From 7e81d6dae37fd085b0554bd037fc174bc964a1f1 Mon Sep 17 00:00:00 2001 From: Itamar Yuran Date: Wed, 3 Sep 2025 13:22:39 +0300 Subject: [PATCH 1/8] new caching --- cmd/lakectl/cmd/root.go | 72 ++++++++----------- .../externalidp/awsiam/token_caching.go | 6 +- .../externalidp/awsiam/token_caching_test.go | 20 +++--- 3 files changed, 43 insertions(+), 55 deletions(-) diff --git a/cmd/lakectl/cmd/root.go b/cmd/lakectl/cmd/root.go index 0605e7db9d6..41a8da67a6c 100644 --- a/cmd/lakectl/cmd/root.go +++ b/cmd/lakectl/cmd/root.go @@ -12,7 +12,6 @@ import ( "reflect" "slices" "strings" - "sync" "time" "github.com/aws/aws-sdk-go-v2/aws" @@ -185,15 +184,9 @@ const ( const ( CacheFileName = "lakectl_token_cache.json" - LakectlDirName = ".lakectl" - CacheDirName = "cache" ) var ( - cachedToken *apigen.AuthenticationToken - tokenLoadOnce sync.Once - tokenCache *awsiam.JWTCache - tokenCacheOnce sync.Once ErrTokenUnavailable = fmt.Errorf("token is not available") ) @@ -654,15 +647,17 @@ func getClient() *apigen.ClientWithResponses { func CreateTokenCacheCallback() awsiam.TokenCacheCallback { return func(newToken *apigen.AuthenticationToken) { - cachedToken = newToken - if err := SaveTokenToCache(); err != nil { + if err := SaveTokenToCache(newToken); err != nil { logging.ContextUnavailable().Debugf("error saving token to cache: %w", err) } } } func getClientOptions(awsIAMparams *awsiam.IAMAuthParams, serverEndpoint string) []apigen.ClientOption { - token := getTokenOnce() + token, err := getToken() + if err != nil { + logging.ContextUnavailable().Debugf("no token available in cache: %w", err) + } tokenCacheCallback := CreateTokenCacheCallback() @@ -680,7 +675,6 @@ func getClientOptions(awsIAMparams *awsiam.IAMAuthParams, serverEndpoint string) DieErr(err) } loginClient := &awsiam.ExternalPrincipalLoginClient{Client: noAuthClient} - awsAuthProvider := awsiam.WithAWSIAMRoleAuthProviderOption( awsIAMparams, logging.ContextUnavailable(), @@ -692,47 +686,39 @@ func getClientOptions(awsIAMparams *awsiam.IAMAuthParams, serverEndpoint string) return []apigen.ClientOption{awsAuthProvider} } -func getTokenOnce() *apigen.AuthenticationToken { - tokenLoadOnce.Do(func() { - cache := getTokenCacheOnce() - var err error - if cache != nil { - if token, err := cache.GetToken(); err == nil { - cachedToken = token - return - } - logging.ContextUnavailable().Debugf("Error loading token from cache: %w", err) +func getToken() (*apigen.AuthenticationToken, error) { + cache := getTokenCache() + if cache != nil { + token, err := cache.GetToken() + if err != nil { + return nil, err } - }) - return cachedToken + return token, nil + } + return nil, nil } -func getTokenCacheOnce() *awsiam.JWTCache { - tokenCacheOnce.Do(func() { - homeDir, err := os.UserHomeDir() - if err != nil { - logging.ContextUnavailable().Debugf("Error getting user homedir: %w", err) - } - cache, err := awsiam.NewJWTCache(homeDir, LakectlDirName, CacheDirName, CacheFileName) - if err != nil { - logging.ContextUnavailable().Debugf("Error creating token cache: %w", err) - tokenCache = nil - } else { - tokenCache = cache - } - }) - return tokenCache +func getTokenCache() *awsiam.JWTCache { + homeDir, err := os.UserHomeDir() + if err != nil { + logging.ContextUnavailable().Debugf("Error getting user homedir: %w", err) + } + cache, err := awsiam.NewJWTCache(homeDir, CacheFileName) + if err != nil { + logging.ContextUnavailable().Debugf("Error creating token cache: %w", err) + return nil + } + return cache } -func SaveTokenToCache() error { - cache := getTokenCacheOnce() - if cache == nil || cachedToken == nil { +func SaveTokenToCache(newToken *apigen.AuthenticationToken) error { + cache := getTokenCache() + if cache == nil || newToken == nil { return ErrTokenUnavailable } - if err := cache.SaveToken(cachedToken); err != nil { + if err := cache.SaveToken(newToken); err != nil { return err } - tokenLoadOnce = sync.Once{} return nil } diff --git a/pkg/authentication/externalidp/awsiam/token_caching.go b/pkg/authentication/externalidp/awsiam/token_caching.go index c6adbf05991..8d9385c279f 100644 --- a/pkg/authentication/externalidp/awsiam/token_caching.go +++ b/pkg/authentication/externalidp/awsiam/token_caching.go @@ -14,6 +14,8 @@ var ErrInvalidTokenFormat = fmt.Errorf("token format is invalid") const ( ReadWriteExecuteOwnerOnly = 0700 + LakectlDirName = ".lakectl" + CacheDirName = "cache" ) type TokenCache struct { @@ -25,7 +27,7 @@ type JWTCache struct { FilePath string } -func NewJWTCache(baseDir, lakectlDir, cacheDir, fileName string) (*JWTCache, error) { +func NewJWTCache(baseDir, fileName string) (*JWTCache, error) { if baseDir == "" { var err error baseDir, err = os.UserHomeDir() @@ -33,7 +35,7 @@ func NewJWTCache(baseDir, lakectlDir, cacheDir, fileName string) (*JWTCache, err return nil, err } } - cachePath := filepath.Join(baseDir, lakectlDir, cacheDir) + cachePath := filepath.Join(baseDir, LakectlDirName, CacheDirName) if err := os.MkdirAll(cachePath, ReadWriteExecuteOwnerOnly); err != nil { return nil, ErrFailedToCreateCacheDir } diff --git a/pkg/authentication/externalidp/awsiam/token_caching_test.go b/pkg/authentication/externalidp/awsiam/token_caching_test.go index 38e4e8cd53b..341c29bee4c 100644 --- a/pkg/authentication/externalidp/awsiam/token_caching_test.go +++ b/pkg/authentication/externalidp/awsiam/token_caching_test.go @@ -15,14 +15,14 @@ import ( func TestNewJWTCache(t *testing.T) { t.Run("with custom cache dir", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) require.NotEmpty(t, cache) require.Equal(t, filepath.Join(tempDir, ".lakectl", "cache", "lakectl_token_cache.json"), cache.FilePath) }) t.Run("with empty cache dir uses home dir", func(t *testing.T) { - cache, err := awsiam.NewJWTCache("", ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache("", "lakectl_token_cache.json") require.NoError(t, err) require.NotEmpty(t, cache) homeDir, _ := os.UserHomeDir() @@ -34,7 +34,7 @@ func TestNewJWTCache(t *testing.T) { func TestJWTCacheSaveToken(t *testing.T) { t.Run("saves valid token successfully", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) expirationTime := time.Now().Add(1 * time.Hour).Unix() @@ -63,7 +63,7 @@ func TestJWTCacheSaveToken(t *testing.T) { t.Run("handles nil token", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) err = cache.SaveToken(nil) @@ -76,7 +76,7 @@ func TestJWTCacheSaveToken(t *testing.T) { t.Run("handles token with empty string", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) token := &apigen.AuthenticationToken{ @@ -93,7 +93,7 @@ func TestJWTCacheSaveToken(t *testing.T) { t.Run("handles token without expiration", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) token := &apigen.AuthenticationToken{ @@ -113,7 +113,7 @@ func TestJWTCacheSaveToken(t *testing.T) { func TestJWTCacheGetToken(t *testing.T) { t.Run("loads valid non-expired token", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) expirationTime := time.Now().Add(1 * time.Hour).Unix() @@ -135,7 +135,7 @@ func TestJWTCacheGetToken(t *testing.T) { t.Run("returns nil when cache file doesn't exist", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) loadedToken, err := cache.GetToken() @@ -145,7 +145,7 @@ func TestJWTCacheGetToken(t *testing.T) { t.Run("returns error for corrupted cache file", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) // Write invalid JSON @@ -160,7 +160,7 @@ func TestJWTCacheGetToken(t *testing.T) { func TestJWTCacheSaveAndLoad(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, ".lakectl", "cache", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") require.NoError(t, err) expirationTime := time.Now().Add(30 * time.Minute).Unix() From 598354b1fcd4962fbb7c5936bbb34fcacdae68c6 Mon Sep 17 00:00:00 2001 From: Itamar Yuran Date: Wed, 3 Sep 2025 13:38:33 +0300 Subject: [PATCH 2/8] c --- cmd/lakectl/cmd/root.