k8s-client 0.6.4 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: eba459f35445e6a9712b9c13f4aae1a1e64ee54671c2e79312961814e128a8a0
-  data.tar.gz: 645af48b165e0d3993f76dee2f4e0cbf81a9df2175ba6b7faabecf88eb22fc11
+  metadata.gz: 15012c4385d7320b4026e0da41c3092623ff3b157e3115e4d6a908e56a5af926
+  data.tar.gz: 2a8b4a339cff5223c5c7a601b01d60af5313abde8ba42ad9cace8cda0fd6b510
 SHA512:
-  metadata.gz: 198809fd3961246fe35ac9f8b31bf986573978e1aa60281b38ba53e610f1620c8cefee834f8e12a6a782ea30c0a2ba61d9b660f10d7f3dd0ca28ae6d81f714f6
-  data.tar.gz: 244edac8e01d0896b3b6770f9e414393418aaeb3bc3152154c505f6d5288250b46aef9f0323ece7e74c79738ebb05546f2010bbc4ebfa467cee2847499e9f382
+  metadata.gz: ce43ce55808589458ce1f6e002fd3687e78adc015c57f200791109fd88e664a9a11c80284cd60514a7822fc89662f7b23617b2802c8b90a99be31c8355ad62cc
+  data.tar.gz: bbf4c9f9b66412bf179555a4d8ba3ae807f24a2629709efe8ed2ecbd466eeeca7597571685518afc246cec98e05602a050ba148409f8955114b3de373b1c0e1f

data/.travis.yml

@@ -3,6 +3,7 @@ language: ruby
 rvm:
 - '2.4'
 - '2.5'
+- '2.6'
 - ruby-head
 matrix:
   allow_failures:

data/README.md

@@ -5,7 +5,7 @@
 [![Yard Docs](http://img.shields.io/badge/yard-docs-blue.svg)](http://www.rubydoc.info/github/kontena/k8s-client/master)
 
 
-Ruby client library for the Kubernetes (1.11) API
+Ruby client library for the Kubernetes (1.9+) API
 
 ## Highlights
 
@@ -60,7 +60,11 @@ The keyword options are [Excon](https://github.com/excon/excon/) options.
 #### Client from kubeconfig
 
 ```ruby
-client = K8s::Client.config(K8s::Config.load_file('~/.kube/config'))
+client = K8s::Client.config(
+  K8s::Config.load_file(
+    File.expand_path '~/.kube/config'
+  )
+)
 ```
 
 #### Supported kubeconfig options

data/k8s-client.gemspec

@@ -30,6 +30,7 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'hashdiff', '~> 0.3.7'
   spec.add_runtime_dependency 'jsonpath', '~> 0.9.5'
   spec.add_runtime_dependency 'yajl-ruby', '~> 1.4.0'
+  spec.add_runtime_dependency "yaml-safe_load_stream", "~> 0.1"
 
   spec.add_development_dependency "bundler", "~> 1.16"
   spec.add_development_dependency "rake", "~> 10.0"

data/lib/k8s/api.rb

@@ -19,7 +19,7 @@ module K8s
       # @param data [Hash]
       # @return [self]
       def self.from_json(data)
-        new(data)
+        new(Yajl::Parser.parse(data))
       end
 
       # @return [String]

data/lib/k8s/api_client.rb

@@ -55,8 +55,11 @@ module K8s
     end
 
     # @param resource_name [String]
+    # @raise [K8s::Error::UndefinedResource]
+    # @return [K8s::API::MetaV1::APIResource]
     def find_api_resource(resource_name)
       found_resource = api_resources.find{ |api_resource| api_resource.name == resource_name }
+      found_resource ||= api_resources!.find{ |api_resource| api_resource.name == resource_name }
       raise K8s::Error::UndefinedResource, "Unknown resource #{resource_name} for #{@api_version}" unless found_resource
 
       found_resource
@@ -64,7 +67,7 @@ module K8s
 
     # @param resource_name [String]
     # @param namespace [String, nil]
-    # @raise [K8s::Error] unknown resource
+    # @raise [K8s::Error::UndefinedResource]
     # @return [K8s::ResourceClient]
     def resource(resource_name, namespace: nil)
       ResourceClient.new(@transport, self, find_api_resource(resource_name), namespace: namespace)
@@ -72,7 +75,6 @@ module K8s
 
