Merge pull request #1 from mbohlool/master

Copy over base folder of python-client

Author: mbohlool

api_client.py

@@ -0,0 +1,18 @@
+# Copyright 2016 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from .config_exception import ConfigException
+from .incluster_config import load_incluster_config
+from .kube_config import (list_kube_config_contexts, load_kube_config,
+                          new_client_from_config)

config/__init__.py

@@ -0,0 +1 @@
+config

config/config

@@ -0,0 +1,17 @@
+# Copyright 2016 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+class ConfigException(Exception):
+    pass

config/config_exception.py

@@ -0,0 +1,91 @@
+# Copyright 2016 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+
+from kubernetes.client import configuration
+
+from .config_exception import ConfigException
+
+SERVICE_HOST_ENV_NAME = "KUBERNETES_SERVICE_HOST"
+SERVICE_PORT_ENV_NAME = "KUBERNETES_SERVICE_PORT"
+SERVICE_TOKEN_FILENAME = "/var/run/secrets/kubernetes.io/serviceaccount/token"
+SERVICE_CERT_FILENAME = "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"
+
+
+def _join_host_port(host, port):
+    """Adapted golang's net.JoinHostPort"""
+    template = "%s:%s"
+    host_requires_bracketing = ':' in host or '%' in host
+    if host_requires_bracketing:
+        template = "[%s]:%s"
+    return template % (host, port)
+
+
+class InClusterConfigLoader(object):
+
+    def __init__(self, token_filename,
+                 cert_filename, environ=os.environ):
+        self._token_filename = token_filename
+        self._cert_filename = cert_filename
+        self._environ = environ
+
+    def load_and_set(self):
+        self._load_config()
+        self._set_config()
+
+    def _load_config(self):
+        if (SERVICE_HOST_ENV_NAME not in self._environ or
+                SERVICE_PORT_ENV_NAME not in self._environ):
+            raise ConfigException("Service host/port is not set.")
+
+        if (not self._environ[SERVICE_HOST_ENV_NAME] or
+                not self._environ[SERVICE_PORT_ENV_NAME]):
+            raise ConfigException("Service host/port is set but empty.")
+
+        self.host = (
+            "https://" + _join_host_port(self._environ[SERVICE_HOST_ENV_NAME],
+                                         self._environ[SERVICE_PORT_ENV_NAME]))
+
+        if not os.path.isfile(self._token_filename):
+            raise ConfigException("Service token file does not exists.")
+
+        with open(self._token_filename) as f:
+            self.token = f.read()
+            if not self.token:
+                raise ConfigException("Token file exists but empty.")
+
+        if not os.path.isfile(self._cert_filename):
+            raise ConfigException(
+                "Service certification file does not exists.")
+
+        with open(self._cert_filename) as f:
+            if not f.read():
+                raise ConfigException("Cert file exists but empty.")
+
+        self.ssl_ca_cert = self._cert_filename
+
+    def _set_config(self):
+        configuration.host = self.host
+        configuration.ssl_ca_cert = self.ssl_ca_cert
+        configuration.api_key['authorization'] = "bearer " + self.token
+
+
+def load_incluster_config():
+    """Use the service account kubernetes gives to pods to connect to kubernetes
+    cluster. It's intended for clients that expect to be running inside a pod
+    running on kubernetes. It will raise an exception if called from a process
+    not running in a kubernetes environment."""
+    InClusterConfigLoader(token_filename=SERVICE_TOKEN_FILENAME,
+                          cert_filename=SERVICE_CERT_FILENAME).load_and_set()

config/incluster_config.py

@@ -0,0 +1,131 @@
+# Copyright 2016 The Kubernetes Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import tempfile
+import unittest
+
+from .config_exception import ConfigException
+from .incluster_config import (SERVICE_HOST_ENV_NAME, SERVICE_PORT_ENV_NAME,
+                               InClusterConfigLoader, _join_host_port)
+
+_TEST_TOKEN = "temp_token"
+_TEST_CERT = "temp_cert"
+_TEST_HOST = "127.0.0.1"
+_TEST_PORT = "80"
+_TEST_HOST_PORT = "127.0.0.1:80"
+_TEST_IPV6_HOST = "::1"
+_TEST_IPV6_HOST_PORT = "[::1]:80"
+
+_TEST_ENVIRON = {SERVICE_HOST_ENV_NAME: _TEST_HOST,
+                 SERVICE_PORT_ENV_NAME: _TEST_PORT}
+_TEST_IPV6_ENVIRON = {SERVICE_HOST_ENV_NAME: _TEST_IPV6_HOST,
+                      SERVICE_PORT_ENV_NAME: _TEST_PORT}
+
+
+class InClusterConfigTest(unittest.TestCase):
+
+    def setUp(self):
+        self._temp_files = []
+
+    def tearDown(self):
+        for f in self._temp_files:
+            os.remove(f)
+
+    def _create_file_with_temp_content(self, content=""):
+        handler, name = tempfile.mkstemp()
+        self._temp_files.append(name)
+        os.write(handler, str.encode(content))
+        os.close(handler)
+        return name
+
+    def get_test_loader(
+            self,
+            token_filename=None,
+            cert_filename=None,
+            environ=_TEST_ENVIRON):
+        if not token_filename:
+            token_filename = self._create_file_with_temp_content(_TEST_TOKEN)
+        if not cert_filename:
+            cert_filename = self._create_file_with_temp_content(_TEST_CERT)
+        return InClusterConfigLoader(
+            token_filename=token_filename,
+            cert_filename=cert_filename,
+            environ=environ)
+
+    def test_join_host_port(self):
+        self.assertEqual(_TEST_HOST_PORT,
+                         _join_host_port(_TEST_HOST, _TEST_PORT))
+        self.assertEqual(_TEST_IPV6_HOST_PORT,
+                         _join_host_port(_TEST_IPV6_HOST, _TEST_PORT))
+
+    def test_load_config(self):
+        cert_filename = self._create_file_with_temp_content(_TEST_CERT)
+        loader = self.get_test_loader(cert_filename=cert_filename)
+        loader._load_config()
+        self.assertEqual("https://" + _TEST_HOST_PORT, loader.host)
+        self.assertEqual(cert_filename, loader.ssl_ca_cert)
+        self.assertEqual(_TEST_TOKEN, loader.token)
+
+    def _should_fail_load(self, config_loader, reason):
+        try:
+            config_loader.load_and_set()
+            self.fail("Should fail because %s" % reason)
+        except ConfigException:
+            # expected
+            pass
+
+    def test_no_port(self):
+        loader = self.get_test_loader(
+            environ={SERVICE_HOST_ENV_NAME: _TEST_HOST})
+        self._should_fail_load(loader, "no port specified")
+
+    def test_empty_port(self):
+        loader = self.get_test_loader(
+            environ={SERVICE_HOST_ENV_NAME: _TEST_HOST,
+                     SERVICE_PORT_ENV_NAME: ""})
+        self._should_fail_load(loader, "empty port specified")
+
+    def test_no_host(self):
+        loader = self.get_test_loader(
+            environ={SERVICE_PORT_ENV_NAME: _TEST_PORT})
+        self._should_fail_load(loader, "no host specified")
+
+    def test_empty_host(self):
+        loader = self.get_test_loader(
+            environ={SERVICE_HOST_ENV_NAME: "",
+                     SERVICE_PORT_ENV_NAME: _TEST_PORT})
+        self._should_fail_load(loader, "empty host specified")
+
+    def test_no_cert_file(self):
+        loader = self.get_test_loader(cert_filename="not_exists_file_1123")
+        self._should_fail_load(loader, "cert file does not exists")
+
+    def test_empty_cert_file(self):
+        loader = self.get_test_loader(
+            cert_filename=self._create_file_with_temp_content())
+        self._should_fail_load(loader, "empty cert file provided")
+
+    def test_no_token_file(self):
+        loader = self.get_test_loader(token_filename="not_exists_file_1123")
+        self._should_fail_load(loader, "token file does not exists")
+
+    def test_empty_token_file(self):
+        loader = self.get_test_loader(
+            token_filename=self._create_file_with_temp_content())
+        self._should_fail_load(loader, "empty token file provided")
+
+
+if __name__ == '__main__':
+    unittest.main()