feat: load service account token from a different path

Author: omerlh

src/config.ts

@@ -211,6 +211,8 @@ export class KubeConfig {
         const clusterName = 'inCluster';
         const userName = 'inClusterUser';
         const contextName = 'inClusterContext';
+        const tokenFile = process.env.TOKEN_FILE_PATH ? process.env.TOKEN_FILE_PATH : `${pathPrefix}${Config.SERVICEACCOUNT_TOKEN_PATH}`;
+        const caFile = process.env.KUBERNETES_CA_FILE_PATH ? process.env.KUBERNETES_CA_FILE_PATH : `${pathPrefix}${Config.SERVICEACCOUNT_CA_PATH}`;
 
         let scheme = 'https';
         if (port === '80' || port === '8080' || port === '8001') {
@@ -226,7 +228,7 @@ export class KubeConfig {
         this.clusters = [
             {
                 name: clusterName,
-                caFile: `${pathPrefix}${Config.SERVICEACCOUNT_CA_PATH}`,
+                caFile,
                 server: `${scheme}://${serverHost}:${port}`,
                 skipTLSVerify: false,
             },
@@ -237,7 +239,7 @@ export class KubeConfig {
                 authProvider: {
                     name: 'tokenFile',
                     config: {
-                        tokenFile: `${pathPrefix}${Config.SERVICEACCOUNT_TOKEN_PATH}`,
+                        tokenFile
                     },
                 },
             },

src/config_test.ts

@@ -150,6 +150,96 @@ describe('KubeConfig', () => {
             const userOut = kc.getCurrentUser();
             expect(userOut).to.equal(user);
         });
+
+    });
+
+    describe('loadFromCluster', () => {
+        let originalTokenPath: string | undefined;
+        let originalCaFilePath: string | undefined;
+
+        before(() => {
+            originalTokenPath = process.env['TOKEN_FILE_PATH'];
+            originalCaFilePath = process.env['KUBERNETES_CA_FILE_PATH']
+
+            delete process.env['TOKEN_FILE_PATH']
+            delete process.env['KUBERNETES_CA_FILE_PATH']
+        })
+
+        after(() => {
+
+            delete process.env['TOKEN_FILE_PATH']
+            delete process.env['KUBERNETES_CA_FILE_PATH']
+
+            if (originalTokenPath){
+            process.env['TOKEN_FILE_PATH'] = originalTokenPath
+            }
+
+            if (originalCaFilePath) {
+            process.env['KUBERNETES_CA_FILE_PATH'] = originalCaFilePath
+            }
+        })
+
+        it('should load from default env vars', () => {
+            const kc = new KubeConfig();
+            const cluster = {
+                name: 'inCluster',
+                server: 'https://undefined:undefined',
+                skipTLSVerify: false,
+                caFile: '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt'
+            } as Cluster;
+
+            const user = {
+                authProvider: {
+                    name: 'tokenFile',
+                    config: {
+                        tokenFile: '/var/run/secrets/kubernetes.io/serviceaccount/token'
+                    }
+                },
+                name: 'inClusterUser'
+            } as User;
+
+            kc.loadFromCluster();
+
+            const clusterOut = kc.getCurrentCluster();
+
+            expect(cluster).to.deep.equals(clusterOut)
+
+            const userOut = kc.getCurrentUser();
+            expect(userOut).to.deep.equals(user);
+        });
+
+        it('should support custom token file path', () => {
+            const kc = new KubeConfig();
+            process.env['TOKEN_FILE_PATH'] = '/etc/tokenFile'
+            process.env['KUBERNETES_CA_FILE_PATH'] = '/etc/ca.crt'
+
+            const cluster = {
+                name: 'inCluster',
+                server: 'https://undefined:undefined',
+                skipTLSVerify: false,
+                caFile: '/etc/ca.crt'
+            } as Cluster;
+
+            const user = {
+                authProvider: {
+                    name: 'tokenFile',
+                    config: {
+                        tokenFile: '/etc/tokenFile'
+                    }
+                },
+                name: 'inClusterUser'
+            } as User;
+
+            kc.loadFromCluster();
+
+            const clusterOut = kc.getCurrentCluster();
+
+            expect(cluster).to.deep.equals(clusterOut)
+
+            const userOut = kc.getCurrentUser();
+            expect(userOut).to.deep.equals(user);
+        });
+
     });
 
     describe('clusterConstructor', () => {
@@ -490,6 +580,7 @@ describe('KubeConfig', () => {
             originalEnvVars.USERPROFILE = process.env.USERPROFILE;
             originalEnvVars.HOMEDRIVE = process.env.HOMEDRIVE;
             originalEnvVars.HOMEPATH = process.env.HOMEPATH;
+            
 
             delete process.env.HOME;
             delete process.env.USERPROFILE;