diff --git a/pkg/ytconfig/canondata/TestGetHTTPProxyConfig/test.canondata b/pkg/ytconfig/canondata/TestGetHTTPProxyConfig/test.canondata index 1a6f95cb..848967e3 100644 --- a/pkg/ytconfig/canondata/TestGetHTTPProxyConfig/test.canondata +++ b/pkg/ytconfig/canondata/TestGetHTTPProxyConfig/test.canondata @@ -109,10 +109,8 @@ ]; }; "oauth_cookie_authenticator"={ - "create_user_if_not_exists"=%false; }; "oauth_token_authenticator"={ - "create_user_if_not_exists"=%false; }; "require_authentication"=%true; }; diff --git a/pkg/ytconfig/canondata/TestGetHTTPProxyConfigDisableCreateOauthUser/test.canondata b/pkg/ytconfig/canondata/TestGetHTTPProxyConfigDisableCreateOauthUser/test.canondata new file mode 100644 index 00000000..1a6f95cb --- /dev/null +++ b/pkg/ytconfig/canondata/TestGetHTTPProxyConfigDisableCreateOauthUser/test.canondata @@ -0,0 +1,155 @@ +{ + "address_resolver"={ + "enable_ipv4"=%true; + "enable_ipv6"=%false; + retries=1000; + }; + "solomon_exporter"={ + host="{POD_SHORT_HOSTNAME}"; + "instance_tags"={ + pod="{K8S_POD_NAME}"; + }; + }; + logging={ + writers={ + info={ + type=file; + "file_name"="/var/log/http-proxy.info.log"; + format="plain_text"; + "enable_system_messages"=%true; + }; + stderr={ + type=stderr; + format="plain_text"; + "enable_system_messages"=%true; + }; + }; + rules=[ + { + "min_level"=info; + writers=[ + info; + ]; + family="plain_text"; + }; + { + "min_level"=error; + writers=[ + stderr; + ]; + family="plain_text"; + }; + ]; + "flush_period"=3000; + }; + "monitoring_port"=10016; + "rpc_port"=9016; + "timestamp_provider"={ + addresses=[ + "ms-test-0.masters-test.fake.svc.fake.zone:9010"; + ]; + }; + "cluster_connection"={ + "cluster_name"=test; + "primary_master"={ + addresses=[ + "ms-test-0.masters-test.fake.svc.fake.zone:9010"; + ]; + peers=[ + { + address="ms-test-0.masters-test.fake.svc.fake.zone:9010"; + voting=%true; + }; + ]; + "cell_id"="65726e65-ad6b7562-259-79747361"; + }; + "discovery_connection"={ + addresses=[ + "ds-test-0.discovery-test.fake.svc.fake.zone:9020"; + "ds-test-1.discovery-test.fake.svc.fake.zone:9020"; + "ds-test-2.discovery-test.fake.svc.fake.zone:9020"; + ]; + }; + "master_cache"={ + addresses=[ + "msc-test-0.master-caches-test.fake.svc.fake.zone:9018"; + "msc-test-1.master-caches-test.fake.svc.fake.zone:9018"; + "msc-test-2.master-caches-test.fake.svc.fake.zone:9018"; + ]; + "cell_id"="65726e65-ad6b7562-259-79747361"; + "enable_master_cache_discovery"=%false; + }; + }; + "cypress_annotations"={ + "k8s_node_name"="{K8S_NODE_NAME}"; + "k8s_pod_name"="{K8S_POD_NAME}"; + "k8s_pod_namespace"="{K8S_POD_NAMESPACE}"; + "physical_host"="{K8S_NODE_NAME}"; + }; + port=80; + auth={ + "cypress_cookie_manager"={ + }; + "cypress_user_manager"={ + }; + "cypress_token_authenticator"={ + secure=%true; + }; + "oauth_service"={ + host="oauth-host"; + port=433; + secure=%true; + "user_info_endpoint"="user-info-endpoint"; + "user_info_login_field"=login; + "login_transformations"=[ + { + "match_pattern"="(.