k8s-ruby 0.10.5

data/lib/k8s/config.rb

@@ -0,0 +1,208 @@
+# frozen_string_literal: true
+
+require 'dry-struct'
+require 'dry-types'
+require 'base64'
+require 'yaml'
+
+module K8s
+  # Common struct type for kubeconfigs:
+  #
+  # * converts string keys to symbols
+  # * normalizes foo-bar to foo_bar
+  class ConfigStruct < Dry::Struct
+    transform_keys do |key|
+      case key
+      when String
+        key.tr('-', '_').to_sym
+      else
+        key
+      end
+    end
+  end
+
+  # @see https://godoc.org/k8s.io/client-go/tools/clientcmd/api/v1#Config
+  class Config < ConfigStruct
+    # Common dry-types for config
+    class Types
+      include Dry::Types.module
+    end
+
+    # structured cluster
+    class Cluster < ConfigStruct
+      attribute :server, Types::String
+      attribute :insecure_skip_tls_verify, Types::Bool.optional.default(nil)
+      attribute :certificate_authority, Types::String.optional.default(nil)
+      attribute :certificate_authority_data, Types::String.optional.default(nil)
+      attribute :extensions, Types::Strict::Array.optional.default(nil)
+    end
+
+    # structured cluster with name
+    class NamedCluster < ConfigStruct
+      attribute :name, Types::String
+      attribute :cluster, Cluster
+    end
+
+    # structured user auth provider
+    class UserAuthProvider < ConfigStruct
+      attribute :name, Types::String
+      attribute :config, Types::Strict::Hash
+    end
+
+    # structured user exec
+    class UserExec < ConfigStruct
+      attribute :command, Types::String
+      attribute :apiVersion, Types::String
+      attribute :env, Types::Strict::Array.of(Types::Hash).optional.default(nil)
+      attribute :args, Types::Strict::Array.of(Types::String).optional.default(nil)
+    end
+
+    # structured user
+    class User < ConfigStruct
+      attribute :client_certificate, Types::String.optional.default(nil)
+      attribute :client_certificate_data, Types::String.optional.default(nil)
+      attribute :client_key, Types::String.optional.default(nil)
+      attribute :client_key_data, Types::String.optional.default(nil)
+      attribute :token, Types::String.optional.default(nil)
+      attribute :tokenFile, Types::String.optional.default(nil)
+      attribute :as, Types::String.optional.default(nil)
+      attribute :as_groups, Types::Array.of(Types::String).optional.default(nil)
+      attribute :as_user_extra, Types::Hash.optional.default(nil)
+      attribute :username, Types::String.optional.default(nil)
+      attribute :password, Types::String.optional.default(nil)
+      attribute :auth_provider, UserAuthProvider.optional.default(nil)
+      attribute :exec, UserExec.optional.default(nil)
+      attribute :extensions, Types::Strict::Array.optional.default(nil)
+    end
+
+    # structured user with name
+    class NamedUser < ConfigStruct
+      attribute :name, Types::String
+      attribute :user, User
+    end
+
+    # structured context
+    #
+    # Referrs to other named User/cluster objects within the same config.
+    class Context < ConfigStruct
+      attribute :cluster, Types::Strict::String
+      attribute :user, Types::Strict::String
+      attribute :namespace, Types::Strict::String.optional.default(nil)
+      attribute :extensions, Types::Strict::Array.optional.default(nil)
+    end
+
+    # named context
+    class NamedContext < ConfigStruct
+      attribute :name, Types::String
+      attribute :context, Context
+    end
+
+    attribute :kind, Types::Strict::String.optional.default(nil)
+    attribute :apiVersion, Types::Strict::String.optional.default(nil)
+    attribute :preferences, Types::Strict::Hash.optional.default(proc { {} })
+    attribute :clusters, Types::Strict::Array.of(NamedCluster).optional.default(proc { [] })
+    attribute :users, Types::Strict::Array.of(NamedUser).optional.default(proc { [] })
+    attribute :contexts, Types::Strict::Array.of(NamedContext).optional.default(proc { [] })
+    attribute :current_context, Types::Strict::String.optional.default(nil)
+    attribute :extensions, Types::Strict::Array.optional.default(proc { [] })
+
+    # Loads a configuration from a YAML file
+    #
+    # @param path [String]
+    # @return [K8s::Config]
+    def self.load_file(path)
+      new(YAML.safe_load(File.read(File.expand_path(path)), [Time, DateTime, Date], [], true))
+    end
+
+    # Loads configuration files listed in KUBE_CONFIG environment variable and
+    # merge using the configuration merge rules, @see K8s::Config.merge
+    #
+    # @param kubeconfig [String] by default read from ENV['KUBECONFIG']
+    def self.from_kubeconfig_env(kubeconfig = nil)
+      kubeconfig ||= ENV.fetch('KUBECONFIG', '')
+      raise ArgumentError, "KUBECONFIG not set" if kubeconfig.empty?
+
+      paths = kubeconfig.split(/(?!\\):/)
+
+      paths.inject(load_file(paths.shift)) do |memo, other_cfg|
+        memo.merge(load_file(other_cfg))
+      end
+    end
+
+    # Build a minimal configuration from at least a server address, server certificate authority data and an access token.
+    #
+    # @param server [String] kubernetes server address
+    # @param ca [String] server certificate authority data (base64 encoded)
+    # @param token [String] access token
+    # @param cluster_name [String] cluster name
+    # @param user [String] user name
+    # @param context [String] context name
+    # @param options [Hash] (see #initialize)
+    def self.build(server:, ca:, auth_token:, cluster_name: 'kubernetes', user: 'k8s-client', context: 'k8s-client', **options)
+      new(
+        {
+          clusters: [{ name: cluster_name, cluster: { server: server, certificate_authority_data: ca } }],
+          users: [{ name: user, user: { token: auth_token } }],
+          contexts: [{ name: context, context: { cluster: cluster_name, user: user } }],
+          current_context: context
+        }.merge(options)
+      )
+    end
+
+    # Merges configuration according to the rules specified in
+    # https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#merging-kubeconfig-files
+    #
+    # @param other [Hash, K8s::Config]
+    # @return [K8s::Config]
+    def merge(other)
+      old_attributes = attributes
+      other_attributes = other.is_a?(Hash) ? other : other.attributes
+
+      old_attributes.merge!(other_attributes) do |key, old_value, new_value|
+        case key
+        when :clusters, :contexts, :users
+          old_value + new_value.reject do |new_mapping|
+            old_value.any? { |old_mapping| old_mapping[:name] == new_mapping[:name] }
+          end
+        else
+          case old_value
+          when Array
+            (old_value + new_value).uniq
+          when Hash
+            old_value.merge(new_value) do |_key, inner_old_value, inner_new_value|
+              inner_old_value.nil? ? inner_new_value : inner_old_value
+            end
+          when NilClass
+            new_value
+          else
+            old_value
+          end
+        end
+      end
+
+      self.class.new(old_attributes)
+    end
+
+    # @param name [String]
+    # @raise [K8s::Error::Configuration]
+    # @return [K8s::Config::Context]
+    def context(name = current_context)
+      found = contexts.find{ |context| context.name == name }
+      raise K8s::Error::Configuration, "context not found: #{name.inspect}" unless found
+
+      found.context
+    end
+
+    # @param name [String]
+    # @return [K8s::Config::Cluster]
+    def cluster(name = context.cluster)
+      clusters.find{ |cluster| cluster.name == name }.cluster
+    end
+
+    # @param name [String]
+    # @return [K8s::Config::User]
+    def user(name = context.user)
+      users.find{ |user| user.name == name }.user
+    end
+  end
+end

data/lib/k8s/error.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+require 'forwardable'
+
+module K8s
+  # Top-level class for all errors raised by this gem.
