kubeclient 0.3.0 → 4.9.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of kubeclient might be problematic. Click here for more details.

Files changed (63) hide show
  1. checksums.yaml +5 -5
  2. data/.github/workflows/actions.yml +35 -0
  3. data/.gitignore +1 -0
  4. data/.rubocop.yml +29 -0
  5. data/CHANGELOG.md +208 -0
  6. data/Gemfile +3 -0
  7. data/README.md +706 -57
  8. data/RELEASING.md +69 -0
  9. data/Rakefile +3 -5
  10. data/kubeclient.gemspec +19 -11
  11. data/lib/kubeclient/aws_eks_credentials.rb +46 -0
  12. data/lib/kubeclient/common.rb +597 -161
  13. data/lib/kubeclient/config.rb +195 -0
  14. data/lib/kubeclient/entity_list.rb +7 -2
  15. data/lib/kubeclient/exec_credentials.rb +89 -0
  16. data/lib/kubeclient/gcp_auth_provider.rb +19 -0
  17. data/lib/kubeclient/gcp_command_credentials.rb +31 -0
  18. data/lib/kubeclient/google_application_default_credentials.rb +31 -0
  19. data/lib/kubeclient/http_error.rb +25 -0
  20. data/lib/kubeclient/missing_kind_compatibility.rb +68 -0
  21. data/lib/kubeclient/oidc_auth_provider.rb +52 -0
  22. data/lib/kubeclient/resource.rb +11 -0
  23. data/lib/kubeclient/resource_not_found_error.rb +4 -0
  24. data/lib/kubeclient/version.rb +1 -1
  25. data/lib/kubeclient/watch_stream.rb +71 -28
  26. data/lib/kubeclient.rb +25 -82
  27. metadata +140 -114
  28. data/.travis.yml +0 -6
  29. data/lib/kubeclient/kube_exception.rb +0 -13
  30. data/lib/kubeclient/watch_notice.rb +0 -7
  31. data/test/json/created_namespace_b3.json +0 -20
  32. data/test/json/created_secret.json +0 -16
  33. data/test/json/created_service_b3.json +0 -31
  34. data/test/json/empty_pod_list_b3.json +0 -9
  35. data/test/json/endpoint_list_b3.json +0 -48
  36. data/test/json/entity_list_b3.json +0 -56
  37. data/test/json/event_list_b3.json +0 -35
  38. data/test/json/namespace_b3.json +0 -13
  39. data/test/json/namespace_exception_b3.json +0 -8
  40. data/test/json/namespace_list_b3.json +0 -32
  41. data/test/json/node_b3.json +0 -29
  42. data/test/json/node_list_b3.json +0 -37
  43. data/test/json/pod_b3.json +0 -92
  44. data/test/json/pod_list_b3.json +0 -75
  45. data/test/json/replication_controller_b3.json +0 -57
  46. data/test/json/replication_controller_list_b3.json +0 -64
  47. data/test/json/secret_list_b3.json +0 -44
  48. data/test/json/service_b3.json +0 -33
  49. data/test/json/service_illegal_json_404.json +0 -1
  50. data/test/json/service_list_b3.json +0 -97
  51. data/test/json/service_update_b3.json +0 -22
  52. data/test/json/versions_list.json +0 -6
  53. data/test/json/watch_stream_b3.json +0 -3
  54. data/test/test_helper.rb +0 -4
  55. data/test/test_kubeclient.rb +0 -407
  56. data/test/test_namespace.rb +0 -53
  57. data/test/test_node.rb +0 -25
  58. data/test/test_pod.rb +0 -21
  59. data/test/test_replication_controller.rb +0 -24
  60. data/test/test_secret.rb +0 -58
  61. data/test/test_service.rb +0 -136
  62. data/test/test_watch.rb +0 -37
  63. data/test/valid_token_file +0 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: d8b9d95f0fd01cbb76accf474c6526a663f9c579
