kubeclient 1.1.3 → 1.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9a71f479760bd69996f7b109ee46d8968ed790fa
-  data.tar.gz: 600d882545ff5af34501b0c66913cf2f31905d0b
+  metadata.gz: 6f768aad498e66fa0f505eeb189e8b16ba540d18
+  data.tar.gz: cb9117eec7974802515d05073815eb3615c02753
 SHA512:
-  metadata.gz: 41a44396960513d8841627506c9fdc9a607bac842d0662f52023a504cba5f06d64783dfc9ef78dd38fb31ecfc78ae37a96708de083253f511898ba96d1f8a47d
-  data.tar.gz: cd1cc5c1a512c4f3bf2a1edc52c9f97a54ab562e24522b8702c33628341ce3a649a585b9b2fa955b773a4d48549851e0b05856064ff37c7e5e9ee0dbb553c035
+  metadata.gz: dfb530cff6a49e8a3b1100da06a520bec3341b862f79829b19de34819c4ccabb8cbe6b228619c2c8728d1885a796777df5d591d87b2991b4652797db503080c8
+  data.tar.gz: 3241b347cceeed5453a980fb412a39b9455255e1c73a016277adf67a4f1aeaa1ed690b1d7507edaf2fb5d6167590bd79732eaf69ea853dd3a74e6b52e6fe94a4

data/.rubocop.yml

@@ -8,3 +8,5 @@ Metrics/LineLength:
   Max: 100
 Metrics/ParameterLists:
   Max: 8
+Metrics/CyclomaticComplexity:
+  Max: 8

data/.travis.yml

@@ -6,3 +6,7 @@ rvm:
   - "2.3.0"
 sudo: false
 cache: bundler
+script: bundle exec rake $TASK
+env:
+ - TASK=test
+ - TASK=rubocop

data/Rakefile

@@ -1,8 +1,9 @@
 require 'bundler/gem_tasks'
 require 'rake/testtask'
 require 'rubocop/rake_task'
+require 'yaml'
 
-task default: [:test, :rubocop]
+task default: [:test, :rubocop] # same as .travis.yml
 
 Rake::TestTask.new do |t|
   t.libs << 'test'

data/kubeclient.gemspec

@@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'bundler', '~> 1.6'
   spec.add_development_dependency 'rake', '~> 10.0'
   spec.add_development_dependency 'minitest'
-  spec.add_development_dependency 'webmock'
+  spec.add_development_dependency 'webmock', '~> 1.24.2'
   spec.add_development_dependency 'vcr'
   spec.add_development_dependency 'rubocop', '= 0.30.0'
   spec.add_dependency 'rest-client'

data/lib/kubeclient.rb

@@ -7,6 +7,7 @@ require 'kubeclient/kube_exception'
 require 'kubeclient/watch_notice'
 require 'kubeclient/watch_stream'
 require 'kubeclient/common'
+require 'kubeclient/config'
 
 module Kubeclient
   # Kubernetes Client
@@ -31,28 +32,17 @@ module Kubeclient
 
     ClientMixin.define_entity_methods(ENTITY_TYPES)
 
-    def initialize(uri,
-                   version = 'v1',
-                   ssl_options: {
-                     client_cert: nil,
-                     client_key:  nil,
-                     ca_file:     nil,
-                     cert_store:  nil,
-                     verify_ssl:  OpenSSL::SSL::VERIFY_PEER
-                   },
-                   auth_options: {
-                     username:          nil,
-                     password:          nil,
-                     bearer_token:      nil,
-                     bearer_token_file: nil
-                   },
-                   socket_options: {
-                     socket_class:     nil,
-                     ssl_socket_class: nil
-                   }
-                  )
-      initialize_client(uri, '/api', version, ssl_options: ssl_options, auth_options: auth_options,
-                                              socket_options: socket_options)
+    def initialize(
+      uri,
+      version = 'v1',
+      **options
+    )
+      initialize_client(
+        uri,
+        '/api',
+        version,
+        options
+      )
     end
 
