kubernetes.config package

Submodules

kubernetes.config.config_exception module

exception kubernetes.config.config_exception.ConfigException

Bases: Exception

kubernetes.config.incluster_config module

class kubernetes.config.incluster_config.InClusterConfigLoader(token_filename, cert_filename, environ=environ({'HOSTNAME': 'build-9427487-project-488604-k8s-python', 'PYPY_VERSION_35': 'pypy3.5-7.0.0', 'APPDIR': '/app', 'HOME': '/home/docs', 'OLDPWD': '/', 'CONDA_VERSION': '4.6.14', 'READTHEDOCS': 'True', 'READTHEDOCS_PROJECT': 'k8s-python', 'PATH': '/home/docs/checkouts/readthedocs.org/user_builds/k8s-python/envs/stable/bin:/home/docs/.pyenv/shims:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/home/docs/.conda/bin:/home/docs/.pyenv/bin', 'READTHEDOCS_LANGUAGE': 'en', 'LANG': 'C.UTF-8', 'DEBIAN_FRONTEND': 'noninteractive', 'BIN_PATH': '/home/docs/checkouts/readthedocs.org/user_builds/k8s-python/envs/stable/bin', 'PYTHON_VERSION_35': '3.5.7', 'READTHEDOCS_VERSION': 'stable', 'PYTHON_VERSION_27': '2.7.16', 'PYTHON_VERSION_36': '3.6.8', 'PWD': '/home/docs/checkouts/readthedocs.org/user_builds/k8s-python/checkouts/stable/doc/source', 'PYTHON_VERSION_37': '3.7.3', 'PYENV_ROOT': '/home/docs/.pyenv', 'DOCUTILSCONFIG': '/home/docs/checkouts/readthedocs.org/user_builds/k8s-python/checkouts/stable/doc/source/docutils.conf'}))

Bases: object

load_and_set()
kubernetes.config.incluster_config.load_incluster_config()

Use the service account kubernetes gives to pods to connect to kubernetes cluster. It’s intended for clients that expect to be running inside a pod running on kubernetes. It will raise an exception if called from a process not running in a kubernetes environment.

kubernetes.config.incluster_config_test module

class kubernetes.config.incluster_config_test.InClusterConfigTest(methodName='runTest')

Bases: unittest.case.TestCase

get_test_loader(token_filename=None, cert_filename=None, environ={'KUBERNETES_SERVICE_HOST': '127.0.0.1', 'KUBERNETES_SERVICE_PORT': '80'})
setUp()

Hook method for setting up the test fixture before exercising it.

tearDown()

Hook method for deconstructing the test fixture after testing it.

test_empty_cert_file()
test_empty_host()
test_empty_port()
test_empty_token_file()
test_join_host_port()
test_load_config()
test_no_cert_file()
test_no_host()
test_no_port()
test_no_token_file()

kubernetes.config.kube_config module

class kubernetes.config.kube_config.ConfigNode(name, value)

Bases: object

Remembers each config key’s path and construct a relevant exception message in case of missing keys. The assumption is all access keys are present in a well-formed kube-config.

get_with_name(name, safe=False)
safe_get(key)
class kubernetes.config.kube_config.FileOrData(obj, file_key_name, data_key_name=None, file_base_path='', base64_file_content=True)

Bases: object

Utility class to read content of obj[%data_key_name] or file’s content of obj[%file_key_name] and represent it as file or data. Note that the data is preferred. The obj[%file_key_name] will be used iff obj[‘%data_key_name’] is not set or empty. Assumption is file content is raw data and data field is base64 string. The assumption can be changed with base64_file_content flag. If set to False, the content of the file will assumed to be base64 and read as is. The default True value will result in base64 encode of the file content after read.

as_data()

If obj[%data_key_name] exists, Return obj[%data_key_name] otherwise base64 encoded string of obj[%file_key_name] file content.

as_file()

If obj[%data_key_name] exists, return name of a file with base64 decoded obj[%data_key_name] content otherwise obj[%file_key_name].

class kubernetes.config.kube_config.KubeConfigLoader(config_dict, active_context=None, get_google_credentials=None, config_base_path='', config_persister=None)

Bases: object

current_context
list_contexts()
load_and_set(client_configuration)
set_active_context(context_name=None)
kubernetes.config.kube_config.list_kube_config_contexts(config_file=None)
kubernetes.config.kube_config.load_kube_config(config_file=None, context=None, client_configuration=None, persist_config=True)

Loads authentication and cluster information from kube-config file and stores them in kubernetes.client.configuration.

Parameters:
  • config_file – Name of the kube-config file.
  • context – set the active context. If is set to None, current_context from config file will be used.
  • client_configuration – The kubernetes.client.Configuration to set configs to.
  • persist_config – If True, config file will be updated when changed (e.g GCP token refresh).
kubernetes.config.kube_config.new_client_from_config(config_file=None, context=None, persist_config=True)

Loads configuration the same as load_kube_config but returns an ApiClient to be used with any API object. This will allow the caller to concurrently talk with multiple clusters.

kubernetes.config.kube_config_test module

class kubernetes.config.kube_config_test.BaseTestCase(methodName='runTest')

Bases: unittest.case.TestCase

expect_exception(func, message_part, *args, **kwargs)
setUp()

Hook method for setting up the test fixture before exercising it.

tearDown()

Hook method for deconstructing the test fixture after testing it.

class kubernetes.config.kube_config_test.FakeConfig(token=None, **kwargs)

Bases: object

FILE_KEYS = ['ssl_ca_cert', 'key_file', 'cert_file']
class kubernetes.config.kube_config_test.TestConfigNode(methodName='runTest')

Bases: kubernetes.config.kube_config_test.BaseTestCase

setUp()

Hook method for setting up the test fixture before exercising it.

test_get_with_name()
test_get_with_name_on_duplicate_name()
test_get_with_name_on_invalid_object()
test_get_with_name_on_name_does_not_exists()
test_get_with_name_on_non_list_object()
test_key_does_not_exists()
test_normal_map_array_operations()
test_obj = {'key1': 'test', 'key2': ['a', 'b', 'c'], 'key3': {'inner_key': 'inner_value'}, 'with_names': [{'name': 'test_name', 'value': 'test_value'}, {'name': 'test_name2', 'value': {'test', 'key1'}}, {'name': 'test_name3', 'value': [1, 2, 3]}], 'with_names_dup': [{'name': 'test_name', 'value': 'test_value'}, {'name': 'test_name', 'value': {'test', 'key1'}}, {'name': 'test_name3', 'value': [1, 2, 3]}]}
class kubernetes.config.kube_config_test.TestFileOrData(methodName='runTest')

Bases: kubernetes.config.kube_config_test.BaseTestCase

static get_file_content(filename)
test_create_temp_file_with_content()
test_data_given_data()
test_data_given_file()
test_data_given_file_and_data()
test_data_given_file_no_base64()
test_file_given_data()
test_file_given_data_bytes()
test_file_given_data_bytes_no_base64()
test_file_given_data_no_base64()
test_file_given_file()
test_file_given_file_and_data()
test_file_given_non_existing_file()
test_file_with_custom_dirname()
class kubernetes.config.kube_config_test.TestKubeConfigLoader(methodName='runTest')

Bases: kubernetes.config.kube_config_test.BaseTestCase

TEST_KUBE_CONFIG = {'clusters': [{'name': 'default', 'cluster': {'server': 'test-host'}}, {'name': 'ssl-no_file', 'cluster': {'server': 'https://test-host', 'certificate-authority': 'cert-auth'}}, {'name': 'ssl-local-file', 'cluster': {'server': 'https://test-host', 'certificate-authority': 'cert_test'}}, {'name': 'ssl', 'cluster': {'server': 'https://test-host', 'certificate-authority-data': 'Y2VydC1hdXRo'}}, {'name': 'no_ssl_verification', 'cluster': {'server': 'https://test-host', 'insecure-skip-tls-verify': 'true'}}], 'contexts': [{'name': 'no_user', 'context': {'cluster': 'default'}}, {'name': 'simple_token', 'context': {'cluster': 'default', 'user': 'simple_token'}}, {'name': 'gcp', 'context': {'cluster': 'default', 'user': 'gcp'}}, {'name': 'expired_gcp', 'context': {'cluster': 'default', 'user': 'expired_gcp'}}, {'name': 'expired_gcp_refresh', 'context': {'cluster': 'default', 'user': 'expired_gcp_refresh'}}, {'name': 'oidc', 'context': {'cluster': 'default', 'user': 'oidc'}}, {'name': 'expired_oidc', 'context': {'cluster': 'default', 'user': 'expired_oidc'}}, {'name': 'expired_oidc_nocert', 'context': {'cluster': 'default', 'user': 'expired_oidc_nocert'}}, {'name': 'user_pass', 'context': {'cluster': 'default', 'user': 'user_pass'}}, {'name': 'ssl', 'context': {'cluster': 'ssl', 'user': 'ssl'}}, {'name': 'no_ssl_verification', 'context': {'cluster': 'no_ssl_verification', 'user': 'ssl'}}, {'name': 'ssl-no_file', 'context': {'cluster': 'ssl-no_file', 'user': 'ssl-no_file'}}, {'name': 'ssl-local-file', 'context': {'cluster': 'ssl-local-file', 'user': 'ssl-local-file'}}, {'name': 'non_existing_user', 'context': {'cluster': 'default', 'user': 'non_existing_user'}}, {'name': 'exec_cred_user', 'context': {'cluster': 'default', 'user': 'exec_cred_user'}}], 'current-context': 'no_user', 'users': [{'name': 'simple_token', 'user': {'token': 'dGVzdC1kYXRh', 'username': 'me', 'password': 'pass'}}, {'name': 'gcp', 'user': {'auth-provider': {'name': 'gcp', 'config': {'access-token': 'dGVzdC1kYXRh'}}, 'token': 'dGVzdC1kYXRh', 'username': 'me', 'password': 'pass'}}, {'name': 'expired_gcp', 'user': {'auth-provider': {'name': 'gcp', 'config': {'access-token': 'dGVzdC1kYXRh', 'expiry': '2019-07-26T05:27:57Z'}}, 'token': 'dGVzdC1kYXRh', 'username': 'me', 'password': 'pass'}}, {'name': 'expired_gcp_refresh', 'user': {'auth-provider': {'name': 'gcp', 'config': {'access-token': 'dGVzdC1kYXRh', 'expiry': '2019-07-26T05:27:57Z'}}, 'token': 'dGVzdC1kYXRh', 'username': 'me', 'password': 'pass'}}, {'name': 'oidc', 'user': {'auth-provider': {'name': 'oidc', 'config': {'id-token': 'dGVzdC1vaWRjLXRva2Vu.eyJuYW1lIjogInRlc3QifQ==.Y2xpZW50LWNlcnQ='}}}}, {'name': 'expired_oidc', 'user': {'auth-provider': {'name': 'oidc', 'config': {'client-id': 'tectonic-kubectl', 'client-secret': 'FAKE_SECRET', 'id-token': 'QmVhcmVyIGRHVnpkQzF2YVdSakxYUnZhMlZ1LmV5SnVZVzFsSWpvZ0luUmxjM1FpZlE9PS5ZMnhwWlc1MExXTmxjblE9.eyJuYW1lIjogInRlc3QiLCJleHAiOiA1MzY0NTc2MDB9.Y2xpZW50LWNlcnQ=', 'idp-certificate-authority-data': 'Y2VydC1hdXRo', 'idp-issuer-url': 'https://example.org/identity', 'refresh-token': 'lucWJjEhlxZW01cXI3YmVlcYnpxNGhzk'}}}}, {'name': 'expired_oidc_nocert', 'user': {'auth-provider': {'name': 'oidc', 'config': {'client-id': 'tectonic-kubectl', 'client-secret': 'FAKE_SECRET', 'id-token': 'QmVhcmVyIGRHVnpkQzF2YVdSakxYUnZhMlZ1LmV5SnVZVzFsSWpvZ0luUmxjM1FpZlE9PS5ZMnhwWlc1MExXTmxjblE9.eyJuYW1lIjogInRlc3QiLCJleHAiOiA1MzY0NTc2MDB9.Y2xpZW50LWNlcnQ=', 'idp-issuer-url': 'https://example.org/identity', 'refresh-token': 'lucWJjEhlxZW01cXI3YmVlcYnpxNGhzk'}}}}, {'name': 'user_pass', 'user': {'username': 'me', 'password': 'pass'}}, {'name': 'ssl-no_file', 'user': {'token': 'dGVzdC1kYXRh', 'client-certificate': 'client-cert', 'client-key': 'client-key'}}, {'name': 'ssl-local-file', 'user': {'tokenFile': 'token_file', 'client-certificate': 'client_cert', 'client-key': 'client_key'}}, {'name': 'ssl', 'user': {'token': 'dGVzdC1kYXRh', 'client-certificate-data': 'Y2xpZW50LWNlcnQ=', 'client-key-data': 'Y2xpZW50LWtleQ=='}}, {'name': 'exec_cred_user', 'user': {'exec': {'apiVersion': 'client.authentication.k8s.io/v1beta1', 'command': 'aws-iam-authenticator', 'args': ['token', '-i', 'dummy-cluster']}}}]}
test_current_context()
test_gcp_get_api_key_with_prefix()
test_gcp_no_refresh()
test_list_contexts()
test_list_kube_config_contexts()
test_load_gcp_token_no_refresh()
test_load_gcp_token_with_refresh()
test_load_kube_config()
test_load_user_pass_token()
test_load_user_token()
test_new_client_from_config()
test_no_user_context()
test_no_users_section()
test_non_existing_user()
test_oidc_no_refresh()
test_oidc_with_refresh(mock_ApiClient, mock_OAuth2Session)
test_oidc_with_refresh_nocert(mock_ApiClient, mock_OAuth2Session)
test_set_active_context()
test_simple_token()
test_ssl()
test_ssl_no_cert_files()
test_ssl_no_verification()
test_ssl_with_relative_ssl_files()
test_user_exec_auth(mock)
test_user_pass()
class kubernetes.config.kube_config_test.TestKubernetesClientConfiguration(methodName='runTest')

Bases: kubernetes.config.kube_config_test.BaseTestCase

test_auth_settings_calls_get_api_key_with_prefix()
test_get_api_key_with_prefix_exists()
test_get_api_key_with_prefix_returns_token()

Module contents