     # @param resource [K8s::Resource]
     # @param namespace [String, nil] default if resource is missing namespace
-    # @raise [K8s::Error::NotFound] API Group does not exist
     # @raise [K8s::Error::UndefinedResource]
     # @return [K8s::ResourceClient]
     def client_for_resource(resource, namespace: nil)
@@ -81,10 +83,10 @@ module K8s
       end
 
       found_resource = api_resources.find{ |api_resource| api_resource.kind == resource.kind }
+      found_resource ||= api_resources!.find{ |api_resource| api_resource.kind == resource.kind }
       raise K8s::Error::UndefinedResource, "Unknown resource kind=#{resource.kind} for #{@api_version}" unless found_resource
 
-      ResourceClient.new(@transport, self, found_resource,
-                         namespace: resource.metadata.namespace || namespace)
+      ResourceClient.new(@transport, self, found_resource, namespace: resource.metadata.namespace || namespace)
     end
 
     # TODO: skip non-namespaced resources if namespace is given, or ignore namespace?

data/lib/k8s/client.rb

@@ -41,15 +41,50 @@ module K8s
       )
     end
 
+    # An K8s::Client instance from in-cluster config within a kube pod, using the kubernetes service envs and serviceaccount secrets
+    # @see K8s::Transport#in_cluster_config
+    #
+    # @param namespace [String] default namespace for all operations
+    # @return [K8s::Client]
+    # @raise [K8s::Error::Config,Errno::ENOENT,Errno::EACCES]
+    def self.in_cluster_config(namespace: nil)
+      new(Transport.in_cluster_config, namespace: namespace)
+    end
+
+    # Attempts to create a K8s::Client instance automatically using environment variables, existing configuration
+    # files or in cluster configuration.
+    #
+    # Look-up order:
+    #   - KUBE_TOKEN, KUBE_CA, KUBE_SERVER environment variables
+    #   - KUBECONFIG environment variable
+    #   - $HOME/.kube/config file
+    #   - In cluster configuration
+    #
+    # Will raise when no means of configuration is available
+    #
+    # @param options [Hash] default namespace for all operations
+    # @raise [K8s::Error::Config,Errno::ENOENT,Errno::EACCES]
     # @return [K8s::Client]
-    def self.in_cluster_config
-      new(Transport.in_cluster_config)
+    def self.autoconfig(namespace: nil, **options)
+      if ENV.values_at('KUBE_TOKEN', 'KUBE_CA', 'KUBE_SERVER').none? { |v| v.nil? || v.empty? }
+        configuration = K8s::Config.build(server: ENV['KUBE_SERVER'], ca: ENV['KUBE_CA'], auth_token: options[:auth_token] || ENV['KUBE_TOKEN'])
+      elsif !ENV['KUBECONFIG'].to_s.empty?
+        configuration = K8s::Config.from_kubeconfig_env(ENV['KUBECONFIG'], auth_token: options[:auth_token])
+      elsif File.exist?(File.join(Dir.home, '.kube', 'config'))
+        configuration = K8s::Config.load_file(File.join(Dir.home, '.kube', 'config'))
+      end
+
+      if configuration
+        config(configuration, namespace: namespace, **options)
+      else
+        in_cluster_config(namespace: namespace, **options)
+      end
     end
 
     attr_reader :transport
 
     # @param transport [K8s::Transport]
-    # @param namespace [String] default namespace for all operations
+    # @param namespace [String, nil] default namespace for all operations
     def initialize(transport, namespace: nil)
       @transport = transport
       @namespace = namespace
@@ -191,6 +226,9 @@ module K8s
       client_for_resource(resource).delete_resource(resource, **options)
     end
 
+    # @param resource [K8s::Resource]
+    # @param attrs [Hash]
+    # @return [K8s::Client]
     def patch_resource(resource, attrs)
       client_for_resource(resource).json_patch(resource.metadata.name, attrs)
     end

data/lib/k8s/client/version.rb

@@ -3,6 +3,6 @@
 module K8s
   class Client
     # Updated on releases using semver.
-    VERSION = "0.6.4"
+    VERSION = "0.7.0"
   end
 end

data/lib/k8s/config.rb

@@ -2,6 +2,7 @@
 
 require 'dry-struct'
 require 'dry-types'
+require 'base64'
 require 'yaml'
 
 module K8s
@@ -90,30 +91,112 @@ module K8s
 
     attribute :kind, Types::Strict::String.optional.default(nil)
     attribute :apiVersion, Types::Strict::String.optional.default(nil)
-    attribute :preferences, Types::Strict::Hash.optional.default(nil)
-    attribute :clusters, Types::Strict::Array.of(NamedCluster)
-    attribute :users, Types::Strict::Array.of(NamedUser)
-    attribute :contexts, Types::Strict::Array.of(NamedContext)
-    attribute :current_context, Types::Strict::String
-    attribute :extensions, Types::Strict::Array.optional.default(nil)
+    attribute :preferences, Types::Strict::Hash.optional.default(proc { {} })
+    attribute :clusters, Types::Strict::Array.of(NamedCluster).optional.default(proc { [] })
+    attribute :users, Types::Strict::Array.of(NamedUser).optional.default(proc { [] })
+    attribute :contexts, Types::Strict::Array.of(NamedContext).optional.default(proc { [] })
+    attribute :current_context, Types::Strict::String.optional.default(nil)
+    attribute :extensions, Types::Strict::Array.optional.default(proc { [] })
 
+    # Loads a configuration from a YAML file
+    #
     # @param path [String]
     # @return [K8s::Config]
     def self.load_file(path)
-      new(YAML.load_file(path))
+      new(YAML.safe_load(File.read(path)))
+    end
+
+    # Loads configuration files listed in KUBE_CONFIG environment variable and
+    # merged using the configuration merge rules, @see K8s::Config.merge
+    #
+    # @param kubeconfig [String] by default read from ENV['KUBECONFIG']
+    def self.from_kubeconfig_env(kubeconfig = nil)
+      kubeconfig ||= ENV.fetch('KUBECONFIG', '')
+      return if kubeconfig.empty?
+
+      paths = kubeconfig.split(/(?!\\):/)
+      return load_file(paths.first) if paths.size == 1
+
+      paths.inject(load_file(paths.shift)) do |memo, other_cfg|
+        memo.merge(load_file(other_cfg))
+      end
+    end
+
+    # Build a minimal configuration from at least a server address, server certificate authority data and an access token.
+    #
+    # @param server [String] kubernetes server address
+    # @param ca [String] server certificate authority data
+    # @param token [String] access token (optionally base64 encoded)
+    # @param cluster_name [String] cluster name
+    # @param user [String] user name
+    # @param context [String] context name
+    # @param options [Hash] (see #initialize)
+    def self.build(server:, ca:, auth_token:, cluster_name: 'kubernetes', user: 'k8s-client', context: 'k8s-client', **options)
+      begin
+        decoded_token = Base64.strict_decode64(auth_token)
+      rescue ArgumentError
+        decoded_token = nil
+      end
+
+      new(
+        {
+          clusters: [{ name: cluster_name, cluster: { server: server, certificate_authority_data: ca } }],
+          users: [{ name: user, user: { token: decoded_token || auth_token } }],
+          contexts: [{ name: context, context: { cluster: cluster_name, user: user } }],
+          current_context: context
+        }.merge(options)
+      )
+    end
+
+    # Merges configuration according to the rules specified in
+    # https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#merging-kubeconfig-files
+    #
+    # @param other [Hash, K8s::Config]
+    # @return [K8s::Config]
+    def merge(other)
+      old_attributes = attributes
+      other_attributes = other.is_a?(Hash) ? other : other.attributes
+
+      old_attributes.merge!(other_attributes) do |key, old_value, new_value|
+        case key
+        when :clusters, :contexts, :users
+          old_value + new_value.reject do |new_mapping|
+            old_value.any? { |old_mapping| old_mapping[:name] == new_mapping[:name] }
+          end
+        else
+          case old_value
+          when Array
+            (old_value + new_value).uniq
+          when Hash
+            old_value.merge(new_value) do |_key, inner_old_value, inner_new_value|
+              inner_old_value.nil? ? inner_new_value : inner_old_value
+            end
+          when NilClass
+            new_value
+          else
+            STDERR.puts "key is #{key} old val is #{old_value.inspect} and new val is #{new_value.inspect}"
+            old_value
+          end
+        end
+      end
+
+      self.class.new(old_attributes)
     end
 
