2018-09-27 10:50:39 -07:00
using System ;
2020-04-22 15:17:45 -07:00
using System.Collections.Generic ;
2020-03-05 09:12:38 -08:00
using Newtonsoft.Json ;
using System.Diagnostics ;
2018-09-27 10:50:39 -07:00
using System.IO ;
using System.Linq ;
using System.Runtime.InteropServices ;
using System.Security.Cryptography.X509Certificates ;
using System.Threading.Tasks ;
2020-04-28 18:34:25 -04:00
using k8s.Authentication ;
2018-09-27 10:50:39 -07:00
using k8s.Exceptions ;
using k8s.KubeConfigModels ;
namespace k8s
{
public partial class KubernetesClientConfiguration
{
/// <summary>
/// kubeconfig Default Location
/// </summary>
private static readonly string KubeConfigDefaultLocation =
RuntimeInformation . IsOSPlatform ( OSPlatform . Windows )
? Path . Combine ( Environment . GetEnvironmentVariable ( "USERPROFILE" ) , @".kube\config" )
: Path . Combine ( Environment . GetEnvironmentVariable ( "HOME" ) , ".kube/config" ) ;
/// <summary>
/// Gets CurrentContext
/// </summary>
public string CurrentContext { get ; private set ; }
2020-04-22 15:17:45 -07:00
// For testing
internal static string KubeConfigEnvironmentVariable { get ; set ; } = "KUBECONFIG" ;
2019-03-06 01:26:04 -08:00
/// <summary>
2020-04-17 11:19:52 +02:00
/// Initializes a new instance of the <see cref="KubernetesClientConfiguration" /> from default locations
/// If the KUBECONFIG environment variable is set, then that will be used.
/// Next, it looks for a config file at <see cref="KubeConfigDefaultLocation"/>.
/// Then, it checks whether it is executing inside a cluster and will use <see cref="InClusterConfig()" />.
/// Finally, if nothing else exists, it creates a default config with localhost:8080 as host.
2019-03-06 01:26:04 -08:00
/// </summary>
2020-04-22 15:17:45 -07:00
/// <remarks>
/// If multiple kubeconfig files are specified in the KUBECONFIG environment variable,
/// merges the files, where first occurence wins. See https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#merging-kubeconfig-files.
/// </remarks>
2020-03-05 09:12:38 -08:00
public static KubernetesClientConfiguration BuildDefaultConfig ( )
{
2020-04-22 15:17:45 -07:00
var kubeconfig = Environment . GetEnvironmentVariable ( KubeConfigEnvironmentVariable ) ;
2020-03-05 09:12:38 -08:00
if ( kubeconfig ! = null )
{
2020-04-23 11:40:06 -07:00
var configList = kubeconfig . Split ( RuntimeInformation . IsOSPlatform ( OSPlatform . Windows ) ? ';' : ':' )
. Select ( ( s ) = > new FileInfo ( s ) ) ;
2020-04-22 15:17:45 -07:00
var k8sConfig = LoadKubeConfig ( configList . ToArray ( ) ) ;
return BuildConfigFromConfigObject ( k8sConfig ) ;
2019-03-06 01:26:04 -08:00
}
2020-04-22 15:17:45 -07:00
2020-03-05 09:12:38 -08:00
if ( File . Exists ( KubeConfigDefaultLocation ) )
{
2019-03-06 01:26:04 -08:00
return BuildConfigFromConfigFile ( kubeconfigPath : KubeConfigDefaultLocation ) ;
}
2020-04-22 15:17:45 -07:00
2020-03-05 09:12:38 -08:00
if ( IsInCluster ( ) )
{
2019-03-06 01:26:04 -08:00
return InClusterConfig ( ) ;
}
2020-04-22 15:17:45 -07:00
2019-03-06 01:26:04 -08:00
var config = new KubernetesClientConfiguration ( ) ;
config . Host = "http://localhost:8080" ;
return config ;
}
2018-09-27 10:50:39 -07:00
/// <summary>
/// Initializes a new instance of the <see cref="KubernetesClientConfiguration" /> from config file
/// </summary>
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
2019-03-22 17:00:09 -07:00
/// <param name="currentContext">override the context in config file, set null if do not want to override</param>
/// <param name="masterUrl">kube api server endpoint</param>
2018-09-27 10:50:39 -07:00
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
public static KubernetesClientConfiguration BuildConfigFromConfigFile ( string kubeconfigPath = null ,
string currentContext = null , string masterUrl = null , bool useRelativePaths = true )
{
2019-03-22 17:00:09 -07:00
return BuildConfigFromConfigFile ( new FileInfo ( kubeconfigPath ? ? KubeConfigDefaultLocation ) , currentContext ,
2018-09-27 10:50:39 -07:00
masterUrl , useRelativePaths ) ;
}
/// <summary>
2018-10-26 23:25:22 -07:00
/// Initializes a new instance of the <see cref="KubernetesClientConfiguration" /> from config file
2018-09-27 10:50:39 -07:00
/// </summary>
/// <param name="kubeconfig">Fileinfo of the kubeconfig, cannot be null</param>
/// <param name="currentContext">override the context in config file, set null if do not want to override</param>
/// <param name="masterUrl">override the kube api server endpoint, set null if do not want to override</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
public static KubernetesClientConfiguration BuildConfigFromConfigFile ( FileInfo kubeconfig ,
string currentContext = null , string masterUrl = null , bool useRelativePaths = true )
2020-02-09 13:17:53 -08:00
{
2020-04-23 11:40:06 -07:00
return BuildConfigFromConfigFileAsync ( kubeconfig , currentContext , masterUrl , useRelativePaths ) . GetAwaiter ( )
. GetResult ( ) ;
2020-02-09 13:17:53 -08:00
}
/// <summary>
/// Initializes a new instance of the <see cref="KubernetesClientConfiguration" /> from config file
/// </summary>
/// <param name="kubeconfig">Fileinfo of the kubeconfig, cannot be null</param>
/// <param name="currentContext">override the context in config file, set null if do not want to override</param>
/// <param name="masterUrl">override the kube api server endpoint, set null if do not want to override</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
public static async Task < KubernetesClientConfiguration > BuildConfigFromConfigFileAsync ( FileInfo kubeconfig ,
string currentContext = null , string masterUrl = null , bool useRelativePaths = true )
2018-09-27 10:50:39 -07:00
{
if ( kubeconfig = = null )
{
throw new NullReferenceException ( nameof ( kubeconfig ) ) ;
}
2020-03-19 04:54:44 +00:00
var k8SConfig = await LoadKubeConfigAsync ( kubeconfig , useRelativePaths ) . ConfigureAwait ( false ) ;
2018-09-27 10:50:39 -07:00
var k8SConfiguration = GetKubernetesClientConfiguration ( currentContext , masterUrl , k8SConfig ) ;
return k8SConfiguration ;
}
/// <summary>
2018-10-26 23:25:22 -07:00
/// Initializes a new instance of the <see cref="KubernetesClientConfiguration" /> from config file
2018-09-27 10:50:39 -07:00
/// </summary>
2018-10-26 23:25:22 -07:00
/// <param name="kubeconfig">Stream of the kubeconfig, cannot be null</param>
/// <param name="currentContext">Override the current context in config, set null if do not want to override</param>
/// <param name="masterUrl">Override the Kubernetes API server endpoint, set null if do not want to override</param>
2018-09-27 10:50:39 -07:00
public static KubernetesClientConfiguration BuildConfigFromConfigFile ( Stream kubeconfig ,
string currentContext = null , string masterUrl = null )
2020-02-09 13:17:53 -08:00
{
return BuildConfigFromConfigFileAsync ( kubeconfig , currentContext , masterUrl ) . GetAwaiter ( ) . GetResult ( ) ;
}
/// <summary>
/// Initializes a new instance of the <see cref="KubernetesClientConfiguration" /> from config file
/// </summary>
/// <param name="kubeconfig">Stream of the kubeconfig, cannot be null</param>
/// <param name="currentContext">Override the current context in config, set null if do not want to override</param>
/// <param name="masterUrl">Override the Kubernetes API server endpoint, set null if do not want to override</param>
public static async Task < KubernetesClientConfiguration > BuildConfigFromConfigFileAsync ( Stream kubeconfig ,
string currentContext = null , string masterUrl = null )
2018-09-27 10:50:39 -07:00
{
if ( kubeconfig = = null )
{
throw new NullReferenceException ( nameof ( kubeconfig ) ) ;
}
if ( ! kubeconfig . CanSeek )
{
throw new Exception ( "Stream don't support seeking!" ) ;
}
kubeconfig . Position = 0 ;
2020-03-19 04:54:44 +00:00
var k8SConfig = await Yaml . LoadFromStreamAsync < K8SConfiguration > ( kubeconfig ) . ConfigureAwait ( false ) ;
2018-09-27 10:50:39 -07:00
var k8SConfiguration = GetKubernetesClientConfiguration ( currentContext , masterUrl , k8SConfig ) ;
return k8SConfiguration ;
}
2018-10-26 23:25:22 -07:00
/// <summary>
/// Initializes a new instance of <see cref="KubernetesClientConfiguration"/> from pre-loaded config object.
/// </summary>
/// <param name="k8sConfig">A <see cref="K8SConfiguration"/>, for example loaded from <see cref="LoadKubeConfigAsync(string, bool)" /></param>
/// <param name="currentContext">Override the current context in config, set null if do not want to override</param>
/// <param name="masterUrl">Override the Kubernetes API server endpoint, set null if do not want to override</param>
2020-04-23 11:40:06 -07:00
public static KubernetesClientConfiguration BuildConfigFromConfigObject ( K8SConfiguration k8SConfig ,
string currentContext = null , string masterUrl = null )
2018-10-26 23:25:22 -07:00
= > GetKubernetesClientConfiguration ( currentContext , masterUrl , k8SConfig ) ;
2020-04-23 11:40:06 -07:00
private static KubernetesClientConfiguration GetKubernetesClientConfiguration ( string currentContext ,
string masterUrl , K8SConfiguration k8SConfig )
2018-09-27 10:50:39 -07:00
{
var k8SConfiguration = new KubernetesClientConfiguration ( ) ;
currentContext = currentContext ? ? k8SConfig . CurrentContext ;
2020-03-05 09:12:38 -08:00
// only init context if context is set
2018-09-27 10:50:39 -07:00
if ( currentContext ! = null )
{
k8SConfiguration . InitializeContext ( k8SConfig , currentContext ) ;
}
2020-04-23 11:40:06 -07:00
2018-09-27 10:50:39 -07:00
if ( ! string . IsNullOrWhiteSpace ( masterUrl ) )
{
k8SConfiguration . Host = masterUrl ;
}
if ( string . IsNullOrWhiteSpace ( k8SConfiguration . Host ) )
{
throw new KubeConfigException ( "Cannot infer server host url either from context or masterUrl" ) ;
}
return k8SConfiguration ;
}
/// <summary>
/// Validates and Intializes Client Configuration
/// </summary>
/// <param name="k8SConfig">Kubernetes Configuration</param>
/// <param name="currentContext">Current Context</param>
private void InitializeContext ( K8SConfiguration k8SConfig , string currentContext )
{
// current context
var activeContext =
k8SConfig . Contexts . FirstOrDefault (
c = > c . Name . Equals ( currentContext , StringComparison . OrdinalIgnoreCase ) ) ;
if ( activeContext = = null )
{
throw new KubeConfigException ( $"CurrentContext: {currentContext} not found in contexts in kubeconfig" ) ;
}
2020-03-17 09:48:23 -07:00
if ( string . IsNullOrEmpty ( activeContext . ContextDetails ? . Cluster ) )
{
// This serves as validation for any of the properties of ContextDetails being set.
// Other locations in code assume that ContextDetails is non-null.
throw new KubeConfigException ( $"Cluster not set for context `{currentContext}` in kubeconfig" ) ;
}
2018-09-27 10:50:39 -07:00
CurrentContext = activeContext . Name ;
// cluster
SetClusterDetails ( k8SConfig , activeContext ) ;
// user
SetUserDetails ( k8SConfig , activeContext ) ;
// namespace
2020-03-17 09:48:23 -07:00
Namespace = activeContext . ContextDetails ? . Namespace ;
2018-09-27 10:50:39 -07:00
}
private void SetClusterDetails ( K8SConfiguration k8SConfig , Context activeContext )
{
var clusterDetails =
k8SConfig . Clusters . FirstOrDefault ( c = > c . Name . Equals ( activeContext . ContextDetails . Cluster ,
StringComparison . OrdinalIgnoreCase ) ) ;
if ( clusterDetails ? . ClusterEndpoint = = null )
{
2018-12-11 21:08:55 -08:00
throw new KubeConfigException ( $"Cluster not found for context `{activeContext}` in kubeconfig" ) ;
2018-09-27 10:50:39 -07:00
}
2020-04-23 11:40:06 -07:00
2018-09-27 10:50:39 -07:00
if ( string . IsNullOrWhiteSpace ( clusterDetails . ClusterEndpoint . Server ) )
{
2018-12-11 21:08:55 -08:00
throw new KubeConfigException ( $"Server not found for current-context `{activeContext}` in kubeconfig" ) ;
2018-09-27 10:50:39 -07:00
}
2018-12-11 21:08:55 -08:00
Host = clusterDetails . ClusterEndpoint . Server ;
2018-09-27 10:50:39 -07:00
SkipTlsVerify = clusterDetails . ClusterEndpoint . SkipTlsVerify ;
2020-03-05 09:12:38 -08:00
if ( ! Uri . TryCreate ( Host , UriKind . Absolute , out Uri uri ) )
2018-09-27 10:50:39 -07:00
{
2018-12-11 21:08:55 -08:00
throw new KubeConfigException ( $"Bad server host URL `{Host}` (cannot be parsed)" ) ;
2018-09-27 10:50:39 -07:00
}
2019-03-11 06:39:28 -07:00
2018-12-11 21:08:55 -08:00
if ( uri . Scheme = = "https" )
2018-09-27 10:50:39 -07:00
{
2018-12-11 21:08:55 -08:00
if ( ! string . IsNullOrEmpty ( clusterDetails . ClusterEndpoint . CertificateAuthorityData ) )
{
var data = clusterDetails . ClusterEndpoint . CertificateAuthorityData ;
2019-03-11 06:39:28 -07:00
SslCaCerts = new X509Certificate2Collection ( new X509Certificate2 ( Convert . FromBase64String ( data ) ) ) ;
2018-12-11 21:08:55 -08:00
}
else if ( ! string . IsNullOrEmpty ( clusterDetails . ClusterEndpoint . CertificateAuthority ) )
{
2020-04-23 11:40:06 -07:00
SslCaCerts = new X509Certificate2Collection ( new X509Certificate2 ( GetFullPath ( k8SConfig ,
clusterDetails . ClusterEndpoint . CertificateAuthority ) ) ) ;
2018-12-11 21:08:55 -08:00
}
2018-09-27 10:50:39 -07:00
}
}
private void SetUserDetails ( K8SConfiguration k8SConfig , Context activeContext )
{
if ( string . IsNullOrWhiteSpace ( activeContext . ContextDetails . User ) )
{
return ;
}
var userDetails = k8SConfig . Users . FirstOrDefault ( c = > c . Name . Equals ( activeContext . ContextDetails . User ,
StringComparison . OrdinalIgnoreCase ) ) ;
if ( userDetails = = null )
{
2020-03-17 09:48:23 -07:00
throw new KubeConfigException ( $"User not found for context {activeContext.Name} in kubeconfig" ) ;
2018-09-27 10:50:39 -07:00
}
if ( userDetails . UserCredentials = = null )
{
throw new KubeConfigException ( $"User credentials not found for user: {userDetails.Name} in kubeconfig" ) ;
}
var userCredentialsFound = false ;
// Basic and bearer tokens are mutually exclusive
if ( ! string . IsNullOrWhiteSpace ( userDetails . UserCredentials . Token ) )
{
AccessToken = userDetails . UserCredentials . Token ;
userCredentialsFound = true ;
}
else if ( ! string . IsNullOrWhiteSpace ( userDetails . UserCredentials . UserName ) & &
2020-04-23 11:40:06 -07:00
! string . IsNullOrWhiteSpace ( userDetails . UserCredentials . Password ) )
2018-09-27 10:50:39 -07:00
{
Username = userDetails . UserCredentials . UserName ;
Password = userDetails . UserCredentials . Password ;
userCredentialsFound = true ;
}
// Token and cert based auth can co-exist
if ( ! string . IsNullOrWhiteSpace ( userDetails . UserCredentials . ClientCertificateData ) & &
! string . IsNullOrWhiteSpace ( userDetails . UserCredentials . ClientKeyData ) )
{
ClientCertificateData = userDetails . UserCredentials . ClientCertificateData ;
ClientCertificateKeyData = userDetails . UserCredentials . ClientKeyData ;
userCredentialsFound = true ;
}
if ( ! string . IsNullOrWhiteSpace ( userDetails . UserCredentials . ClientCertificate ) & &
! string . IsNullOrWhiteSpace ( userDetails . UserCredentials . ClientKey ) )
{
ClientCertificateFilePath = GetFullPath ( k8SConfig , userDetails . UserCredentials . ClientCertificate ) ;
ClientKeyFilePath = GetFullPath ( k8SConfig , userDetails . UserCredentials . ClientKey ) ;
userCredentialsFound = true ;
}
if ( userDetails . UserCredentials . AuthProvider ! = null )
{
2018-12-24 00:09:23 -05:00
if ( userDetails . UserCredentials . AuthProvider . Config ! = null
2020-04-23 11:40:06 -07:00
& & userDetails . UserCredentials . AuthProvider . Config . ContainsKey ( "access-token" ) )
2018-09-27 10:50:39 -07:00
{
2018-12-24 00:09:23 -05:00
switch ( userDetails . UserCredentials . AuthProvider . Name )
2018-09-27 10:50:39 -07:00
{
2018-12-24 00:09:23 -05:00
case "azure" :
{
2020-03-05 09:12:38 -08:00
var config = userDetails . UserCredentials . AuthProvider . Config ;
if ( config . ContainsKey ( "expires-on" ) )
{
2020-10-23 08:31:57 -07:00
var expiresOn = int . Parse ( config [ "expires-on" ] ) ;
2020-03-05 09:12:38 -08:00
DateTimeOffset expires ;
#if NET452
2020-04-23 11:40:06 -07:00
var epoch = new DateTimeOffset ( 1970 , 1 , 1 , 0 , 0 , 0 , TimeSpan . Zero ) ;
expires
= epoch . AddSeconds ( expiresOn ) ;
2020-03-05 09:12:38 -08:00
#else
expires = DateTimeOffset . FromUnixTimeSeconds ( expiresOn ) ;
#endif
2018-12-24 00:09:23 -05:00
2020-10-23 08:31:57 -07:00
if ( DateTimeOffset . Compare ( expires ,
DateTimeOffset . Now )
2020-04-23 11:40:06 -07:00
< = 0 )
2020-03-05 09:12:38 -08:00
{
var tenantId = config [ "tenant-id" ] ;
var clientId = config [ "client-id" ] ;
var apiServerId = config [ "apiserver-id" ] ;
var refresh = config [ "refresh-token" ] ;
2020-10-23 08:31:57 -07:00
var newToken = RenewAzureToken ( tenantId ,
clientId ,
apiServerId ,
refresh ) ;
2020-03-05 09:12:38 -08:00
config [ "access-token" ] = newToken ;
}
2018-12-24 00:09:23 -05:00
}
2020-03-05 09:12:38 -08:00
AccessToken = config [ "access-token" ] ;
userCredentialsFound = true ;
break ;
}
2020-10-23 08:31:57 -07:00
2018-12-24 00:09:23 -05:00
case "gcp" :
{
2020-04-28 18:34:25 -04:00
// config
2020-03-05 09:12:38 -08:00
var config = userDetails . UserCredentials . AuthProvider . Config ;
2020-04-28 18:34:25 -04:00
TokenProvider = new GcpTokenProvider ( config [ "cmd-path" ] ) ;
2020-03-05 09:12:38 -08:00
userCredentialsFound = true ;
break ;
}
2018-09-27 10:50:39 -07:00
}
}
}
2020-03-05 09:12:38 -08:00
if ( userDetails . UserCredentials . ExternalExecution ! = null )
{
if ( string . IsNullOrWhiteSpace ( userDetails . UserCredentials . ExternalExecution . Command ) )
2020-04-23 11:40:06 -07:00
{
2020-03-05 09:12:38 -08:00
throw new KubeConfigException (
"External command execution to receive user credentials must include a command to execute" ) ;
2020-04-23 11:40:06 -07:00
}
2020-03-05 09:12:38 -08:00
if ( string . IsNullOrWhiteSpace ( userDetails . UserCredentials . ExternalExecution . ApiVersion ) )
2020-04-23 11:40:06 -07:00
{
2020-03-05 09:12:38 -08:00
throw new KubeConfigException ( "External command execution missing ApiVersion key" ) ;
2020-04-23 11:40:06 -07:00
}
2020-03-05 09:12:38 -08:00
2020-09-19 05:56:28 +01:00
var ( accessToken , clientCertificateData , clientCertificateKeyData ) = ExecuteExternalCommand ( userDetails . UserCredentials . ExternalExecution ) ;
AccessToken = accessToken ;
2020-09-25 17:45:12 +01:00
// When reading ClientCertificateData from a config file it will be base64 encoded, and code later in the system (see CertUtils.GeneratePfx)
// expects ClientCertificateData and ClientCertificateKeyData to be base64 encoded because of this. However the string returned by external
// auth providers is the raw certificate and key PEM text, so we need to take that and base64 encoded it here so it can be decoded later.
ClientCertificateData = clientCertificateData = = null ? null : Convert . ToBase64String ( System . Text . Encoding . ASCII . GetBytes ( clientCertificateData ) ) ;
ClientCertificateKeyData = clientCertificateKeyData = = null ? null : Convert . ToBase64String ( System . Text . Encoding . ASCII . GetBytes ( clientCertificateKeyData ) ) ;
2020-03-05 09:12:38 -08:00
userCredentialsFound = true ;
}
2018-09-27 10:50:39 -07:00
if ( ! userCredentialsFound )
{
throw new KubeConfigException (
$"User: {userDetails.Name} does not have appropriate auth credentials in kubeconfig" ) ;
}
}
public static string RenewAzureToken ( string tenantId , string clientId , string apiServerId , string refresh )
{
throw new KubeConfigException ( "Refresh not supported." ) ;
}
2020-06-28 06:44:14 +01:00
public static Process CreateRunnableExternalProcess ( ExternalExecution config )
2020-03-05 09:12:38 -08:00
{
var execInfo = new Dictionary < string , dynamic >
{
2020-10-23 08:31:57 -07:00
{ "apiVersion" , config . ApiVersion } ,
{ "kind" , "ExecCredentials" } ,
{ "spec" , new Dictionary < string , bool > { { "interactive" , Environment . UserInteractive } } } ,
2020-03-05 09:12:38 -08:00
} ;
var process = new Process ( ) ;
2020-05-29 14:32:34 -04:00
process . StartInfo . EnvironmentVariables . Add ( "KUBERNETES_EXEC_INFO" , JsonConvert . SerializeObject ( execInfo ) ) ;
2020-03-05 09:12:38 -08:00
if ( config . EnvironmentVariables ! = null )
2020-04-23 11:40:06 -07:00
{
2020-06-28 06:44:14 +01:00
foreach ( var configEnvironmentVariable in config . EnvironmentVariables )
2020-04-23 11:40:06 -07:00
{
2020-06-28 06:44:14 +01:00
if ( configEnvironmentVariable . ContainsKey ( "name" ) & & configEnvironmentVariable . ContainsKey ( "value" ) )
{
process . StartInfo . EnvironmentVariables . Add (
configEnvironmentVariable [ "name" ] ,
configEnvironmentVariable [ "value" ] ) ;
}
else
{
var badVariable = string . Join ( "," , configEnvironmentVariable . Select ( x = > $"{x.Key}={x.Value}" ) ) ;
throw new KubeConfigException ( $"Invalid environment variable defined: {badVariable}" ) ;
}
2020-04-23 11:40:06 -07:00
}
}
2020-03-05 09:12:38 -08:00
process . StartInfo . FileName = config . Command ;
if ( config . Arguments ! = null )
2020-04-23 11:40:06 -07:00
{
2020-03-05 09:12:38 -08:00
process . StartInfo . Arguments = string . Join ( " " , config . Arguments ) ;
2020-04-23 11:40:06 -07:00
}
2020-03-05 09:12:38 -08:00
process . StartInfo . RedirectStandardOutput = true ;
process . StartInfo . RedirectStandardError = true ;
process . StartInfo . UseShellExecute = false ;
2020-06-28 06:44:14 +01:00
return process ;
}
/// <summary>
/// Implementation of the proposal for out-of-tree client
/// authentication providers as described here --
/// https://github.com/kubernetes/community/blob/master/contributors/design-proposals/auth/kubectl-exec-plugins.md
/// Took inspiration from python exec_provider.py --
/// https://github.com/kubernetes-client/python-base/blob/master/config/exec_provider.py
/// </summary>
/// <param name="config">The external command execution configuration</param>
2020-09-19 05:56:28 +01:00
/// <returns>
/// The token, client certificate data, and the client key data received from the external command execution
/// </returns>
public static ( string , string , string ) ExecuteExternalCommand ( ExternalExecution config )
2020-06-28 06:44:14 +01:00
{
var process = CreateRunnableExternalProcess ( config ) ;
2020-03-05 09:12:38 -08:00
try
{
process . Start ( ) ;
}
catch ( Exception ex )
{
throw new KubeConfigException ( $"external exec failed due to: {ex.Message}" ) ;
}
var stdout = process . StandardOutput . ReadToEnd ( ) ;
2020-05-12 00:14:22 +03:00
var stderr = process . StandardError . ReadToEnd ( ) ;
2020-03-05 09:12:38 -08:00
if ( string . IsNullOrWhiteSpace ( stderr ) = = false )
2020-04-23 11:40:06 -07:00
{
2020-03-05 09:12:38 -08:00
throw new KubeConfigException ( $"external exec failed due to: {stderr}" ) ;
2020-04-23 11:40:06 -07:00
}
2020-03-05 09:12:38 -08:00
// Wait for a maximum of 5 seconds, if a response takes longer probably something went wrong...
process . WaitForExit ( 5 ) ;
try
{
var responseObject = JsonConvert . DeserializeObject < ExecCredentialResponse > ( stdout ) ;
if ( responseObject = = null | | responseObject . ApiVersion ! = config . ApiVersion )
2020-04-23 11:40:06 -07:00
{
2020-03-05 09:12:38 -08:00
throw new KubeConfigException (
$"external exec failed because api version {responseObject.ApiVersion} does not match {config.ApiVersion}" ) ;
2020-04-23 11:40:06 -07:00
}
2020-09-19 05:56:28 +01:00
if ( responseObject . Status . ContainsKey ( "token" ) )
{
return ( responseObject . Status [ "token" ] , null , null ) ;
}
else if ( responseObject . Status . ContainsKey ( "clientCertificateData" ) )
{
if ( ! responseObject . Status . ContainsKey ( "clientKeyData" ) )
{
throw new KubeConfigException ( $"external exec failed missing clientKeyData field in plugin output" ) ;
}
2020-10-23 08:31:57 -07:00
2020-09-19 05:56:28 +01:00
return ( null , responseObject . Status [ "clientCertificateData" ] , responseObject . Status [ "clientKeyData" ] ) ;
}
else
{
throw new KubeConfigException ( $"external exec failed missing token or clientCertificateData field in plugin output" ) ;
}
2020-03-05 09:12:38 -08:00
}
catch ( JsonSerializationException ex )
{
throw new KubeConfigException ( $"external exec failed due to failed deserialization process: {ex}" ) ;
}
catch ( Exception ex )
{
throw new KubeConfigException ( $"external exec failed due to uncaught exception: {ex}" ) ;
}
}
2018-09-27 10:50:39 -07:00
/// <summary>
/// Loads entire Kube Config from default or explicit file path
/// </summary>
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
2020-04-23 11:40:06 -07:00
public static async Task < K8SConfiguration > LoadKubeConfigAsync ( string kubeconfigPath = null ,
bool useRelativePaths = true )
2018-09-27 10:50:39 -07:00
{
var fileInfo = new FileInfo ( kubeconfigPath ? ? KubeConfigDefaultLocation ) ;
2020-03-19 04:54:44 +00:00
return await LoadKubeConfigAsync ( fileInfo , useRelativePaths ) . ConfigureAwait ( false ) ;
2018-09-27 10:50:39 -07:00
}
/// <summary>
/// Loads entire Kube Config from default or explicit file path
/// </summary>
/// <param name="kubeconfigPath">Explicit file path to kubeconfig. Set to null to use the default file path</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
public static K8SConfiguration LoadKubeConfig ( string kubeconfigPath = null , bool useRelativePaths = true )
{
return LoadKubeConfigAsync ( kubeconfigPath , useRelativePaths ) . GetAwaiter ( ) . GetResult ( ) ;
}
2019-03-22 17:00:09 -07:00
/// <summary>
2018-09-27 10:50:39 -07:00
/// Loads Kube Config
/// </summary>
/// <param name="kubeconfig">Kube config file contents</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
2020-04-23 11:40:06 -07:00
public static async Task < K8SConfiguration > LoadKubeConfigAsync ( FileInfo kubeconfig ,
bool useRelativePaths = true )
2018-09-27 10:50:39 -07:00
{
if ( ! kubeconfig . Exists )
{
throw new KubeConfigException ( $"kubeconfig file not found at {kubeconfig.FullName}" ) ;
}
using ( var stream = kubeconfig . OpenRead ( ) )
{
2020-03-19 04:54:44 +00:00
var config = await Yaml . LoadFromStreamAsync < K8SConfiguration > ( stream ) . ConfigureAwait ( false ) ;
2018-09-27 10:50:39 -07:00
if ( useRelativePaths )
{
config . FileName = kubeconfig . FullName ;
}
return config ;
}
}
/// <summary>
/// Loads Kube Config
/// </summary>
/// <param name="kubeconfig">Kube config file contents</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
public static K8SConfiguration LoadKubeConfig ( FileInfo kubeconfig , bool useRelativePaths = true )
{
return LoadKubeConfigAsync ( kubeconfig , useRelativePaths ) . GetAwaiter ( ) . GetResult ( ) ;
}
2019-03-22 17:00:09 -07:00
/// <summary>
2018-09-27 10:50:39 -07:00
/// Loads Kube Config
/// </summary>
/// <param name="kubeconfigStream">Kube config file contents stream</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
public static async Task < K8SConfiguration > LoadKubeConfigAsync ( Stream kubeconfigStream )
{
2020-03-19 04:54:44 +00:00
return await Yaml . LoadFromStreamAsync < K8SConfiguration > ( kubeconfigStream ) . ConfigureAwait ( false ) ;
2018-09-27 10:50:39 -07:00
}
/// <summary>
/// Loads Kube Config
/// </summary>
/// <param name="kubeconfig">Kube config file contents stream</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
public static K8SConfiguration LoadKubeConfig ( Stream kubeconfigStream )
{
return LoadKubeConfigAsync ( kubeconfigStream ) . GetAwaiter ( ) . GetResult ( ) ;
}
2020-04-22 15:17:45 -07:00
/// <summary>
/// Loads Kube Config
/// </summary>
/// <param name="kubeconfigs">List of kube config file contents</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
/// <remarks>
/// The kube config files will be merges into a single <see cref="K8SConfiguration"/>, where first occurence wins.
/// See https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#merging-kubeconfig-files.
/// </remarks>
internal static K8SConfiguration LoadKubeConfig ( FileInfo [ ] kubeConfigs , bool useRelativePaths = true )
{
return LoadKubeConfigAsync ( kubeConfigs , useRelativePaths ) . GetAwaiter ( ) . GetResult ( ) ;
}
/// <summary>
/// Loads Kube Config
/// </summary>
/// <param name="kubeconfigs">List of kube config file contents</param>
/// <param name="useRelativePaths">When <see langword="true"/>, the paths in the kubeconfig file will be considered to be relative to the directory in which the kubeconfig
/// file is located. When <see langword="false"/>, the paths will be considered to be relative to the current working directory.</param>
/// <returns>Instance of the <see cref="K8SConfiguration"/> class</returns>
/// <remarks>
/// The kube config files will be merges into a single <see cref="K8SConfiguration"/>, where first occurence wins.
/// See https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#merging-kubeconfig-files.
