Add support for kubeconfig based client creation.

Author: brendanburns

examples/pom.xml

@@ -14,5 +14,10 @@
 			<artifactId>client-java</artifactId>
 			<version>1.0-SNAPSHOT</version>
 		</dependency>
+		<dependency>
+			<groupId>io.kubernetes</groupId>
+			<artifactId>client-java-util</artifactId>
+			<version>1.0-SNAPSHOT</version>
+		</dependency>
 	</dependencies>
 </project>

examples/src/main/java/io/kubernetes/client/examples/Example.java

@@ -6,6 +6,9 @@
 import io.kubernetes.client.apis.CoreV1Api;
 import io.kubernetes.client.models.V1Pod;
 import io.kubernetes.client.models.V1PodList;
+import io.kubernetes.client.util.Config;
+
+import java.io.IOException;
 
 /**
  * A simple example of how to use the Java API
@@ -18,9 +21,14 @@
  * From inside $REPO_DIR/kubernetes
  */
 public class Example {
-    public static void main(String[] args) throws ApiException{
-        ApiClient client = new ApiClient();
-        client.setBasePath("http://localhost:8001");
+    public static void main(String[] args) throws IOException, ApiException{
+        ApiClient client;
+        if (args.length == 0) {
+            client = new ApiClient();
+            client.setBasePath("http://localhost:8001");
+        } else {
+            client = Config.fromConfig(args[0]);
+        }
         Configuration.setDefaultApiClient(client);
 
         CoreV1Api api = new CoreV1Api();

kubernetes/.swagger-codegen-ignore

@@ -1,3 +1,6 @@
 .gitignore
 git_push.sh
+# Remove this once https://github.com/swagger-api/swagger-codegen/pull/5629
+# is merged.
+src/main/java/io/kubernetes/client/ApiClient.java
 

kubernetes/src/main/java/io/kubernetes/client/ApiClient.java

@@ -64,7 +64,6 @@
 
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.KeyManager;
-import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSession;
 import javax.net.ssl.TrustManager;
@@ -127,6 +126,7 @@ public class ApiClient {
 
     private InputStream sslCaCert;
     private boolean verifyingSsl;
+    private KeyManager[] keyManagers;
 
     private OkHttpClient httpClient;
     private JSON json;
@@ -271,6 +271,12 @@ public ApiClient setSslCaCert(InputStream sslCaCert) {
         return this;
     }
 
+    public ApiClient setKeyManagers(KeyManager[] managers) {
+        this.keyManagers = managers;
+        applySslSettings();
+        return this;
+    }
+
     public DateFormat getDateFormat() {
         return dateFormat;
     }
@@ -1252,7 +1258,6 @@ private void initDatetimeFormat() {
      */
     private void applySslSettings() {
         try {
-            KeyManager[] keyManagers = null;
             TrustManager[] trustManagers = null;
             HostnameVerifier hostnameVerifier = null;
             if (!verifyingSsl) {

util/pom.xml

@@ -14,5 +14,28 @@
 			<artifactId>client-java</artifactId>
 			<version>1.0-SNAPSHOT</version>
 		</dependency>
+		<dependency>
+			<groupId>org.yaml</groupId>
+			<artifactId>snakeyaml</artifactId>
+			<version>1.18</version>
+		</dependency>
+		<dependency>
+			<groupId>commons-codec</groupId>
+			<artifactId>commons-codec</artifactId>
+			<version>1.10</version>
+		</dependency>
 	</dependencies>
-</project>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<version>3.1</version>
+				<configuration>
+					<source>1.7</source>
+					<target>1.7</target>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+</project>

util/src/main/java/io/kubernetes/client/util/Config.java

@@ -1,11 +1,35 @@
 package io.kubernetes.client.util;
 
 import io.kubernetes.client.ApiClient;
+import io.kubernetes.client.ApiException;
+import io.kubernetes.client.Configuration;
+import io.kubernetes.client.apis.CoreV1Api;
+import io.kubernetes.client.models.V1Pod;
+import io.kubernetes.client.models.V1PodList;
 