*)@ytsaurus.team"; + replacement="\\1"; + }; + ]; + }; + "oauth_cookie_authenticator"={ + "create_user_if_not_exists"=%false; + }; + "oauth_token_authenticator"={ + "create_user_if_not_exists"=%false; + }; + "require_authentication"=%true; + }; + coordinator={ + enable=%true; + "default_role_filter"=default; + }; + driver={ + "timestamp_provider"={ + addresses=[ + "ms-test-0.masters-test.fake.svc.fake.zone:9010"; + ]; + }; + "primary_master"={ + addresses=[ + "ms-test-0.masters-test.fake.svc.fake.zone:9010"; + ]; + peers=[ + { + address="ms-test-0.masters-test.fake.svc.fake.zone:9010"; + voting=%true; + }; + ]; + "cell_id"="65726e65-ad6b7562-259-79747361"; + }; + }; + role=control; + "https_server"={ + port=443; + credentials={ + "cert_chain"={ + "file_name"="/tls/https_secret/tls.crt"; + }; + "private_key"={ + "file_name"="/tls/https_secret/tls.key"; + }; + "update_period"=60000; + }; + }; +} \ No newline at end of file diff --git a/pkg/ytconfig/canondata/TestGetHTTPProxyConfigEnableCreateOauthUser/test.canondata b/pkg/ytconfig/canondata/TestGetHTTPProxyConfigEnableCreateOauthUser/test.canondata new file mode 100644 index 00000000..b5c828ab --- /dev/null +++ b/pkg/ytconfig/canondata/TestGetHTTPProxyConfigEnableCreateOauthUser/test.canondata @@ -0,0 +1,155 @@ +{ + "address_resolver"={ + "enable_ipv4"=%true; + "enable_ipv6"=%false; + retries=1000; + }; + "solomon_exporter"={ + host="{POD_SHORT_HOSTNAME}"; + "instance_tags"={ + pod="{K8S_POD_NAME}"; + }; + }; + logging={ + writers={ + info={ + type=file; + "file_name"="/var/log/http-proxy.info.log"; + format="plain_text"; + "enable_system_messages"=%true; + }; + stderr={ + type=stderr; + format="plain_text"; + "enable_system_messages"=%true; + }; + }; + rules=[ + { + "min_level"=info; + writers=[ + info; + ]; + family="plain_text"; + }; + { + "min_level"=error; + writers=[ + stderr; + ]; + family="plain_text"; + }; + ]; + "flush_period"=3000; + }; + "monitoring_port"=10016; + "rpc_port"=9016; + "timestamp_provider"={ + addresses=[ + "ms-test-0.masters-test.fake.svc.fake.zone:9010"; + ]; + }; + "cluster_connection"={ + "cluster_name"=test; + "primary_master"={ + addresses=[ + "ms-test-0.masters-test.fake.svc.fake.zone:9010"; + ]; + peers=[ + { + address="ms-test-0.masters-test.fake.svc.fake.zone:9010"; + voting=%true; + }; + ]; + "cell_id"="65726e65-ad6b7562-259-79747361"; + }; + "discovery_connection"={ + addresses=[ + "ds-test-0.discovery-test.fake.svc.fake.zone:9020"; + "ds-test-1.discovery-test.fake.svc.fake.zone:9020"; + "ds-test-2.discovery-test.fake.svc.fake.zone:9020"; + ]; + }; + "master_cache"={ + addresses=[ + "msc-test-0.master-caches-test.fake.svc.fake.zone:9018"; + "msc-test-1.master-caches-test.fake.svc.fake.zone:9018"; + "msc-test-2.master-caches-test.fake.svc.fake.zone:9018"; + ]; + "cell_id"="65726e65-ad6b7562-259-79747361"; + "enable_master_cache_discovery"=%false; + }; + }; + "cypress_annotations"={ + "k8s_node_name"="{K8S_NODE_NAME}"; + "k8s_pod_name"="{K8S_POD_NAME}"; + "k8s_pod_namespace"="{K8S_POD_NAMESPACE}"; + "physical_host"="{K8S_NODE_NAME}"; + }; + port=80; + auth={ + "cypress_cookie_manager"={ + }; + "cypress_user_manager"={ + }; + "cypress_token_authenticator"={ + secure=%true; + }; + "oauth_service"={ + host="oauth-host"; + port=433; + secure=%true; + "user_info_endpoint"="user-info-endpoint"; + "user_info_login_field"=login; + "login_transformations"=[ + { + "match_pattern"="(.*)@ytsaurus.team"; + replacement="\\1"; + }; + ]; + }; + "oauth_cookie_authenticator"={ + "create_user_if_not_exists"=%true; + }; + "oauth_token_authenticator"={ + "create_user_if_not_exists"=%true; + }; + "require_authentication"=%true; + }; + coordinator={ + enable=%true; + "default_role_filter"=default; + }; + driver={ + "timestamp_provider"={ + addresses=[ + "ms-test-0.masters-test.fake.svc.fake.zone:9010"; + ]; + }; + "primary_master"={ + addresses=[ + "ms-test-0.masters-test.fake.svc.fake.zone:9010"; + ]; + peers=[ + { + address="ms-test-0.masters-test.fake.svc.fake.zone:9010"; + voting=%true; + }; + ]; + "cell_id"="65726e65-ad6b7562-259-79747361"; + }; + }; + role=control; + "https_server"={ + port=443; + credentials={ + "cert_chain"={ + "file_name"="/tls/https_secret/tls.crt"; + }; + "private_key"={ + "file_name"="/tls/https_secret/tls.key"; + }; + "update_period"=60000; + }; + }; +} \ No newline at end of file diff --git a/pkg/ytconfig/canondata/TestGetRPCProxyConfig/test.canondata b/pkg/ytconfig/canondata/TestGetRPCProxyConfig/test.canondata index fe4a5c9c..f84a7b70 100644 --- a/pkg/ytconfig/canondata/TestGetRPCProxyConfig/test.canondata +++ b/pkg/ytconfig/canondata/TestGetRPCProxyConfig/test.canondata @@ -106,7 +106,6 @@ ]; }; "oauth_token_authenticator"={ - "create_user_if_not_exists"=%false; }; "require_authentication"=%true; } \ No newline at end of file diff --git a/pkg/ytconfig/generator_test.go b/pkg/ytconfig/generator_test.go index 907de1e7..e7a845a4 100644 --- a/pkg/ytconfig/generator_test.go +++ b/pkg/ytconfig/generator_test.go @@ -265,6 +265,24 @@ func TestGetHTTPProxyConfig(t *testing.T) { canonize.Assert(t, cfg) } +func TestGetHTTPProxyConfigDisableCreateOauthUser(t *testing.T) { + spec := getYtsaurusWithEverything() + spec.Spec.OauthService.DisableUserCreation = ptr.To(true) + g := NewGenerator(spec, testClusterDomain) + cfg, err := g.GetHTTPProxyConfig(getHTTPProxySpec()) + require.NoError(t, err) + canonize.Assert(t, cfg) +} + +func TestGetHTTPProxyConfigEnableCreateOauthUser(t *testing.T) { + spec := getYtsaurusWithEverything() + spec.Spec.OauthService.DisableUserCreation = ptr.To(false) + g := NewGenerator(spec, testClusterDomain) + cfg, err := g.GetHTTPProxyConfig(getHTTPProxySpec()) + require.NoError(t, err) + canonize.Assert(t, cfg) +} + func TestGetMasterConfig(t *testing.T) { ytsaurus := getYtsaurusWithEverything() g := NewGenerator(ytsaurus, testClusterDomain) @@ -598,7 +616,6 @@ func withOauthSpec(ytsaurus *ytv1.Ytsaurus) *ytv1.Ytsaurus { }, }, }, - DisableUserCreation: ptr.To(true), } return ytsaurus }