From 71bb5face213871a2941bf855cfa9838457ff55d Mon Sep 17 00:00:00 2001
From: Rolf Rando <rrando@mozilla.com>
Date: Tue, 14 Nov 2023 18:22:47 -0800
Subject: [PATCH 1/3] read proxy config for cluster and add to openapi config
---
kubernetes/base/config/kube_config.py | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/kubernetes/base/config/kube_config.py b/kubernetes/base/config/kube_config.py
index d8c63a8261..c85528c660 100644
--- a/kubernetes/base/config/kube_config.py
+++ b/kubernetes/base/config/kube_config.py
@@ -569,6 +569,8 @@ def _load_cluster_info(self):
self.verify_ssl = not self._cluster['insecure-skip-tls-verify']
if 'tls-server-name' in self._cluster:
self.tls_server_name = self._cluster['tls-server-name']
+ if "proxy-url" in self._cluster:
+ self.proxy = self._cluster["proxy-url"]
def _set_config(self, client_configuration):
if 'token' in self.__dict__:
@@ -580,7 +582,7 @@ def _refresh_api_key(client_configuration):
self._set_config(client_configuration)
client_configuration.refresh_api_key_hook = _refresh_api_key
# copy these keys directly from self to configuration object
- keys = ['host', 'ssl_ca_cert', 'cert_file', 'key_file', 'verify_ssl','tls_server_name']
+ keys = ['host', 'ssl_ca_cert', 'cert_file', 'key_file', 'verify_ssl','tls_server_name', 'proxy']
for key in keys:
if key in self.__dict__:
setattr(client_configuration, key, getattr(self, key))
From c1843098c5419cbfa3a872d5ab8a31003fff0d46 Mon Sep 17 00:00:00 2001
From: Rolf Rando <rrando@mozilla.com>
Date: Fri, 24 Nov 2023 21:35:02 -0800
Subject: [PATCH 2/3] Minor auth changes to support OpenAPI generator 7.x and
above
---
examples/remote_cluster.py | 2 +-
kubernetes/base/config/kube_config.py | 2 +-
kubernetes/base/config/kube_config_test.py | 12 ++++++------
3 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/examples/remote_cluster.py b/examples/remote_cluster.py
index 916c767129..d3a2670c65 100644
--- a/examples/remote_cluster.py
+++ b/examples/remote_cluster.py
@@ -42,7 +42,7 @@ def main():
# ssl_ca_cert is the filepath to the file that contains the certificate.
# configuration.ssl_ca_cert="certificate"
- aConfiguration.api_key = {"authorization": "Bearer " + aToken}
+ aConfiguration.api_key = {"BearerToken": "Bearer " + aToken}
# Create a ApiClient with our config
aApiClient = client.ApiClient(aConfiguration)
diff --git a/kubernetes/base/config/kube_config.py b/kubernetes/base/config/kube_config.py
index c85528c660..0fa7fb3cc2 100644
--- a/kubernetes/base/config/kube_config.py
+++ b/kubernetes/base/config/kube_config.py
@@ -574,7 +574,7 @@ def _load_cluster_info(self):
def _set_config(self, client_configuration):
if 'token' in self.__dict__:
- client_configuration.api_key['authorization'] = self.token
+ client_configuration.api_key['BearerToken'] = self.token
def _refresh_api_key(client_configuration):
if ('expiry' in self.__dict__ and _is_expired(self.expiry)):
diff --git a/kubernetes/base/config/kube_config_test.py b/kubernetes/base/config/kube_config_test.py
index b415492032..40378377f2 100644
--- a/kubernetes/base/config/kube_config_test.py
+++ b/kubernetes/base/config/kube_config_test.py
@@ -1469,7 +1469,7 @@ def test_user_exec_auth(self, mock):
"token": token
}
expected = FakeConfig(host=TEST_HOST, api_key={
- "authorization": BEARER_TOKEN_FORMAT % token})
+ "BearerToken": BEARER_TOKEN_FORMAT % token})
actual = FakeConfig()
KubeConfigLoader(
config_dict=self.TEST_KUBE_CONFIG,
@@ -1499,13 +1499,13 @@ def test_user_exec_auth_with_expiry(self, mock):
active_context="exec_cred_user").load_and_set(fake_config)
# The kube config should use the first token returned from the
# exec provider.
- self.assertEqual(fake_config.api_key["authorization"],
+ self.assertEqual(fake_config.api_key["BearerToken"],
BEARER_TOKEN_FORMAT % expired_token)
# Should now be populated with a method to refresh expired tokens.
self.assertIsNotNone(fake_config.refresh_api_key_hook)
# Refresh the token; the kube config should be updated.
fake_config.refresh_api_key_hook(fake_config)
- self.assertEqual(fake_config.api_key["authorization"],
+ self.assertEqual(fake_config.api_key["BearerToken"],
BEARER_TOKEN_FORMAT % current_token)
@mock.patch('kubernetes.config.kube_config.ExecProvider.run')
@@ -1546,7 +1546,7 @@ def test_user_cmd_path(self):
return_value = A(token, parse_rfc3339(datetime.datetime.now()))
CommandTokenSource.token = mock.Mock(return_value=return_value)
expected = FakeConfig(api_key={
- "authorization": BEARER_TOKEN_FORMAT % token})
+ "BearerToken": BEARER_TOKEN_FORMAT % token})
actual = FakeConfig()
KubeConfigLoader(
config_dict=self.TEST_KUBE_CONFIG,
@@ -1559,7 +1559,7 @@ def test_user_cmd_path_empty(self):
return_value = A(token, parse_rfc3339(datetime.datetime.now()))
CommandTokenSource.token = mock.Mock(return_value=return_value)
expected = FakeConfig(api_key={
- "authorization": BEARER_TOKEN_FORMAT % token})
+ "BearerToken": BEARER_TOKEN_FORMAT % token})
actual = FakeConfig()
self.expect_exception(lambda: KubeConfigLoader(
config_dict=self.TEST_KUBE_CONFIG,
@@ -1573,7 +1573,7 @@ def test_user_cmd_path_with_scope(self):
return_value = A(token, parse_rfc3339(datetime.datetime.now()))
CommandTokenSource.token = mock.Mock(return_value=return_value)
expected = FakeConfig(api_key={
- "authorization": BEARER_TOKEN_FORMAT % token})
+ "BearerToken": BEARER_TOKEN_FORMAT % token})
actual = FakeConfig()
self.expect_exception(lambda: KubeConfigLoader(
config_dict=self.TEST_KUBE_CONFIG,
From 64336afdc8ac732e7c6d9cc4c2ed3862429897b9 Mon Sep 17 00:00:00 2001
From: Rolf Rando <rrando@mozilla.com>
Date: Fri, 1 Dec 2023 16:11:58 -0800
Subject: [PATCH 3/3] removed patch
---
scripts/rest_sni_patch.diff | 29 -----------------------------
scripts/update-client.sh | 7 +------
2 files changed, 1 insertion(+), 35 deletions(-)
delete mode 100644 scripts/rest_sni_patch.diff
diff --git a/scripts/rest_sni_patch.diff b/scripts/rest_sni_patch.diff
deleted file mode 100644
index cdd516e49d..0000000000
--- a/scripts/rest_sni_patch.diff
+++ /dev/null
@@ -1,29 +0,0 @@
-diff --git a/kubernetes/client/configuration.py b/kubernetes/client/configuration.py
-index 2b9dd96a50..ac5a18bf8a 100644
---- a/kubernetes/client/configuration.py
-+++ b/kubernetes/client/configuration.py
-@@ -144,6 +144,10 @@ def __init__(self, host="http://localhost",
- self.assert_hostname = None
- """Set this to True/False to enable/disable SSL hostname verification.
- """
-+ self.tls_server_name = None
-+ """SSL/TLS Server Name Indication (SNI)
-+ Set this to the SNI value expected by the server.
-+ """
-
- self.connection_pool_maxsize = multiprocessing.cpu_count() * 5
- """urllib3 connection pool's maximum number of connections saved
-diff --git a/kubernetes/client/rest.py b/kubernetes/client/rest.py
-index 48cd2b7752..4f04251bbf 100644
---- a/kubernetes/client/rest.py
-+++ b/kubernetes/client/rest.py
-@@ -77,6 +77,9 @@ def __init__(self, configuration, pools_size=4, maxsize=None):
- if configuration.retries is not None:
- addition_pool_args['retries'] = configuration.retries
-
-+ if configuration.tls_server_name:
-+ addition_pool_args['server_hostname'] = configuration.tls_server_name
-+
- if maxsize is None:
- if configuration.connection_pool_maxsize is not None:
- maxsize = configuration.connection_pool_maxsize
diff --git a/scripts/update-client.sh b/scripts/update-client.sh
index 87e00ed40c..433a210f18 100755
--- a/scripts/update-client.sh
+++ b/scripts/update-client.sh
@@ -22,7 +22,7 @@ set -o nounset
set -o pipefail
# The openapi-generator version used by this client
-export OPENAPI_GENERATOR_COMMIT="v4.3.0"
+export OPENAPI_GENERATOR_COMMIT="v7.1.0"
SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")
CLIENT_ROOT="${SCRIPT_ROOT}/../kubernetes"
@@ -73,11 +73,6 @@ sed -i'' "s,^DEVELOPMENT_STATUS = .*,DEVELOPMENT_STATUS = \\\"${DEVELOPMENT_STAT
# second, this should be ported to swagger-codegen
echo ">>> patching client..."
git apply "${SCRIPT_ROOT}/rest_client_patch.diff"
-# The fix this patch is trying to make is already in the upstream swagger-codegen
-# repo but it's not in the version we're using. We can remove this patch
-# once we upgrade to a version of swagger-codegen that includes it (version>= 6.6.0).
-# See https://github.com/OpenAPITools/openapi-generator/pull/15283
-git apply "${SCRIPT_ROOT}/rest_sni_patch.diff"
echo ">>> generating docs..."
pushd "${DOC_ROOT}" > /dev/null