4
- data.tar.gz: d2304b7eff799c416993399a15f99de3e2e0a6c2
2
+ SHA256:
3
+ metadata.gz: 9220de071696f945ccb667a13ea89c697d935f97abaabad9350bf8d39596d0b3
4
+ data.tar.gz: 508742ac151675cc00e0dda915f5f44cb5622c90ad56aa97de06967880925297
5
5
  SHA512:
6
- metadata.gz: d42a19e312327a1cfa9ade3a6a25a32f9fca63ddcfabcc66d5a888b528316aad59a014481198762eedd4499cbb57849dbbaddc3f68ef8044ed1851199072b9e5
7
- data.tar.gz: a1e5288ffbf0268e33b5494393b1f77274e8755a580c63c219b9cf57cf5c5a31b4415cff201e4aa0d4dbeac418b0d69b2c69c36791d7d57b37c73d479ab0a65e
6
+ metadata.gz: ab7ec603082fd9c11089e721ebb7d98bdd4092b76f9d173f3075351db41c4ab76ca2e8cf2a54818bf0f6bc5d9749ed64dc51af262acc93c527ba0a4e1b1637cb
7
+ data.tar.gz: daaf00389fbd89a5eff46397e4a176de5fb540a292a706c093c289f476c250f1cdb7caaad3fa3a865841704c1a141be6861d189f8a59bda2dcff35581742e981
@@ -0,0 +1,35 @@
1
+ name: CI
2
+ on:
3
+ push:
4
+ branches:
5
+ - '**'
6
+ tags:
7
+ - '**'
8
+ pull_request:
9
+ branches:
10
+ - '**'
11
+ jobs:
12
+ build:
13
+ runs-on: ${{ matrix.os }}
14
+ strategy:
15
+ matrix:
16
+ ruby: [ '2.5', '2.6', '2.7', '3.0', 'truffleruby-head' ]
17
+ os: ['ubuntu-latest', 'macos-latest']
18
+ task: [test]
19
+ include:
20
+ # run rubocop against lowest supported ruby
21
+ - os: ubuntu-latest
22
+ ruby: '2.5'
23
+ task: rubocop
24
+ name: ${{ matrix.os }} ${{ matrix.ruby }} rake ${{ matrix.task }}
25
+ steps:
26
+ - uses: actions/checkout@v2
27
+ # actions/setup-ruby did not support truffle or bundler caching
28
+ - uses: ruby/setup-ruby@v1
29
+ with:
30
+ ruby-version: ${{ matrix.ruby }}
31
+ bundler-cache: false # disable running 'bundle install' and caching installed gems see https://github.com/httprb/http/issues/572
32
+ - run: gem install rake bundler
33
+ - run: bundle install
34
+ - run: bundle exec rake ${{ matrix.task }}
35
+
data/.gitignore CHANGED
@@ -13,3 +13,4 @@
13
13
  *.a
14
14
  mkmf.log
15
15
  *.idea*
16
+ /Gemfile.dev.rb
data/.rubocop.yml CHANGED
@@ -1,6 +1,35 @@
1
+ AllCops:
2
+ DisplayCopNames: true
3
+ TargetRubyVersion: 2.2 # Oldest version kubeclient supports
1
4
  MethodLength:
2
5
  Enabled: false
3
6
  ClassLength:
4
7
  Enabled: false
5
8
  Metrics/AbcSize:
6
9
  Enabled: false
10
+ Metrics/LineLength:
11
+ Max: 100
12
+ Metrics/ParameterLists:
13
+ Max: 5
14
+ CountKeywordArgs: false
15
+ Metrics/CyclomaticComplexity:
16
+ Max: 8
17
+ Metrics/PerceivedComplexity:
18
+ Max: 8
19
+ Metrics/ModuleLength:
20
+ Enabled: false
21
+ Style/MethodCallWithArgsParentheses:
22
+ Enabled: true
23
+ IgnoredMethods: [require, raise, include, attr_reader, refute, assert]
24
+ Exclude: [Gemfile, Rakefile, kubeclient.gemspec, Gemfile.dev.rb]
25
+ Metrics/BlockLength:
26
+ Exclude: [kubeclient.gemspec]
27
+ Security/MarshalLoad:
28
+ Exclude: [test/**/*]
29
+ Style/FileName:
30
+ Exclude: [Gemfile, Rakefile, Gemfile.dev.rb]
31
+ Style/MethodCallWithArgsParentheses:
32
+ IgnoredMethods:
33
+ - require_relative
34
+ Style/RegexpLiteral:
35
+ Enabled: false
data/CHANGELOG.md ADDED
@@ -0,0 +1,208 @@
1
+ # Changelog
2
+
3
+ Notable changes to this project will be documented in this file.