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/lakectl/cmd/root.go b/cmd/lakectl/cmd/root.go index 41a8da67a6c..1844aaf2975 100644 --- a/cmd/lakectl/cmd/root.go +++ b/cmd/lakectl/cmd/root.go @@ -183,7 +183,7 @@ const ( ) const ( - CacheFileName = "lakectl_token_cache.json" + cacheFileName = "lakectl_token_cache.json" ) var ( @@ -703,7 +703,7 @@ func getTokenCache() *awsiam.JWTCache { if err != nil { logging.ContextUnavailable().Debugf("Error getting user homedir: %w", err) } - cache, err := awsiam.NewJWTCache(homeDir, CacheFileName) + cache, err := awsiam.NewJWTCache(homeDir, CacheFileName) if err != nil { logging.ContextUnavailable().Debugf("Error creating token cache: %w", err) return nil From 5e9d30092b4e3837d33350b9626e861be2560412 Mon Sep 17 00:00:00 2001 From: Itamar Yuran Date: Wed, 3 Sep 2025 13:39:08 +0300 Subject: [PATCH 3/8] c --- cmd/lakectl/cmd/root.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/lakectl/cmd/root.go b/cmd/lakectl/cmd/root.go index 1844aaf2975..43a0b24bc87 100644 --- a/cmd/lakectl/cmd/root.go +++ b/cmd/lakectl/cmd/root.go @@ -703,7 +703,7 @@ func getTokenCache() *awsiam.JWTCache { if err != nil { logging.ContextUnavailable().Debugf("Error getting user homedir: %w", err) } - cache, err := awsiam.NewJWTCache(homeDir, CacheFileName) + cache, err := awsiam.NewJWTCache(homeDir, cacheFileName) if err != nil { logging.ContextUnavailable().Debugf("Error creating token cache: %w", err) return nil From e33597c5fd371ce02ebf893f6fe8846ac909cf41 Mon Sep 17 00:00:00 2001 From: Itamar Yuran Date: Wed, 3 Sep 2025 14:25:12 +0300 Subject: [PATCH 4/8] yalla --- cmd/lakectl/cmd/root.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/cmd/lakectl/cmd/root.go b/cmd/lakectl/cmd/root.go index 43a0b24bc87..2f1378df3cd 100644 --- a/cmd/lakectl/cmd/root.go +++ b/cmd/lakectl/cmd/root.go @@ -188,6 +188,7 @@ const ( var ( ErrTokenUnavailable = fmt.Errorf("token is not available") + ErrCacheUnavailable = fmt.Errorf("cache is not available") ) func withRecursiveFlag(cmd *cobra.Command, usage string) { @@ -695,7 +696,7 @@ func getToken() (*apigen.AuthenticationToken, error) { } return token, nil } - return nil, nil + return nil, ErrCacheUnavailable } func getTokenCache() *awsiam.JWTCache { @@ -713,7 +714,10 @@ func getTokenCache() *awsiam.JWTCache { func SaveTokenToCache(newToken *apigen.AuthenticationToken) error { cache := getTokenCache() - if cache == nil || newToken == nil { + if cache == nil { + return ErrCacheUnavailable + } + if newToken == nil { return ErrTokenUnavailable } if err := cache.SaveToken(newToken); err != nil { From 751a23b845751b9278e05879481525fe14f33e72 Mon Sep 17 00:00:00 2001 From: Itamar Yuran Date: Wed, 3 Sep 2025 16:48:56 +0300 Subject: [PATCH 5/8] cleaner; --- cmd/lakectl/cmd/root.go | 4 ++-- .../externalidp/awsiam/token_caching.go | 14 ++------------ 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/cmd/lakectl/cmd/root.go b/cmd/lakectl/cmd/root.go index 2f1378df3cd..49455eccb1f 100644 --- a/cmd/lakectl/cmd/root.go +++ b/cmd/lakectl/cmd/root.go @@ -702,11 +702,11 @@ func getToken() (*apigen.AuthenticationToken, error) { func getTokenCache() *awsiam.JWTCache { homeDir, err := os.UserHomeDir() if err != nil { - logging.ContextUnavailable().Debugf("Error getting user homedir: %w", err) + logging.ContextUnavailable().WithError(err).Debug("unable to get user homedir") } cache, err := awsiam.NewJWTCache(homeDir, cacheFileName) if err != nil { - logging.ContextUnavailable().Debugf("Error creating token cache: %w", err) + logging.ContextUnavailable().WithError(err).Debug("unable