feat: pass impersonation user to REST config construction

Signed-off-by: Logan Cox <mail@logan-cox.com>

go.mod

@@ -19,7 +19,6 @@ require (
 	k8s.io/api v0.30.3
 	k8s.io/apiextensions-apiserver v0.30.3
 	k8s.io/apimachinery v0.30.3
-	k8s.io/cli-runtime v0.30.3
 	k8s.io/client-go v0.30.3
 	k8s.io/code-generator v0.30.3
 	sigs.k8s.io/controller-runtime v0.18.4
@@ -28,7 +27,6 @@ require (
 )
 
 require (
-	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
 	github.com/BurntSushi/toml v1.0.0 // indirect
 	github.com/Microsoft/go-winio v0.5.1 // indirect
 	github.com/alessio/shellescape v1.4.1 // indirect
@@ -42,7 +40,6 @@ require (
 	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
 	github.com/fatih/color v1.16.0 // indirect
 	github.com/felixge/httpsnoop v1.0.3 // indirect
-	github.com/go-errors/errors v1.4.2 // indirect
 	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
@@ -51,41 +48,34 @@ require (
 	github.com/gobuffalo/flect v1.0.2 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
-	github.com/google/btree v1.0.1 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/safetext v0.0.0-20220905092116-b49f7bc46da2 // indirect
 	github.com/google/uuid v1.6.0 // indirect
-	github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
 	github.com/imdario/mergo v0.3.12 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/moby/docker-image-spec v1.3.1 // indirect
 	github.com/moby/term v0.0.0-20221205130635-1aeaba878587 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.0.2 // indirect
 	github.com/pelletier/go-toml v1.9.4 // indirect
-	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/rogpeppe/go-internal v1.12.0 // indirect
-	github.com/xlab/treeprint v1.2.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 // indirect
 	go.opentelemetry.io/otel v1.27.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.27.0 // indirect
 	go.opentelemetry.io/otel/metric v1.27.0 // indirect
 	go.opentelemetry.io/otel/sdk v1.27.0 // indirect
 	go.opentelemetry.io/otel/trace v1.27.0 // indirect
-	go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
 	golang.org/x/mod v0.17.0 // indirect
 	golang.org/x/net v0.25.0 // indirect
 	golang.org/x/oauth2 v0.20.0 // indirect
@@ -104,8 +94,6 @@ require (
 	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
 	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
-	sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )

pkg/kuttlctl/cmd/assert.go

@@ -17,6 +17,7 @@ var (
 func newAssertCmd() *cobra.Command {
 	timeout := 5
 	namespace := "default"
+	as := ""
 
 	assertCmd := &cobra.Command{
 		Use:     "assert",
@@ -27,12 +28,13 @@ func newAssertCmd() *cobra.Command {
 			if len(args) == 0 {
 				return errors.New("one file argument is required")
 			}
-			return test.Assert(namespace, timeout, args...)
+			return test.Assert(namespace, timeout, as, args...)
 		},
 	}
 
 	assertCmd.Flags().IntVar(&timeout, "timeout", 5, "The timeout to use as default for TestSuite configuration.")
 	assertCmd.Flags().StringVarP(&namespace, "namespace", "n", "default", "Namespace to use for test assert.")
+	assertCmd.Flags().StringVar(&as, "as", "", "The user you wish to impersonate")
 
 	return assertCmd
 }

pkg/kuttlctl/cmd/root.go

@@ -2,15 +2,12 @@ package cmd
 
 import (
 	"github.com/spf13/cobra"
-	"k8s.io/cli-runtime/pkg/genericclioptions"
 
 	"github.com/kudobuilder/kuttl/pkg/version"
 )
 
 // NewKuttlCmd creates a new root command for kuttlctl
 func NewKuttlCmd() *cobra.Command {
-	configFlags := genericclioptions.NewConfigFlags(true)
-
 	cmd := &cobra.Command{
 		Use:   "kubectl-kuttl",
 		Short: "CLI to Test Kubernetes",
@@ -37,7 +34,6 @@ and serves as an API aggregation layer.
 	cmd.AddCommand(newErrorsCmd())
 	cmd.AddCommand(newTestCmd())
 	cmd.AddCommand(newVersionCmd())
-	configFlags.AddFlags(cmd.PersistentFlags())
 
 	return cmd
 }

pkg/test/assert.go

@@ -13,7 +13,7 @@ import (
 )
 
 // Assert checks all provided assert files against a namespace.  Upon assert failure, it prints the failures and returns an error
-func Assert(namespace string, timeout int, assertFiles ...string) error {
+func Assert(namespace string, timeout int, as string, assertFiles ...string) error {
 	var objects []client.Object
 
 	for _, file := range assertFiles {
@@ -104,11 +104,16 @@ func Errors(namespace string, timeout int, errorFiles ...string) error {
 	return errors.New("error asserts not valid")
 }
 