4
+ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
5
+ Kubeclient release versioning follows [SemVer](https://semver.org/).
6
+
7
+ ## 4.9.2 — 2021-05-30
8
+
9
+ ### Added
10
+ - Ruby 3.0 compatibility (#500, #505).
11
+
12
+ ### Removed
13
+ - Reduce .gem size by dropping test/ directory, it's useless at run time (#502).
14
+
15
+ ## 4.9.1 — 2020-08-31
16
+ ### Fixed
17
+ - Now should work with apiserver deployed not at root of domain but a sub-path,
18
+ which is standard with Rancher.
19
+ Notably, `create_...` methods were sending bad apiVersion and getting 400 error.
20
+ (#457, hopefully fixes #318, #418 and https://gitlab.com/gitlab-org/gitlab/-/issues/22043)
21
+
22
+ ## 4.9.0 - 2020-08-03
23
+ ### Added
24
+ - Support for `user: exec` credential plugins using TLS client auth (#453)
25
+
26
+ ## 4.8.0 — 2020-07-03
27
+
28
+ ### Added
29
+ - Support for server-side apply (#448).
30
+
31
+ ### Fixed
32
+ - Declared forgotten dependency on jsonpath, needed for `gcp` provider with `cmd-path` (#450).
33
+
34
+ ## 4.7.0 — 2020-06-14
35
+
36
+ ### Fixed
37
+ - Ruby 2.7 compatibility: bumped minimum recursive-open-struct to one that works on 2.7 (#439).
38
+ - Ruby 2.7 warnings (#433, #438).
39
+ - Improved watch documentation, including behavior planned to change in 5.0.0 (#436).
40
+
41
+ ### Added
42
+ - Google Application Default Credentials: Added `userinfo.email` to requested scopes, which is necessary for RBAC policies (#441).
43
+
44
+ ## 4.6.0 — 2019-12-30
45
+
46
+ ### Fixed
47
+ - AmazonEksCredentials was sometimes leaving base64 padding that IAM auth of the EKS cluster rejects. Now padding is always stripped. (#424, #423)
48
+
49
+ ### Added
50
+ - Allow calling `watch_foos` methods with a block, simpler to use and guarantees closing the connection. (#425)
51
+
52
+ - Support `limitBytes` query parameter for `get_pod_log`. (#426)
53
+
54
+ ## 4.5.0 — 2019-09-27
55
+
56
+ ### Added
57
+ - Support `:resourceVersion` parameter in `get_foos` methods (similar to existing support in `watch_foos` methods). (#420)
58
+
59
+ - Relax dependency on `http` gem to allow both 3.x and 4.x. (#413)
60
+
61
+ ## 4.4.0 — 2019-05-03
62
+
63
+ ### Added
64
+ - GCP configs with `user[auth-provider][name] == 'gcp'` will execute credential plugin (normally the `gcloud config config-helper` subcommand) when the config specifies it in `cmd-path`, `cmd-args` fields (similar to `exec` support). This code path works without `googleauth` gem. Otherwise, `GoogleApplicationDefaultCredentials` path will be tried as before. (#410)
65
+ - `AmazonEksCredentials` helper for obtaining a token to authenticate against Amazon EKS. This is not currently integrated in `Config`, you will need to invoke it yourself. You'll need some aws gems that Kubeclient _does not_ include. (#404, #406)
66
+
67
+ ### Changed
68
+ - OpenID Connect tokens which cannot be validaded because we cannot identify the key they were signed with will be considered expired and refreshed as usual. (#407)
69
+
70
+ ## 4.3.0 — 2019-03-03
71
+
72
+ ### Changed
73
+ - `GoogleApplicationDefaultCredentials` will now automatically be used by `Config` if the `user[auth-provider][name] == 'gcp'` in the provided context. Note that `user[exec]` is checked first in anticipation of this functionality being added to GCP sometime in the future. Kubeclient _does not_ include the required `googleauth` gem, so you will need to include it in your calling application. (#394)
74
+
75
+ ### Added
76
+ - OpenID Connect credentials will automatically be used if the `user[auth-provider][name] == 'oidc'` in the provided context. Note that `user[exec]` is checked first. Kubeclient _does not_ include the required `openid_connect` gem, so you will need to include it in your calling application. (#396)
77
+
78
+ - Support for `json_patch_#{entity}` and `merge_patch_#{entity}`. `patch_#{entity}` will continue to use strategic merge patch. (#390)
79
+
80
+ ## 4.2.2 — 2019-01-09
81
+
82
+ ### Added
83
+ - New `http_max_redirects` option (#374).