+    # @param name [String]
     # TODO: raise error if not found
     # @return [K8s::Config::Context]
     def context(name = current_context)
       contexts.find{ |context| context.name == name }.context
     end
 
+    # @param name [String]
     # @return [K8s::Config::Cluster]
     def cluster(name = context.cluster)
       clusters.find{ |cluster| cluster.name == name }.cluster
     end
 
+    # @param name [String]
     # @return [K8s::Config::User]
     def user(name = context.user)
       users.find{ |user| user.name == name }.user

data/lib/k8s/error.rb

@@ -60,5 +60,7 @@ module K8s
     # Attempt to create a ResourceClient for an unknown resource type.
     # The client cannot construct the correct API URL without having the APIResource definition.
     UndefinedResource = Class.new(Error)
+
+    Configuration = Class.new(Error)
   end
 end

data/lib/k8s/resource.rb

@@ -4,6 +4,7 @@ require 'deep_merge'
 require 'recursive-open-struct'
 require 'hashdiff'
 require 'forwardable'
+require 'yaml/safe_load_stream'
 
 module K8s
   # generic untyped resource
@@ -11,16 +12,18 @@ module K8s
     extend Forwardable
     include Comparable
 
-    # @param data [Hash]
+    using YAMLSafeLoadStream
+
+    # @param data [String]
     # @return [self]
     def self.from_json(data)
-      new(data)
+      new(Yajl::Parser.parse(data))
     end
 
     # @param filename [String] file path
     # @return [K8s::Resource]
     def self.from_file(filename)
-      new(YAML.load_file(filename))
+      new(YAML.safe_load(File.read(filename), [], [], true, filename))
     end
 
     # @param path [String] file path
@@ -32,11 +35,13 @@ module K8s
         # recurse
         Dir.glob("#{path}/*.{yml,yaml}").sort.map { |dir| from_files(dir) }.flatten
       else
-        ::YAML.load_stream(File.read(path), path).map{ |doc| new(doc) }
+        YAML.safe_load_stream(File.read(path), path).map{ |doc| new(doc) }
       end
     end
 
     # @param hash [Hash]
+    # @param recurse_over_arrays [Boolean]
+    # @param options [Hash] see RecursiveOpenStruct#initialize
     def initialize(hash, recurse_over_arrays: true, **options)
       super(hash,
         recurse_over_arrays: recurse_over_arrays,
@@ -44,6 +49,7 @@ module K8s
       )
     end
 
+    # @param options [Hash] see Hash#to_json
     # @return [String]
     def to_json(**options)
       to_hash.to_json(**options)
@@ -69,34 +75,43 @@ module K8s
       self.class.new(h)
     end
 