to create token cache") return nil } return cache diff --git a/pkg/authentication/externalidp/awsiam/token_caching.go b/pkg/authentication/externalidp/awsiam/token_caching.go index 8d9385c279f..42b8b73c9b2 100644 --- a/pkg/authentication/externalidp/awsiam/token_caching.go +++ b/pkg/authentication/externalidp/awsiam/token_caching.go @@ -14,8 +14,6 @@ var ErrInvalidTokenFormat = fmt.Errorf("token format is invalid") const ( ReadWriteExecuteOwnerOnly = 0700 - LakectlDirName = ".lakectl" - CacheDirName = "cache" ) type TokenCache struct { @@ -28,20 +26,12 @@ type JWTCache struct { } func NewJWTCache(baseDir, fileName string) (*JWTCache, error) { - if baseDir == "" { - var err error - baseDir, err = os.UserHomeDir() - if err != nil { - return nil, err - } - } - cachePath := filepath.Join(baseDir, LakectlDirName, CacheDirName) - if err := os.MkdirAll(cachePath, ReadWriteExecuteOwnerOnly); err != nil { + if err := os.MkdirAll(baseDir, ReadWriteExecuteOwnerOnly); err != nil { return nil, ErrFailedToCreateCacheDir } jwtCache := &JWTCache{ - FilePath: filepath.Join(cachePath, fileName), + FilePath: filepath.Join(baseDir, fileName), } return jwtCache, nil } From 21441edee53c078e36bd2cf08e2f197beef9a36e Mon Sep 17 00:00:00 2001 From: Itamar Yuran Date: Wed, 3 Sep 2025 16:56:46 +0300 Subject: [PATCH 6/8] lakectl_token_cache --- cmd/lakectl/cmd/root.go | 2 +- .../externalidp/awsiam/token_caching_test.go | 24 +++++++++---------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/cmd/lakectl/cmd/root.go b/cmd/lakectl/cmd/root.go index 49455eccb1f..f3917991f91 100644 --- a/cmd/lakectl/cmd/root.go +++ b/cmd/lakectl/cmd/root.go @@ -183,7 +183,7 @@ const ( ) const ( - cacheFileName = "lakectl_token_cache.json" + cacheFileName = ".lakectl_token_cache.json" ) var ( diff --git a/pkg/authentication/externalidp/awsiam/token_caching_test.go b/pkg/authentication/externalidp/awsiam/token_caching_test.go index 341c29bee4c..0f45fe2a049 100644 --- a/pkg/authentication/externalidp/awsiam/token_caching_test.go +++ b/pkg/authentication/externalidp/awsiam/token_caching_test.go @@ -15,18 +15,18 @@ import ( func TestNewJWTCache(t *testing.T) { t.Run("with custom cache dir", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) require.NotEmpty(t, cache) - require.Equal(t, filepath.Join(tempDir, ".lakectl", "cache", "lakectl_token_cache.json"), cache.FilePath) + require.Equal(t, filepath.Join(tempDir, ".lakectl_token_cache.json"), cache.FilePath) }) t.Run("with empty cache dir uses home dir", func(t *testing.T) { - cache, err := awsiam.NewJWTCache("", "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache("", ".lakectl_token_cache.json") require.NoError(t, err) require.NotEmpty(t, cache) homeDir, _ := os.UserHomeDir() - expectedPath := filepath.Join(homeDir, ".lakectl", "cache", "lakectl_token_cache.json") + expectedPath := filepath.Join(homeDir, ".lakectl_token_cache.json") require.Equal(t, expectedPath, cache.FilePath) }) } @@ -34,7 +34,7 @@ func TestNewJWTCache(t *testing.T) { func TestJWTCacheSaveToken(t *testing.T) { t.Run("saves valid token successfully", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) expirationTime := time.Now().Add(1 * time.Hour).Unix() @@ -63,7 +63,7 @@ func TestJWTCacheSaveToken(t *testing.T) { t.Run("handles nil token", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) err = cache.SaveToken(nil) @@ -76,7 +76,7 @@ func TestJWTCacheSaveToken(t *testing.T) { t.Run("handles token with empty string", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) token := &apigen.AuthenticationToken{ @@ -93,7 +93,7 @@ func TestJWTCacheSaveToken(t *testing.T) { t.Run("handles token without expiration", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) token := &apigen.AuthenticationToken{ @@ -113,7 +113,7 @@ func TestJWTCacheSaveToken(t *testing.T) { func TestJWTCacheGetToken(t *testing.T) { t.Run("loads valid non-expired token", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) expirationTime := time.Now().Add(1 * time.Hour).Unix() @@ -135,7 +135,7 @@ func TestJWTCacheGetToken(t *testing.T) { t.Run("returns nil when cache file doesn't exist", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) loadedToken, err := cache.GetToken() @@ -145,7 +145,7 @@ func TestJWTCacheGetToken(t *testing.T) { t.Run("returns error for corrupted cache file", func(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) // Write invalid JSON @@ -160,7 +160,7 @@ func TestJWTCacheGetToken(t *testing.T) { func TestJWTCacheSaveAndLoad(t *testing.T) { tempDir := t.TempDir() - cache, err := awsiam.NewJWTCache(tempDir, "lakectl_token_cache.json") + cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) expirationTime := time.Now().Add(30 * time.Minute).Unix() From 94eee8dc910f7f500d125344d05b39984e56a1aa Mon Sep 17 00:00:00 2001 From: Itamar Yuran Date: Wed, 3 Sep 2025 17:44:17 +0300 Subject: [PATCH 7/8] lint --- pkg/authentication/externalidp/awsiam/token_caching_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/authentication/externalidp/awsiam/token_caching_test.go b/pkg/authentication/externalidp/awsiam/token_caching_test.go index 0f45fe2a049..29b22fd8c27 100644 --- a/pkg/authentication/externalidp/awsiam/token_caching_test.go +++ b/pkg/authentication/externalidp/awsiam/token_caching_test.go @@ -18,7 +18,7 @@ func TestNewJWTCache(t *testing.T) { cache, err := awsiam.NewJWTCache(tempDir, ".lakectl_token_cache.json") require.NoError(t, err) require.NotEmpty(t, cache) - require.Equal(t, filepath.Join(tempDir, ".lakectl_token_cache.json"), cache.FilePath) + require.Equal(t, filepath.Join(tempDir, ".lakectl_token_cache.json"), cache.FilePath) }) t.Run("with empty cache dir uses home dir", func(t *testing.T) { @@ -26,7 +26,7 @@ func TestNewJWTCache(t *testing.T) { require.NoError(t, err) require.NotEmpty(t, cache) homeDir, _ := os.UserHomeDir() - expectedPath := filepath.Join(homeDir, ".lakectl_token_cache.json") + expectedPath := filepath.Join(homeDir, ".lakectl_token_cache.json") require.Equal(t, expectedPath, cache.FilePath) }) } From 628c6be75a6798d693e0f13d1ecdd78a7e64d3f9 Mon Sep 17 00:00:00 2001 From: Itamar Yuran Date: Wed, 3 Sep 2025 17:53:34 +0300 Subject: [PATCH 8/8] tests --- cmd/lakectl/cmd/root.go | 1 + .../externalidp/awsiam/token_caching_test.go | 9 --------- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/cmd/lakectl/cmd/root.go b/cmd/lakectl/cmd/root.go index f3917991f91..ed12a1da672 100644 --- a/cmd/lakectl/cmd/root.go +++ b/cmd/lakectl/cmd/root.go @@ -703,6 +703,7 @@ func getTokenCache() *awsiam.JWTCache { homeDir, err := os.UserHomeDir() if err != nil { logging.ContextUnavailable().WithError(err).Debug("unable to get user homedir") + return nil } cache, err := awsiam.NewJWTCache(homeDir, cacheFileName) if err != nil { diff --git a/pkg/authentication/externalidp/awsiam/token_caching_test.go b/pkg/authentication/externalidp/awsiam/token_caching_test.go index 29b22fd8c27..f1f3fd04957 100644 --- a/pkg/authentication/externalidp/awsiam/token_caching_test.go +++ b/pkg/authentication/externalidp/awsiam/token_caching_test.go @@ -20,15 +20,6 @@ func TestNewJWTCache(t *testing.T) { require.NotEmpty(t, cache) require.Equal(t, filepath.Join(tempDir, ".lakectl_token_cache.json"), cache.FilePath) }) - - t.Run("with empty cache dir uses home dir", func(t *testing.T) { - cache, err := awsiam.NewJWTCache("", ".lakectl_token_cache.json") - require.NoError(t, err) - require.NotEmpty(t, cache) - homeDir, _ := os.UserHomeDir() - expectedPath := filepath.Join(homeDir, ".lakectl_token_cache.json") - require.Equal(t, expectedPath, cache.FilePath) - }) } func TestJWTCacheSaveToken(t *testing.T) {