     def all_entities

data/lib/kubeclient/common.rb

@@ -2,7 +2,28 @@ require 'json'
 require 'rest-client'
 module Kubeclient
   # Common methods
+  # this is mixed in by other gems
   module ClientMixin
+    DEFAULT_SSL_OPTIONS = {
+      client_cert: nil,
+      client_key:  nil,
+      ca_file:     nil,
+      cert_store:  nil,
+      verify_ssl:  OpenSSL::SSL::VERIFY_PEER
+    }.freeze
+
+    DEFAULT_AUTH_OPTIONS = {
+      username:          nil,
+      password:          nil,
+      bearer_token:      nil,
+      bearer_token_file: nil
+    }.freeze
+
+    DEFAULT_SOCKET_OPTIONS = {
+      socket_class:     nil,
+      ssl_socket_class: nil
+    }.freeze
+
     attr_reader :api_endpoint
     attr_reader :ssl_options
     attr_reader :auth_options
@@ -11,24 +32,10 @@ module Kubeclient
     def initialize_client(
       uri,
       path,
-      version = nil,
-      ssl_options: {
-        client_cert: nil,
-        client_key: nil,
-        ca_file: nil,
-        cert_store: nil,
-        verify_ssl: OpenSSL::SSL::VERIFY_PEER
-      },
-      auth_options: {
-        username: nil,
-        password: nil,
-        bearer_token: nil,
-        bearer_token_file: nil
-      },
-      socket_options: {
-        socket_class: nil,
-        ssl_socket_class: nil
-      }
+      version,
+      ssl_options: DEFAULT_SSL_OPTIONS,
+      auth_options: DEFAULT_AUTH_OPTIONS,
+      socket_options: DEFAULT_SOCKET_OPTIONS
     )
       validate_auth_options(auth_options)
       handle_uri(uri, path)
@@ -50,21 +57,20 @@ module Kubeclient
     def handle_exception
       yield
     rescue RestClient::Exception => e
-      begin
-        json_error_msg = JSON.parse(e.response || '') || {}
+      json_error_msg = begin
+        JSON.parse(e.response || '') || {}
       rescue JSON::ParserError
-        json_error_msg = {}
+        {}
       end
       err_message = json_error_msg['message'] || e.message
       raise KubeException.new(e.http_code, err_message, e.response)
     end
 
     def handle_uri(uri, path)
-      fail ArgumentError, 'Missing uri' if uri.nil?
-      @api_endpoint = (uri.is_a? URI) ? uri : URI.parse(uri)
+      fail ArgumentError, 'Missing uri' unless uri
+      @api_endpoint = (uri.is_a?(URI) ? uri : URI.parse(uri))
       @api_endpoint.path = path if @api_endpoint.path.empty?
-      @api_endpoint.path = @api_endpoint.path.chop \
-                         if @api_endpoint.path.end_with? '/'
+      @api_endpoint.path = @api_endpoint.path.chop if @api_endpoint.path.end_with? '/'
     end
 
     def build_namespace_prefix(namespace)
@@ -84,8 +90,7 @@ module Kubeclient
         end
 
         # watch all entities of a type e.g. watch_nodes, watch_pods, etc.
-        define_method("watch_#{entity_name_plural}") \
-        do |options = {}|
+        define_method("watch_#{entity_name_plural}") do |options = {}|
           # This method used to take resource_version as a param, so
           # this conversion is to keep backwards compatibility
           options = { resource_version: options } unless options.is_a?(Hash)

data/lib/kubeclient/config.rb

@@ -0,0 +1,111 @@
+require 'yaml'
+require 'base64'
+
+module Kubeclient
+  # Kubernetes client configuration class
+  class Config
+    # Kubernetes client configuration context class
+    class Context
+      attr_reader :api_endpoint, :api_version, :ssl_options
+
+      def initialize(api_endpoint, api_version, ssl_options)
+        @api_endpoint = api_endpoint
+        @api_version = api_version
+        @ssl_options = ssl_options
+      end
+    end
+
+    def initialize(kcfg, kcfg_path)
+      @kcfg = kcfg
+      @kcfg_path = kcfg_path
+      fail 'Unknown kubeconfig version' if @kcfg['apiVersion'] != 'v1'
+    end
+
+    def self.read(filename)
+      Config.new(YAML.load_file(filename), File.dirname(filename))
+    end
+
+    def contexts
+      @kcfg['contexts'].map { |x| x['name'] }
+    end
+
+    def context(context_name = nil)
+      cluster, user = fetch_context(context_name || @kcfg['current-context'])
+
+      ca_cert_data     = fetch_cluster_ca_data(cluster)
+      client_cert_data = fetch_user_cert_data(user)
+      client_key_data  = fetch_user_key_data(user)
+
+      ssl_options = {}
+
+      if !ca_cert_data.nil?
+        cert_store = OpenSSL::X509::Store.new
+        cert_store.add_cert(OpenSSL::X509::Certificate.new(ca_cert_data))
+        ssl_options[:verify_ssl] = OpenSSL::SSL::VERIFY_PEER
+        ssl_options[:cert_store] = cert_store
+      else
+        ssl_options[:verify_ssl] = OpenSSL::SSL::VERIFY_NONE
+      end
+
+      unless client_cert_data.nil?
+        ssl_options[:client_cert] = OpenSSL::X509::Certificate.new(client_cert_data)
+      end
+
+      unless client_key_data.nil?
+        ssl_options[:client_key] = OpenSSL::PKey.read(client_key_data)
+      end
+
+      Context.new(cluster['server'], @kcfg['apiVersion'], ssl_options)
+    end
+
+    private
+
+    def ext_file_path(path)
+      File.join(@kcfg_path, path)
+    end
+
+    def fetch_context(context_name)
+      context = @kcfg['contexts'].detect do |x|
+        break x['context'] if x['name'] == context_name
+      end
+
+      fail "Unknown context #{context_name}" unless context
+
+      cluster = @kcfg['clusters'].detect do |x|
+        break x['cluster'] if x['name'] == context['cluster']
+      end
+
+      fail "Unknown cluster #{context['cluster']}" unless cluster
+
+      user = @kcfg['users'].detect do |x|
+        break x['user'] if x['name'] == context['user']
+      end || {}
+
+      [cluster, user]
+    end
+
+    def fetch_cluster_ca_data(cluster)
+      if cluster.key?('certificate-authority')
+        return File.read(ext_file_path(cluster['certificate-authority']))
+      elsif cluster.key?('certificate-authority-data')
+        return Base64.decode64(cluster['certificate-authority-data'])
+      end
+    end
+
+    def fetch_user_cert_data(user)
+      if user.key?('client-certificate')
+        return File.read(ext_file_path(user['client-certificate']))
+      elsif user.key?('client-certificate-data')
+        return Base64.decode64(user['client-certificate-data'])
+      end
+    end
+
+    def fetch_user_key_data(user)
+      if user.key?('client-key')
+        return File.read(ext_file_path(user['client-key']))
+      elsif user.key?('client-key-data')
+        return Base64.decode64(user['client-key-data'])
+      end
+    end
+  end
+end

