RubyGems - kubeclient - Versions diffs - 0.3.0 → 4.9.2 - Mend

kubeclient 0.3.0 → 4.9.2

Potentially problematic release.

This version of kubeclient might be problematic. Click here for more details.

Files changed (63) hide show

checksums.yaml +5 -5
data/.github/workflows/actions.yml +35 -0
data/.gitignore +1 -0
data/.rubocop.yml +29 -0
data/CHANGELOG.md +208 -0
data/Gemfile +3 -0
data/README.md +706 -57
data/RELEASING.md +69 -0
data/Rakefile +3 -5
data/kubeclient.gemspec +19 -11
data/lib/kubeclient/aws_eks_credentials.rb +46 -0
data/lib/kubeclient/common.rb +597 -161
data/lib/kubeclient/config.rb +195 -0
data/lib/kubeclient/entity_list.rb +7 -2
data/lib/kubeclient/exec_credentials.rb +89 -0
data/lib/kubeclient/gcp_auth_provider.rb +19 -0
data/lib/kubeclient/gcp_command_credentials.rb +31 -0
data/lib/kubeclient/google_application_default_credentials.rb +31 -0
data/lib/kubeclient/http_error.rb +25 -0
data/lib/kubeclient/missing_kind_compatibility.rb +68 -0
data/lib/kubeclient/oidc_auth_provider.rb +52 -0
data/lib/kubeclient/resource.rb +11 -0
data/lib/kubeclient/resource_not_found_error.rb +4 -0
data/lib/kubeclient/version.rb +1 -1
data/lib/kubeclient/watch_stream.rb +71 -28
data/lib/kubeclient.rb +25 -82
metadata +140 -114
data/.travis.yml +0 -6
data/lib/kubeclient/kube_exception.rb +0 -13
data/lib/kubeclient/watch_notice.rb +0 -7
data/test/json/created_namespace_b3.json +0 -20
data/test/json/created_secret.json +0 -16
data/test/json/created_service_b3.json +0 -31
data/test/json/empty_pod_list_b3.json +0 -9
data/test/json/endpoint_list_b3.json +0 -48
data/test/json/entity_list_b3.json +0 -56
data/test/json/event_list_b3.json +0 -35
data/test/json/namespace_b3.json +0 -13
data/test/json/namespace_exception_b3.json +0 -8
data/test/json/namespace_list_b3.json +0 -32
data/test/json/node_b3.json +0 -29
data/test/json/node_list_b3.json +0 -37
data/test/json/pod_b3.json +0 -92
data/test/json/pod_list_b3.json +0 -75
data/test/json/replication_controller_b3.json +0 -57
data/test/json/replication_controller_list_b3.json +0 -64
data/test/json/secret_list_b3.json +0 -44
data/test/json/service_b3.json +0 -33
data/test/json/service_illegal_json_404.json +0 -1
data/test/json/service_list_b3.json +0 -97
data/test/json/service_update_b3.json +0 -22
data/test/json/versions_list.json +0 -6
data/test/json/watch_stream_b3.json +0 -3
data/test/test_helper.rb +0 -4
data/test/test_kubeclient.rb +0 -407
data/test/test_namespace.rb +0 -53
data/test/test_node.rb +0 -25
data/test/test_pod.rb +0 -21
data/test/test_replication_controller.rb +0 -24
data/test/test_secret.rb +0 -58
data/test/test_service.rb +0 -136
data/test/test_watch.rb +0 -37
data/test/valid_token_file +0 -1

data/RELEASING.md ADDED Viewed

@@ -0,0 +1,69 @@
+# Releasing Kubeclient
+## Versioning
+Kubeclient release versioning follows [SemVer](https://semver.org/).
+At some point in time it is decided to release version x.y.z.
+```bash
+RELEASE_BRANCH="master"
+```
+## 0. (once) Install gem-release, needed for several commands here:
+```bash
+gem install gem-release
+```
+## 1. PR(s) for changelog & bump
+Edit `CHANGELOG.md` as necessary.  Even if all included changes remembered to update it, you should replace "Unreleased" section header with appropriate "x.y.z — 20yy-mm-dd" header.
+Bump `lib/kubeclient/version.rb` manually, or by using:
+```bash
+RELEASE_VERSION=x.y.z
+git checkout -b "release-$RELEASE_VERSION" $RELEASE_BRANCH
+# Won't work with uncommitted changes, you have to commit the changelog first.
+gem bump --version $RELEASE_VERSION
+git show # View version bump change.
+```
+Open a PR with target branch $RELEASE_BRANCH and get it reviewed & merged (if open for long, remember to update date in CHANGELOG to actual day of release).
+## 2. (once) Grabbing an authentication token for rubygems.org api
+```bash
+RUBYGEMS_USERNAME=bob
+curl -u $RUBYGEMS_USERNAME https://rubygems.org/api/v1/api_key.yaml > ~/.gem/credentials; chmod 0600 ~/.gem/credentials
+cat ~/.gem/credentials
+# Should look like this:
+:rubygems_api_key: ****
+```
+## 3. Actual release
+Make sure we're locally after the bump PR *merge commit*:
+```bash
+git checkout $RELEASE_BRANCH
+git status # Make sure there are no local changes
+git pull --ff-only https://github.com/abonas/kubeclient $RELEASE_BRANCH
+git log -n1
+```
+Last sanity check:
+```bash
+bundle install
+bundle exec rake test rubocop
+```
+Create and push the tag:
+```bash
+gem tag --no-push
+git push --tags --dry-run https://github.com/abonas/kubeclient  # Check for unexpected tags
+git push --tags https://github.com/abonas/kubeclient
+```
+Release onto rubygems.org:
+```bash
+gem release
+```