+  class Error < StandardError
+    # Kube API error, related to a HTTP response with a non-2xx code
+    class API < Error
+      extend Forwardable
+
+      attr_reader :method, :path, :code, :reason, :status
+
+      # @param method [Integer] HTTP request method
+      # @param path [Integer] HTTP request path
+      # @param code [Integer] HTTP response code
+      # @param reason [String] HTTP response reason
+      # @param status [K8s::API::MetaV1::Status]
+      def initialize(method, path, code, reason, status = nil)
+        @method = method
+        @path = path
+        @code = code
+        @reason = reason
+        @status = status
+
+        if status
+          super("#{@method} #{@path} => HTTP #{@code} #{@reason}: #{@status.message}")
+        else
+          super("#{@method} #{@path} => HTTP #{@code} #{@reason}")
+        end
+      end
+    end
+
+    BadRequest = Class.new(API).freeze
+    Unauthorized = Class.new(API).freeze
+    Forbidden = Class.new(API).freeze
+    NotFound = Class.new(API).freeze
+    MethodNotAllowed = Class.new(API).freeze
+    Conflict = Class.new(API).freeze # XXX: also AlreadyExists?
+    Invalid = Class.new(API).freeze
+    Timeout = Class.new(API).freeze
+    InternalError = Class.new(API).freeze
+    ServiceUnavailable = Class.new(API).freeze
+    ServerTimeout = Class.new(API).freeze
+
+    HTTP_STATUS_ERRORS = {
+      400 => BadRequest,
+      401 => Unauthorized,
+      403 => Forbidden,
+      404 => NotFound,
+      405 => MethodNotAllowed,
+      409 => Conflict,
+      422 => Invalid,
+      429 => Timeout,
+      500 => InternalError,
+      503 => ServiceUnavailable,
+      504 => ServerTimeout
+    }.freeze
+
+    # Attempt to create a ResourceClient for an unknown resource type.
+    # The client cannot construct the correct API URL without having the APIResource definition.
+    UndefinedResource = Class.new(Error)
+
+    Configuration = Class.new(Error)
+  end
+end

data/lib/k8s/logging.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+require 'logger'
+
+module K8s
+  # Logging utilities
+  #
+  # This provides a per-class Logger that uses the class name as a logging prefix.
+  # Instances can optionally also use logger! to define a per-instance Logger using a custom prefix.
+  module Logging
+    # Default log target
+    LOG_TARGET = $stderr
+
+    # Default log level: show warnings.
+    #
+    # Use K8s::Logging.quiet! to supress warnings.
+    # Note that the K8s::Transport defaults to quiet!
+    LOG_LEVEL = Logger::WARN
+
+    # methods defined on both the global K8s::Logging module, as well as class methods on each class including K8s::Logging
+    module ModuleMethods
+      # global log_level shared across all including classes
+      # @return Logger::*
+      def log_level
+        @log_level
+      end
+
+      # @param level Logger::*
+      def log_level=(level)
+        @log_level = level
+      end
+
+      # Set log_level to Logger::DEBUG
+      def debug!
+        self.log_level = Logger::DEBUG
+      end
+
+      # Set log_level to Logger::INFO
+      def verbose!
+        self.log_level = Logger::INFO
+      end
+
+      # Set log_level to Logger::ERROR, surpressing any warnings logged by default
+      def quiet!
+        self.log_level = Logger::ERROR
+      end
+    end
+
+    extend ModuleMethods # global @log_level
+
+    # methods defined on each class including K8s::Logging
+    module ClassMethods
+      # @return [Logger]
+      def logger(target: LOG_TARGET, level: nil)
+        @logger ||= Logger.new(target).tap do |logger|
+          logger.progname = name
+          logger.level = level || log_level || K8s::Logging.log_level || LOG_LEVEL
+        end
+      end
+    end
+
+    # extend class/intance methods for per-class logger
+    def self.included(base)
+      base.extend(ModuleMethods) # per-class @log_level
+      base.extend(ClassMethods)
+    end
+
+    # Use per-instance logger instead of the default per-class logger
+    #
+    # Sets the instance variable returned by #logger
+    #
+    # @return [Logger]
+    def logger!(progname: self.class.name, target: LOG_TARGET, level: nil, debug: false)
+      @logger = Logger.new(target).tap do |logger|
+        level = Logger::DEBUG if debug
+
+        logger.progname = "#{self.class.name}<#{progname}>"
+        logger.level = level || self.class.log_level || K8s::Logging.log_level || LOG_LEVEL
+      end
+    end
+
+    # @return [Logger]
+    def logger
+      @logger || self.class.logger
+    end
+  end
+end

data/lib/k8s/resource.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+require 'recursive-open-struct'
+require 'hashdiff'
+require 'forwardable'
+require 'yaml/safe_load_stream'
+
+module K8s
+  # generic untyped resource
+  class Resource < RecursiveOpenStruct
+    extend Forwardable
+    include Comparable
+
+    using YAMLSafeLoadStream
+    using K8s::Util::HashDeepMerge
+
+    # @param data [String]
+    # @return [self]
+    def self.from_json(data)
+      new(Yajl::Parser.parse(data))
+    end
+
+    # @param filename [String] file path
+    # @return [K8s::Resource]
+    def self.from_file(filename)
+      new(YAML.safe_load(File.read(filename), [], [], true, filename))
+    end
+
+    # @param path [String] file path
+    # @return [Array<K8s::Resource>]
+    def self.from_files(path)
+      stat = File.stat(path)
+
+      if stat.directory?
+        # recurse
+        Dir.glob("#{path}/*.{yml,yaml}").sort.map { |dir| from_files(dir) }.flatten
+      else
+        YAML.safe_load_stream(File.read(path), path).map{ |doc| new(doc) }
+      end
+    end
+
+    # @param hash [Hash]
+    # @param recurse_over_arrays [Boolean]
+    # @param options [Hash] see RecursiveOpenStruct#initialize
+    def initialize(hash, recurse_over_arrays: true, **options)
+      super(hash,
+        recurse_over_arrays: recurse_over_arrays,
+        **options
+      )
+    end
+
+    # @param options [Hash] see Hash#to_json
+    # @return [String]
+    def to_json(**options)
+      to_hash.to_json(**options)
+    end
+
+    # @param other [K8s::Resource]
+    # @return [Boolean]
+    def <=>(other)
+      to_hash <=> other.to_hash
+    end
+
+    # merge in fields
+    #
+    # @param attrs [Hash, K8s::Resource]
+    # @return [K8s::Resource]
+    def merge(attrs)
+      # deep clone of attrs
+      h = to_hash
+
+      # merge in-place
+      h.deep_merge!(attrs.to_hash, overwrite_arrays: true, merge_nil_values: true)
+
+      self.class.new(h)
+    end
+
+    # @return [String]
+    def checksum
+      @checksum ||= Digest::MD5.hexdigest(Marshal.dump(to_hash))
+    end
+
+    # @param attrs [Hash]
+    # @param config_annotation [String]
+    # @return [Hash]
+    def merge_patch_ops(attrs, config_annotation)
+      Util.json_patch(current_config(config_annotation), stringify_hash(attrs))
+    end
+
+    # Gets the existing resources (on kube api) configuration, an empty hash if not present
+    #
+    # @param config_annotation [String]
+    # @return [Hash]
+    def current_config(config_annotation)
+      current_cfg = metadata.annotations&.dig(config_annotation)
+      return {} unless current_cfg
+
+      current_hash = Yajl::Parser.parse(current_cfg)
+      # kubectl adds empty metadata.namespace, let's fix it
+      current_hash['metadata'].delete('namespace') if current_hash.dig('metadata', 'namespace').to_s.empty?
+
+      current_hash
+    end
+
+    # @param config_annotation [String]
+    # @return [Boolean]
+    def can_patch?(config_annotation)
+      !!metadata.annotations&.dig(config_annotation)
+    end
+
+    # @param hash [Hash]
+    # @return [Hash]
+    def stringify_hash(hash)
+      Yajl::Parser.parse(JSON.dump(hash))
+    end
+  end
+end