84
+
85
+ ### Changed
86
+ - Default max redirects for watch increased from 4 to 10, to match other verbs (#374).
87
+
88
+ ## 4.2.1 — 2018-12-26
89
+
90
+ ### Fixed
91
+ - For resources that contain dashes in name, there will be an attempt to resolve the method name based on singular name prefix or by replacing the dash in names with underscores (#383).
92
+
93
+ ## 4.2.0 — 2018-12-20
94
+
95
+ ### Added
96
+ - Support `user: exec: ...` credential plugins like in Go client (#363, #375).
97
+
98
+ ### Security
99
+ - Really made `Kubeclient::Config.new(data, nil)` prevent external file lookups. (#372)
100
+ README documented this since 3.1.1 (#334) but alas that was a lie — absolute paths always worked.
101
+ Now this also prevents credential plugin execution.
102
+
103
+ Even in this mode, using config from untrusted sources is not recommended.
104
+
105
+ This release included all changes up to 4.1.1, but NOT 4.1.2 which was branched off later (4.2.1 does include same fix).
106
+
107
+ ## 4.1.2 — 2018-12-26
108
+
109
+ ### Fixed
110
+ - For resources that contain dashes in name, there will be an attempt to resolve the method name based on singular name prefix or by replacing the dash in names with underscores (#382).
111
+
112
+ ## 4.1.1 — 2018-12-17
113
+
114
+ ### Fixed
115
+ - Fixed method names for non-suffix plurals such as y -> ies (#377).
116
+
117
+ ## 4.1.0 — 2018-11-28 — REGRESSION
118
+
119
+ This version broke method names where plural is not just adding a suffix, notably y -> ies (bug #376).
120
+
121
+ ### Fixed
122
+ - Support custom resources with lowercase `kind` (#361).
123
+ - `create_security_context_constraint` now works (#366).
124
+ - `get_security_context_constraints.kind`, `get_endpoints.kind` are now plural as in kubernetes (#366).
125
+
126
+ ### Added
127
+ - Add support for retrieving large lists of objects in chunks (#356).
128
+
129
+ ## 4.0.0 — 2018-07-23
130
+
131
+ ### Removed
132
+ - Bumped officially supported kubernetes versions to >= 1.3.
133
+ - Specifically `proxy_url` no longer works for <= 1.2 (#323).
134
+
135
+ ### Fixed
136
+ - `proxy_url` now works for kubernetes 1.10 and later (#323).
137
+
138
+ ### Changed
139
+ - Switched `http` gem dependency from 2.y to 3.y (#321).
140
+
141
+ ## 3.1.2 — 2018-06-11
142
+
143
+ ### Fixed
144
+ - Fixed `Kubeclient::Config.read` regression, no longer crashes on YAML timestamps (#338).
145
+
146
+ ## 3.1.1 - 2018-06-01 — REGRESSION
147
+
148
+ In this version `Kubeclient::Config.read` raises Psych::DisallowedClass on legal yaml configs containing a timestamp, for example gcp access-token expiry (bug #337).