data/Rakefile CHANGED Viewed

@@ -1,11 +1,9 @@
 require 'bundler/gem_tasks'
 require 'rake/testtask'
 require 'rubocop/rake_task'
+require 'yaml'
-task default: [:test, :rubocop]
-Rake::TestTask.new do |t|
-  t.libs << 'test'
-end
+task default: %i[test rubocop] # same as .travis.yml
+Rake::TestTask.new
 RuboCop::RakeTask.new

data/kubeclient.gemspec CHANGED Viewed

@@ -1,4 +1,5 @@
 # coding: utf-8
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'kubeclient/version'
@@ -13,19 +14,26 @@ Gem::Specification.new do |spec|
   spec.homepage      = 'https://github.com/abonas/kubeclient'
   spec.license       = 'MIT'
-  spec.files         = `git ls-files -z`.split("\x0")
+  git_files = `git ls-files -z`.split("\x0")
+  spec.files         = git_files.grep_v(%r{^(test|spec|features)/})
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
-  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.test_files    = []
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.0.0'
+  spec.required_ruby_version = '>= 2.2.0'
-  spec.add_development_dependency 'bundler', '~> 1.6'
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'bundler', '>= 1.6'
+  spec.add_development_dependency 'rake', '~> 12.0'
   spec.add_development_dependency 'minitest'
-  spec.add_development_dependency 'webmock'
-  spec.add_development_dependency 'rubocop', '= 0.30.0'
-  spec.add_dependency 'rest-client'
-  spec.add_dependency 'activesupport'
-  spec.add_dependency 'json'
-  spec.add_dependency 'recursive-open-struct', '= 0.6.1'
+  spec.add_development_dependency 'minitest-rg'
+  spec.add_development_dependency 'webmock', '~> 3.0'
+  spec.add_development_dependency 'vcr'
+  spec.add_development_dependency 'rubocop', '= 0.49.1'
+  spec.add_development_dependency 'googleauth', '~> 0.5.1'
+  spec.add_development_dependency('mocha', '~> 1.5')
+  spec.add_development_dependency 'openid_connect', '~> 1.1'
+  spec.add_dependency 'jsonpath', '~> 1.0'
+  spec.add_dependency 'rest-client', '~> 2.0'
+  spec.add_dependency 'recursive-open-struct', '~> 1.1', '>= 1.1.1'
+  spec.add_dependency 'http', '>= 3.0', '< 5.0'
 end

data/lib/kubeclient/aws_eks_credentials.rb ADDED Viewed

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+module Kubeclient
+  # Get a bearer token to authenticate against aws eks.
+  class AmazonEksCredentials
+    class AmazonEksDependencyError < LoadError # rubocop:disable Lint/InheritException
+    end
+    class << self
+      def token(credentials, eks_cluster)
+        begin
+          require 'aws-sigv4'
+          require 'base64'
+          require 'cgi'
+        rescue LoadError => e
+          raise AmazonEksDependencyError,
+                'Error requiring aws gems. Kubeclient itself does not include the following ' \
+                'gems: [aws-sigv4]. To support auth-provider eks, you must ' \
+                "include it in your calling application. Failed with: #{e.message}"
+        end
+        # https://github.com/aws/aws-sdk-ruby/pull/1848
+        # Get a signer
+        # Note - sts only has ONE endpoint (not regional) so 'us-east-1' hardcoding should be OK
+        signer = Aws::Sigv4::Signer.new(
+          service: 'sts',
+          region: 'us-east-1',
+          credentials: credentials
+        )
+        # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Sigv4/Signer.html#presign_url-instance_method
+        presigned_url_string = signer.presign_url(
+          http_method: 'GET',
+          url: 'https://sts.amazonaws.com/?Action=GetCallerIdentity&Version=2011-06-15',
+          body: '',
+          credentials: credentials,
+          expires_in: 60,
+          headers: {
+            'X-K8s-Aws-Id' => eks_cluster
+          }
+        )
+        kube_token = 'k8s-aws-v1.' + Base64.urlsafe_encode64(presigned_url_string.to_s).sub(/=*$/, '') # rubocop:disable Metrics/LineLength
+        kube_token
+      end
+    end
+  end
+end