-
-
Notifications
You must be signed in to change notification settings - Fork 305
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check for client cert with exec #1089
Conversation
Signed-off-by: Carson Anderson <rcanderson23@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm still not sure if this is the right approach, but left some comments.
Signed-off-by: Carson Anderson <rcanderson23@gmail.com>
Thank you for the feedback. If you have other suggestions on you think this should be implemented I am all ears. 😃 |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## main #1089 +/- ##
==========================================
- Coverage 72.43% 72.37% -0.07%
==========================================
Files 65 65
Lines 4759 4774 +15
==========================================
+ Hits 3447 3455 +8
- Misses 1312 1319 +7
|
Signed-off-by: Carson Anderson <rcanderson23@gmail.com>
Signed-off-by: Carson Anderson <rcanderson23@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think everything in here has been addressed. A branch update + a just fmt
would be appreciated, and I am happy to send it through.
Thanks again for figuring this out! |
I was about to start working on this, until I synced my fork and noticed this PR was recently merged. Thank you 🎉 @rcanderson23 @clux While testing it, I first got this error:
It worked on kubectl, but not on kube-rs. After some digging I noticed that PEM-encoded was missing a EDIT: it is a small change so I decided to create a PR to discuss this separately |
Signed-off-by: Carson Anderson rcanderson23@gmail.com
Motivation
Correctly handle client certificates returned with kubeconfig configurations using
exec
. Current implementation only handles tokensSolution
This adds
Certificate
to theAuth
enum. The auth is checked when creating the respective TLS configs and uses the certificate if available.