Merge pull request #14 from svend/optional-cluster-cert

ynqa · web-flow · commit 10beef1cf1af · 2019-04-08T13:40:06.000+09:00
Make cluster certificate authority optional
diff --git a/src/config/apis.rs b/src/config/apis.rs
@@ -114,11 +114,15 @@ impl Config {
 }
 
 impl Cluster {
-    pub fn load_certificate_authority(&self) -> Result<Vec<u8>, Error> {
-        utils::data_or_file_with_base64(
-            &self.certificate_authority_data,
-            &self.certificate_authority,
-        )
+    pub fn load_certificate_authority(&self) -> Option<Result<Vec<u8>, Error>> {
+        if self.certificate_authority_data.is_some() || self.certificate_authority.is_some() {
+            Some(utils::data_or_file_with_base64(
+                &self.certificate_authority_data,
+                &self.certificate_authority,
+            ))
+        } else {
+            None
+        }
     }
 }
 
diff --git a/src/config/kube_config.rs b/src/config/kube_config.rs
@@ -55,8 +55,8 @@ impl KubeConfigLoader {
             .map_err(Error::from)
     }
 
-    pub fn ca(&self) -> Result<X509, Error> {
-        let ca = &self.cluster.load_certificate_authority()?;
-        X509::from_pem(&ca).map_err(Error::from)
+    pub fn ca(&self) -> Option<Result<X509, Error>> {
+        let ca = self.cluster.load_certificate_authority()?;
+        Some(ca.and_then(|ca| X509::from_pem(&ca).map_err(Error::from)))
     }
 }
diff --git a/src/config/mod.rs b/src/config/mod.rs
@@ -41,10 +41,10 @@ pub fn load_kube_config() -> Result<Configuration, Error> {
     let loader = KubeConfigLoader::load(kubeconfig)?;
     let mut client_builder = Client::builder();
 
-    let ca = loader.ca()?;
-    let req_ca = Certificate::from_der(&ca.to_der()?)?;
-    client_builder = client_builder.add_root_certificate(req_ca);
-
+    if let Some(ca) = loader.ca() {
+        let req_ca = Certificate::from_der(&ca?.to_der()?)?;
+        client_builder = client_builder.add_root_certificate(req_ca);
+    }
     match loader.p12(" ") {
         Ok(p12) => {
             let req_p12 = Identity::from_pkcs12_der(&p12.to_der()?, " ")?;

Original file line number	Diff line number	Diff line change
`@@ -114,11 +114,15 @@ impl Config {`
`114`	`114`	`}`
`115`	`115`
`116`	`116`	`impl Cluster {`
`117`		`- pub fn load_certificate_authority(&self) -> Result<Vec<u8>, Error> {`
`118`		`- utils::data_or_file_with_base64(`
`119`		`- &self.certificate_authority_data,`
`120`		`- &self.certificate_authority,`
`121`		`- )`
	`117`	`+ pub fn load_certificate_authority(&self) -> Option<Result<Vec<u8>, Error>> {`
	`118`	`+ if self.certificate_authority_data.is_some() \|\| self.certificate_authority.is_some() {`
	`119`	`+ Some(utils::data_or_file_with_base64(`
	`120`	`+ &self.certificate_authority_data,`
	`121`	`+ &self.certificate_authority,`
	`122`	`+ ))`
	`123`	`+ } else {`
	`124`	`+ None`
	`125`	`+ }`
`122`	`126`	`}`
`123`	`127`	`}`
`124`	`128`
Original file line number	Diff line number	Diff line change
`@@ -55,8 +55,8 @@ impl KubeConfigLoader {`
`55`	`55`	`.map_err(Error::from)`
`56`	`56`	`}`
`57`	`57`
`58`		`- pub fn ca(&self) -> Result<X509, Error> {`
`59`		`- let ca = &self.cluster.load_certificate_authority()?;`
`60`		`- X509::from_pem(&ca).map_err(Error::from)`
	`58`	`+ pub fn ca(&self) -> Option<Result<X509, Error>> {`
	`59`	`+ let ca = self.cluster.load_certificate_authority()?;`
	`60`	`+ Some(ca.and_then(\|ca\| X509::from_pem(&ca).map_err(Error::from)))`
`61`	`61`	`}`
`62`	`62`	`}`