kubert 0.25.0

Kubernetes runtime helpers. Based on kube-rs.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199

//! Utilities for configuring a [`kube_client::Client`] from the command line
pub use kube_client::*;
use std::path::PathBuf;
use thiserror::Error;

#[cfg(feature = "prometheus-client")]
mod metrics;
mod timeouts;

#[cfg(feature = "prometheus-client")]
pub use self::metrics::ClientMetricsFamilies;
pub use self::timeouts::ResponseHeadersTimeout;

/// Configures a Kubernetes client
#[derive(Clone, Debug, Default)]
#[cfg_attr(docsrs, doc(cfg(feature = "client")))]
#[cfg_attr(feature = "clap", derive(clap::Parser))]
pub struct ClientArgs {
    /// The name of the kubeconfig cluster to use
    #[cfg_attr(feature = "clap", clap(long))]
    pub cluster: Option<String>,

    /// The name of the kubeconfig context to use
    #[cfg_attr(feature = "clap", clap(long))]
    pub context: Option<String>,

    /// The name of the kubeconfig user to use
    #[cfg_attr(feature = "clap", clap(long))]
    pub user: Option<String>,

    /// The path to the kubeconfig file to use
    #[cfg_attr(feature = "clap", clap(long))]
    pub kubeconfig: Option<PathBuf>,

    /// Username to impersonate for Kubernetes operations
    #[cfg_attr(feature = "clap", clap(long = "as"))]
    pub impersonate_user: Option<String>,

    /// Group to impersonate for Kubernetes operations
    #[cfg_attr(feature = "clap", clap(long = "as-group"))]
    pub impersonate_group: Option<String>,

    /// The timeout for response headers from the Kubernetes API.
    #[cfg_attr(feature = "clap", clap(
        long = "kube-api-response-headers-timeout",
        default_value_t = ResponseHeadersTimeout::default(),
    ))]
    pub response_headers_timeout: ResponseHeadersTimeout,
}

/// A builder for a Kubernetes client.
#[cfg_attr(docsrs, doc(cfg(feature = "client")))]
pub struct ClientBuilder {
    args: ClientArgs,
    #[cfg(feature = "prometheus-client")]
    metrics_families: Option<ClientMetricsFamilies>,
}

/// Indicates an error occurred while configuring the Kubernetes client
#[derive(Debug, Error)]
#[cfg_attr(docsrs, doc(cfg(feature = "client")))]
#[non_exhaustive]
pub enum ConfigError {
    /// Indicates that the kubeconfig file could not be read
    #[error(transparent)]
    Kubeconfig(#[from] config::KubeconfigError),

    /// Indicates that the in-cluster configuration could not be read
    #[error(transparent)]
    InCluster(#[from] config::InClusterError),

    /// Indicates that the client could not be initialized
    #[error(transparent)]
    Client(#[from] Error),
}

impl ClientArgs {
    /// Initializes a Kubernetes client
    ///
    /// This will respect the `$KUBECONFIG` environment variable, but otherwise default to
    /// `~/.kube/config`. The _current-context_ is used unless `context` is set.
    ///
    /// This is basically equivalent to using `kube_client::Client::try_default`, except that it
    /// supports kubeconfig configuration from the command-line.
    pub async fn try_client(self) -> Result<Client, ConfigError> {
        ClientBuilder::from_args(self).build().await
    }

    /// Indicates whether the command-line arguments attempt to customize the Kubernetes
    /// configuration.
    fn is_customized(&self) -> bool {
        self.context.is_some()
            || self.cluster.is_some()
            || self.user.is_some()
            || self.impersonate_user.is_some()
            || self.impersonate_group.is_some()
            || self.kubeconfig.is_some()
    }

    /// Loads a local config if available, falling back to in-cluster config if
    /// client args have not been specified.
    async fn load_config(&self) -> Result<Config, ConfigError> {
        match self.load_local_config().await {
            Ok(config) => Ok(config),
            Err(e) if self.is_customized() => Err(e),
            Err(_) => Config::incluster().map_err(Into::into),
        }
    }

    /// Loads a local (i.e. not in-cluster) Kubernetes client configuration
    ///
    /// First, the `--kubeconfig` argument is used. If that is not set, the `$KUBECONFIG`
    /// environment variable is used. If that is not set, the `~/.kube/config` file is used.
    async fn load_local_config(&self) -> Result<Config, ConfigError> {
        let options = config::KubeConfigOptions {
            context: self.context.clone(),
            cluster: self.cluster.clone(),
            user: self.user.clone(),
        };

        let mut kubeconfig = match &self.kubeconfig {
            Some(path) => config::Kubeconfig::read_from(path.as_path())?,
            None => config::Kubeconfig::read()?,
        };

        if let Some(user) = &self.impersonate_user {
            for auth in kubeconfig.auth_infos.iter_mut() {
                if let Some(ai) = auth.auth_info.as_mut() {
                    ai.impersonate = Some(user.clone());
                }
            }
        }

        if let Some(group) = &self.impersonate_group {
            for auth in kubeconfig.auth_infos.iter_mut() {
                if let Some(ai) = auth.auth_info.as_mut() {
                    ai.impersonate_groups = Some(vec![group.clone()]);
                }
            }
        }

        Config::from_custom_kubeconfig(kubeconfig, &options)
            .await
            .map_err(Into::into)
    }
}

impl ClientBuilder {
    /// Creates a new client builder from the given command-line arguments.
    pub fn from_args(args: ClientArgs) -> Self {
        Self {
            args,
            #[cfg(feature = "prometheus-client")]
            metrics_families: None,
        }
    }

    #[cfg(feature = "prometheus-client")]
    #[cfg_attr(
        docsrs,
        doc(cfg(all(features = "client", feature = "prometheus-client")))
    )]
    /// Adds registered Prometheus metrics to the client.
    pub fn with_metrics(mut self, metrics: ClientMetricsFamilies) -> Self {
        self.metrics_families = Some(metrics);
        self
    }

    /// Builds the Kubernetes client.
    pub async fn build(self) -> Result<Client, ConfigError> {
        let config = self.args.load_config().await?;

        #[cfg(feature = "prometheus-client")]
        let metrics = self
            .metrics_families
            .map_or_else(Default::default, |m| m.metrics(&config));

        let cb = kube_client::client::ClientBuilder::try_from(config)?
            .with_layer(&timeouts::layer(self.args.response_headers_timeout));

        #[cfg(feature = "prometheus-client")]
        let cb = cb.with_layer(&metrics::layer(metrics));

        Ok(cb.build())
    }
}

// Used by middlewares, e.g. timeouts.
mod svc {
    pub use tower::{layer::layer_fn, layer::Layer, Service};

    pub type BoxService = tower::util::BoxService<Request, Response, BoxError>;
    pub type Request = hyper::Request<kube_client::client::Body>;
    pub type Response = hyper::Response<BoxBody>;
    pub type BoxBody =
        Box<dyn hyper::body::Body<Data = bytes::Bytes, Error = BoxError> + Send + Unpin>;
    pub type BoxError = tower::BoxError;
    pub type BoxFuture = futures_util::future::BoxFuture<'static, Result<Response, BoxError>>;
}