data/lib/kubeclient/version.rb

@@ -1,4 +1,4 @@
 # Kubernetes REST-API Client
 module Kubeclient
-  VERSION = '1.1.3'
+  VERSION = '1.1.4'
 end

data/test/config/allinone.kubeconfig

@@ -0,0 +1,20 @@
+apiVersion: v1
+clusters:
+- cluster:
+    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1akNDQWRDZ0F3SUJBZ0lCQVRBTEJna3Foa2lHOXcwQkFRc3dKakVrTUNJR0ExVUVBd3diYjNCbGJuTm8KYVdaMExYTnBaMjVsY2tBeE5EUTBNVEk0T0Rnd01CNFhEVEUxTVRBd05qRXdOVFEwTUZvWERURTJNVEF3TlRFdwpOVFEwTVZvd0pqRWtNQ0lHQTFVRUF3d2JiM0JsYm5Ob2FXWjBMWE5wWjI1bGNrQXhORFEwTVRJNE9EZ3dNSUlCCklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFyNmdtOUhBV2UxbGswSlBJUE9vSXl2azkKWXJwN0dMa0ljQ1B4ME1CTEd0cmpVK2wyNzl6RER2NlBWMmIwS1UxTEZDM0l4UGtaTXJMQkVaNTR3MllrV3ZlUApreUhZczByMEdOd0hldk9XR2R0c2d0VXkveHAvTlVHUlZrclVPUGtrNGZMclAzcm5DQmVuVzdTYWlxRCtxNUpJCjhxTytXSVZtaDZGRjF1R0tWWjZmaS8rRjZwN1AreXhCUForV0kyTWt0UXE2akZrQlgxbjFnYlIzRGpRdng3SjEKdjNvWi9PTkNkQ2FXZXNuUm1ON0MyUDRVMVdPNXk0dkwzNFFPcXYyai9jaXpmRWdFcERsNXcrdXk1WDQ3aEsvSwpubEh0UHdrSFpMRWtva3VETnBjVGZ4Nk5Od09UVEZIdmdUeDUvYlFvVUZrbkVad2oyRW9lTW8wd05Pb0VId0lECkFRQUJveU13SVRBT0JnTlZIUThCQWY4RUJBTUNBS1F3RHdZRFZSMFRBUUgvQkFVd0F3RUIvekFMQmdrcWhraUcKOXcwQkFRc0RnZ0VCQUVQUUFDa09LUkhVem85SXBMNWQxK05wRjVHWFJEb3BCSkllRkJuZ01tZ1g3cUtqRzJNcwpHWGx3bXgvL2hZQll4MHc2R2FBNFc0VzM4cEYwR24yaFNXTVE2cTZsRXpoQU1ROWFYb2xRcXBTLytzMmFGK2J2CmxoWStoUXk2dmRTTUExK3ZPVzBLTDBRaGxjdCszY3UwN1pTajFXNG9obmJpUklXYzJJdCsxSWVMbnZBY210eCsKTURnSTlzV2ZmeW5VVkN0RkVsdEkrTVM2VjhuRlAxVTB6Z243V3ZSc1JQK0YyYXZkejRmYWR4RVBTTTl4WGtUVQpDL2M5L0JvKzlmT0dMakhnbFMwY1ZiNWI3d3k5ZHhwc0p2Wll3SjFwZk5Uci9COVZpL09kQzN0UFBhd0habVVCCnVkSTVXUWljelVQSjhDU1NSMDJuaDJMUUMvRzVCS2FxSk9ZPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+    server: https://localhost:8443
+  name: localhost:8443
+contexts:
+- context:
+    cluster: localhost:8443
+    namespace: default
+    user: system:admin/localhost:8443
+  name: default/localhost:8443/system:admin
+current-context: default/localhost:8443/system:admin