+    # @return [String]
     def checksum
       @checksum ||= Digest::MD5.hexdigest(Marshal.dump(to_hash))
     end
 
+    # @param attrs [Hash]
+    # @param config_annotation [String]
+    # @return [Hash]
     def merge_patch_ops(attrs, config_annotation)
       Util.json_patch(current_config(config_annotation), stringify_hash(attrs))
     end
 
     # Gets the existing resources (on kube api) configuration, an empty hash if not present
     #
+    # @param config_annotation [String]
     # @return [Hash]
     def current_config(config_annotation)
       current_cfg = metadata.annotations&.dig(config_annotation)
       return {} unless current_cfg
 
-      current_hash = JSON.parse(current_cfg)
+      current_hash = Yajl::Parser.parse(current_cfg)
       # kubectl adds empty metadata.namespace, let's fix it
       current_hash['metadata'].delete('namespace') if current_hash.dig('metadata', 'namespace').to_s.empty?
 
       current_hash
     end
 
+    # @param config_annotation [String]
+    # @return [Boolean]
     def can_patch?(config_annotation)
       !!metadata.annotations&.dig(config_annotation)
     end
 
+    # @param hash [Hash]
+    # @return [Hash]
     def stringify_hash(hash)
-      JSON.parse(JSON.dump(hash))
+      Yajl::Parser.parse(JSON.dump(hash))
     end
   end
 end

data/lib/k8s/resource_client.rb

@@ -7,8 +7,8 @@ module K8s
   class ResourceClient
     # Common helpers used in both class/instance methods
     module Utils
-      # @param selector [nil, String, Hash{String => String}]
-      # @return [nil, String]
+      # @param selector [NilClass, String, Hash{String => String}]
+      # @return [NilClass, String]
       def selector_query(selector)
         case selector
         when nil
@@ -23,7 +23,7 @@ module K8s
       end
 
       # @param options [Hash]
-      # @return [Hash, nil]
+      # @return [Hash, NilClass]
       def make_query(options)
         query = options.compact
 
@@ -66,6 +66,7 @@ module K8s
     # @param api_client [K8s::APIClient]
     # @param api_resource [K8s::API::MetaV1::APIResource]
     # @param namespace [String]
+    # @param resource_class [Class]
     def initialize(transport, api_client, api_resource, namespace: nil, resource_class: K8s::Resource)
       @transport = transport
       @api_client = api_client
@@ -115,11 +116,14 @@ module K8s
     # @return [class] K8s::Resource
     attr_reader :resource_class
 
-    # @return [Bool]
+    # @return [Boolean]
     def namespaced?
       !!@api_resource.namespaced
     end
 
+    # @param name [NilClass, String]
+    # @param subresource [String, NilClass]
+    # @param namespace [String, NilClass]
     # @return [String]
     def path(name = nil, subresource: @subresource, namespace: @namespace)
       namespace_part = namespace ? ['namespaces', namespace] : []
@@ -138,8 +142,8 @@ module K8s
       @api_resource.verbs.include? 'create'
     end
 
-    # @param resource [resource_class] with metadata.namespace and metadata.name set
-    # @return [resource_class]
+    # @param resource [#metadata] with metadata.namespace and metadata.name set
+    # @return [Object] instance of resource_class
     def create_resource(resource)
       @transport.request(
         method: 'POST',
@@ -154,7 +158,9 @@ module K8s
       @api_resource.verbs.include? 'get'
     end
 
-    # @return [resource_class]
+    # @param name [String]
+    # @param namespace [String, NilClass]
+    # @return [Object] instance of resource_class
     def get(name, namespace: @namespace)
       @transport.request(
         method: 'GET',
@@ -164,7 +170,7 @@ module K8s
     end
 
     # @param resource [resource_class]
-    # @return [resource_class]
+    # @return [Object] instance of resource_class
     def get_resource(resource)
       @transport.request(
         method: 'GET',
@@ -179,7 +185,7 @@ module K8s
     end
 
