kubeclient 1.1.4 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of kubeclient might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/README.md +9 -1
- data/lib/kubeclient/common.rb +9 -2
- data/lib/kubeclient/config.rb +17 -3
- data/lib/kubeclient/version.rb +1 -1
- data/lib/kubeclient/watch_stream.rb +16 -1
- data/test/config/userauth.kubeconfig +28 -0
- data/test/test_config.rb +19 -0
- data/test/test_kubeclient.rb +12 -0
- metadata +4 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bc17e4674c3ba30929ff7269036b8ece9c803d27
|
4
|
+
data.tar.gz: 1d6e55bd1fdd2fd7f05e1984cf43e4622c550416
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 17a5534c7be7404ff9e5b376d6c2571582fc6c6ac795301445bdd40361aa27029db856ef0367ce8d52f125fa47e8dc5c4b0c8ec3ab1c8347001e364a17542d41
|
7
|
+
data.tar.gz: 7e847c215609634b3c9d15e961c872aaab6792a95e785d9b2aeb62891acd838d628f257688fa2ea4a81494129eb56e3510106234805dac7fe40004bdea7fd472
|
data/README.md
CHANGED
@@ -64,7 +64,7 @@ As an alternative to the `ca_file` it's possible to use the `cert_store`:
|
|
64
64
|
cert_store = OpenSSL::X509::Store.new
|
65
65
|
cert_store.add_cert(OpenSSL::X509::Certificate.new(ca_cert_data))
|
66
66
|
ssl_options = {
|
67
|
-
cert_store: cert_store
|
67
|
+
cert_store: cert_store,
|
68
68
|
verify_ssl: OpenSSL::SSL::VERIFY_PEER
|
69
69
|
}
|
70
70
|
client = Kubeclient::Client.new 'https://localhost:8443/api/' , "v1",
|
@@ -140,6 +140,14 @@ client = Kubeclient::Client.new 'https://localhost:8443/api/' , 'v1',
|
|
140
140
|
socket_options: socket_options
|
141
141
|
```
|
142
142
|
|
143
|
+
You can also use kubeclient with an http proxy server such as tinyproxy. It can be entered as a string or a URI object
|
144
|
+
For example:
|
145
|
+
```ruby
|
146
|
+
proxy_uri = URI::HTTP.build(host: "myproxyhost", port: 8443)
|
147
|
+
client = Kubeclient::Client.new('https://localhost:8443/api/',
|
148
|
+
:http_proxy_uri => proxy_uri)
|
149
|
+
```
|
150
|
+
|
143
151
|
## Examples:
|
144
152
|
|
145
153
|
#### Get all instances of a specific entity type
|
data/lib/kubeclient/common.rb
CHANGED
@@ -24,9 +24,12 @@ module Kubeclient
|
|
24
24
|
ssl_socket_class: nil
|
25
25
|
}.freeze
|
26
26
|
|
27
|
+
DEFAULT_HTTP_PROXY_URI = nil
|
28
|
+
|
27
29
|
attr_reader :api_endpoint
|
28
30
|
attr_reader :ssl_options
|
29
31
|
attr_reader :auth_options
|
32
|
+
attr_reader :http_proxy_uri
|
30
33
|
attr_reader :headers
|
31
34
|
|
32
35
|
def initialize_client(
|
@@ -35,7 +38,8 @@ module Kubeclient
|
|
35
38
|
version,
|
36
39
|
ssl_options: DEFAULT_SSL_OPTIONS,
|
37
40
|
auth_options: DEFAULT_AUTH_OPTIONS,
|
38
|
-
socket_options: DEFAULT_SOCKET_OPTIONS
|
41
|
+
socket_options: DEFAULT_SOCKET_OPTIONS,
|
42
|
+
http_proxy_uri: DEFAULT_HTTP_PROXY_URI
|
39
43
|
)
|
40
44
|
validate_auth_options(auth_options)
|
41
45
|
handle_uri(uri, path)
|
@@ -45,6 +49,7 @@ module Kubeclient
|
|
45
49
|
@ssl_options = ssl_options
|
46
50
|
@auth_options = auth_options
|
47
51
|
@socket_options = socket_options
|
52
|
+
@http_proxy_uri = http_proxy_uri.to_s if http_proxy_uri
|
48
53
|
|
49
54
|
if auth_options[:bearer_token]
|
50
55
|
bearer_token(@auth_options[:bearer_token])
|
@@ -134,6 +139,7 @@ module Kubeclient
|
|
134
139
|
verify_ssl: @ssl_options[:verify_ssl],
|
135
140
|
ssl_client_cert: @ssl_options[:client_cert],
|
136
141
|
ssl_client_key: @ssl_options[:client_key],
|
142
|
+
proxy: @http_proxy_uri,
|
137
143
|
user: @auth_options[:username],
|
138
144
|
