feat: load service account token from a different path

kubernetes-client · Jan 30, 2024 · c423a05 · c423a05
1 parent d21542c
commit c423a05
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 3 deletions.
diff --git a/src/config.ts b/src/config.ts
@@ -211,7 +211,8 @@ export class KubeConfig {
         const clusterName = 'inCluster';
         const userName = 'inClusterUser';
         const contextName = 'inClusterContext';
-        const tokenFile = process.env.TOKEN_FILE_PATH ? process.env.TOKEN_FILE_PATH :  `${pathPrefix}${Config.SERVICEACCOUNT_TOKEN_PATH}`
+        const tokenFile = process.env.TOKEN_FILE_PATH ? process.env.TOKEN_FILE_PATH : `${pathPrefix}${Config.SERVICEACCOUNT_TOKEN_PATH}`;
+        const caFile = process.env.KUBERNETES_CA_FILE_PATH ? process.env.KUBERNETES_CA_FILE_PATH : `${pathPrefix}${Config.SERVICEACCOUNT_CA_PATH}`;
 
         let scheme = 'https';
         if (port === '80' || port === '8080' || port === '8001') {
@@ -227,7 +228,7 @@ export class KubeConfig {
         this.clusters = [
             {
                 name: clusterName,
-                caFile: `${pathPrefix}${Config.SERVICEACCOUNT_CA_PATH}`,
+                caFile,
                 server: `${scheme}://${serverHost}:${port}`,
                 skipTLSVerify: false,
             },

diff --git a/src/config_test.ts b/src/config_test.ts
@@ -155,15 +155,28 @@ describe('KubeConfig', () => {
 
     describe('loadFromCluster', () => {
         let originalTokenPath: string | undefined;
+        let originalCaFilePath: string | undefined;
 
         before(() => {
             originalTokenPath = process.env['TOKEN_FILE_PATH'];
+            originalCaFilePath = process.env['KUBERNETES_CA_FILE_PATH']
 
             delete process.env['TOKEN_FILE_PATH']
+            delete process.env['KUBERNETES_CA_FILE_PATH']
         })
 
         after(() => {
+
+            delete process.env['TOKEN_FILE_PATH']
+            delete process.env['KUBERNETES_CA_FILE_PATH']
+
+            if (originalTokenPath){
             process.env['TOKEN_FILE_PATH'] = originalTokenPath
+            }
+
+            if (originalCaFilePath) {
+            process.env['KUBERNETES_CA_FILE_PATH'] = originalCaFilePath
+            }
         })
 
         it('should load from default env vars', () => {
@@ -198,11 +211,13 @@ describe('KubeConfig', () => {
         it('should support custom token file path', () => {
             const kc = new KubeConfig();
             process.env['TOKEN_FILE_PATH'] = '/etc/tokenFile'
+            process.env['KUBERNETES_CA_FILE_PATH'] = '/etc/ca.crt'
+
             const cluster = {
                 name: 'inCluster',
                 server: 'https://undefined:undefined',
                 skipTLSVerify: false,
-                caFile: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'
+                caFile: '/etc/ca.crt'
             } as Cluster;
 
             const user = {