     # @param list [K8s::API::MetaV1::List]
-    # @return [Array<resource_class>]
+    # @return [Array<Object>] array of instances of resource_class
     def process_list(list)
       list.items.map { |item|
         # list items omit kind/apiVersion
@@ -190,7 +196,7 @@ module K8s
     # @param labelSelector [nil, String, Hash{String => String}]
     # @param fieldSelector [nil, String, Hash{String => String}]
     # @param namespace [nil, String]
-    # @return [Array<resource_class>]
+    # @return [Array<Object>] array of instances of resource_class
     def list(labelSelector: nil, fieldSelector: nil, namespace: @namespace)
       list = meta_list(labelSelector: labelSelector, fieldSelector: fieldSelector, namespace: namespace)
       process_list(list)
@@ -243,13 +249,13 @@ module K8s
       )
     end
 
-    # @return [Bool]
+    # @return [Boolean]
     def update?
       @api_resource.verbs.include? 'update'
     end
 
-    # @param resource [resource_class] with metadata.resourceVersion set
-    # @return [resource_class]
+    # @param resource [#metadata] with metadata.resourceVersion set
+    # @return [Object] instance of resource_class
     def update_resource(resource)
       @transport.request(
         method: 'PUT',
@@ -259,16 +265,16 @@ module K8s
       )
     end
 
-    # @return [Bool]
+    # @return [Boolean]
     def patch?
       @api_resource.verbs.include? 'patch'
     end
 
     # @param name [String]
-    # @param obj [Object] supporting to_json
-    # @param namespace [String]
+    # @param obj [#to_json]
+    # @param namespace [String, nil]
     # @param strategic_merge [Boolean] use kube Strategic Merge Patch instead of standard Merge Patch (arrays of objects are merged by name)
-    # @return [resource_class]
+    # @return [Object] instance of resource_class
     def merge_patch(name, obj, namespace: @namespace, strategic_merge: true)
       @transport.request(
         method: 'PATCH',
@@ -281,8 +287,8 @@ module K8s
 
     # @param name [String]
     # @param ops [Hash] json-patch operations
-    # @param namespace [String]
-    # @return [resource_class]
+    # @param namespace [String, nil]
+    # @return [Object] instance of resource_class
     def json_patch(name, ops, namespace: @namespace)
       @transport.request(
         method: 'PATCH',
@@ -293,14 +299,14 @@ module K8s
       )
     end
 
-    # @return [Bool]
+    # @return [Boolean]
     def delete?
       @api_resource.verbs.include? 'delete'
     end
 
     # @param name [String]
-    # @param namespace [String]
-    # @param propagationPolicy [String] The propagationPolicy to use for the API call. Possible values include “Orphan”, “Foreground”, or “Background”
+    # @param namespace [String, nil]
+    # @param propagationPolicy [String, nil] The propagationPolicy to use for the API call. Possible values include “Orphan”, “Foreground”, or “Background”
     # @return [K8s::API::MetaV1::Status]
     def delete(name, namespace: @namespace, propagationPolicy: nil)
       @transport.request(
@@ -313,10 +319,11 @@ module K8s
       )
     end
 
-    # @param namespace [String]
+    # @param namespace [String, nil]
     # @param labelSelector [nil, String, Hash{String => String}]
     # @param fieldSelector [nil, String, Hash{String => String}]
-    # @return [K8s::API::MetaV1::Status]
+    # @param propagationPolicy [String, nil]
+    # @return [Array<Object>] array of instances of resource_class
     def delete_collection(namespace: @namespace, labelSelector: nil, fieldSelector: nil, propagationPolicy: nil)
       list = @transport.request(
         method: 'DELETE',