-func Client(_ bool) (client.Client, error) {
+func Client(_ bool, as string) (client.Client, error) {
 	cfg, err := config.GetConfig()
 	if err != nil {
 		return nil, err
 	}
+
+	if as != "" {
+		cfg.Impersonate.UserName = as
+	}
+
 	client, err := testutils.NewRetryClient(cfg, client.Options{
 		Scheme: testutils.Scheme(),
 	})
@@ -118,8 +123,13 @@ func Client(_ bool) (client.Client, error) {
 	return client, nil
 }
 
-func DiscoveryClient() (discovery.DiscoveryInterface, error) {
+func DiscoveryClient(as string) (discovery.DiscoveryInterface, error) {
 	cfg, err := config.GetConfig()
+
+	if as != "" {
+		cfg.Impersonate.UserName = as
+	}
+
 	if err != nil {
 		return nil, err
 	}

pkg/test/case.go

@@ -44,8 +44,8 @@ type Case struct {
 	PreferredNamespace string
 	RunLabels          labels.Set
 
-	Client          func(forceNew bool) (client.Client, error)
-	DiscoveryClient func() (discovery.DiscoveryInterface, error)
+	Client          func(forceNew bool,  as string) (client.Client, error)
+	DiscoveryClient func(as string) (discovery.DiscoveryInterface, error)
 
 	Logger testutils.Logger
 	// Suppress is used to suppress logs
@@ -131,7 +131,7 @@ func (t *Case) CreateNamespace(test *testing.T, cl client.Client, ns *namespace)
 
 // NamespaceExists gets namespace and returns true if it exists
 func (t *Case) NamespaceExists(namespace string) (bool, error) {
-	cl, err := t.Client(false)
+	cl, err := t.Client(false, "")
 	if err != nil {
 		return false, err
 	}
@@ -184,7 +184,7 @@ func (o byFirstTimestampCoreV1) Less(i, j int) bool {
 
 // CollectEvents gathers all events from namespace and prints it out to log
 func (t *Case) CollectEvents(namespace string) {
-	cl, err := t.Client(false)
+	cl, err := t.Client(false, "")
 	if err != nil {
 		t.Logger.Log("Failed to collect events for %s in ns %s: %v", t.Name, namespace, err)
 		return
@@ -324,7 +324,7 @@ func (t *Case) Run(test *testing.T, ts *report.Testsuite) {
 		test.Fatal(err)
 	}
 
-	cl, err := t.Client(false)
+	cl, err := t.Client(false, "")
 	if err != nil {
 		setupReport.Failure = report.NewFailure(err.Error(), nil)
 		ts.AddTestcase(setupReport)
@@ -338,7 +338,7 @@ func (t *Case) Run(test *testing.T, ts *report.Testsuite) {
 			continue
 		}
 
-		cl, err = newClient(testStep.Kubeconfig)(false)
+		cl, err = newClient(testStep.Kubeconfig)(false, "")
 		if err != nil {
 			setupReport.Failure = report.NewFailure(err.Error(), nil)
 			ts.AddTestcase(setupReport)
@@ -377,7 +377,7 @@ func (t *Case) Run(test *testing.T, ts *report.Testsuite) {
 
 		// Set-up client/namespace for lazy-loaded Kubeconfig
 		if testStep.KubeconfigLoading == v1beta1.KubeconfigLoadingLazy {
-			cl, err = testStep.Client(false)
+			cl, err = testStep.Client(false, "")
 			if err != nil {
 				errs = append(errs, fmt.Errorf("failed to lazy-load kubeconfig: %w", err))
 			} else if err = t.CreateNamespace(test, cl, ns); k8serrors.IsAlreadyExists(err) {
@@ -531,8 +531,8 @@ func (t *Case) LoadTestSteps() error {
 	return nil
 }
 
-func newClient(kubeconfig string) func(bool) (client.Client, error) {
-	return func(bool) (client.Client, error) {
+func newClient(kubeconfig string) func(bool, string) (client.Client, error) {
+	return func(bool, string) (client.Client, error) {
 		config, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
 		if err != nil {
 			return nil, err
@@ -544,8 +544,8 @@ func newClient(kubeconfig string) func(bool) (client.Client, error) {
 	}
 }
 
-func newDiscoveryClient(kubeconfig string) func() (discovery.DiscoveryInterface, error) {
-	return func() (discovery.DiscoveryInterface, error) {
+func newDiscoveryClient(kubeconfig string) func(string) (discovery.DiscoveryInterface, error) {
+	return func(string) (discovery.DiscoveryInterface, error) {
 		config, err := clientcmd.BuildConfigFromFlags("", kubeconfig)
 		if err != nil {
 			return nil, err

pkg/test/harness.go

@@ -307,7 +307,7 @@ func (h *Harness) waitForFunctionalCluster() error {
 }
 
 // Client returns the current Kubernetes client for the test harness.
-func (h *Harness) Client(forceNew bool) (client.Client, error) {
+func (h *Harness) Client(forceNew bool, as string) (client.Client, error) {
 	h.clientLock.Lock()
 	defer h.clientLock.Unlock()
 
