feat(core): add in-cluster config helper (#49)

README.md

@@ -52,6 +52,13 @@ const k8Ext = new K8Api.Extensions({
 k8Ext.namespaces.deployments('http-deployment').get(print);
 ```
 
+kubernetes-client provides a helper to get in-cluster config and accessing the API from a Pod:
+
+```js
+const K8Api = require('kubernetes-client');
+const k8 = new K8Api.Core(K8Api.config.getInCluster());
+```
+
 ### Creating and updating
 
 kubernetes-client objects expose `.post`, `.patch`, and `.put`

lib/config.js

@@ -0,0 +1,39 @@
+'use strict';
+
+const fs = require('fs');
+
+const certPath = '/var/run/secrets/kubernetes.io/serviceaccount/ca.crt';
+const tokenPath = '/var/run/secrets/kubernetes.io/serviceaccount/token';
+const namespacePath = '/var/run/secrets/kubernetes.io/serviceaccount/namespace';
+
+/**
+* Returns with in cluster config
+* Based on: https://github.com/kubernetes/client-go/blob/124670e99da15091e13916f0ad4b2b2df2a39cd5/rest/config.go#L274
+* and http://kubernetes.io/docs/user-guide/accessing-the-cluster/#accessing-the-api-from-a-pod
+*
+* @function getInCluster
+* @returns {Object} { url, cert, auth, namespace }
+*/
+function getInCluster () {
+  const host = process.env.KUBERNETES_SERVICE_HOST;
+  const port = process.env.KUBERNETES_SERVICE_PORT;
+
+  if (!host || !port) {
+    throw TypeError('Unable to load in-cluster configuration, KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined');
+  }
+
+  const cert = fs.readFileSync(certPath, 'utf8');
+  const bearer = fs.readFileSync(tokenPath, 'utf8');
+  const namespace = fs.readFileSync(namespacePath, 'utf8');
+
+  return {
+    url: `https://${host}:${port}`,
+    cert,
+    auth: { bearer },
+    namespace
+  };
+}
+
+module.exports = {
+  getInCluster
+}

lib/index.js

@@ -1,8 +1,10 @@
 const core = require('./core');
+
 module.exports = core;
 module.exports.Api = require('./api');
 module.exports.Core = core;
 module.exports.Extensions = require('./extensions');
+module.exports.config = require('./config')
 module.exports.testUtils = {
   aliasResources: require('./common').aliasResources
 };

package.json

@@ -38,6 +38,7 @@
     "js-yaml": "^3.7.0",
     "jsdoc": "^3.4.0",
     "mocha": "^2.5.3",
-    "nock": "^8.0.0"
+    "nock": "^8.0.0",
+    "sinon": "1.17.6"
   }
 }

test/config.test.js

@@ -0,0 +1,52 @@
+'use strict';
+
+const assume = require('assume');
+const sinon = require('sinon');
+const fs = require('fs');
+
+const config = require('../lib/config');
+
+describe('Config', () => {
+  let sandbox
+
+  beforeEach(() => {
+    sandbox = sinon.sandbox.create();
+  })
+
+  afterEach(() => {
+    sandbox.restore();
+  })
+
+  describe('getInCluster', () => {
+    it('should return with in-cluster config', () => {
+      // You cannot stub undefined, so ensure KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT are defined
+      process.env.KUBERNETES_SERVICE_HOST = process.env.KUBERNETES_SERVICE_HOST || ''
+      process.env.KUBERNETES_SERVICE_PORT = process.env.KUBERNETES_SERVICE_PORT || ''
+
+      sandbox.stub(process.env, 'KUBERNETES_SERVICE_HOST', 'myhost')
+      sandbox.stub(process.env, 'KUBERNETES_SERVICE_PORT', 443)
+
+      const fsReadFileSync = sandbox.stub(fs, 'readFileSync')
+
+      fsReadFileSync
+        .withArgs('/var/run/secrets/kubernetes.io/serviceaccount/ca.crt')
+        .returns('my-cert')
+
+      fsReadFileSync
+        .withArgs('/var/run/secrets/kubernetes.io/serviceaccount/token')
+        .returns('my-token')
+
+      fsReadFileSync
+        .withArgs('/var/run/secrets/kubernetes.io/serviceaccount/namespace')
+        .returns('my-namespace')
+
+      const configInCluster = config.getInCluster();
+      assume(configInCluster).eqls({
+        auth: { bearer: 'my-token' },
+        cert: 'my-cert',
+        namespace: 'my-namespace',
+        url: 'https://myhost:443'
+      });
+    });
+  });
+});