type testGenerator … func (t *testGenerator) GenerateToken(sc *jwt.Claims, pc interface{ … } // emptySecretReferences is used by a service account without any secrets func emptySecretReferences() []v1.ObjectReference { … } // missingSecretReferences is used by a service account that references secrets which do no exist func missingSecretReferences() []v1.ObjectReference { … } // regularSecretReferences is used by a service account that references secrets which are not ServiceAccountTokens func regularSecretReferences() []v1.ObjectReference { … } // tokenSecretReferences is used by a service account that references a ServiceAccountToken secret func tokenSecretReferences() []v1.ObjectReference { … } // serviceAccount returns a service account with the given secret refs func serviceAccount(secretRefs []v1.ObjectReference) *v1.ServiceAccount { … } // updatedServiceAccount returns a service account with the resource version modified func updatedServiceAccount(secretRefs []v1.ObjectReference) *v1.ServiceAccount { … } // opaqueSecret returns a persisted non-ServiceAccountToken secret named "regular-secret-1" func opaqueSecret() *v1.Secret { … } // serviceAccountTokenSecret returns an existing ServiceAccountToken secret named "token-secret-1" func serviceAccountTokenSecret() *v1.Secret { … } // serviceAccountTokenSecretWithoutTokenData returns an existing ServiceAccountToken secret that lacks token data func serviceAccountTokenSecretWithoutTokenData() *v1.Secret { … } // serviceAccountTokenSecretWithoutCAData returns an existing ServiceAccountToken secret that lacks ca data func serviceAccountTokenSecretWithoutCAData() *v1.Secret { … } // serviceAccountTokenSecretWithCAData returns an existing ServiceAccountToken secret with the specified ca data func serviceAccountTokenSecretWithCAData(data []byte) *v1.Secret { … } // serviceAccountTokenSecretWithoutNamespaceData returns an existing ServiceAccountToken secret that lacks namespace data func serviceAccountTokenSecretWithoutNamespaceData() *v1.Secret { … } // serviceAccountTokenSecretWithNamespaceData returns an existing ServiceAccountToken secret with the specified namespace data func serviceAccountTokenSecretWithNamespaceData(data []byte) *v1.Secret { … } type reaction … func TestTokenCreation(t *testing.T) { … }