From 92650c750722c4fbb61aebbd3b0cc64e0ebcf503 Mon Sep 17 00:00:00 2001 From: Matt Ralph Date: Mon, 25 Mar 2019 17:11:33 +0000 Subject: [PATCH 1/3] Support multiple expires-on field formats `expires-on` field in config can be an int or a timestring --- config/kube_config.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/config/kube_config.py b/config/kube_config.py index 9ca869c8..27136c9c 100644 --- a/config/kube_config.py +++ b/config/kube_config.py @@ -227,8 +227,12 @@ def _load_azure_token(self, provider): if 'access-token' not in provider['config']: return if 'expires-on' in provider['config']: - if int(provider['config']['expires-on']) < time.gmtime(): - self._refresh_azure_token(provider['config']) + try: + if time.gmtime(int(provider['config']['expires-on'])) < time.gmtime(): + self._refresh_azure_token(provider['config']) + except ValueError: # sometimes expires-on is not an int, but a datestring + if time.strptime(provider['config']['expires-on'], '%Y-%m-%d %H:%M:%S.%f') < time.gmtime(): + self._refresh_azure_token(provider['config']) self.token = 'Bearer %s' % provider['config']['access-token'] return self.token From 99fac997e11a6d50a5c67171bd957850ee3eee8e Mon Sep 17 00:00:00 2001 From: Matt Ralph Date: Wed, 17 Apr 2019 17:51:49 +0530 Subject: [PATCH 2/3] Changes to pass tox qa --- config/kube_config.py | 6 ++++-- config/kube_config_test.py | 3 ++- watch/watch_test.py | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/config/kube_config.py b/config/kube_config.py index 27136c9c..c09ba954 100644 --- a/config/kube_config.py +++ b/config/kube_config.py @@ -228,10 +228,12 @@ def _load_azure_token(self, provider): return if 'expires-on' in provider['config']: try: - if time.gmtime(int(provider['config']['expires-on'])) < time.gmtime(): + if time.gmtime(int(provider['config']['expires-on'])) < time.gmtime(): self._refresh_azure_token(provider['config']) except ValueError: # sometimes expires-on is not an int, but a datestring - if time.strptime(provider['config']['expires-on'], '%Y-%m-%d %H:%M:%S.%f') < time.gmtime(): + parsed_time = time.strptime( + provider['config']['expires-on'], '%Y-%m-%d %H:%M:%S.%f') + if parsed_time < time.gmtime(): self._refresh_azure_token(provider['config']) self.token = 'Bearer %s' % provider['config']['access-token'] return self.token diff --git a/config/kube_config_test.py b/config/kube_config_test.py index 11ebb351..d0ef5943 100644 --- a/config/kube_config_test.py +++ b/config/kube_config_test.py @@ -1117,7 +1117,8 @@ def test_list_kube_config_contexts(self): {'context': {'cluster': 'ssl', 'user': 'ssl'}, 'name': 'ssl'}, {'context': {'cluster': 'default', 'user': 'simple_token'}, 'name': 'simple_token'}, - {'context': {'cluster': 'default', 'user': 'expired_oidc'}, 'name': 'expired_oidc'}] + {'context': {'cluster': 'default', 'user': 'expired_oidc'}, + 'name': 'expired_oidc'}] contexts, active_context = list_kube_config_contexts( config_file=kubeconfigs) diff --git a/watch/watch_test.py b/watch/watch_test.py index ebc400af..086ee975 100644 --- a/watch/watch_test.py +++ b/watch/watch_test.py @@ -78,7 +78,7 @@ def test_watch_for_follow(self): fake_api = Mock() fake_api.read_namespaced_pod_log = Mock(return_value=fake_resp) - fake_api.read_namespaced_pod_log.__doc__ = ':param bool follow:\n:return: str' + fake_api.read_namespaced_pod_log.__doc__ = ':param bool follow:\n:return: str' # noqa: E501 w = Watch() count = 1 From 18df666fbfa167bb99436834d596e95842b64ad8 Mon Sep 17 00:00:00 2001 From: Matt Ralph Date: Fri, 10 May 2019 15:58:48 +0100 Subject: [PATCH 3/3] Add tests to exercise expires-on logic --- config/kube_config_test.py | 57 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/config/kube_config_test.py b/config/kube_config_test.py index d0ef5943..5408b191 100644 --- a/config/kube_config_test.py +++ b/config/kube_config_test.py @@ -20,6 +20,7 @@ import os import shutil import tempfile +import time import unittest import mock @@ -1152,6 +1153,62 @@ def test_save_changes(self): # new token self.assertEqual(provider.value['id-token'], "token-changed") + @mock.patch('time') + def test___load_azure_token(self, mock_time): + class TestKubeConfigLoader(KubeConfigLoader): + def __init__(self): + self.refresh_called = 0 + + def _refresh_azure_token(self, param_1): + self.refresh_called += 1 + + time.gmtime = mock.Mock(return_value=time.struct_time( + tm_year=2019, tm_mon=5, tm_mday=10, tm_hour=14, tm_min=47, tm_sec=31, tm_wday=4, tm_yday=130, tm_isdst=0)) + + fake_provider_expires_on_int_old = { + "config": "dummy", + "access-token": "dummy", + "expires-on": 1555503941 # 17 April 2019 + } + + fake_provider_expires_on_int_new = { + "config": "dummy", + "access-token": "dummy", + "expires-on": 1585555941 # 30 March 2020 + } + + fake_provider_expires_on_datestring_old = { + "config": "dummy", + "access-token": "dummy", + "expires-on": "2018-02-03 14:56:48.999" + } + + fake_provider_expires_on_datestring_new = { + "config": "dummy", + "access-token": "dummy", + "expires-on": "2021-02-03 14:56:48.999" + } + + test_kube_config_loader = TestKubeConfigLoader() + test_kube_config_loader._load_azure_token( + fake_provider_expires_on_int_old) + self.assertEqual(test_kube_config_loader.refresh_called, 0) + + test_kube_config_loader = TestKubeConfigLoader() + test_kube_config_loader._load_azure_token( + fake_provider_expires_on_datestring_old) + self.assertEqual(test_kube_config_loader.refresh_called, 0) + + test_kube_config_loader = TestKubeConfigLoader() + test_kube_config_loader._load_azure_token( + fake_provider_expires_on_int_new) + self.assertEqual(test_kube_config_loader.refresh_called, 1) + + test_kube_config_loader = TestKubeConfigLoader() + test_kube_config_loader._load_azure_token( + fake_provider_expires_on_datestring_new) + self.assertEqual(test_kube_config_loader.refresh_called, 1) + if __name__ == '__main__': unittest.main()