data/lib/k8s/stack.rb

@@ -25,6 +25,7 @@ module K8s
 
     # @param name [String] unique name for stack
     # @param path [String] load resources from YAML files
+    # @param options [Hash] see Stack#initialize
     # @return [K8s::Stack]
     def self.load(name, path, **options)
       resources = K8s::Resource.from_files(path)
@@ -35,6 +36,8 @@ module K8s
     # @param path [String] load resources from YAML files
     # @param client [K8s::Client] apply using client
     # @param prune [Boolean] delete old resources
+    # @param options [Hash] see Stack#initialize
+    # @return [K8s::Stack]
     def self.apply(name, path, client, prune: true, **options)
       load(name, path, **options).apply(client, prune: prune)
     end
@@ -49,6 +52,12 @@ module K8s
 
     attr_reader :name, :resources
 
+    # @param name [String]
+    # @param resources [Array<K8s::Resource>]
+    # @param debug [Boolean]
+    # @param label [String]
+    # @param checksum_annotation [String]
+    # @param last_config_annotation [String]
     def initialize(name, resources = [], debug: false, label: self.class::LABEL, checksum_annotation: self.class::CHECKSUM_ANNOTATION, last_configuration_annotation: self.class::LAST_CONFIG_ANNOTATION)
       @name = name
       @resources = resources
@@ -83,6 +92,7 @@ module K8s
     end
     # rubocop:enable Lint/UnusedMethodArgument
 
+    # @param client [K8s::Client]
     # @return [Array<K8s::Resource>]
     def apply(client, prune: true)
       server_resources = client.get_resources(resources)
@@ -110,15 +120,22 @@ module K8s
     end
 
     # key MUST NOT include resource.apiVersion: the same kind can be aliased in different APIs
+    # @param resource [K8s::Resource]
+    # @return [K8s::Resource]
     def keep_resource!(resource)
       @keep_resources["#{resource.kind}:#{resource.metadata.name}@#{resource.metadata.namespace}"] = resource.metadata.annotations[@checksum_annotation]
     end
 
+    # @param resource [K8s::Resource]
+    # @return [Boolean]
     def keep_resource?(resource)
       @keep_resources["#{resource.kind}:#{resource.metadata.name}@#{resource.metadata.namespace}"] == resource.metadata.annotations[@checksum_annotation]
     end
 
     # Delete all stack resources that were not applied
+    # @param client [K8s::Client]
+    # @param keep_resources [NilClass, Boolean]
+    # @param skip_forbidden [Boolean]
     def prune(client, keep_resources:, skip_forbidden: true)
       # using skip_forbidden: assume we can't create resource types that we are forbidden to list, so we don't need to prune them either
       client.list_resources(labelSelector: { @label => name }, skip_forbidden: skip_forbidden).sort do |a, b|
@@ -156,6 +173,7 @@ module K8s
     end
 
     # Delete all stack resources
+    # @param client [K8s::Client]
     def delete(client)
       prune(client, keep_resources: false)
     end

data/lib/k8s/transport.rb

@@ -92,16 +92,23 @@ module K8s
 
     # In-cluster config within a kube pod, using the kubernetes service envs and serviceaccount secrets
     #
+    # @param options [Hash] see #new
     # @return [K8s::Transport]
-    def self.in_cluster_config
-      host = ENV['KUBERNETES_SERVICE_HOST']
-      port = ENV['KUBERNETES_SERVICE_PORT_HTTPS']
+    # @raise [K8s::Error::Config] when the environment variables KUBERNETES_SEVICE_HOST and KUBERNETES_SERVICE_PORT_HTTPS are not set
+    # @raise [Errno::ENOENT,Errno::EACCES] when /var/run/secrets/kubernetes.io/serviceaccount/ca.crt or /var/run/secrets/kubernetes.io/serviceaccount/token can not be read
+    def self.in_cluster_config(**options)
+      host = ENV['KUBERNETES_SERVICE_HOST'].to_s
+      raise(K8s::Error::Config, "in_cluster_config failed: KUBERNETES_SERVICE_HOST environment not set") if host.empty?
+
+      port = ENV['KUBERNETES_SERVICE_PORT_HTTPS'].to_s
+      raise(K8s::Error::Config, "in_cluster_config failed: KUBERNETES_SERVICE_HOST environment not set") if port.empty?
 
