Jakub Hadvig jhadvig

## go.go

type CustomTLSCert struct {
	Certificate string
	Key         string
}

func (c *RouteSyncController) getCA(tlsCert *CustomTLSCert) (*x509.CertPool, error) {
	caCertPool := x509.NewCertPool()

	if tlsCert != nil {

## ver.go
func certificateVerifier(customCert []byte) error {
	block, _ := pem.Decode([]byte(customCert))
	if block == nil {
		return fmt.Errorf("failed to decode certificate PEM")
	}
	certificate, err := x509.ParseCertificate(block.Bytes)
	if err != nil {
		return err
	}
	now := time.Now()

## go.go
func ValidateCustomCertSecret(customCertSecret *corev1.Secret) (*routesub.CustomTLSCert, error) {
	if customCertSecret == nil {
		return nil, nil
	}
	if customCertSecret.Type != corev1.SecretTypeTLS {
		return nil, fmt.Errorf("custom cert secret is not in %q type, instead uses %q type", corev1.SecretTypeTLS, customCertSecret.Type)
	}
	if len(customCertSecret.Data) == 0 {
		return nil, fmt.Errorf("custom cert secret doesn't contain 'Data' field")
	}

## gist:c414b836b63ad072ac3adf1ac00aff06
make build
fatal: No names found, cannot describe anything.
go build -mod=vendor -trimpath -ldflags "-s -w -X github.com/openshift/console-operator/pkg/version.versionFromGit="v0.0.0-unknown" -X github.com/openshift/console-operator/pkg/version.commitFromGit="f2b468860" -X github.com/openshift/console-operator/pkg/version.gitTreeState="dirty" -X github.com/openshift/console-operator/pkg/version.buildDate="2020-04-02T09:21:46Z" " github.com/openshift/console-operator/cmd/console
# k8s.io/client-go/tools/clientcmd
vendor/k8s.io/client-go/tools/clientcmd/validation.go:73:5: cannot use errConfigurationInvalid literal (type errConfigurationInvalid) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment:
	errConfigurationInvalid does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method)
# k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal
vendor/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/gvkparser.go:55:31: cannot use *typeSchema (type "sigs.k

## gist:91c7c83a38e9fc6129bae8e9c9d139b2
make test-unit
go test -mod=vendor -race ./pkg/... ./cmd/...
?   	github.com/openshift/console-operator/pkg/api	[no test files]
# k8s.io/client-go/tools/clientcmd
vendor/k8s.io/client-go/tools/clientcmd/validation.go:73:5: cannot use errConfigurationInvalid literal (type errConfigurationInvalid) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment:
	errConfigurationInvalid does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method)
# github.com/openshift/library-go/pkg/operator/v1helpers
vendor/github.com/openshift/library-go/pkg/operator/v1helpers/helpers.go:235:5: cannot use aggregate literal (type aggregate) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment:
	aggregate does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method)
# k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal

## create_user.sh
# create a secret with htpasswd file data for user 'test' with password 'test'
oc apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
  name: htpass-secret
  namespace: openshift-config
data:
  htpasswd: dGVzdDokYXByMSRxa0Zvb203dCRSWFIuNHhTV0lhL3h6dkRRUUFFUG8w
EOF

## console.go
package testframework

import (
	"fmt"
	"testing"
	"time"

	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	"k8s.io/apimachinery/pkg/types"
	"k8s.io/apimachinery/pkg/util/wait"

## .go
func ManageConsole(logger Logger, client *Clientset) error {
	cr, err := client.ConsoleV1alpha1Interface.Consoles(consoleapi.OpenShiftConsoleOperatorNamespace).Get(consoleapi.ResourceName, metav1.GetOptions{})
	if err != nil {
		return err
	}

	if isOperatorManaged(cr) {
		logger.Logf("console operator already in 'Managed' state")
		return nil
	}

## gist:370bdf106469c6839756e71654dbe7df
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: console-operator-authentication-reader
  namespace: kube-system
roleRef:
  kind: Role
  name: console-operator-authentication-reader
  apiGroup: rbac.authorization.k8s.io
subjects:

## .log

W0103 18:42:37.442096       1 cmd.go:127] Using insecure, self-signed certificates
I0103 18:42:37.442415       1 crypto.go:493] Generating new CA for console-operator-signer@1546540957 cert, and key in /tmp/serving-cert-328978447/serving-signer.crt, /tmp/serving-cert-328978447/serving-signer.key
I0103 18:42:37.979025       1 crypto.go:585] Generating server certificate in /tmp/serving-cert-328978447/tls.crt, key in /tmp/serving-cert-328978447/tls.key
I0103 18:42:38.268261       1 observer_polling.go:37] Adding reactor for file "/var/run/configmaps/config/controller-config.yaml"
I0103 18:42:38.268353       1 observer_polling.go:37] Adding reactor for file "/var/run/secrets/serving-cert/tls.crt"
I0103 18:42:38.268379       1 observer_polling.go:37] Adding reactor for file "/var/run/secrets/serving-cert/tls.key"
I0103 18:42:38.268856       1 observer_polling.go:96] Starting file observer
panic: unable to obtain replicaset reference for events: pods "console-operator-749cd856cb-7lmrq" is forbidden: User "system:

	type CustomTLSCert struct {
	Certificate string
	Key string
	}

	func (c RouteSyncController) getCA(tlsCert CustomTLSCert) (*x509.CertPool, error) {
	caCertPool := x509.NewCertPool()

	if tlsCert != nil {
	func certificateVerifier(customCert []byte) error {
	block, _ := pem.Decode([]byte(customCert))
	if block == nil {
	return fmt.Errorf("failed to decode certificate PEM")
	}
	certificate, err := x509.ParseCertificate(block.Bytes)
	if err != nil {
	return err
	}
	now := time.Now()
	func ValidateCustomCertSecret(customCertSecret corev1.Secret) (routesub.CustomTLSCert, error) {
	if customCertSecret == nil {
	return nil, nil
	}
	if customCertSecret.Type != corev1.SecretTypeTLS {
	return nil, fmt.Errorf("custom cert secret is not in %q type, instead uses %q type", corev1.SecretTypeTLS, customCertSecret.Type)
	}
	if len(customCertSecret.Data) == 0 {
	return nil, fmt.Errorf("custom cert secret doesn't contain 'Data' field")
	}
	make build
	fatal: No names found, cannot describe anything.
	go build -mod=vendor -trimpath -ldflags "-s -w -X github.com/openshift/console-operator/pkg/version.versionFromGit="v0.0.0-unknown" -X github.com/openshift/console-operator/pkg/version.commitFromGit="f2b468860" -X github.com/openshift/console-operator/pkg/version.gitTreeState="dirty" -X github.com/openshift/console-operator/pkg/version.buildDate="2020-04-02T09:21:46Z" " github.com/openshift/console-operator/cmd/console
	# k8s.io/client-go/tools/clientcmd
	vendor/k8s.io/client-go/tools/clientcmd/validation.go:73:5: cannot use errConfigurationInvalid literal (type errConfigurationInvalid) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment:
	errConfigurationInvalid does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method)
	# k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal
	vendor/k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal/gvkparser.go:55:31: cannot use *typeSchema (type "sigs.k
	make test-unit
	go test -mod=vendor -race ./pkg/... ./cmd/...
	? github.com/openshift/console-operator/pkg/api [no test files]
	# k8s.io/client-go/tools/clientcmd
	vendor/k8s.io/client-go/tools/clientcmd/validation.go:73:5: cannot use errConfigurationInvalid literal (type errConfigurationInvalid) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment:
	errConfigurationInvalid does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method)
	# github.com/openshift/library-go/pkg/operator/v1helpers
	vendor/github.com/openshift/library-go/pkg/operator/v1helpers/helpers.go:235:5: cannot use aggregate literal (type aggregate) as type "k8s.io/apimachinery/pkg/util/errors".Aggregate in assignment:
	aggregate does not implement "k8s.io/apimachinery/pkg/util/errors".Aggregate (missing Is method)
	# k8s.io/apiserver/pkg/endpoints/handlers/fieldmanager/internal
	# create a secret with htpasswd file data for user 'test' with password 'test'
	oc apply -f - <<EOF
	apiVersion: v1
	kind: Secret
	metadata:
	name: htpass-secret
	namespace: openshift-config
	data:
	htpasswd: dGVzdDokYXByMSRxa0Zvb203dCRSWFIuNHhTV0lhL3h6dkRRUUFFUG8w
	EOF
	package testframework

	import (
	"fmt"
	"testing"
	"time"

	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	"k8s.io/apimachinery/pkg/types"
	"k8s.io/apimachinery/pkg/util/wait"
	func ManageConsole(logger Logger, client *Clientset) error {
	cr, err := client.ConsoleV1alpha1Interface.Consoles(consoleapi.OpenShiftConsoleOperatorNamespace).Get(consoleapi.ResourceName, metav1.GetOptions{})
	if err != nil {
	return err
	}

	if isOperatorManaged(cr) {
	logger.Logf("console operator already in 'Managed' state")
	return nil
	}
	kind: RoleBinding
	apiVersion: rbac.authorization.k8s.io/v1
	metadata:
	name: console-operator-authentication-reader
	namespace: kube-system
	roleRef:
	kind: Role
	name: console-operator-authentication-reader
	apiGroup: rbac.authorization.k8s.io
	subjects:

	W0103 18:42:37.442096 1 cmd.go:127] Using insecure, self-signed certificates
	I0103 18:42:37.442415 1 crypto.go:493] Generating new CA for console-operator-signer@1546540957 cert, and key in /tmp/serving-cert-328978447/serving-signer.crt, /tmp/serving-cert-328978447/serving-signer.key
	I0103 18:42:37.979025 1 crypto.go:585] Generating server certificate in /tmp/serving-cert-328978447/tls.crt, key in /tmp/serving-cert-328978447/tls.key
	I0103 18:42:38.268261 1 observer_polling.go:37] Adding reactor for file "/var/run/configmaps/config/controller-config.yaml"
	I0103 18:42:38.268353 1 observer_polling.go:37] Adding reactor for file "/var/run/secrets/serving-cert/tls.crt"
	I0103 18:42:38.268379 1 observer_polling.go:37] Adding reactor for file "/var/run/secrets/serving-cert/tls.key"
	I0103 18:42:38.268856 1 observer_polling.go:96] Starting file observer
	panic: unable to obtain replicaset reference for events: pods "console-operator-749cd856cb-7lmrq" is forbidden: User "system: