vendor update for CSI 0.3.0

vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/options/BUILD

@@ -0,0 +1,70 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "configfile.go",
+        "deprecated.go",
+        "insecure_serving.go",
+        "options.go",
+    ],
+    importpath = "k8s.io/kubernetes/cmd/kube-scheduler/app/options",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//cmd/controller-manager/app/options:go_default_library",
+        "//cmd/kube-scheduler/app/config:go_default_library",
+        "//pkg/api/legacyscheme:go_default_library",
+        "//pkg/apis/componentconfig:go_default_library",
+        "//pkg/apis/componentconfig/v1alpha1:go_default_library",
+        "//pkg/client/leaderelectionconfig:go_default_library",
+        "//pkg/scheduler/factory:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/github.com/spf13/pflag:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/runtime/serializer/json:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/uuid:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/server/options:go_default_library",
+        "//vendor/k8s.io/apiserver/pkg/util/feature:go_default_library",
+        "//vendor/k8s.io/client-go/informers:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+        "//vendor/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
+        "//vendor/k8s.io/client-go/rest:go_default_library",
+        "//vendor/k8s.io/client-go/tools/clientcmd:go_default_library",
+        "//vendor/k8s.io/client-go/tools/clientcmd/api:go_default_library",
+        "//vendor/k8s.io/client-go/tools/leaderelection:go_default_library",
+        "//vendor/k8s.io/client-go/tools/leaderelection/resourcelock:go_default_library",
+        "//vendor/k8s.io/client-go/tools/record:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = [
+        "insecure_serving_test.go",
+        "options_test.go",
+    ],
+    embed = [":go_default_library"],
+    deps = [
+        "//cmd/controller-manager/app/options:go_default_library",
+        "//cmd/kube-scheduler/app/config:go_default_library",
+        "//pkg/apis/componentconfig:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/util/rand:go_default_library",
+    ],
+)

vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/options/configfile.go

@@ -0,0 +1,89 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"os"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/serializer"
+	"k8s.io/apimachinery/pkg/runtime/serializer/json"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+	componentconfigv1alpha1 "k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1"
+)
+
+var (
+	configScheme = runtime.NewScheme()
+	configCodecs = serializer.NewCodecFactory(configScheme)
+)
+
+func init() {
+	componentconfig.AddToScheme(configScheme)
+	componentconfigv1alpha1.AddToScheme(configScheme)
+}
+
+func loadConfigFromFile(file string) (*componentconfig.KubeSchedulerConfiguration, error) {
+	data, err := ioutil.ReadFile(file)
+	if err != nil {
+		return nil, err
+	}
+
+	return loadConfig(data)
+}
+
+func loadConfig(data []byte) (*componentconfig.KubeSchedulerConfiguration, error) {
+	configObj, gvk, err := configCodecs.UniversalDecoder().Decode(data, nil, nil)
+	if err != nil {
+		return nil, err
+	}
+	config, ok := configObj.(*componentconfig.KubeSchedulerConfiguration)
+	if !ok {
+		return nil, fmt.Errorf("got unexpected config type: %v", gvk)
+	}
+	return config, nil
+}
+
+// WriteConfigFile writes the config into the given file name as YAML.
+func WriteConfigFile(fileName string, cfg *componentconfig.KubeSchedulerConfiguration) error {
+	var encoder runtime.Encoder
+	mediaTypes := configCodecs.SupportedMediaTypes()
+	for _, info := range mediaTypes {
+		if info.MediaType == "application/yaml" {
+			encoder = info.Serializer
+			break
+		}
+	}
+	if encoder == nil {
+		return errors.New("unable to locate yaml encoder")
+	}
+	encoder = json.NewYAMLSerializer(json.DefaultMetaFactory, configScheme, configScheme)
+	encoder = configCodecs.EncoderForVersion(encoder, componentconfigv1alpha1.SchemeGroupVersion)
+
+	configFile, err := os.Create(fileName)
+	if err != nil {
+		return err
+	}
+	defer configFile.Close()
+	if err := encoder.Encode(cfg, configFile); err != nil {
+		return err
+	}
+
+	return nil
+}

vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/options/deprecated.go

@@ -0,0 +1,116 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"fmt"
+
+	"github.com/spf13/pflag"
+
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+	"k8s.io/kubernetes/pkg/scheduler/factory"
+)
+
+// DeprecatedOptions contains deprecated options and their flags.
+// TODO remove these fields once the deprecated flags are removed.
+type DeprecatedOptions struct {
+	// The fields below here are placeholders for flags that can't be directly
+	// mapped into componentconfig.KubeSchedulerConfiguration.
+	PolicyConfigFile         string
+	PolicyConfigMapName      string
+	PolicyConfigMapNamespace string
+	UseLegacyPolicyConfig    bool
+	AlgorithmProvider        string
+}
+
+// AddFlags adds flags for the deprecated options.
+func (o *DeprecatedOptions) AddFlags(fs *pflag.FlagSet, cfg *componentconfig.KubeSchedulerConfiguration) {
+	if o == nil {
+		return
+	}
+
+	// TODO: unify deprecation mechanism, string prefix or MarkDeprecated (the latter hides the flag. We also don't want that).
+
+	fs.StringVar(&o.AlgorithmProvider, "algorithm-provider", o.AlgorithmProvider, "DEPRECATED: the scheduling algorithm provider to use, one of: "+factory.ListAlgorithmProviders())
+	fs.StringVar(&o.PolicyConfigFile, "policy-config-file", o.PolicyConfigFile, "DEPRECATED: file with scheduler policy configuration. This file is used if policy ConfigMap is not provided or --use-legacy-policy-config=true")
+	usage := fmt.Sprintf("DEPRECATED: name of the ConfigMap object that contains scheduler's policy configuration. It must exist in the system namespace before scheduler initialization if --use-legacy-policy-config=false. The config must be provided as the value of an element in 'Data' map with the key='%v'", componentconfig.SchedulerPolicyConfigMapKey)
+	fs.StringVar(&o.PolicyConfigMapName, "policy-configmap", o.PolicyConfigMapName, usage)
+	fs.StringVar(&o.PolicyConfigMapNamespace, "policy-configmap-namespace", o.PolicyConfigMapNamespace, "DEPRECATED: the namespace where policy ConfigMap is located. The kube-system namespace will be used if this is not provided or is empty.")
+	fs.BoolVar(&o.UseLegacyPolicyConfig, "use-legacy-policy-config", o.UseLegacyPolicyConfig, "DEPRECATED: when set to true, scheduler will ignore policy ConfigMap and uses policy config file")
+
+	fs.BoolVar(&cfg.EnableProfiling, "profiling", cfg.EnableProfiling, "DEPRECATED: enable profiling via web interface host:port/debug/pprof/")
+	fs.BoolVar(&cfg.EnableContentionProfiling, "contention-profiling", cfg.EnableContentionProfiling, "DEPRECATED: enable lock contention profiling, if profiling is enabled")
+	fs.StringVar(&cfg.ClientConnection.KubeConfigFile, "kubeconfig", cfg.ClientConnection.KubeConfigFile, "DEPRECATED: path to kubeconfig file with authorization and master location information.")
+	fs.StringVar(&cfg.ClientConnection.ContentType, "kube-api-content-type", cfg.ClientConnection.ContentType, "DEPRECATED: content type of requests sent to apiserver.")
+	fs.Float32Var(&cfg.ClientConnection.QPS, "kube-api-qps", cfg.ClientConnection.QPS, "DEPRECATED: QPS to use while talking with kubernetes apiserver")
+	fs.Int32Var(&cfg.ClientConnection.Burst, "kube-api-burst", cfg.ClientConnection.Burst, "DEPRECATED: burst to use while talking with kubernetes apiserver")
+	fs.StringVar(&cfg.SchedulerName, "scheduler-name", cfg.SchedulerName, "DEPRECATED: name of the scheduler, used to select which pods will be processed by this scheduler, based on pod's \"spec.schedulerName\".")
+	fs.StringVar(&cfg.LeaderElection.LockObjectNamespace, "lock-object-namespace", cfg.LeaderElection.LockObjectNamespace, "DEPRECATED: define the namespace of the lock object.")
+	fs.StringVar(&cfg.LeaderElection.LockObjectName, "lock-object-name", cfg.LeaderElection.LockObjectName, "DEPRECATED: define the name of the lock object.")
+
+	fs.Int32Var(&cfg.HardPodAffinitySymmetricWeight, "hard-pod-affinity-symmetric-weight", cfg.HardPodAffinitySymmetricWeight,
+		"RequiredDuringScheduling affinity is not symmetric, but there is an implicit PreferredDuringScheduling affinity rule corresponding "+
+			"to every RequiredDuringScheduling affinity rule. --hard-pod-affinity-symmetric-weight represents the weight of implicit PreferredDuringScheduling affinity rule.")
+	fs.MarkDeprecated("hard-pod-affinity-symmetric-weight", "This option was moved to the policy configuration file")
+	fs.StringVar(&cfg.FailureDomains, "failure-domains", cfg.FailureDomains, "Indicate the \"all topologies\" set for an empty topologyKey when it's used for PreferredDuringScheduling pod anti-affinity.")
+	fs.MarkDeprecated("failure-domains", "Doesn't have any effect. Will be removed in future version.")
+}
+
+// Validate validates the deprecated scheduler options.
+func (o *DeprecatedOptions) Validate() []error {
+	if o == nil {
+		return nil
+	}
+	return nil
+}
+
+// ApplyTo sets cfg.AlgorithmSource from flags passed on the command line in the following precedence order:
+//
+// 1. --use-legacy-policy-config to use a policy file.
+// 2. --policy-configmap to use a policy config map value.
+// 3. --algorithm-provider to use a named algorithm provider.
+func (o *DeprecatedOptions) ApplyTo(cfg *componentconfig.KubeSchedulerConfiguration) error {
+	if o == nil {
+		return nil
+	}
+
+	switch {
+	case o.UseLegacyPolicyConfig || (len(o.PolicyConfigFile) > 0 && o.PolicyConfigMapName == ""):
+		cfg.AlgorithmSource = componentconfig.SchedulerAlgorithmSource{
+			Policy: &componentconfig.SchedulerPolicySource{
+				File: &componentconfig.SchedulerPolicyFileSource{
+					Path: o.PolicyConfigFile,
+				},
+			},
+		}
+	case len(o.PolicyConfigMapName) > 0:
+		cfg.AlgorithmSource = componentconfig.SchedulerAlgorithmSource{
+			Policy: &componentconfig.SchedulerPolicySource{
+				ConfigMap: &componentconfig.SchedulerPolicyConfigMapSource{
+					Name:      o.PolicyConfigMapName,
+					Namespace: o.PolicyConfigMapNamespace,
+				},
+			},
+		}
+	case len(o.AlgorithmProvider) > 0:
+		cfg.AlgorithmSource = componentconfig.SchedulerAlgorithmSource{
+			Provider: &o.AlgorithmProvider,
+		}
+	}
+
+	return nil
+}

vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/options/insecure_serving.go

@@ -0,0 +1,164 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"fmt"
+	"net"
+	"strconv"
+
+	"github.com/spf13/pflag"
+
+	controlleroptions "k8s.io/kubernetes/cmd/controller-manager/app/options"
+	schedulerappconfig "k8s.io/kubernetes/cmd/kube-scheduler/app/config"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+)
+
+// CombinedInsecureServingOptions sets up up to two insecure listeners for healthz and metrics. The flags
+// override the ComponentConfig and InsecureServingOptions values for both.
+type CombinedInsecureServingOptions struct {
+	Healthz *controlleroptions.InsecureServingOptions
+	Metrics *controlleroptions.InsecureServingOptions
+
+	BindPort    int    // overrides the structs above on ApplyTo, ignored on ApplyToFromLoadedConfig
+	BindAddress string // overrides the structs above on ApplyTo, ignored on ApplyToFromLoadedConfig
+}
+
+// AddFlags adds flags for the insecure serving options.
+func (o *CombinedInsecureServingOptions) AddFlags(fs *pflag.FlagSet) {
+	if o == nil {
+		return
+	}
+
+	fs.StringVar(&o.BindAddress, "address", o.BindAddress, "DEPRECATED: the IP address on which to listen for the --port port (set to 0.0.0.0 for all IPv4 interfaces and :: for all IPv6 interfaces). See --bind-address instead.")
+	// MarkDeprecated hides the flag from the help. We don't want that:
+	// fs.MarkDeprecated("address", "see --bind-address instead.")
+	fs.IntVar(&o.BindPort, "port", o.BindPort, "DEPRECATED: the port on which to serve HTTP insecurely without authentication and authorization. If 0, don't serve HTTPS at all. See --secure-port instead.")
+	// MarkDeprecated hides the flag from the help. We don't want that:
+	// fs.MarkDeprecated("port", "see --secure-port instead.")
+}
+
+func (o *CombinedInsecureServingOptions) applyTo(c *schedulerappconfig.Config, componentConfig *componentconfig.KubeSchedulerConfiguration) error {
+	if err := updateAddressFromInsecureServingOptions(&componentConfig.HealthzBindAddress, o.Healthz); err != nil {
+		return err
+	}
+	if err := updateAddressFromInsecureServingOptions(&componentConfig.MetricsBindAddress, o.Metrics); err != nil {
+		return err
+	}
+
+	if err := o.Healthz.ApplyTo(&c.InsecureServing); err != nil {
+		return err
+	}
+	if o.Metrics != nil && (c.ComponentConfig.MetricsBindAddress != c.ComponentConfig.HealthzBindAddress || o.Healthz == nil) {
+		if err := o.Metrics.ApplyTo(&c.InsecureMetricsServing); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// ApplyTo applies the insecure serving options to the given scheduler app configuration, and updates the componentConfig.
+func (o *CombinedInsecureServingOptions) ApplyTo(c *schedulerappconfig.Config, componentConfig *componentconfig.KubeSchedulerConfiguration) error {
+	if o == nil {
+		componentConfig.HealthzBindAddress = ""
+		componentConfig.MetricsBindAddress = ""
+		return nil
+	}
+
+	if o.Healthz != nil {
+		o.Healthz.BindPort = o.BindPort
+		o.Healthz.BindAddress = net.ParseIP(o.BindAddress)
+	}
+	if o.Metrics != nil {
+		o.Metrics.BindPort = o.BindPort
+		o.Metrics.BindAddress = net.ParseIP(o.BindAddress)
+	}
+
+	return o.applyTo(c, componentConfig)
+}
+
+// ApplyToFromLoadedConfig updates the insecure serving options from the component config and then appies it to the given scheduler app configuration.
+func (o *CombinedInsecureServingOptions) ApplyToFromLoadedConfig(c *schedulerappconfig.Config, componentConfig *componentconfig.KubeSchedulerConfiguration) error {
+	if o == nil {
+		return nil
+	}
+
+	if err := updateInsecureServingOptionsFromAddress(o.Healthz, componentConfig.HealthzBindAddress); err != nil {
+		return fmt.Errorf("invalid healthz address: %v", err)
+	}
+	if err := updateInsecureServingOptionsFromAddress(o.Metrics, componentConfig.MetricsBindAddress); err != nil {
+		return fmt.Errorf("invalid metrics address: %v", err)
+	}
+
+	return o.applyTo(c, componentConfig)
+}
+
+func updateAddressFromInsecureServingOptions(addr *string, is *controlleroptions.InsecureServingOptions) error {
+	if is == nil {
+		*addr = ""
+	} else {
+		if is.Listener != nil {
+			*addr = is.Listener.Addr().String()
+		} else if is.BindPort == 0 {
+			*addr = ""
+		} else {
+			*addr = net.JoinHostPort(is.BindAddress.String(), strconv.Itoa(is.BindPort))
+		}
+	}
+
+	return nil
+}
+
+func updateInsecureServingOptionsFromAddress(is *controlleroptions.InsecureServingOptions, addr string) error {
+	if is == nil {
+		return nil
+	}
+	if len(addr) == 0 {
+		is.BindPort = 0
+		return nil
+	}
+
+	host, portInt, err := splitHostIntPort(addr)
+	if err != nil {
+		return fmt.Errorf("invalid address %q", addr)
+	}
+
+	is.BindAddress = net.ParseIP(host)
+	is.BindPort = portInt
+
+	return nil
+}
+
+// Validate validates the insecure serving options.
+func (o *CombinedInsecureServingOptions) Validate() []error {
+	if o == nil {
+		return nil
+	}
+
+	errors := []error{}
+
+	if o.BindPort < 0 || o.BindPort > 32767 {
+		errors = append(errors, fmt.Errorf("--port %v must be between 0 and 32767, inclusive. 0 for turning off insecure (HTTP) port", o.BindPort))
+	}
+
+	if len(o.BindAddress) > 0 && net.ParseIP(o.BindAddress) == nil {
+		errors = append(errors, fmt.Errorf("--address has no valid IP address"))
+	}
+
+	return errors
+}

vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/options/insecure_serving_test.go

@@ -0,0 +1,276 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"fmt"
+	"net"
+	"strconv"
+	"testing"
+
+	"k8s.io/apimachinery/pkg/util/rand"
+	"k8s.io/kubernetes/cmd/controller-manager/app/options"
+	schedulerappconfig "k8s.io/kubernetes/cmd/kube-scheduler/app/config"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+)
+
+func TestOptions_ApplyTo(t *testing.T) {
+	tests := []struct {
+		name                                                              string
+		options                                                           Options
+		configLoaded                                                      bool
+		expectHealthzBindAddress, expectMetricsBindAddress                string
+		expectInsecureServingAddress, expectInsecureMetricsServingAddress string
+		expectInsecureServingPort, expectInsecureMetricsServingPort       int
+		wantErr                                                           bool
+	}{
+		{
+			name: "no config, zero port",
+			options: Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					HealthzBindAddress: "1.2.3.4:1234",
+					MetricsBindAddress: "1.2.3.4:1234",
+				},
+				CombinedInsecureServing: &CombinedInsecureServingOptions{
+					Healthz:  &options.InsecureServingOptions{},
+					Metrics:  &options.InsecureServingOptions{},
+					BindPort: 0,
+				},
+			},
+			configLoaded: false,
+		},
+		{
+			name: "config loaded, non-nil healthz",
+			options: Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					HealthzBindAddress: "1.2.3.4:1234",
+					MetricsBindAddress: "1.2.3.4:1234",
+				},
+				CombinedInsecureServing: &CombinedInsecureServingOptions{
+					Healthz:  &options.InsecureServingOptions{},
+					BindPort: 0,
+				},
+			},
+			configLoaded: true,
+
+			expectHealthzBindAddress:     "1.2.3.4:1234",
+			expectInsecureServingPort:    1234,
+			expectInsecureServingAddress: "1.2.3.4",
+		},
+		{
+			name: "config loaded, non-nil metrics",
+			options: Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					HealthzBindAddress: "1.2.3.4:1234",
+					MetricsBindAddress: "1.2.3.4:1234",
+				},
+				CombinedInsecureServing: &CombinedInsecureServingOptions{
+					Metrics:  &options.InsecureServingOptions{},
+					BindPort: 0,
+				},
+			},
+			configLoaded: true,
+
+			expectMetricsBindAddress:            "1.2.3.4:1234",
+			expectInsecureMetricsServingPort:    1234,
+			expectInsecureMetricsServingAddress: "1.2.3.4",
+		},
+		{
+			name: "config loaded, all set, zero BindPort",
+			options: Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					HealthzBindAddress: "1.2.3.4:1234",
+					MetricsBindAddress: "1.2.3.4:1234",
+				},
+				CombinedInsecureServing: &CombinedInsecureServingOptions{
+					Healthz:  &options.InsecureServingOptions{},
+					Metrics:  &options.InsecureServingOptions{},
+					BindPort: 0,
+				},
+			},
+			configLoaded: true,
+
+			expectHealthzBindAddress:     "1.2.3.4:1234",
+			expectInsecureServingPort:    1234,
+			expectInsecureServingAddress: "1.2.3.4",
+
+			expectMetricsBindAddress: "1.2.3.4:1234",
+		},
+		{
+			name: "config loaded, all set, different addresses",
+			options: Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					HealthzBindAddress: "1.2.3.4:1234",
+					MetricsBindAddress: "1.2.3.4:1235",
+				},
+				CombinedInsecureServing: &CombinedInsecureServingOptions{
+					Healthz:  &options.InsecureServingOptions{},
+					Metrics:  &options.InsecureServingOptions{},
+					BindPort: 0,
+				},
+			},
+			configLoaded: true,
+
+			expectHealthzBindAddress:     "1.2.3.4:1234",
+			expectInsecureServingPort:    1234,
+			expectInsecureServingAddress: "1.2.3.4",
+
+			expectMetricsBindAddress:            "1.2.3.4:1235",
+			expectInsecureMetricsServingPort:    1235,
+			expectInsecureMetricsServingAddress: "1.2.3.4",
+		},
+		{
+			name: "no config, all set, port passed",
+			options: Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					HealthzBindAddress: "1.2.3.4:1234",
+					MetricsBindAddress: "1.2.3.4:1234",
+				},
+				CombinedInsecureServing: &CombinedInsecureServingOptions{
+					Healthz:     &options.InsecureServingOptions{},
+					Metrics:     &options.InsecureServingOptions{},
+					BindPort:    1236,
+					BindAddress: "1.2.3.4",
+				},
+			},
+			configLoaded: false,
+
+			expectHealthzBindAddress:     "1.2.3.4:1236",
+			expectInsecureServingPort:    1236,
+			expectInsecureServingAddress: "1.2.3.4",
+
+			expectMetricsBindAddress: "1.2.3.4:1236",
+		},
+		{
+			name: "no config, all set, address passed",
+			options: Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					HealthzBindAddress: "1.2.3.4:1234",
+					MetricsBindAddress: "1.2.3.4:1234",
+				},
+				CombinedInsecureServing: &CombinedInsecureServingOptions{
+					Healthz:     &options.InsecureServingOptions{},
+					Metrics:     &options.InsecureServingOptions{},
+					BindAddress: "2.3.4.5",
+					BindPort:    1234,
+				},
+			},
+			configLoaded: false,
+
+			expectHealthzBindAddress:     "2.3.4.5:1234",
+			expectInsecureServingPort:    1234,
+			expectInsecureServingAddress: "2.3.4.5",
+
+			expectMetricsBindAddress: "2.3.4.5:1234",
+		},
+		{
+			name: "no config, all set, zero port passed",
+			options: Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					HealthzBindAddress: "1.2.3.4:1234",
+					MetricsBindAddress: "1.2.3.4:1234",
+				},
+				CombinedInsecureServing: &CombinedInsecureServingOptions{
+					Healthz:     &options.InsecureServingOptions{},
+					Metrics:     &options.InsecureServingOptions{},
+					BindAddress: "2.3.4.5",
+					BindPort:    0,
+				},
+			},
+			configLoaded: false,
+		},
+	}
+	for i, tt := range tests {
+		t.Run(fmt.Sprintf("%d-%s", i, tt.name), func(t *testing.T) {
+			c := schedulerappconfig.Config{
+				ComponentConfig: tt.options.ComponentConfig,
+			}
+
+			if tt.options.CombinedInsecureServing != nil {
+				if tt.options.CombinedInsecureServing.Healthz != nil {
+					tt.options.CombinedInsecureServing.Healthz.ListenFunc = createMockListener
+				}
+				if tt.options.CombinedInsecureServing.Metrics != nil {
+					tt.options.CombinedInsecureServing.Metrics.ListenFunc = createMockListener
+				}
+			}
+
+			if tt.configLoaded {
+				if err := tt.options.CombinedInsecureServing.ApplyToFromLoadedConfig(&c, &c.ComponentConfig); (err != nil) != tt.wantErr {
+					t.Fatalf("%d - Options.ApplyTo() error = %v, wantErr %v", i, err, tt.wantErr)
+				}
+			} else {
+				if err := tt.options.CombinedInsecureServing.ApplyTo(&c, &c.ComponentConfig); (err != nil) != tt.wantErr {
+					t.Fatalf("%d - Options.ApplyTo() error = %v, wantErr %v", i, err, tt.wantErr)
+				}
+			}
+			if got, expect := c.ComponentConfig.HealthzBindAddress, tt.expectHealthzBindAddress; got != expect {
+				t.Errorf("%d - expected HealthzBindAddress %q, got %q", i, expect, got)
+			}
+			if got, expect := c.ComponentConfig.MetricsBindAddress, tt.expectMetricsBindAddress; got != expect {
+				t.Errorf("%d - expected MetricsBindAddress %q, got %q", i, expect, got)
+			}
+			if got, expect := c.InsecureServing != nil, tt.expectInsecureServingPort != 0; got != expect {
+				t.Errorf("%d - expected InsecureServing != nil to be %v, got %v", i, expect, got)
+			} else if c.InsecureServing != nil {
+				if got, expect := c.InsecureServing.Listener.(*mockListener).address, tt.expectInsecureServingAddress; got != expect {
+					t.Errorf("%d - expected healthz address %q, got %q", i, expect, got)
+				}
+				if got, expect := c.InsecureServing.Listener.(*mockListener).port, tt.expectInsecureServingPort; got != expect {
+					t.Errorf("%d - expected healthz port %v, got %v", i, expect, got)
+				}
+			}
+			if got, expect := c.InsecureMetricsServing != nil, tt.expectInsecureMetricsServingPort != 0; got != expect {
+				t.Errorf("%d - expected Metrics != nil to be %v, got %v", i, expect, got)
+			} else if c.InsecureMetricsServing != nil {
+				if got, expect := c.InsecureMetricsServing.Listener.(*mockListener).address, tt.expectInsecureMetricsServingAddress; got != expect {
+					t.Errorf("%d - expected metrics address %q, got %q", i, expect, got)
+				}
+				if got, expect := c.InsecureMetricsServing.Listener.(*mockListener).port, tt.expectInsecureMetricsServingPort; got != expect {
+					t.Errorf("%d - expected metrics port %v, got %v", i, expect, got)
+				}
+			}
+		})
+	}
+}
+
+type mockListener struct {
+	address string
+	port    int
+}
+
+func createMockListener(network, addr string) (net.Listener, int, error) {
+	host, portInt, err := splitHostIntPort(addr)
+	if err != nil {
+		return nil, 0, err
+	}
+	if portInt == 0 {
+		portInt = rand.IntnRange(1, 32767)
+	}
+	return &mockListener{host, portInt}, portInt, nil
+}
+
+func (l *mockListener) Accept() (net.Conn, error) { return nil, nil }
+func (l *mockListener) Close() error              { return nil }
+func (l *mockListener) Addr() net.Addr {
+	return mockAddr(net.JoinHostPort(l.address, strconv.Itoa(l.port)))
+}
+
+type mockAddr string
+
+func (a mockAddr) Network() string { return "tcp" }
+func (a mockAddr) String() string  { return string(a) }

vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/options/options.go

@@ -0,0 +1,300 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"fmt"
+	"net"
+	"os"
+	"strconv"
+
+	"github.com/golang/glog"
+	"github.com/spf13/pflag"
+
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/util/uuid"
+	apiserveroptions "k8s.io/apiserver/pkg/server/options"
+	utilfeature "k8s.io/apiserver/pkg/util/feature"
+	"k8s.io/client-go/informers"
+	clientset "k8s.io/client-go/kubernetes"
+	v1core "k8s.io/client-go/kubernetes/typed/core/v1"
+	restclient "k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/clientcmd"
+	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
+	"k8s.io/client-go/tools/leaderelection"
+	"k8s.io/client-go/tools/leaderelection/resourcelock"
+	"k8s.io/client-go/tools/record"
+	controlleroptions "k8s.io/kubernetes/cmd/controller-manager/app/options"
+	schedulerappconfig "k8s.io/kubernetes/cmd/kube-scheduler/app/config"
+	"k8s.io/kubernetes/pkg/api/legacyscheme"
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+	componentconfigv1alpha1 "k8s.io/kubernetes/pkg/apis/componentconfig/v1alpha1"
+	"k8s.io/kubernetes/pkg/client/leaderelectionconfig"
+	"k8s.io/kubernetes/pkg/scheduler/factory"
+)
+
+// Options has all the params needed to run a Scheduler
+type Options struct {
+	// The default values. These are overridden if ConfigFile is set or by values in InsecureServing.
+	ComponentConfig componentconfig.KubeSchedulerConfiguration
+
+	SecureServing           *apiserveroptions.SecureServingOptions
+	CombinedInsecureServing *CombinedInsecureServingOptions
+	Authentication          *apiserveroptions.DelegatingAuthenticationOptions
+	Authorization           *apiserveroptions.DelegatingAuthorizationOptions
+	Deprecated              *DeprecatedOptions
+
+	// ConfigFile is the location of the scheduler server's configuration file.
+	ConfigFile string
+
+	// WriteConfigTo is the path where the default configuration will be written.
+	WriteConfigTo string
+
+	Master string
+}
+
+// NewOptions returns default scheduler app options.
+func NewOptions() (*Options, error) {
+	cfg, err := newDefaultComponentConfig()
+	if err != nil {
+		return nil, err
+	}
+
+	hhost, hport, err := splitHostIntPort(cfg.HealthzBindAddress)
+	if err != nil {
+		return nil, err
+	}
+
+	o := &Options{
+		ComponentConfig: *cfg,
+		SecureServing:   nil, // TODO: enable with apiserveroptions.NewSecureServingOptions()
+		CombinedInsecureServing: &CombinedInsecureServingOptions{
+			Healthz: &controlleroptions.InsecureServingOptions{
+				BindNetwork: "tcp",
+			},
+			Metrics: &controlleroptions.InsecureServingOptions{
+				BindNetwork: "tcp",
+			},
+			BindPort:    hport,
+			BindAddress: hhost,
+		},
+		Authentication: nil, // TODO: enable with apiserveroptions.NewDelegatingAuthenticationOptions()
+		Authorization:  nil, // TODO: enable with apiserveroptions.NewDelegatingAuthorizationOptions()
+		Deprecated: &DeprecatedOptions{
+			UseLegacyPolicyConfig:    false,
+			PolicyConfigMapNamespace: metav1.NamespaceSystem,
+		},
+	}
+
+	return o, nil
+}
+
+func splitHostIntPort(s string) (string, int, error) {
+	host, port, err := net.SplitHostPort(s)
+	if err != nil {
+		return "", 0, err
+	}
+	portInt, err := strconv.Atoi(port)
+	if err != nil {
+		return "", 0, err
+	}
+	return host, portInt, err
+}
+
+func newDefaultComponentConfig() (*componentconfig.KubeSchedulerConfiguration, error) {
+	cfgv1alpha1 := componentconfigv1alpha1.KubeSchedulerConfiguration{}
+	configScheme.Default(&cfgv1alpha1)
+	cfg := componentconfig.KubeSchedulerConfiguration{}
+	if err := configScheme.Convert(&cfgv1alpha1, &cfg, nil); err != nil {
+		return nil, err
+	}
+	return &cfg, nil
+}
+
+// AddFlags adds flags for the scheduler options.
+func (o *Options) AddFlags(fs *pflag.FlagSet) {
+	fs.StringVar(&o.ConfigFile, "config", o.ConfigFile, "The path to the configuration file. Flags override values in this file.")
+	fs.StringVar(&o.WriteConfigTo, "write-config-to", o.WriteConfigTo, "If set, write the configuration values to this file and exit.")
+	fs.StringVar(&o.Master, "master", o.Master, "The address of the Kubernetes API server (overrides any value in kubeconfig)")
+
+	o.SecureServing.AddFlags(fs)
+	o.CombinedInsecureServing.AddFlags(fs)
+	o.Authentication.AddFlags(fs)
+	o.Authorization.AddFlags(fs)
+	o.Deprecated.AddFlags(fs, &o.ComponentConfig)
+
+	leaderelectionconfig.BindFlags(&o.ComponentConfig.LeaderElection.LeaderElectionConfiguration, fs)
+	utilfeature.DefaultFeatureGate.AddFlag(fs)
+}
+
+// ApplyTo applies the scheduler options to the given scheduler app configuration.
+func (o *Options) ApplyTo(c *schedulerappconfig.Config) error {
+	if len(o.ConfigFile) == 0 {
+		c.ComponentConfig = o.ComponentConfig
+
+		// only apply deprecated flags if no config file is loaded (this is the old behaviour).
+		if err := o.Deprecated.ApplyTo(&c.ComponentConfig); err != nil {
+			return err
+		}
+		if err := o.CombinedInsecureServing.ApplyTo(c, &c.ComponentConfig); err != nil {
+			return err
+		}
+	} else {
+		cfg, err := loadConfigFromFile(o.ConfigFile)
+		if err != nil {
+			return err
+		}
+
+		// use the loaded config file only, with the exception of --address and --port. This means that
+		// none of the deprectated flags in o.Deprecated are taken into consideration. This is the old
+		// behaviour of the flags we have to keep.
+		c.ComponentConfig = *cfg
+
+		if err := o.CombinedInsecureServing.ApplyToFromLoadedConfig(c, &c.ComponentConfig); err != nil {
+			return err
+		}
+	}
+
+	if err := o.SecureServing.ApplyTo(&c.SecureServing); err != nil {
+		return err
+	}
+	if err := o.Authentication.ApplyTo(&c.Authentication, c.SecureServing, nil); err != nil {
+		return err
+	}
+	return o.Authorization.ApplyTo(&c.Authorization)
+}
+
+// Validate validates all the required options.
+func (o *Options) Validate() []error {
+	var errs []error
+
+	errs = append(errs, o.SecureServing.Validate()...)
+	errs = append(errs, o.CombinedInsecureServing.Validate()...)
+	errs = append(errs, o.Authentication.Validate()...)
+	errs = append(errs, o.Authorization.Validate()...)
+	errs = append(errs, o.Deprecated.Validate()...)
+
+	return errs
+}
+
+// Config return a scheduler config object
+func (o *Options) Config() (*schedulerappconfig.Config, error) {
+	c := &schedulerappconfig.Config{}
+	if err := o.ApplyTo(c); err != nil {
+		return nil, err
+	}
+
+	// prepare kube clients.
+	client, leaderElectionClient, eventClient, err := createClients(c.ComponentConfig.ClientConnection, o.Master)
+	if err != nil {
+		return nil, err
+	}
+
+	// Prepare event clients.
+	eventBroadcaster := record.NewBroadcaster()
+	recorder := eventBroadcaster.NewRecorder(legacyscheme.Scheme, corev1.EventSource{Component: c.ComponentConfig.SchedulerName})
+
+	// Set up leader election if enabled.
+	var leaderElectionConfig *leaderelection.LeaderElectionConfig
+	if c.ComponentConfig.LeaderElection.LeaderElect {
+		leaderElectionConfig, err = makeLeaderElectionConfig(c.ComponentConfig.LeaderElection, leaderElectionClient, recorder)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	c.Client = client
+	c.InformerFactory = informers.NewSharedInformerFactory(client, 0)
+	c.PodInformer = factory.NewPodInformer(client, 0)
+	c.EventClient = eventClient
+	c.Recorder = recorder
+	c.Broadcaster = eventBroadcaster
+	c.LeaderElection = leaderElectionConfig
+
+	return c, nil
+}
+
+// makeLeaderElectionConfig builds a leader election configuration. It will
+// create a new resource lock associated with the configuration.
+func makeLeaderElectionConfig(config componentconfig.KubeSchedulerLeaderElectionConfiguration, client clientset.Interface, recorder record.EventRecorder) (*leaderelection.LeaderElectionConfig, error) {
+	hostname, err := os.Hostname()
+	if err != nil {
+		return nil, fmt.Errorf("unable to get hostname: %v", err)
+	}
+	// add a uniquifier so that two processes on the same host don't accidentally both become active
+	id := hostname + "_" + string(uuid.NewUUID())
+
+	rl, err := resourcelock.New(config.ResourceLock,
+		config.LockObjectNamespace,
+		config.LockObjectName,
+		client.CoreV1(),
+		resourcelock.ResourceLockConfig{
+			Identity:      id,
+			EventRecorder: recorder,
+		})
+	if err != nil {
+		return nil, fmt.Errorf("couldn't create resource lock: %v", err)
+	}
+
+	return &leaderelection.LeaderElectionConfig{
+		Lock:          rl,
+		LeaseDuration: config.LeaseDuration.Duration,
+		RenewDeadline: config.RenewDeadline.Duration,
+		RetryPeriod:   config.RetryPeriod.Duration,
+	}, nil
+}
+
+// createClients creates a kube client and an event client from the given config and masterOverride.
+// TODO remove masterOverride when CLI flags are removed.
+func createClients(config componentconfig.ClientConnectionConfiguration, masterOverride string) (clientset.Interface, clientset.Interface, v1core.EventsGetter, error) {
+	if len(config.KubeConfigFile) == 0 && len(masterOverride) == 0 {
+		glog.Warningf("Neither --kubeconfig nor --master was specified. Using default API client. This might not work.")
+	}
+
+	// This creates a client, first loading any specified kubeconfig
+	// file, and then overriding the Master flag, if non-empty.
+	kubeConfig, err := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(
+		&clientcmd.ClientConfigLoadingRules{ExplicitPath: config.KubeConfigFile},
+		&clientcmd.ConfigOverrides{ClusterInfo: clientcmdapi.Cluster{Server: masterOverride}}).ClientConfig()
+	if err != nil {
+		return nil, nil, nil, err
+	}
+
+	kubeConfig.AcceptContentTypes = config.AcceptContentTypes
+	kubeConfig.ContentType = config.ContentType
+	kubeConfig.QPS = config.QPS
+	//TODO make config struct use int instead of int32?
+	kubeConfig.Burst = int(config.Burst)
+
+	client, err := clientset.NewForConfig(restclient.AddUserAgent(kubeConfig, "scheduler"))
+	if err != nil {
+		return nil, nil, nil, err
+	}
+
+	leaderElectionClient, err := clientset.NewForConfig(restclient.AddUserAgent(kubeConfig, "leader-election"))
+	if err != nil {
+		return nil, nil, nil, err
+	}
+
+	eventClient, err := clientset.NewForConfig(kubeConfig)
+	if err != nil {
+		return nil, nil, nil, err
+	}
+
+	return client, leaderElectionClient, eventClient.CoreV1(), nil
+}

vendor/k8s.io/kubernetes/cmd/kube-scheduler/app/options/options_test.go

@@ -0,0 +1,193 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package options
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	"k8s.io/kubernetes/pkg/apis/componentconfig"
+)
+
+func TestSchedulerOptions(t *testing.T) {
+	// temp dir
+	tmpDir, err := ioutil.TempDir("", "scheduler-options")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tmpDir)
+
+	// record the username requests were made with
+	username := ""
+	// https server
+	server := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		username, _, _ = req.BasicAuth()
+		if username == "" {
+			username = "none, tls"
+		}
+		w.WriteHeader(200)
+		w.Write([]byte(`ok`))
+	}))
+	defer server.Close()
+	// http server
+	insecureserver := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		username, _, _ = req.BasicAuth()
+		if username == "" {
+			username = "none, http"
+		}
+		w.WriteHeader(200)
+		w.Write([]byte(`ok`))
+	}))
+	defer insecureserver.Close()
+
+	// config file and kubeconfig
+	configFile := filepath.Join(tmpDir, "scheduler.yaml")
+	configKubeconfig := filepath.Join(tmpDir, "config.kubeconfig")
+	if err := ioutil.WriteFile(configFile, []byte(fmt.Sprintf(`
+apiVersion: componentconfig/v1alpha1
+kind: KubeSchedulerConfiguration
+clientConnection:
+  kubeconfig: "%s"
+leaderElection:
+  leaderElect: true`, configKubeconfig)), os.FileMode(0600)); err != nil {
+		t.Fatal(err)
+	}
+	if err := ioutil.WriteFile(configKubeconfig, []byte(fmt.Sprintf(`
+apiVersion: v1
+kind: Config
+clusters:
+- cluster:
+    insecure-skip-tls-verify: true
+    server: %s
+  name: default
+contexts:
+- context:
+    cluster: default
+    user: default
+  name: default
+current-context: default
+users:
+- name: default
+  user:
+    username: config
+`, server.URL)), os.FileMode(0600)); err != nil {
+		t.Fatal(err)
+	}
+
+	// flag-specified kubeconfig
+	flagKubeconfig := filepath.Join(tmpDir, "flag.kubeconfig")
+	if err := ioutil.WriteFile(flagKubeconfig, []byte(fmt.Sprintf(`
+apiVersion: v1
+kind: Config
+clusters:
+- cluster:
+    insecure-skip-tls-verify: true
+    server: %s
+  name: default
+contexts:
+- context:
+    cluster: default
+    user: default
+  name: default
+current-context: default
+users:
+- name: default
+  user:
+    username: flag
+`, server.URL)), os.FileMode(0600)); err != nil {
+		t.Fatal(err)
+	}
+
+	// Insulate this test from picking up in-cluster config when run inside a pod
+	// We can't assume we have permissions to write to /var/run/secrets/... from a unit test to mock in-cluster config for testing
+	originalHost := os.Getenv("KUBERNETES_SERVICE_HOST")
+	if len(originalHost) > 0 {
+		os.Setenv("KUBERNETES_SERVICE_HOST", "")
+		defer os.Setenv("KUBERNETES_SERVICE_HOST", originalHost)
+	}
+
+	testcases := []struct {
+		name             string
+		options          *Options
+		expectedUsername string
+		expectedError    string
+	}{
+		{
+			name:             "config file",
+			options:          &Options{ConfigFile: configFile},
+			expectedUsername: "config",
+		},
+		{
+			name: "kubeconfig flag",
+			options: &Options{
+				ComponentConfig: componentconfig.KubeSchedulerConfiguration{
+					ClientConnection: componentconfig.ClientConnectionConfiguration{
+						KubeConfigFile: flagKubeconfig}}},
+			expectedUsername: "flag",
+		},
+		{
+			name:             "overridden master",
+			options:          &Options{Master: insecureserver.URL},
+			expectedUsername: "none, http",
+		},
+		{
+			name:          "no config",
+			options:       &Options{},
+			expectedError: "no configuration has been provided",
+		},
+	}
+
+	for _, tc := range testcases {
+		t.Run(tc.name, func(t *testing.T) {
+			// create the config
+			config, err := tc.options.Config()
+
+			// handle errors
+			if err != nil {
+				if tc.expectedError == "" {
+					t.Error(err)
+				} else if !strings.Contains(err.Error(), tc.expectedError) {
+					t.Errorf("expected %q, got %q", tc.expectedError, err.Error())
+				}
+				return
+			}
+
+			// ensure we have a client
+			if config.Client == nil {
+				t.Error("unexpected nil client")
+				return
+			}
+
+			// test the client talks to the endpoint we expect with the credentials we expect
+			username = ""
+			_, err = config.Client.Discovery().RESTClient().Get().AbsPath("/").DoRaw()
+			if err != nil {
+				t.Error(err)
+				return
+			}
+			if username != tc.expectedUsername {
+				t.Errorf("expected server call with user %s, got %s", tc.expectedUsername, username)
+			}
+		})
+	}
+}