ cmd/pinniped/cmd/kubeconfig_test.go | 5 +++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/cmd/pinniped/cmd/kubeconfig.go b/cmd/pinniped/cmd/kubeconfig.go index 930c673c3..ca6009005 100644 --- a/cmd/pinniped/cmd/kubeconfig.go +++ b/cmd/pinniped/cmd/kubeconfig.go @@ -97,6 +97,7 @@ type getKubeconfigParams struct { credentialCachePath string credentialCachePathSet bool installHint string + pinnipedCliPath string } type discoveryResponseScopesSupported struct { @@ -152,6 +153,7 @@ func kubeconfigCommand(deps kubeconfigDeps) *cobra.Command { f.StringVarP(&flags.outputPath, "output", "o", "", "Output file path (default: stdout)") f.StringVar(&flags.generatedNameSuffix, "generated-name-suffix", "-pinniped", "Suffix to append to generated cluster, context, user kubeconfig entries") f.StringVar(&flags.credentialCachePath, "credential-cache", "", "Path to cluster-specific credentials cache") + f.StringVar(&flags.pinnipedCliPath, "pinniped-cli-path", "", "Full path or executable name for the Pinniped CLI binary to be embedded in the resulting kubeconfig output (e.g. 'pinniped') (default: basename of the binary used to execute this command)") f.StringVar(&flags.installHint, "install-hint", "The pinniped CLI does not appear to be installed. See https://get.pinniped.dev/cli for more details", "This text is shown to the user when the pinniped CLI is not installed.") mustMarkHidden(cmd, "oidc-debug-session-cache") @@ -270,6 +272,9 @@ func newExecConfig(deps kubeconfigDeps, flags getKubeconfigParams) (*clientcmdap execConfig.InstallHint = flags.installHint var err error execConfig.Command, err = func() (string, error) { + if flags.pinnipedCliPath != "" { + return flags.pinnipedCliPath, nil + } command, err := deps.getPathToSelf() return filepath.Base(command), err }() diff --git a/cmd/pinniped/cmd/kubeconfig_test.go b/cmd/pinniped/cmd/kubeconfig_test.go index 6151367e6..ce6e8cc4c 100644 --- a/cmd/pinniped/cmd/kubeconfig_test.go +++ b/cmd/pinniped/cmd/kubeconfig_test.go @@ -148,6 +148,7 @@ func TestGetKubeconfig(t *testing.T) { --oidc-session-cache string Path to OpenID Connect session cache file --oidc-skip-browser During OpenID Connect login, skip opening the browser (just print the URL) -o, --output string Output file path (default: stdout) + --pinniped-cli-path string Full path or executable name for the Pinniped CLI binary to be embedded in the resulting kubeconfig output (e.g. 'pinniped') (default: basename of the binary used to execute this command) --skip-validation Skip final validation of the kubeconfig (default: false) --static-token string Instead of doing an OIDC-based login, specify a static token --static-token-env string Instead of doing an OIDC-based login, read a static token from the environment @@ -1585,7 +1586,6 @@ func TestGetKubeconfig(t *testing.T) { }, }, { - name: "autodetect nothing, set a bunch of options", args: func(issuerCABundle string, issuerURL string) []string { f := testutil.WriteStringToTempFile(t, "testca-*.pem", issuerCABundle) @@ -1609,6 +1609,7 @@ func TestGetKubeconfig(t *testing.T) { "--skip-validation", "--generated-name-suffix", "-sso", "--credential-cache", "/path/to/cache/dir/credentials.yaml", + "--pinniped-cli-path", "/some/path/to/command-exe", } }, conciergeObjects: func(issuerCABundle string, issuerURL string) []runtime.Object { @@ -1660,7 +1661,7 @@ func TestGetKubeconfig(t *testing.T) { - --session-cache=/path/to/cache/dir/sessions.yaml - --debug-session-cache - --request-audience=test-audience - command: pinniped + command: /some/path/to/command-exe env: [] installHint: The pinniped CLI does not appear to be installed. See https://get.pinniped.dev/cli for more details