       new(
         "https://#{host}:#{port}",
-        ssl_verify_peer: true,
-        ssl_ca_file: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt',
-        auth_token: File.read('/var/run/secrets/kubernetes.io/serviceaccount/token')
+        ssl_verify_peer: options.key?(:ssl_verify_peer) ? options.delete(:ssl_verify_peer) : true,
+        ssl_ca_file: options.delete(:ssl_ca_file) || '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt',
+        auth_token: options.delete(:auth_token) || File.read('/var/run/secrets/kubernetes.io/serviceaccount/token'),
+        **options
       )
     end
 
@@ -155,6 +162,7 @@ module K8s
     end
 
     # @param options [Hash] as passed to Excon#request
+    # @return [String]
     def format_request(options)
       method = options[:method]
       path = options[:path]
@@ -173,7 +181,7 @@ module K8s
 
     # @param response [Hash] as returned by Excon#request
     # @param request_options [Hash] as passed to Excon#request
-    # @param response_class [Class] decode response body using #from_json
+    # @param response_class [Class] coerce into response body using #new
     # @raise [K8s::Error]
     # @raise [Excon::Error] TODO: wrap
     # @return [response_class, Hash]
@@ -201,7 +209,7 @@ module K8s
 
         return response_data unless response_class
 
-        response_class.from_json(response_data)
+        response_class.new(response_data)
       else
         error_class = K8s::Error::HTTP_STATUS_ERRORS[response.status] || K8s::Error::API
 
@@ -217,8 +225,9 @@ module K8s
       end
     end
 
-    # @param response_class [Class] decode response body using #from_json
+    # @param response_class [Class] coerce into response class using #new
     # @param options [Hash] @see Excon#request
+    # @return [response_class, Hash]
     def request(response_class: nil, **options)
       if options[:method] == 'DELETE' && need_delete_body?
         options[:request_object] = options.delete(:query)
@@ -248,7 +257,7 @@ module K8s
     # @param skip_forbidden [Boolean] return nil for HTTP 403 responses
     # @param retry_errors [Boolean] retry with non-pipelined request for HTTP 503 responses
     # @param common_options [Hash] @see #request, merged with the per-request options
-    # @return [Array<response_class, Hash, nil>]
+    # @return [Array<response_class, Hash, NilClass>]
     def requests(*options, skip_missing: false, skip_forbidden: false, retry_errors: true, **common_options)
       return [] if options.empty? # excon chokes
 
@@ -297,13 +306,14 @@ module K8s
       )
     end
 
-    # @return [true, false] true if delete options should be sent as bode of the DELETE request
+    # @return [Boolean] true if delete options should be sent as bode of the DELETE request
     def need_delete_body?
       @need_delete_body ||= Gem::Version.new(version.gitVersion.match(/v*(.*)/)[1]) < DELETE_OPTS_BODY_VERSION_MIN
     end
 
     # @param path [Array<String>] @see #path
     # @param options [Hash] @see #request
+    # @return [Array<response_class, Hash, NilClass>]
     def get(*path, **options)
       request(
         method: 'GET',
@@ -314,6 +324,7 @@ module K8s
 
     # @param paths [Array<String>]
     # @param options [Hash] @see #request
+    # @return [Array<response_class, Hash, NilClass>]
     def gets(*paths, **options)
       requests(
         *paths.map do |path|

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: k8s-client
 version: !ruby/object:Gem::Version
-  version: 0.6.4
+  version: 0.7.0
 platform: ruby
 authors:
 - Kontena, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-12-12 00:00:00.000000000 Z
+date: 2019-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: excon
@@ -108,6 +108,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 1.4.0
+- !ruby/object:Gem::Dependency
+  name: yaml-safe_load_stream
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement