Skip to content

Commit c423a05

Browse files
omerlhomerlh
committed
feat: load service account token from a different path
1 parent d21542c commit c423a05

File tree

2 files changed

+19
-3
lines changed

2 files changed

+19
-3
lines changed

src/config.ts

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -211,7 +211,8 @@ export class KubeConfig {
211211
const clusterName = 'inCluster';
212212
const userName = 'inClusterUser';
213213
const contextName = 'inClusterContext';
214-
const tokenFile = process.env.TOKEN_FILE_PATH ? process.env.TOKEN_FILE_PATH : `${pathPrefix}${Config.SERVICEACCOUNT_TOKEN_PATH}`
214+
const tokenFile = process.env.TOKEN_FILE_PATH ? process.env.TOKEN_FILE_PATH : `${pathPrefix}${Config.SERVICEACCOUNT_TOKEN_PATH}`;
215+
const caFile = process.env.KUBERNETES_CA_FILE_PATH ? process.env.KUBERNETES_CA_FILE_PATH : `${pathPrefix}${Config.SERVICEACCOUNT_CA_PATH}`;
215216

216217
let scheme = 'https';
217218
if (port === '80' || port === '8080' || port === '8001') {
@@ -227,7 +228,7 @@ export class KubeConfig {
227228
this.clusters = [
228229
{
229230
name: clusterName,
230-
caFile: `${pathPrefix}${Config.SERVICEACCOUNT_CA_PATH}`,
231+
caFile,
231232
server: `${scheme}://${serverHost}:${port}`,
232233
skipTLSVerify: false,
233234
},

src/config_test.ts

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -155,15 +155,28 @@ describe('KubeConfig', () => {
155155

156156
describe('loadFromCluster', () => {
157157
let originalTokenPath: string | undefined;
158+
let originalCaFilePath: string | undefined;
158159

159160
before(() => {
160161
originalTokenPath = process.env['TOKEN_FILE_PATH'];
162+
originalCaFilePath = process.env['KUBERNETES_CA_FILE_PATH']
161163

162164
delete process.env['TOKEN_FILE_PATH']
165+
delete process.env['KUBERNETES_CA_FILE_PATH']
163166
})
164167

165168
after(() => {
169+
170+
delete process.env['TOKEN_FILE_PATH']
171+
delete process.env['KUBERNETES_CA_FILE_PATH']
172+
173+
if (originalTokenPath){
166174
process.env['TOKEN_FILE_PATH'] = originalTokenPath
175+
}
176+
177+
if (originalCaFilePath) {
178+
process.env['KUBERNETES_CA_FILE_PATH'] = originalCaFilePath
179+
}
167180
})
168181

169182
it('should load from default env vars', () => {
@@ -198,11 +211,13 @@ describe('KubeConfig', () => {
198211
it('should support custom token file path', () => {
199212
const kc = new KubeConfig();
200213
process.env['TOKEN_FILE_PATH'] = '/etc/tokenFile'
214+
process.env['KUBERNETES_CA_FILE_PATH'] = '/etc/ca.crt'
215+
201216
const cluster = {
202217
name: 'inCluster',
203218
server: 'https://undefined:undefined',
204219
skipTLSVerify: false,
205-
caFile: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'
220+
caFile: '/etc/ca.crt'
206221
} as Cluster;
207222

208223
const user = {

0 commit comments

Comments
 (0)