password: @auth_options[:password]
|
139
145
|
}
|
@@ -361,7 +367,8 @@ module Kubeclient
|
|
361
367
|
options = {
|
362
368
|
basic_auth_user: @auth_options[:username],
|
363
369
|
basic_auth_password: @auth_options[:password],
|
364
|
-
headers: @headers
|
370
|
+
headers: @headers,
|
371
|
+
http_proxy_uri: @http_proxy_uri
|
365
372
|
}
|
366
373
|
|
367
374
|
if uri.scheme == 'https'
|
data/lib/kubeclient/config.rb
CHANGED
@@ -6,12 +6,13 @@ module Kubeclient
|
|
6
6
|
class Config
|
7
7
|
# Kubernetes client configuration context class
|
8
8
|
class Context
|
9
|
-
attr_reader :api_endpoint, :api_version, :ssl_options
|
9
|
+
attr_reader :api_endpoint, :api_version, :ssl_options, :auth_options
|
10
10
|
|
11
|
-
def initialize(api_endpoint, api_version, ssl_options)
|
11
|
+
def initialize(api_endpoint, api_version, ssl_options, auth_options)
|
12
12
|
@api_endpoint = api_endpoint
|
13
13
|
@api_version = api_version
|
14
14
|
@ssl_options = ssl_options
|
15
|
+
@auth_options = auth_options
|
15
16
|
end
|
16
17
|
end
|
17
18
|
|
@@ -35,6 +36,7 @@ module Kubeclient
|
|
35
36
|
ca_cert_data = fetch_cluster_ca_data(cluster)
|
36
37
|
client_cert_data = fetch_user_cert_data(user)
|
37
38
|
client_key_data = fetch_user_key_data(user)
|
39
|
+
auth_options = fetch_user_auth_options(user)
|
38
40
|
|
39
41
|
ssl_options = {}
|
40
42
|
|
@@ -55,7 +57,7 @@ module Kubeclient
|
|
55
57
|
ssl_options[:client_key] = OpenSSL::PKey.read(client_key_data)
|
56
58
|
end
|
57
59
|
|
58
|
-
Context.new(cluster['server'], @kcfg['apiVersion'], ssl_options)
|
60
|
+
Context.new(cluster['server'], @kcfg['apiVersion'], ssl_options, auth_options)
|
59
61
|
end
|
60
62
|
|
61
63
|
private
|
@@ -107,5 +109,17 @@ module Kubeclient
|
|
107
109
|
return Base64.decode64(user['client-key-data'])
|
108
110
|
end
|
109
111
|
end
|
112
|
+
|
113
|
+
def fetch_user_auth_options(user)
|
114
|
+
options = {}
|
115
|
+
if user.key?('token')
|
116
|
+
options[:bearer_token] = user['token']
|
117
|
+
else
|
118
|
+
%w(username password).each do |attr|
|
119
|
+
options[attr.to_sym] = user[attr] if user.key?(attr)
|
120
|
+
end
|
121
|
+
end
|
122
|
+
options
|
123
|
+
end
|
110
124
|
end
|
111
125
|
end
|
data/lib/kubeclient/version.rb
CHANGED
@@ -47,8 +47,23 @@ module Kubeclient
|
|
47
47
|
end
|
48
48
|
end
|
49
49
|
|
50
|
+
def using_proxy
|
51
|
+
proxy = @http_options[:http_proxy_uri]
|
52
|
+
return nil unless proxy
|
53
|
+
p_uri = URI.parse(proxy)
|
54
|
+
{
|
55
|
+
proxy_address: p_uri.hostname,
|
56
|
+
proxy_port: p_uri.port,
|
57
|
+
proxy_username: p_uri.user,
|
58
|
+
proxy_password: p_uri.password
|
59
|
+
}
|
60
|
+
end
|
61
|
+
|
50
62
|
def build_client_options
|
51
|
-
client_options = {
|
63
|
+
client_options = {
|
64
|
+
headers: @http_options[:headers],
|
65
|
+
proxy: using_proxy
|
66
|
+
}
|
52
67
|
if @http_options[:ssl]
|
53
68
|
client_options[:ssl] = @http_options[:ssl]
|
54
69
|
client_options[:ssl_socket_class] =
|
@@ -0,0 +1,28 @@
|
|
1
|
+
apiVersion: v1
|
2
|
+
clusters:
|
3
|
+
- cluster:
|
4
|
+
server: https://localhost:8443
|
5
|
+
insecure-skip-tls-verify: true
|
6
|
+
name: localhost:8443
|
7
|
+
contexts:
|
8
|
+
- context:
|
9
|
+
cluster: localhost:8443
|
10
|
+
namespace: default
|
11
|
+
user: system:admin:token
|
12
|
+
name: localhost/system:admin:token
|
13
|
+
- context:
|
14
|
+
cluster: localhost:8443
|
15
|
+
namespace: default
|
16
|
+
user: system:admin:userpass
|
17
|
+