@@ -327,7 +327,7 @@ func (h *Harness) Client(forceNew bool) (client.Client, error) {
 }
 
 // DiscoveryClient returns the current Kubernetes discovery client for the test harness.
-func (h *Harness) DiscoveryClient() (discovery.DiscoveryInterface, error) {
+func (h *Harness) DiscoveryClient(as string) (discovery.DiscoveryInterface, error) {
 	h.clientLock.Lock()
 	defer h.clientLock.Unlock()
 
@@ -463,12 +463,12 @@ func (h *Harness) Setup() {
 	h.report = report.NewSuiteCollection(h.TestSuite.Name)
 	h.T.Log("starting setup")
 
-	cl, err := h.Client(false)
+	cl, err := h.Client(false, "")
 	if err != nil {
 		h.fatal(fmt.Errorf("fatal error getting client: %v", err))
 	}
 
-	dClient, err := h.DiscoveryClient()
+	dClient, err := h.DiscoveryClient("")
 	if err != nil {
 		h.fatal(fmt.Errorf("fatal error getting discovery client: %v", err))
 	}
@@ -491,7 +491,7 @@ func (h *Harness) Setup() {
 	}
 
 	// Create a new client to bust the client's CRD cache.
-	cl, err = h.Client(true)
+	cl, err = h.Client(true, "")
 	if err != nil {
 		h.fatal(fmt.Errorf("fatal error getting client after crd update: %v", err))
 	}

pkg/test/step.go

@@ -53,20 +53,20 @@ type Step struct {
 
 	Kubeconfig        string
 	KubeconfigLoading string
-	Client            func(forceNew bool) (client.Client, error)
-	DiscoveryClient   func() (discovery.DiscoveryInterface, error)
+	Client            func(forceNew bool, as string) (client.Client, error)
+	DiscoveryClient   func(as string) (discovery.DiscoveryInterface, error)
 
 	Logger testutils.Logger
 }
 
 // Clean deletes all resources defined in the Apply list.
 func (s *Step) Clean(namespace string) error {
-	cl, err := s.Client(false)
+	cl, err := s.Client(false, "")
 	if err != nil {
 		return err
 	}
 
-	dClient, err := s.DiscoveryClient()
+	dClient, err := s.DiscoveryClient("")
 	if err != nil {
 		return err
 	}
@@ -87,12 +87,12 @@ func (s *Step) Clean(namespace string) error {
 
 // DeleteExisting deletes any resources in the TestStep.Delete list prior to running the tests.
 func (s *Step) DeleteExisting(namespace string) error {
-	cl, err := s.Client(false)
+	cl, err := s.Client(false, "")
 	if err != nil {
 		return err
 	}
 
-	dClient, err := s.DiscoveryClient()
+	dClient, err := s.DiscoveryClient("")
 	if err != nil {
 		return err
 	}
@@ -175,12 +175,12 @@ func (s *Step) DeleteExisting(namespace string) error {
 
 // Create applies all resources defined in the Apply list.
 func (s *Step) Create(test *testing.T, namespace string) []error {
-	cl, err := s.Client(true)
+	cl, err := s.Client(true, "")
 	if err != nil {
 		return []error{err}
 	}
 
-	dClient, err := s.DiscoveryClient()
+	dClient, err := s.DiscoveryClient("")
 	if err != nil {
 		return []error{err}
 	}
@@ -254,12 +254,12 @@ func list(cl client.Client, gvk schema.GroupVersionKind, namespace string, label
 
 // CheckResource checks if the expected resource's state in Kubernetes is correct.
 func (s *Step) CheckResource(expected runtime.Object, namespace string) []error {
-	cl, err := s.Client(false)
+	cl, err := s.Client(false, "")
 	if err != nil {
 		return []error{err}
 	}
 
-	dClient, err := s.DiscoveryClient()
+	dClient, err := s.DiscoveryClient("")
 	if err != nil {
 		return []error{err}
 	}
@@ -333,12 +333,12 @@ func (s *Step) CheckResource(expected runtime.Object, namespace string) []error
 
 // CheckResourceAbsent checks if the expected resource's state is absent in Kubernetes.
 func (s *Step) CheckResourceAbsent(expected runtime.Object, namespace string) error {
-	cl, err := s.Client(false)
+	cl, err := s.Client(false, "")
 	if err != nil {
 		return err
 	}
 
-	dClient, err := s.DiscoveryClient()
+	dClient, err := s.DiscoveryClient("")
 	if err != nil {
 		return err
 	}