kubernetes.config package¶
Submodules¶
kubernetes.config.config_exception module¶
-
exception
kubernetes.config.config_exception.
ConfigException
¶ Bases:
Exception
kubernetes.config.incluster_config module¶
-
class
kubernetes.config.incluster_config.
InClusterConfigLoader
(token_filename, cert_filename, environ=environ({'HOSTNAME': 'build-9427487-project-488604-k8s-python', 'PYPY_VERSION_35': 'pypy3.5-7.0.0', 'APPDIR': '/app', 'HOME': '/home/docs', 'OLDPWD': '/', 'CONDA_VERSION': '4.6.14', 'READTHEDOCS': 'True', 'READTHEDOCS_PROJECT': 'k8s-python', 'PATH': '/home/docs/checkouts/readthedocs.org/user_builds/k8s-python/envs/stable/bin:/home/docs/.pyenv/shims:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/docs/.conda/bin:/home/docs/.pyenv/bin', 'READTHEDOCS_LANGUAGE': 'en', 'LANG': 'C.UTF-8', 'DEBIAN_FRONTEND': 'noninteractive', 'BIN_PATH': '/home/docs/checkouts/readthedocs.org/user_builds/k8s-python/envs/stable/bin', 'PYTHON_VERSION_35': '3.5.7', 'READTHEDOCS_VERSION': 'stable', 'PYTHON_VERSION_27': '2.7.16', 'PYTHON_VERSION_36': '3.6.8', 'PWD': '/home/docs/checkouts/readthedocs.org/user_builds/k8s-python/checkouts/stable/doc/source', 'PYTHON_VERSION_37': '3.7.3', 'PYENV_ROOT': '/home/docs/.pyenv', 'DOCUTILSCONFIG': '/home/docs/checkouts/readthedocs.org/user_builds/k8s-python/checkouts/stable/doc/source/docutils.conf'}))¶ Bases:
object
-
load_and_set
()¶
-
-
kubernetes.config.incluster_config.
load_incluster_config
()¶ Use the service account kubernetes gives to pods to connect to kubernetes cluster. It’s intended for clients that expect to be running inside a pod running on kubernetes. It will raise an exception if called from a process not running in a kubernetes environment.
kubernetes.config.incluster_config_test module¶
-
class
kubernetes.config.incluster_config_test.
InClusterConfigTest
(methodName='runTest')¶ Bases:
unittest.case.TestCase
-
get_test_loader
(token_filename=None, cert_filename=None, environ={'KUBERNETES_SERVICE_HOST': '127.0.0.1', 'KUBERNETES_SERVICE_PORT': '80'})¶
-
setUp
()¶ Hook method for setting up the test fixture before exercising it.
-
tearDown
()¶ Hook method for deconstructing the test fixture after testing it.
-
test_empty_cert_file
()¶
-
test_empty_host
()¶
-
test_empty_port
()¶
-
test_empty_token_file
()¶
-
test_join_host_port
()¶
-
test_load_config
()¶
-
test_no_cert_file
()¶
-
test_no_host
()¶
-
test_no_port
()¶
-
test_no_token_file
()¶
-
kubernetes.config.kube_config module¶
-
class
kubernetes.config.kube_config.
ConfigNode
(name, value)¶ Bases:
object
Remembers each config key’s path and construct a relevant exception message in case of missing keys. The assumption is all access keys are present in a well-formed kube-config.
-
get_with_name
(name, safe=False)¶
-
safe_get
(key)¶
-
-
class
kubernetes.config.kube_config.
FileOrData
(obj, file_key_name, data_key_name=None, file_base_path='', base64_file_content=True)¶ Bases:
object
Utility class to read content of obj[%data_key_name] or file’s content of obj[%file_key_name] and represent it as file or data. Note that the data is preferred. The obj[%file_key_name] will be used iff obj[‘%data_key_name’] is not set or empty. Assumption is file content is raw data and data field is base64 string. The assumption can be changed with base64_file_content flag. If set to False, the content of the file will assumed to be base64 and read as is. The default True value will result in base64 encode of the file content after read.
-
as_data
()¶ If obj[%data_key_name] exists, Return obj[%data_key_name] otherwise base64 encoded string of obj[%file_key_name] file content.
-
as_file
()¶ If obj[%data_key_name] exists, return name of a file with base64 decoded obj[%data_key_name] content otherwise obj[%file_key_name].
-
-
class
kubernetes.config.kube_config.
KubeConfigLoader
(config_dict, active_context=None, get_google_credentials=None, config_base_path='', config_persister=None)¶ Bases:
object
-
current_context
¶
-
list_contexts
()¶
-
load_and_set
(client_configuration)¶
-
set_active_context
(context_name=None)¶
-
-
kubernetes.config.kube_config.
list_kube_config_contexts
(config_file=None)¶
-
kubernetes.config.kube_config.
load_kube_config
(config_file=None, context=None, client_configuration=None, persist_config=True)¶ Loads authentication and cluster information from kube-config file and stores them in kubernetes.client.configuration.
Parameters: - config_file – Name of the kube-config file.
- context – set the active context. If is set to None, current_context from config file will be used.
- client_configuration – The kubernetes.client.Configuration to set configs to.
- persist_config – If True, config file will be updated when changed (e.g GCP token refresh).
-
kubernetes.config.kube_config.
new_client_from_config
(config_file=None, context=None, persist_config=True)¶ Loads configuration the same as load_kube_config but returns an ApiClient to be used with any API object. This will allow the caller to concurrently talk with multiple clusters.
kubernetes.config.kube_config_test module¶
-
class
kubernetes.config.kube_config_test.
BaseTestCase
(methodName='runTest')¶ Bases:
unittest.case.TestCase
-
expect_exception
(func, message_part, *args, **kwargs)¶
-
setUp
()¶ Hook method for setting up the test fixture before exercising it.
-
tearDown
()¶ Hook method for deconstructing the test fixture after testing it.
-
-
class
kubernetes.config.kube_config_test.
FakeConfig
(token=None, **kwargs)¶ Bases:
object
-
FILE_KEYS
= ['ssl_ca_cert', 'key_file', 'cert_file']¶
-
-
class
kubernetes.config.kube_config_test.
TestConfigNode
(methodName='runTest')¶ Bases:
kubernetes.config.kube_config_test.BaseTestCase
-
setUp
()¶ Hook method for setting up the test fixture before exercising it.
-
test_get_with_name
()¶
-
test_get_with_name_on_duplicate_name
()¶
-
test_get_with_name_on_invalid_object
()¶
-
test_get_with_name_on_name_does_not_exists
()¶
-
test_get_with_name_on_non_list_object
()¶
-
test_key_does_not_exists
()¶
-
test_normal_map_array_operations
()¶
-
test_obj
= {'key1': 'test', 'key2': ['a', 'b', 'c'], 'key3': {'inner_key': 'inner_value'}, 'with_names': [{'name': 'test_name', 'value': 'test_value'}, {'name': 'test_name2', 'value': {'test', 'key1'}}, {'name': 'test_name3', 'value': [1, 2, 3]}], 'with_names_dup': [{'name': 'test_name', 'value': 'test_value'}, {'name': 'test_name', 'value': {'test', 'key1'}}, {'name': 'test_name3', 'value': [1, 2, 3]}]}¶
-
-
class
kubernetes.config.kube_config_test.
TestFileOrData
(methodName='runTest')¶ Bases:
kubernetes.config.kube_config_test.BaseTestCase
-
static
get_file_content
(filename)¶
-
test_create_temp_file_with_content
()¶
-
test_data_given_data
()¶
-
test_data_given_file
()¶
-
test_data_given_file_and_data
()¶
-
test_data_given_file_no_base64
()¶
-
test_file_given_data
()¶
-
test_file_given_data_bytes
()¶
-
test_file_given_data_bytes_no_base64
()¶
-
test_file_given_data_no_base64
()¶
-
test_file_given_file
()¶
-
test_file_given_file_and_data
()¶
-
test_file_given_non_existing_file
()¶
-
test_file_with_custom_dirname
()¶
-
static
-
class
kubernetes.config.kube_config_test.