name: localhost/system:admin:userpass
|
18
|
+
current-context: localhost/system:admin:token
|
19
|
+
kind: Config
|
20
|
+
preferences: {}
|
21
|
+
users:
|
22
|
+
- name: system:admin:token
|
23
|
+
user:
|
24
|
+
token: 0123456789ABCDEF0123456789ABCDEF
|
25
|
+
- name: system:admin:userpass
|
26
|
+
user:
|
27
|
+
username: admin
|
28
|
+
password: pAssw0rd123
|
data/test/test_config.rb
CHANGED
@@ -24,6 +24,25 @@ class KubeClientConfigTest < MiniTest::Test
|
|
24
24
|
check_context(config.context, ssl: false)
|
25
25
|
end
|
26
26
|
|
27
|
+
def test_user_token
|
28
|
+
config = Kubeclient::Config.read(test_config_file('userauth.kubeconfig'))
|
29
|
+
assert_equal(['localhost/system:admin:token', 'localhost/system:admin:userpass'],
|
30
|
+
config.contexts)
|
31
|
+
context = config.context('localhost/system:admin:token')
|
32
|
+
check_context(context, ssl: false)
|
33
|
+
assert_equal('0123456789ABCDEF0123456789ABCDEF', context.auth_options[:bearer_token])
|
34
|
+
end
|
35
|
+
|
36
|
+
def test_user_password
|
37
|
+
config = Kubeclient::Config.read(test_config_file('userauth.kubeconfig'))
|
38
|
+
assert_equal(['localhost/system:admin:token', 'localhost/system:admin:userpass'],
|
39
|
+
config.contexts)
|
40
|
+
context = config.context('localhost/system:admin:userpass')
|
41
|
+
check_context(context, ssl: false)
|
42
|
+
assert_equal('admin', context.auth_options[:username])
|
43
|
+
assert_equal('pAssw0rd123', context.auth_options[:password])
|
44
|
+
end
|
45
|
+
|
27
46
|
private
|
28
47
|
|
29
48
|
def check_context(context, ssl: true)
|
data/test/test_kubeclient.rb
CHANGED
@@ -38,6 +38,18 @@ class KubeClientTest < MiniTest::Test
|
|
38
38
|
assert_equal 'http://localhost:8080/api/v1', rest_client.url.to_s
|
39
39
|
end
|
40
40
|
|
41
|
+
def test_pass_proxy
|
42
|
+
uri = URI::HTTP.build(host: 'localhost', port: 8080)
|
43
|
+
proxy_uri = URI::HTTP.build(host: 'myproxyhost', port: 8888)
|
44
|
+
client = Kubeclient::Client.new(uri, http_proxy_uri: proxy_uri)
|
45
|
+
rest_client = client.rest_client
|
46
|
+
assert_equal proxy_uri.to_s, rest_client.options[:proxy]
|
47
|
+
|
48
|
+
watch_client = client.watch_pods
|
49
|
+
assert_equal(watch_client.send(:build_client_options)[:proxy][:proxy_address], proxy_uri.host)
|
50
|
+
assert_equal(watch_client.send(:build_client_options)[:proxy][:proxy_port], proxy_uri.port)
|
51
|
+
end
|
52
|
+
|
41
53
|
def test_exception
|
42
54
|
stub_request(:post, %r{/services})
|
43
55
|
.to_return(body: open_test_file('namespace_exception.json'),
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: kubeclient
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Alissa Bonas
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-06-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -180,6 +180,7 @@ files:
|
|
180
180
|
- test/config/external-key.rsa
|
181
181
|
- test/config/external.kubeconfig
|
182
182
|
- test/config/nouser.kubeconfig
|
183
|
+
- test/config/userauth.kubeconfig
|
183
184
|
- test/json/component_status.json
|
184
185
|
- test/json/component_status_list.json
|
185
186
|
- test/json/created_endpoint.json
|
@@ -271,6 +272,7 @@ test_files:
|
|
271
272
|
- test/config/external-key.rsa
|
272
273
|
- test/config/external.kubeconfig
|
273
274
|
- test/config/nouser.kubeconfig
|
275
|
+
- test/config/userauth.kubeconfig
|
274
276
|
- test/json/component_status.json
|
275
277
|
- test/json/component_status_list.json
|
276
278
|
- test/json/created_endpoint.json
|