From 33fd2d82760f30ab13be9e3231b51631ff8abf23 Mon Sep 17 00:00:00 2001
From: Alex Renoki <rennokki@gmail.com>
Date: Mon, 22 Mar 2021 23:39:37 +0200
Subject: [PATCH] Added support for in-cluster configuration

---
 .github/workflows/ci.yml    | 10 +++++++++-
 composer.json               |  6 ++----
 config/k8s.php              | 15 +++++++++++++++
 src/KubernetesCluster.php   | 11 +++++++++++
 tests/ConfigurationTest.php | 15 +++++++++++++++
 5 files changed, 52 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c77c1ce..9a943f3 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -53,9 +53,17 @@ jobs:
 
     - name: Install dependencies
       run: |
-        composer require "laravel/framework:${{ matrix.laravel }}" "orchestra/testbench:${{ matrix.testbench }}" "orchestra/database:${{ matrix.testbench }}" --no-interaction --no-update
+        composer require "laravel/framework:${{ matrix.laravel }}" "orchestra/testbench:${{ matrix.testbench }}" --no-interaction --no-update
         composer update --${{ matrix.prefer }} --prefer-dist --no-interaction --no-suggest
 
+    - name: Setup in-cluster config
+      run: |
+        sudo mkdir -p /var/run/secrets/kubernetes.io/serviceaccount
+        echo "some-token" | sudo tee /var/run/secrets/kubernetes.io/serviceaccount/token
+        echo "c29tZS1jZXJ0Cg==" | sudo tee /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
+        echo "some-namespace" | sudo tee /var/run/secrets/kubernetes.io/serviceaccount/namespace
+        sudo chmod -R 777 /var/run/secrets/kubernetes.io/serviceaccount/
+
     - name: Run tests
       run: |
         vendor/bin/phpunit --coverage-text --coverage-clover=coverage.xml
diff --git a/composer.json b/composer.json
index 676b564..dfa1984 100644
--- a/composer.json
+++ b/composer.json
@@ -12,7 +12,7 @@
         }
     ],
     "require": {
-        "renoki-co/php-k8s": "^2.0"
+        "renoki-co/php-k8s": "^2.2"
     },
     "autoload": {
         "psr-4": {
@@ -28,10 +28,8 @@
         "test": "vendor/bin/phpunit"
     },
     "require-dev": {
-        "laravel/legacy-factories": "^1.1",
         "mockery/mockery": "^1.4",
-        "orchestra/testbench": "^5.0|^6.0",
-        "orchestra/database": "^5.0|^6.0"
+        "orchestra/testbench": "^5.0|^6.0"
     },
     "config": {
         "sort-packages": true
diff --git a/config/k8s.php b/config/k8s.php
index 28d5bae..7811ba7 100644
--- a/config/k8s.php
+++ b/config/k8s.php
@@ -80,6 +80,21 @@
             'token' => env('KUBE_BEARER_TOKEN', null),
         ],
 
+        /*
+        |--------------------------------------------------------------------------
+        | In-Cluster Driver
+        |--------------------------------------------------------------------------
+        |
+        | In-Cluster Driver works only if the written PHP app runs
+        | inside a Kubernetes Pod, within a Cluster. The configuration
+        | is being loaded automatically.
+        |
+        */
+
+        'cluster' => [
+            'driver' => 'cluster',
+        ],
+
     ],
 
 ];
diff --git a/src/KubernetesCluster.php b/src/KubernetesCluster.php
index 169e2a2..70a4664 100644
--- a/src/KubernetesCluster.php
+++ b/src/KubernetesCluster.php
@@ -53,6 +53,7 @@ protected function loadFromConfig(array $config)
             case 'kubeconfig': $this->configureWithKubeConfigFile($config); break;
             case 'http': $this->configureWithHttpAuth($config); break;
             case 'token': $this->configureWithToken($config); break;
+            case 'cluster': $this->configureInCluster(); break;
             default: break;
         }
     }
@@ -131,6 +132,16 @@ protected function configureWithToken(array $config)
         $this->cluster->withToken($config['token']);
     }
 
+    /**
+     * Load the In-Cluster configuration.
+     *
+     * @return void
+     */
+    protected function configureInCluster()
+    {
+        $this->cluster->inClusterConfiguration();
+    }
+
     /**
      * Get the initialized cluster.
      *
diff --git a/tests/ConfigurationTest.php b/tests/ConfigurationTest.php
index dd1b245..28fb55b 100644
--- a/tests/ConfigurationTest.php
+++ b/tests/ConfigurationTest.php
@@ -3,6 +3,7 @@
 namespace RenokiCo\LaravelK8s\Test;
 
 use RenokiCo\LaravelK8s\LaravelK8sFacade;
+use RenokiCo\PhpK8s\Kinds\K8sResource;
 
 class ConfigurationTest extends TestCase
 {
@@ -108,4 +109,18 @@ public function test_token_authentication()
 
         $this->assertEquals('Bearer some-token', $token);
     }
+
+    public function test_in_cluster_config()
+    {
+        $cluster = LaravelK8sFacade::connection('cluster')->getCluster();
+
+        [
+            'headers' => ['authorization' => $token],
+            'verify' => $caPath,
+        ] = $cluster->getClient()->getConfig();
+
+        $this->assertEquals('Bearer some-token', $token);
+        $this->assertEquals('/var/run/secrets/kubernetes.io/serviceaccount/ca.crt', $caPath);
+        $this->assertEquals('some-namespace', K8sResource::$defaultNamespace);
+    }
 }