diff options
| author |  Jun Chen <answer1991.chen@gmail.com>
| 2021-02-09 21:36:32 +0800 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2021-02-09 14:36:32 +0100 |
| commit | a5bc3891e87963e242db2d04b52483890205400a (patch) | |
| tree | cc042296172643f0aea473375e3dd87ab19188c0 | |
| parent | 632463d3a9aa1185f858a3c5750b53bacc7ef2eb (diff) | |
| download | coredns-a5bc3891e87963e242db2d04b52483890205400a.tar.gz coredns-a5bc3891e87963e242db2d04b52483890205400a.tar.zst coredns-a5bc3891e87963e242db2d04b52483890205400a.zip | |
make kubernetes plugin kubeconfig argument 'context' optional (#4451)
Signed-off-by: answer1991 <answer1991.chen@gmail.com>
| -rw-r--r-- | plugin/kubernetes/README.md | 7 | ||||
| -rw-r--r-- | plugin/kubernetes/setup.go | 17 | ||||
| -rw-r--r-- | plugin/kubernetes/setup_test.go | 13 |
3 files changed, 28 insertions, 9 deletions
diff --git a/plugin/kubernetes/README.md b/plugin/kubernetes/README.md index 7aa16ca9d..4557300c2 100644 --- a/plugin/kubernetes/README.md +++ b/plugin/kubernetes/README.md @@ -33,7 +33,7 @@ all the zones the plugin should be authoritative for. kubernetes [ZONES...] { endpoint URL tls CERT KEY CACERT - kubeconfig KUBECONFIG CONTEXT + kubeconfig KUBECONFIG [CONTEXT] namespaces NAMESPACE... labels EXPRESSION pods POD-MODE @@ -49,7 +49,10 @@ kubernetes [ZONES...] { If omitted, it will connect to k8s in-cluster using the cluster service account. * `tls` **CERT** **KEY** **CACERT** are the TLS cert, key and the CA cert file names for remote k8s connection. This option is ignored if connecting in-cluster (i.e. endpoint is not specified). -* `kubeconfig` **KUBECONFIG** **CONTEXT** authenticates the connection to a remote k8s cluster using a kubeconfig file. It supports TLS, username and password, or token-based authentication. This option is ignored if connecting in-cluster (i.e., the endpoint is not specified). +* `kubeconfig` **KUBECONFIG [CONTEXT]** authenticates the connection to a remote k8s cluster using a kubeconfig file. + **[CONTEXT]** is optional, if not set, then the current context specified in kubeconfig will be used. + It supports TLS, username and password, or token-based authentication. + This option is ignored if connecting in-cluster (i.e., the endpoint is not specified). * `namespaces` **NAMESPACE [NAMESPACE...]** only exposes the k8s namespaces listed. If this option is omitted all namespaces are exposed * `namespace_labels` **EXPRESSION** only expose the records for Kubernetes namespaces that match this label selector. diff --git a/plugin/kubernetes/setup.go b/plugin/kubernetes/setup.go index d8453cf51..89ec439fb 100644 --- a/plugin/kubernetes/setup.go +++ b/plugin/kubernetes/setup.go @@ -253,15 +253,18 @@ func ParseStanza(c *caddy.Controller) (*Kubernetes, error) { } case "kubeconfig": args := c.RemainingArgs() + if len(args) != 1 && len(args) != 2 { + return nil, c.ArgErr() + } + overrides := &clientcmd.ConfigOverrides{} if len(args) == 2 { - config := clientcmd.NewNonInteractiveDeferredLoadingClientConfig( - &clientcmd.ClientConfigLoadingRules{ExplicitPath: args[0]}, - &clientcmd.ConfigOverrides{CurrentContext: args[1]}, - ) - k8s.ClientConfig = config - continue + overrides.CurrentContext = args[1] } - return nil, c.ArgErr() + config := clientcmd.NewNonInteractiveDeferredLoadingClientConfig( + &clientcmd.ClientConfigLoadingRules{ExplicitPath: args[0]}, + overrides, + ) + k8s.ClientConfig = config default: return nil, c.Errf("unknown property '%s'", c.Val()) } diff --git a/plugin/kubernetes/setup_test.go b/plugin/kubernetes/setup_test.go index 14781a862..52b0d3fb2 100644 --- a/plugin/kubernetes/setup_test.go +++ b/plugin/kubernetes/setup_test.go @@ -329,6 +329,19 @@ kubernetes cluster.local`, }, { `kubernetes coredns.local { + kubeconfig file +}`, + false, + "", + 1, + 0, + "", + "", + podModeDisabled, + fall.Zero, + }, + { + `kubernetes coredns.local { kubeconfig file context }`, false, |