...

Package auth

import "k8s.io/client-go/tools/auth"
Overview
Index
Subdirectories

Overview ▾

Package auth defines a file format for holding authentication information needed by clients of Kubernetes. Typically, a Kubernetes cluster will put auth info for the admin in a known location when it is created, and will (soon) put it in a known location within a Container's file tree for Containers that need access to the Kubernetes API.

Having a defined format allows:

  • clients to be implemented in multiple languages
  • applications which link clients to be portable across clusters with different authentication styles (e.g. some may use SSL Client certs, others may not, etc)
  • when the format changes, applications only need to update this code.

The file format is json, marshalled from a struct authcfg.Info.

Client libraries in other languages should use the same format.

It is not intended to store general preferences, such as default namespace, output options, etc. CLIs (such as kubectl) and UIs should develop their own format and may wish to inline the authcfg.Info type.

The authcfg.Info is just a file format. It is distinct from client.Config which holds options for creating a client.Client. Helper functions are provided in this package to fill in a client.Client from an authcfg.Info.

Example: 

import (
    "pkg/client"
    "pkg/client/auth"
)

info, err := auth.LoadFromFile(filename)
if err != nil {
  // handle error
}
clientConfig = client.Config{}
clientConfig.Host = "example.com:4901"
clientConfig = info.MergeWithConfig()
client := client.New(clientConfig)
client.Pods(ns).List()

type Info

Info holds Kubernetes API authorization config. It is intended to be read/written from a file as a JSON object. 

type Info struct {
    User        string
    Password    string `datapolicy:"password"`
    CAFile      string
    CertFile    string
    KeyFile     string
    BearerToken string `datapolicy:"token"`
    Insecure    *bool
}

func LoadFromFile 

func LoadFromFile(path string) (*Info, error)

LoadFromFile parses an Info object from a file path. If the file does not exist, then os.IsNotExist(err) == true

func (Info) Complete 

func (info Info) Complete() bool

Complete returns true if the Kubernetes API authorization info is complete.

func (Info) MergeWithConfig 

func (info Info) MergeWithConfig(c restclient.Config) (restclient.Config, error)

MergeWithConfig returns a copy of a client.Config with values from the Info. The fields of client.Config with a corresponding field in the Info are set with the value from the Info.

Subdirectories

Name Synopsis
..
exec Package exec contains helper utilities for exec credential plugins.