/// </remarks>
2020-04-23 11:40:06 -07:00
internal static async Task < K8SConfiguration > LoadKubeConfigAsync ( FileInfo [ ] kubeConfigs ,
bool useRelativePaths = true )
2020-04-22 15:17:45 -07:00
{
var basek8SConfig = await LoadKubeConfigAsync ( kubeConfigs [ 0 ] , useRelativePaths ) . ConfigureAwait ( false ) ;
for ( var i = 1 ; i < kubeConfigs . Length ; i + + )
{
var mergek8SConfig = await LoadKubeConfigAsync ( kubeConfigs [ i ] , useRelativePaths ) . ConfigureAwait ( false ) ;
MergeKubeConfig ( basek8SConfig , mergek8SConfig ) ;
}
return basek8SConfig ;
}
2018-09-27 10:50:39 -07:00
/// <summary>
/// Tries to get the full path to a file referenced from the Kubernetes configuration.
/// </summary>
/// <param name="configuration">
/// The Kubernetes configuration.
/// </param>
/// <param name="path">
/// The path to resolve.
/// </param>
/// <returns>
/// When possible a fully qualified path to the file.
/// </returns>
/// <remarks>
/// For example, if the configuration file is at "C:\Users\me\kube.config" and path is "ca.crt",
/// this will return "C:\Users\me\ca.crt". Similarly, if path is "D:\ca.cart", this will return
/// "D:\ca.crt".
/// </remarks>
private static string GetFullPath ( K8SConfiguration configuration , string path )
{
// If we don't have a file name,
if ( string . IsNullOrWhiteSpace ( configuration . FileName ) | | Path . IsPathRooted ( path ) )
{
return path ;
}
else
{
return Path . Combine ( Path . GetDirectoryName ( configuration . FileName ) , path ) ;
}
}
2020-04-22 15:17:45 -07:00
/// <summary>
/// Merges kube config files together, preferring configuration present in the base config over the merge config.
/// </summary>
/// <param name="basek8SConfig">The <see cref="K8SConfiguration"/> to merge into</param>
/// <param name="mergek8SConfig">The <see cref="K8SConfiguration"/> to merge from</param>
private static void MergeKubeConfig ( K8SConfiguration basek8SConfig , K8SConfiguration mergek8SConfig )
{
2020-05-12 00:14:22 +03:00
// For scalar values, prefer local values
2020-04-22 15:17:45 -07:00
basek8SConfig . CurrentContext = basek8SConfig . CurrentContext ? ? mergek8SConfig . CurrentContext ;
basek8SConfig . FileName = basek8SConfig . FileName ? ? mergek8SConfig . FileName ;
// Kinds must match in kube config, otherwise throw.
if ( basek8SConfig . Kind ! = mergek8SConfig . Kind )
{
2020-04-23 11:40:06 -07:00
throw new KubeConfigException (
$"kubeconfig \" kind \ " are different between {basek8SConfig.FileName} and {mergek8SConfig.FileName}" ) ;
2020-04-22 15:17:45 -07:00
}
if ( mergek8SConfig . Preferences ! = null )
{
foreach ( var preference in mergek8SConfig . Preferences )
{
if ( basek8SConfig . Preferences ? . ContainsKey ( preference . Key ) = = false )
{
basek8SConfig . Preferences [ preference . Key ] = preference . Value ;
}
}
}
if ( mergek8SConfig . Extensions ! = null )
{
foreach ( var extension in mergek8SConfig . Extensions )
{
if ( basek8SConfig . Extensions ? . ContainsKey ( extension . Key ) = = false )
{
basek8SConfig . Extensions [ extension . Key ] = extension . Value ;
}
}
}
// Note, Clusters, Contexts, and Extensions are map-like in config despite being represented as a list here:
// https://github.com/kubernetes/client-go/blob/ede92e0fe62deed512d9ceb8bf4186db9f3776ff/tools/clientcmd/api/types.go#L238
basek8SConfig . Clusters = MergeLists ( basek8SConfig . Clusters , mergek8SConfig . Clusters , ( s ) = > s . Name ) ;
basek8SConfig . Users = MergeLists ( basek8SConfig . Users , mergek8SConfig . Users , ( s ) = > s . Name ) ;
basek8SConfig . Contexts = MergeLists ( basek8SConfig . Contexts , mergek8SConfig . Contexts , ( s ) = > s . Name ) ;
}
2020-04-23 11:40:06 -07:00
private static IEnumerable < T > MergeLists < T > ( IEnumerable < T > baseList , IEnumerable < T > mergeList ,
Func < T , string > getNameFunc )
2020-04-22 15:17:45 -07:00
{
2020-10-23 08:31:57 -07:00
if ( mergeList ! = null & & mergeList . Any ( ) )
2020-04-22 15:17:45 -07:00
{
var mapping = new Dictionary < string , T > ( ) ;
foreach ( var item in baseList )
{
mapping [ getNameFunc ( item ) ] = item ;
}
foreach ( var item in mergeList )
{
var name = getNameFunc ( item ) ;
if ( ! mapping . ContainsKey ( name ) )
{
mapping [ name ] = item ;
}
}
return mapping . Values ;
}
return baseList ;
}
2018-09-27 10:50:39 -07:00
}
}