+kind: Config
+preferences: {}
+users:
+- name: system:admin/localhost:8443
+  user:
+    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURDVENDQWZPZ0F3SUJBZ0lCQlRBTEJna3Foa2lHOXcwQkFRc3dKakVrTUNJR0ExVUVBd3diYjNCbGJuTm8KYVdaMExYTnBaMjVsY2tBeE5EUTBNVEk0T0Rnd01CNFhEVEUxTVRBd05qRXdOVFEwTWxvWERURTJNVEF3TlRFdwpOVFEwTTFvd056RWVNQndHQTFVRUNoTVZjM2x6ZEdWdE9tTnNkWE4wWlhJdFlXUnRhVzV6TVJVd0V3WURWUVFECkV3eHplWE4wWlcwNllXUnRhVzR3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRFYKSjNJUkJTdTQ4TVppOFBaVlJFSno1NWN2d3hsclhyZUxSZnQ0cW1FdVQwbzE5WUlOR3lMMWVXc0VpanBML1ZVWAo0clA4Q280MXFHbDVBbS94WDZHMWNKTE45Z1plY3l5SHJUTTdjSXNsTjRydy9UUkg2SXF2ZWluUHNrcHl3UTRDClU1UHlQSTh0QU9aa3I2VU14K1cwckJWZXNUM1NKZjF0UVY0Ynh4cXlHeXA2dGM5SElGZ1hGQzdUQnovcDBGU2MKdXdiaFpMTmkrbHcxcC9QWGxCK3BJY0hNMnN5RldHYnVFemk2aE1TWHNKN3l2dEtpZW9KdWtmV05ZOE9QcURNRgpWVmNnUHJJaTErM0Z4ZWFEY1pYMUZ1TEw5ZVVOQ2o3NlR6dDVJcUJzaHVVdy8ra0I1cWxtemgyaDdrbmMxbkRsCmNaRkxxdlE1MFV0cVJqazdFQ3UvQWdNQkFBR2pOVEF6TUE0R0ExVWREd0VCL3dRRUF3SUFvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFqQU1CZ05WSFJNQkFmOEVBakFBTUFzR0NTcUdTSWIzRFFFQkN3T0NBUUVBaThLRgpiYzVwcVg1U2tlbytqaExESzRwdHB3VCtNMDFuRGdyc3FDMTEzbFNZclNvKytGbnptZ2hTRVBoSmg1TzhIYjNYCkZkN0NybWc1V3BQVldCaGt0NHBpenRWN2VpRTdES050NUxMTjNrcm1sWHlBUUppYkkxVSthOUJuelJCWnQzOXMKeHVUOE9XOTBNdS9oVkFRN1NkTzlTNzYvbm1xamZWQTNwNHFENTVXVDRQZ0N0Q1hzc042ZEYwdE9WV0NUZW9aUwpxRVBHODY1Wmw3ODlMTWZZVVlSbmhCa0xnVkVkU1U4Z2N6NU1JNUpSejd6cll4ekc2REMreXZYdnJrUFJLRE5PCm42VUFDbTI2UVFwcHZrUzVRczkwR2lER3FTdHhtY2JEd1Y1Z0lmMStQcmtwaXRlMzNmN0hud2JhQy9vRGN1d3MKRDRPRlhNZkE1c1FEMVpJTUZRPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
+    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBMVNkeUVRVXJ1UERHWXZEMlZVUkNjK2VYTDhNWmExNjNpMFg3ZUtwaExrOUtOZldDCkRSc2k5WGxyQklvNlMvMVZGK0t6L0FxT05haHBlUUp2OFYraHRYQ1N6ZllHWG5Nc2g2MHpPM0NMSlRlSzhQMDAKUitpS3Izb3B6N0pLY3NFT0FsT1Q4anlQTFFEbVpLK2xETWZsdEt3VlhyRTkwaVg5YlVGZUc4Y2FzaHNxZXJYUApSeUJZRnhRdTB3Yy82ZEJVbkxzRzRXU3pZdnBjTmFmejE1UWZxU0hCek5yTWhWaG03aE00dW9URWw3Q2U4cjdTCm9ucUNicEgxaldQRGo2Z3pCVlZYSUQ2eUl0ZnR4Y1htZzNHVjlSYml5L1hsRFFvKytrODdlU0tnYklibE1QL3AKQWVhcFpzNGRvZTVKM05adzVYR1JTNnIwT2RGTGFrWTVPeEFydndJREFRQUJBb0lCQVFDcWozTEZ6Y1pycVRhRgp5MXpCWStwc3hsOEMxL0hLS2JOaTNXL1k0VFQ4RW5SR2N4cEtsSEZIelkxbHg1bllYbkV0dUxqZXNDK1ZIaHF2CnV0U0taMFNGWS93RWxKNEtDODBSRC9XVDFYMXlIVnl2YzF6WFFXdGYrTGZtT3pzNVVlTjgxeFhtV3JFU2lNclMKdkgyc21YUGtPMktxTDlkUkJoY2d5cEtjVlppMTlITHR2ZG83TUg4V3g0Ukw5dnVnY0VVU2laYTFTQjdyMVp2dApTOXFqSHZUMEhSOThDUGh2b0h2Q29mdndGVDhZQTBzdHBYczFqSWZBZmFFSC9aLzhGNkhZUnJid1dNMFAxRXE1Cmw1WmROK04vQnNXaGQvbW5ZVHZUcWNDWnJIaFVFaCtyUDcyR2tlY1hwR0svR3diRXRFOWNYK0ZYMVkwRkJxWW0KcUM4NnRtcEJBb0dCQU9NRGdwdkhYZkhRb3RqU0tMMVlNOUVQZnhEeG9mY3JSekJEd0NNRFZPZTh5aDIxT0kxdgozdUVZc1BRTkZ1eXVxOWxuYmJkQWdwNHRPZm9OTVBucnRIUXdmelpRQmpYby9Gc2U1Q3l5MVdDZWg4a3IyWWxRCmQwNWNmWUFMeDlZRGFoK0dkd00xZWplQ1JRQndUQ0RrZzY2bENkQTFScll6bWF6by9TVWRKRnZoQW9HQkFQQmUKNW13YlZiam1yUWlhSU1maHRKODZFNWFJMnhSRGdzNGYzTm9RdWw5K1paaERaQkl5NXQ3Vjc4NElhYkZ2dklNYwpHV2hobC8xWGtxNmFBUzRnVWRET1lWQkEwVnBiMWx0RkUybG81SklpWXg5c2R1MXdNMkZNL0ZMUGpkcGR2R0o3CnVpeWxFTUVHNC9oTHQ2UFpGd1Y2aTMxUHlUU3hUVmQ5WWlSRUZudWZBb0dBZllTWFZxS3BJdWNFNDNWdjZTRTMKcFVRNE1ab292NDFDVTBGaW52bGNuTFVaMjhzemRhQ0JUMXhqbXMwUis5T29XUkNDN1d2UnpMdWM3dEVVWDFzZgo3NDVSQ0NxL0JGZktFR2ZJS1o3SHRDQnpXNXZQTDhrNTdpM2Roa3I5Tnl1MEpiSW5ZN0xSM0pjK3A3dHZuRkE5Ckx2YzVzZEdEUTRMTVdYcUpYVmY3bm9FQ2dZRUE0WjZDTkZrWUJsMW5iMXFVaUdtZ0M1RU16OUNYcXBhUDBnQncKWWJNdjdQQ01WZlp6bU8xMGJSZHNadnpZa0hjci8vakJGSXYraVFySklPQm5XUzkyL0VLcmJ4UFlMak5qcWZuVgpkYXpDVnpTMXk4b1llMWhFc2dEOEdwSzlPSW1oaU9OUDVoWHQrdkVIeklqdHozcTJ0Q3JKZ1k4QmNsYzJISGdSClJhOHZWMHNDZ1lBOHlPdmlWZUUxT2lJVklkT1NxbjFsOXVtUDBFZXhHazVhUGlXZlVMc2ZWcTNveWNJd3AzdkcKWHdNOEFmRlFPZGxyR3dkeVdqQ1hDdzNKRmMwdHBPa3h6dzM2aUw5ekdoZ2JndjMyZ2ptR2djYllWV0w1bm04Rgp0eGlBOEZMSCs4eXI2b2hhalRZL293WUlaWFN6S3ptcDh1QnhuRzdpU2J0MzNBc0UzTGJjMnc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=

data/test/config/external-ca.pem

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC5jCCAdCgAwIBAgIBATALBgkqhkiG9w0BAQswJjEkMCIGA1UEAwwbb3BlbnNo
+aWZ0LXNpZ25lckAxNDQ0MTI4ODgwMB4XDTE1MTAwNjEwNTQ0MFoXDTE2MTAwNTEw
+NTQ0MVowJjEkMCIGA1UEAwwbb3BlbnNoaWZ0LXNpZ25lckAxNDQ0MTI4ODgwMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6gm9HAWe1lk0JPIPOoIyvk9
+Yrp7GLkIcCPx0MBLGtrjU+l279zDDv6PV2b0KU1LFC3IxPkZMrLBEZ54w2YkWveP
+kyHYs0r0GNwHevOWGdtsgtUy/xp/NUGRVkrUOPkk4fLrP3rnCBenW7SaiqD+q5JI
+8qO+WIVmh6FF1uGKVZ6fi/+F6p7P+yxBPZ+WI2MktQq6jFkBX1n1gbR3DjQvx7J1
+v3oZ/ONCdCaWesnRmN7C2P4U1WO5y4vL34QOqv2j/cizfEgEpDl5w+uy5X47hK/K
+nlHtPwkHZLEkokuDNpcTfx6NNwOTTFHvgTx5/bQoUFknEZwj2EoeMo0wNOoEHwID
+AQABoyMwITAOBgNVHQ8BAf8EBAMCAKQwDwYDVR0TAQH/BAUwAwEB/zALBgkqhkiG
+9w0BAQsDggEBAEPQACkOKRHUzo9IpL5d1+NpF5GXRDopBJIeFBngMmgX7qKjG2Ms
+GXlwmx//hYBYx0w6GaA4W4W38pF0Gn2hSWMQ6q6lEzhAMQ9aXolQqpS/+s2aF+bv
+lhY+hQy6vdSMA1+vOW0KL0Qhlct+3cu07ZSj1W4ohnbiRIWc2It+1IeLnvAcmtx+
+MDgI9sWffynUVCtFEltI+MS6V8nFP1U0zgn7WvRsRP+F2avdz4fadxEPSM9xXkTU
+C/c9/Bo+9fOGLjHglS0cVb5b7wy9dxpsJvZYwJ1pfNTr/B9Vi/OdC3tPPawHZmUB
+udI5WQiczUPJ8CSSR02nh2LQC/G5BKaqJOY=
+-----END CERTIFICATE-----

data/test/config/external-cert.pem

@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCTCCAfOgAwIBAgIBBTALBgkqhkiG9w0BAQswJjEkMCIGA1UEAwwbb3BlbnNo
+aWZ0LXNpZ25lckAxNDQ0MTI4ODgwMB4XDTE1MTAwNjEwNTQ0MloXDTE2MTAwNTEw
+NTQ0M1owNzEeMBwGA1UEChMVc3lzdGVtOmNsdXN0ZXItYWRtaW5zMRUwEwYDVQQD
+EwxzeXN0ZW06YWRtaW4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+J3IRBSu48MZi8PZVREJz55cvwxlrXreLRft4qmEuT0o19YINGyL1eWsEijpL/VUX
+4rP8Co41qGl5Am/xX6G1cJLN9gZecyyHrTM7cIslN4rw/TRH6IqveinPskpywQ4C
+U5PyPI8tAOZkr6UMx+W0rBVesT3SJf1tQV4bxxqyGyp6tc9HIFgXFC7TBz/p0FSc
+uwbhZLNi+lw1p/PXlB+pIcHM2syFWGbuEzi6hMSXsJ7yvtKieoJukfWNY8OPqDMF
+VVcgPrIi1+3FxeaDcZX1FuLL9eUNCj76Tzt5IqBshuUw/+kB5qlmzh2h7knc1nDl
+cZFLqvQ50UtqRjk7ECu/AgMBAAGjNTAzMA4GA1UdDwEB/wQEAwIAoDATBgNVHSUE
+DDAKBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMAsGCSqGSIb3DQEBCwOCAQEAi8KF
+bc5pqX5Skeo+jhLDK4ptpwT+M01nDgrsqC113lSYrSo++FnzmghSEPhJh5O8Hb3X
+Fd7Crmg5WpPVWBhkt4piztV7eiE7DKNt5LLN3krmlXyAQJibI1U+a9BnzRBZt39s
+xuT8OW90Mu/hVAQ7SdO9S76/nmqjfVA3p4qD55WT4PgCtCXssN6dF0tOVWCTeoZS
+qEPG865Zl789LMfYUYRnhBkLgVEdSU8gcz5MI5JRz7zrYxzG6DC+yvXvrkPRKDNO
+n6UACm26QQppvkS5Qs90GiDGqStxmcbDwV5gIf1+Prkpite33f7HnwbaC/oDcuws
+D4OFXMfA5sQD1ZIMFQ==
+-----END CERTIFICATE-----

data/test/config/external-key.rsa

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA1SdyEQUruPDGYvD2VURCc+eXL8MZa163i0X7eKphLk9KNfWC
+DRsi9XlrBIo6S/1VF+Kz/AqONahpeQJv8V+htXCSzfYGXnMsh60zO3CLJTeK8P00
+R+iKr3opz7JKcsEOAlOT8jyPLQDmZK+lDMfltKwVXrE90iX9bUFeG8cashsqerXP
+RyBYFxQu0wc/6dBUnLsG4WSzYvpcNafz15QfqSHBzNrMhVhm7hM4uoTEl7Ce8r7S
+onqCbpH1jWPDj6gzBVVXID6yItftxcXmg3GV9Rbiy/XlDQo++k87eSKgbIblMP/p
+AeapZs4doe5J3NZw5XGRS6r0OdFLakY5OxArvwIDAQABAoIBAQCqj3LFzcZrqTaF
+y1zBY+psxl8C1/HKKbNi3W/Y4TT8EnRGcxpKlHFHzY1lx5nYXnEtuLjesC+VHhqv
+utSKZ0SFY/wElJ4KC80RD/WT1X1yHVyvc1zXQWtf+LfmOzs5UeN81xXmWrESiMrS
+vH2smXPkO2KqL9dRBhcgypKcVZi19HLtvdo7MH8Wx4RL9vugcEUSiZa1SB7r1Zvt
+S9qjHvT0HR98CPhvoHvCofvwFT8YA0stpXs1jIfAfaEH/Z/8F6HYRrbwWM0P1Eq5
+l5ZdN+N/BsWhd/mnYTvTqcCZrHhUEh+rP72GkecXpGK/GwbEtE9cX+FX1Y0FBqYm
+qC86tmpBAoGBAOMDgpvHXfHQotjSKL1YM9EPfxDxofcrRzBDwCMDVOe8yh21OI1v
+3uEYsPQNFuyuq9lnbbdAgp4tOfoNMPnrtHQwfzZQBjXo/Fse5Cyy1WCeh8kr2YlQ
+d05cfYALx9YDah+GdwM1ejeCRQBwTCDkg66lCdA1RrYzmazo/SUdJFvhAoGBAPBe
+5mwbVbjmrQiaIMfhtJ86E5aI2xRDgs4f3NoQul9+ZZhDZBIy5t7V784IabFvvIMc
+GWhhl/1Xkq6aAS4gUdDOYVBA0Vpb1ltFE2lo5JIiYx9sdu1wM2FM/FLPjdpdvGJ7
+uiylEMEG4/hLt6PZFwV6i31PyTSxTVd9YiREFnufAoGAfYSXVqKpIucE43Vv6SE3
+pUQ4MZoov41CU0FinvlcnLUZ28szdaCBT1xjms0R+9OoWRCC7WvRzLuc7tEUX1sf
+745RCCq/BFfKEGfIKZ7HtCBzW5vPL8k57i3dhkr9Nyu0JbInY7LR3Jc+p7tvnFA9
+Lvc5sdGDQ4LMWXqJXVf7noECgYEA4Z6CNFkYBl1nb1qUiGmgC5EMz9CXqpaP0gBw
+YbMv7PCMVfZzmO10bRdsZvzYkHcr//jBFIv+iQrJIOBnWS92/EKrbxPYLjNjqfnV
+dazCVzS1y8oYe1hEsgD8GpK9OImhiONP5hXt+vEHzIjtz3q2tCrJgY8Bclc2HHgR
+Ra8vV0sCgYA8yOviVeE1OiIVIdOSqn1l9umP0EexGk5aPiWfULsfVq3oycIwp3vG
+XwM8AfFQOdlrGwdyWjCXCw3JFc0tpOkxzw36iL9zGhgbgv32gjmGgcbYVWL5nm8F
+txiA8FLH+8yr6ohajTY/owYIZXSzKzmp8uBxnG7iSbt33AsE3Lbc2w==
+-----END RSA PRIVATE KEY-----

data/test/config/external.kubeconfig

@@ -0,0 +1,20 @@
+apiVersion: v1
+clusters:
+- cluster:
+    certificate-authority: external-ca.pem
+    server: https://localhost:8443
+  name: localhost:8443
+contexts:
+- context:
+    cluster: localhost:8443
+    namespace: default
+    user: system:admin/localhost:8443
+  name: default/localhost:8443/system:admin
+current-context: default/localhost:8443/system:admin
+kind: Config
+preferences: {}
+users:
+- name: system:admin/localhost:8443
+  user:
+    client-certificate: external-cert.pem
+    client-key: external-key.rsa

data/test/config/nouser.kubeconfig

@@ -0,0 +1,16 @@
+apiVersion: v1
+clusters:
+- cluster:
+    server: https://localhost:8443
+    insecure-skip-tls-verify: true
+  name: localhost:8443
+contexts:
+- context:
+    cluster: localhost:8443
+    namespace: default
+    user: ""
+  name: default/localhost:8443/nouser
+current-context: default/localhost:8443/nouser
+kind: Config
+preferences: {}
+users: []

data/test/test_config.rb

@@ -0,0 +1,42 @@
+require 'test_helper'
+
+def test_config_file(name)
+  File.new(File.join(File.dirname(__FILE__), 'config', name))
+end
+
+# Testing Kubernetes client configuration
+class KubeClientConfigTest < MiniTest::Test
+  def test_allinone
+    config = Kubeclient::Config.read(test_config_file('allinone.kubeconfig'))
+    assert_equal(['default/localhost:8443/system:admin'], config.contexts)
+    check_context(config.context, ssl: true)
+  end
+
+  def test_external
+    config = Kubeclient::Config.read(test_config_file('external.kubeconfig'))
+    assert_equal(['default/localhost:8443/system:admin'], config.contexts)
+    check_context(config.context, ssl: true)
+  end
+
+  def test_nouser
+    config = Kubeclient::Config.read(test_config_file('nouser.kubeconfig'))
+    assert_equal(['default/localhost:8443/nouser'], config.contexts)
+    check_context(config.context, ssl: false)
+  end
+
+  private
+
+  def check_context(context, ssl: true)
+    assert_equal('https://localhost:8443', context.api_endpoint)
+    assert_equal('v1', context.api_version)
+    if ssl
+      assert_equal(OpenSSL::SSL::VERIFY_PEER, context.ssl_options[:verify_ssl])
+      assert_kind_of(OpenSSL::X509::Store, context.ssl_options[:cert_store])
+      assert_kind_of(OpenSSL::X509::Certificate, context.ssl_options[:client_cert])
+      assert_kind_of(OpenSSL::PKey::RSA, context.ssl_options[:client_key])
+      assert(context.ssl_options[:cert_store].verify(context.ssl_options[:client_cert]))
+    else
+      assert_equal(OpenSSL::SSL::VERIFY_NONE, context.ssl_options[:verify_ssl])
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kubeclient
 version: !ruby/object:Gem::Version
-  version: 1.1.3
+  version: 1.1.4
 platform: ruby
 authors:
 - Alissa Bonas
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-04-04 00:00:00.000000000 Z
+date: 2016-05-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -56,16 +56,16 @@ dependencies:
   name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.24.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.24.2
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement
@@ -167,12 +167,19 @@ files:
 - kubeclient.gemspec
 - lib/kubeclient.rb
 - lib/kubeclient/common.rb
+- lib/kubeclient/config.rb
 - lib/kubeclient/entity_list.rb
 - lib/kubeclient/kube_exception.rb
 - lib/kubeclient/version.rb
 - lib/kubeclient/watch_notice.rb
 - lib/kubeclient/watch_stream.rb
 - test/cassettes/kubernetes_guestbook.yml
+- test/config/allinone.kubeconfig
+- test/config/external-ca.pem
+- test/config/external-cert.pem
+- test/config/external-key.rsa
+- test/config/external.kubeconfig
+- test/config/nouser.kubeconfig
 - test/json/component_status.json
 - test/json/component_status_list.json
 - test/json/created_endpoint.json
@@ -212,6 +219,7 @@ files:
 - test/json/versions_list.json
 - test/json/watch_stream.json
 - test/test_component_status.rb
+- test/test_config.rb
 - test/test_endpoint.rb
 - test/test_guestbook_go.rb
 - test/test_helper.rb
@@ -257,6 +265,12 @@ specification_version: 4
 summary: A client for Kubernetes REST api
 test_files:
 - test/cassettes/kubernetes_guestbook.yml
+- test/config/allinone.kubeconfig
+- test/config/external-ca.pem
+- test/config/external-cert.pem
+- test/config/external-key.rsa
+- test/config/external.kubeconfig
+- test/config/nouser.kubeconfig
 - test/json/component_status.json
 - test/json/component_status_list.json
 - test/json/created_endpoint.json
@@ -296,6 +310,7 @@ test_files:
 - test/json/versions_list.json
 - test/json/watch_stream.json
 - test/test_component_status.rb
+- test/test_config.rb
 - test/test_endpoint.rb
 - test/test_guestbook_go.rb
 - test/test_helper.rb