From 27ff535c6fd097148b2edd267f4c9ea7a8616115 Mon Sep 17 00:00:00 2001 From: dylanhart Date: Sun, 6 Oct 2019 11:33:18 -0700 Subject: [PATCH 1/2] add config::incluster_config::load_default_ns() --- src/config/incluster_config.rs | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/config/incluster_config.rs b/src/config/incluster_config.rs index 9ac7e9058..25c8a8c42 100644 --- a/src/config/incluster_config.rs +++ b/src/config/incluster_config.rs @@ -9,6 +9,7 @@ pub const SERVICE_HOSTENV: &str = "KUBERNETES_SERVICE_HOST"; pub const SERVICE_PORTENV: &str = "KUBERNETES_SERVICE_PORT"; const SERVICE_TOKENFILE: &str = "/var/run/secrets/kubernetes.io/serviceaccount/token"; const SERVICE_CERTFILE: &str = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"; +const SERVICE_DEFAULT_NS: &str = "/var/run/secrets/kubernetes.io/serviceaccount/namespace"; /// Returns kubernetes address from specified environment variables. pub fn kube_server() -> Option { @@ -26,15 +27,20 @@ fn kube_port() -> Option { /// Returns token from specified path in cluster. pub fn load_token() -> Result { - utils::data_or_file(&None, &Some(SERVICE_TOKENFILE.to_string())) + utils::data_or_file(&None, &Some(SERVICE_TOKENFILE)) } /// Returns certification from specified path in cluster. pub fn load_cert() -> Result { - let ca = utils::data_or_file_with_base64(&None, &Some(SERVICE_CERTFILE.to_string()))?; + let ca = utils::data_or_file_with_base64(&None, &Some(SERVICE_CERTFILE))?; X509::from_pem(&ca).map_err(Error::from) } +/// Returns the default namespace from specified path in cluster. +pub fn load_default_ns() -> Result { + utils::data_or_file(&None, &Some(SERVICE_DEFAULT_NS)) +} + #[test] fn test_kube_host() { let expected = "fake.io"; From 41ded295cf700350db5eee2293a7b522cf6b7b4b Mon Sep 17 00:00:00 2001 From: dylanhart Date: Sun, 6 Oct 2019 11:46:39 -0700 Subject: [PATCH 2/2] load default namespace during incluster setup --- src/config/mod.rs | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/src/config/mod.rs b/src/config/mod.rs index d6da7c832..55df9ee1d 100644 --- a/src/config/mod.rs +++ b/src/config/mod.rs @@ -18,13 +18,22 @@ use self::kube_config::KubeConfigLoader; pub struct Configuration { pub base_path: String, pub client: Client, + + /// The current default namespace. This will be "default" while running outside of a cluster, + /// and will be the namespace of the pod while running inside a cluster. + pub default_ns: String, } impl Configuration { pub fn new(base_path: String, client: Client) -> Self { + Self::with_default_ns(base_path, client, "default".to_string()) + } + + pub fn with_default_ns(base_path: String, client: Client, default_ns: String) -> Self { Configuration { base_path: base_path.to_owned(), client, + default_ns, } } } @@ -160,6 +169,10 @@ pub fn incluster_config() -> Result { let token = incluster_config::load_token() .context(ErrorKind::KubeConfig("Unable to load in cluster token".to_string()))?; + let default_ns = incluster_config::load_default_ns().context(ErrorKind::KubeConfig( + "Unable to load incluster default namespace".to_string(), + ))?; + let mut headers = header::HeaderMap::new(); headers.insert( header::AUTHORIZATION, @@ -171,9 +184,10 @@ pub fn incluster_config() -> Result { .add_root_certificate(req_ca) .default_headers(headers); - Ok(Configuration::new( + Ok(Configuration::with_default_ns( server, client_builder.build() - .context(ErrorKind::KubeConfig("Unable to build client".to_string()))? + .context(ErrorKind::KubeConfig("Unable to build client".to_string()))?, + default_ns, )) }