149
+
150
+ ### Security
151
+ - Changed `Kubeclient::Config.read` to use `YAML.safe_load` (#334).
152
+
153
+ Previously, could deserialize arbitrary ruby classes. The risk depends on ruby classes available in the application; sometimes a class may have side effects - up to arbitrary code execution - when instantiated and/or built up with `x[key] = value` during YAML parsing.
154
+
155
+ Despite this fix, using config from untrusted sources is not recommended.
156
+
157
+ ## 3.1.0 - 2018-05-27
158
+
159
+ ### Fixed
160
+ - Fixed watch `.finish` sometimes caused `HTTP::ConnectionError` exception from the reading loop (#315).
161
+
162
+ ### Added
163
+ - `get_pod_log` now has `timestamps`, `since_time` (#319) and `tail_lines` (#326) params.
164
+ - `Kubeclient::Config::Context#namespace` now set, if present in kubeconfig file (#308).
165
+ - Improved README directions for authenticating within a kubernetes cluster (#316).
166
+ - `Kubeclient::GoogleApplicationDefaultCredentials` helper for Google application default credentials (#213). Needs `googleauth` gem.
167
+ - New `as: :parsed` and `as: :parsed_symbolized` formats (#306).
168
+ - Allow setting default `as:` format for the whole client (#299, #305).
169
+ - Relaxed `recursive-open-struct` dependency to allow 1.1+ as well (#313).
170
+
171
+ ## 3.0.0 - 2018-02-04
172
+ ### Removed
173
+ - Dropped entity classes (`Kubeclient::Pod` etc.), only `Kubeclient::Resource` exists now (#292, #288).
174
+ - Ruby 2.0, 2.1 no longer supported (#253, #291).
175
+
176
+ ### Fixed
177
+ - Added missing singular `get_security_context_constraint`, fixed `get_security_context_constraints` to mean plural (#261).
178
+ - Fixed `@http_proxy_uri` undefined warning (#261).
179
+ - Documentation fixes & improvements (#225, #229, #243, #296).
180
+
181
+ ### Added
182
+ - `delete_options:` parameter to `delete_*` methods, useful for cascade delete (#267).
183
+ - `as: :raw` option for watch (#285).
184
+ - Now raises `Kubeclient::HttpError`. Rescuing `KubeException` still works but is deprecated. (#195, #288)
185
+ - 404 error raise `Kubeclient::ResourceNotFoundError`, a subclass of `HttpError` (#233).
186
+ - Include request info in exception message (#221).
187
+ - Ruby 2.4 and 2.5 are now supported & tested (#247, #295).
188
+
189
+ ### Changed
190
+ - `Kubeclient::Config#context(nonexistent_context_name)` raises `KeyError` instead of `RuntimeError`.
191
+ - `update_*`, `delete_*`, `patch_*` now all return `RecursiveOpenStruct` consistently (#290).
192
+ - Many dependencies bumped (#204, #231, #253, #269).
193
+
194
+ ## 2.5.2 - 2018-02-04
195
+ - Watch results are now `RecursiveOpenStruct` inside arrays too (#279).
196
+ - Fixed watch `.finish` sometimes caused `Errno::EBADF` exception from the reading loop (#280).
197
+ - Easing dependency version (#287, #301)
198
+
199
+ ## 2.5.1 - 2017-10-12
200
+ No changes since 2.5.0, fixed packaging mistake.
201
+
202
+ ## [2.5.0 - 2017-10-12 was YANKED]
203
+
204
+ ### Added
205
+
206
+ - `as: raw` option for `get_*` methods returning a string (#262 via #271).
207
+
208
+ ## 2.4.0 - 2017-05-10
data/Gemfile CHANGED
@@ -1,4 +1,7 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
+ dev_gemfile = File.expand_path('Gemfile.dev.rb', __dir__)
4
+ eval_gemfile(dev_gemfile) if File.exist?(dev_gemfile)
5
+
3
6
  # Specify your gem's dependencies in kubeclient.gemspec
4
7
  gemspec