TestKubeConfigLoader
(methodName='runTest')¶ Bases:
kubernetes.config.kube_config_test.BaseTestCase
-
TEST_KUBE_CONFIG
= {'clusters': [{'name': 'default', 'cluster': {'server': 'test-host'}}, {'name': 'ssl-no_file', 'cluster': {'server': 'https://test-host', 'certificate-authority': 'cert-auth'}}, {'name': 'ssl-local-file', 'cluster': {'server': 'https://test-host', 'certificate-authority': 'cert_test'}}, {'name': 'ssl', 'cluster': {'server': 'https://test-host', 'certificate-authority-data': 'Y2VydC1hdXRo'}}, {'name': 'no_ssl_verification', 'cluster': {'server': 'https://test-host', 'insecure-skip-tls-verify': 'true'}}], 'contexts': [{'name': 'no_user', 'context': {'cluster': 'default'}}, {'name': 'simple_token', 'context': {'cluster': 'default', 'user': 'simple_token'}}, {'name': 'gcp', 'context': {'cluster': 'default', 'user': 'gcp'}}, {'name': 'expired_gcp', 'context': {'cluster': 'default', 'user': 'expired_gcp'}}, {'name': 'expired_gcp_refresh', 'context': {'cluster': 'default', 'user': 'expired_gcp_refresh'}}, {'name': 'oidc', 'context': {'cluster': 'default', 'user': 'oidc'}}, {'name': 'expired_oidc', 'context': {'cluster': 'default', 'user': 'expired_oidc'}}, {'name': 'expired_oidc_nocert', 'context': {'cluster': 'default', 'user': 'expired_oidc_nocert'}}, {'name': 'user_pass', 'context': {'cluster': 'default', 'user': 'user_pass'}}, {'name': 'ssl', 'context': {'cluster': 'ssl', 'user': 'ssl'}}, {'name': 'no_ssl_verification', 'context': {'cluster': 'no_ssl_verification', 'user': 'ssl'}}, {'name': 'ssl-no_file', 'context': {'cluster': 'ssl-no_file', 'user': 'ssl-no_file'}}, {'name': 'ssl-local-file', 'context': {'cluster': 'ssl-local-file', 'user': 'ssl-local-file'}}, {'name': 'non_existing_user', 'context': {'cluster': 'default', 'user': 'non_existing_user'}}, {'name': 'exec_cred_user', 'context': {'cluster': 'default', 'user': 'exec_cred_user'}}], 'current-context': 'no_user', 'users': [{'name': 'simple_token', 'user': {'token': 'dGVzdC1kYXRh', 'username': 'me', 'password': 'pass'}}, {'name': 'gcp', 'user': {'auth-provider': {'name': 'gcp', 'config': {'access-token': 'dGVzdC1kYXRh'}}, 'token': 'dGVzdC1kYXRh', 'username': 'me', 'password': 'pass'}}, {'name': 'expired_gcp', 'user': {'auth-provider': {'name': 'gcp', 'config': {'access-token': 'dGVzdC1kYXRh', 'expiry': '2019-07-26T05:27:57Z'}}, 'token': 'dGVzdC1kYXRh', 'username': 'me', 'password': 'pass'}}, {'name': 'expired_gcp_refresh', 'user': {'auth-provider': {'name': 'gcp', 'config': {'access-token': 'dGVzdC1kYXRh', 'expiry': '2019-07-26T05:27:57Z'}}, 'token': 'dGVzdC1kYXRh', 'username': 'me', 'password': 'pass'}}, {'name': 'oidc', 'user': {'auth-provider': {'name': 'oidc', 'config': {'id-token': 'dGVzdC1vaWRjLXRva2Vu.eyJuYW1lIjogInRlc3QifQ==.Y2xpZW50LWNlcnQ='}}}}, {'name': 'expired_oidc', 'user': {'auth-provider': {'name': 'oidc', 'config': {'client-id': 'tectonic-kubectl', 'client-secret': 'FAKE_SECRET', 'id-token': 'QmVhcmVyIGRHVnpkQzF2YVdSakxYUnZhMlZ1LmV5SnVZVzFsSWpvZ0luUmxjM1FpZlE9PS5ZMnhwWlc1MExXTmxjblE9.eyJuYW1lIjogInRlc3QiLCJleHAiOiA1MzY0NTc2MDB9.Y2xpZW50LWNlcnQ=', 'idp-certificate-authority-data': 'Y2VydC1hdXRo', 'idp-issuer-url': 'https://example.org/identity', 'refresh-token': 'lucWJjEhlxZW01cXI3YmVlcYnpxNGhzk'}}}}, {'name': 'expired_oidc_nocert', 'user': {'auth-provider': {'name': 'oidc', 'config': {'client-id': 'tectonic-kubectl', 'client-secret': 'FAKE_SECRET', 'id-token': 'QmVhcmVyIGRHVnpkQzF2YVdSakxYUnZhMlZ1LmV5SnVZVzFsSWpvZ0luUmxjM1FpZlE9PS5ZMnhwWlc1MExXTmxjblE9.eyJuYW1lIjogInRlc3QiLCJleHAiOiA1MzY0NTc2MDB9.Y2xpZW50LWNlcnQ=', 'idp-issuer-url': 'https://example.org/identity', 'refresh-token': 'lucWJjEhlxZW01cXI3YmVlcYnpxNGhzk'}}}}, {'name': 'user_pass', 'user': {'username': 'me', 'password': 'pass'}}, {'name': 'ssl-no_file', 'user': {'token': 'dGVzdC1kYXRh', 'client-certificate': 'client-cert', 'client-key': 'client-key'}}, {'name': 'ssl-local-file', 'user': {'tokenFile': 'token_file', 'client-certificate': 'client_cert', 'client-key': 'client_key'}}, {'name': 'ssl', 'user': {'token': 'dGVzdC1kYXRh', 'client-certificate-data': 'Y2xpZW50LWNlcnQ=', 'client-key-data': 'Y2xpZW50LWtleQ=='}}, {'name': 'exec_cred_user', 'user': {'exec': {'apiVersion': 'client.authentication.k8s.io/v1beta1', 'command': 'aws-iam-authenticator', 'args': ['token', '-i', 'dummy-cluster']}}}]}¶
-
test_current_context
()¶
-
test_gcp_get_api_key_with_prefix
()¶
-
test_gcp_no_refresh
()¶
-
test_list_contexts
()¶
-
test_list_kube_config_contexts
()¶
-
test_load_gcp_token_no_refresh
()¶
-
test_load_gcp_token_with_refresh
()¶
-
test_load_kube_config
()¶
-
test_load_user_pass_token
()¶
-
test_load_user_token
()¶
-
test_new_client_from_config
()¶
-
test_no_user_context
()¶
-
test_no_users_section
()¶
-
test_non_existing_user
()¶
-
test_oidc_no_refresh
()¶
-
test_oidc_with_refresh
(mock_ApiClient, mock_OAuth2Session)¶
-
test_oidc_with_refresh_nocert
(mock_ApiClient, mock_OAuth2Session)¶
-
test_set_active_context
()¶
-
test_simple_token
()¶
-
test_ssl
()¶
-
test_ssl_no_cert_files
()¶
-
test_ssl_no_verification
()¶
-
test_ssl_with_relative_ssl_files
()¶
-
test_user_exec_auth
(mock)¶
-
test_user_pass
()¶
-
-
class
kubernetes.config.kube_config_test.
TestKubernetesClientConfiguration
(methodName='runTest')¶ Bases:
kubernetes.config.kube_config_test.BaseTestCase
-
test_auth_settings_calls_get_api_key_with_prefix
()¶
-
test_get_api_key_with_prefix_exists
()¶
-
test_get_api_key_with_prefix_returns_token
()¶
-