 import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
 import java.io.FileReader;
 import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
 import java.io.IOException;
+import java.io.Reader;
+import java.io.UnsupportedEncodingException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+
+import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.SafeConstructor;
 
 public class Config {
     private static final String SERVICEACCOUNT_ROOT =
@@ -63,4 +87,110 @@ public static ApiClient fromToken(String url, String token, boolean validateSSL)
         client.setAccessToken(token);
         return client;
     }
-}
+
+    public static ApiClient fromConfig(String fileName) throws IOException {
+        return fromConfig(new FileReader(fileName));
+    }
+
+    public static ApiClient fromConfig(InputStream stream) {
+        return fromConfig(new InputStreamReader(stream));
+    }
+
+    public static ApiClient fromConfig(Reader input) {
+        // Note to the reader: I considered creating a Config object
+        // and parsing into that instead of using Maps, but honestly
+        // this seemed cleaner than a bunch of boilerplate classes
+        Yaml yaml = new Yaml(new SafeConstructor());
+        Object config = yaml.load(input);
+        Map<String, Object> configMap = (Map<String, Object>)config;
+
+        ArrayList<Object> clusters = (ArrayList<Object>)configMap.get("clusters");
+        ArrayList<Object> contexts = (ArrayList<Object>)configMap.get("contexts");
+        ArrayList<Object> users = (ArrayList<Object>)configMap.get("users");
+        String currentContext = (String)configMap.get("current-context");
+
+        Map<String, Object> contextMap = findObject(contexts, currentContext);
+        if (contextMap == null) {
+            return null;
+        }
+        contextMap = (Map<String, Object>)contextMap.get("context");
+
+        String user = (String)contextMap.get("user");
+        String cluster = (String)contextMap.get("cluster");
+
+        Map<String, Object> clusterMap = findObject(clusters, cluster);
+        if (clusterMap == null) {
+            return null;
+        }
+        clusterMap = (Map<String, Object>)clusterMap.get("cluster");
+
+        Map<String, Object> userMap = findObject(users, user);
+        if (user == null) {
+            return null;
+        }
+        userMap = (Map<String, Object>)userMap.get("user");
+
+        String server = (String) clusterMap.get("server");
+        String caCert = (String) clusterMap.get("certificate-authority-data");
+        String caCertFile = (String) clusterMap.get("certificate-authority");
+
+        ApiClient client = new ApiClient();
+        client.setBasePath(server);
+
+        String clientCertificate = (String) userMap.get("client-certificate");
+        String clientCertificateData = (String) userMap.get("client-certificate-data");
+        String clientKey = (String) userMap.get("client-key");
+        String clientKeyData = (String) userMap.get("client-key-data");
+
+        try {
+            KeyManager[] mgrs = SSLUtils.keyManagers(
+                clientCertificateData, clientCertificate,
+                clientKeyData, clientKey,
+                "RSA", "",
+                null, null);
+            client.setKeyManagers(mgrs);
+        } catch (Exception ex) {
+            ex.printStackTrace();
+        }
+
+        // It's silly to have to do it in this order, but each SSL setup
+        // consumes the CA cert, so if we do this before the client certs
+        // are injected the cert input stream is exhausted and things get
+        // grumpy'
+        if (caCert != null) {
+            try {
+                client.setSslCaCert(new ByteArrayInputStream(caCert.getBytes("UTF-8")));
+            } catch (UnsupportedEncodingException ex) {
+                ex.printStackTrace();
+            }
+        } else if (caCertFile != null) {
+            try {
+                client.setSslCaCert(new FileInputStream(caCertFile));
+            } catch (FileNotFoundException ex) {
+                ex.printStackTrace();
+            }
+        }
+
+        Object authProvider = userMap.get("auth-provider");
+        if (authProvider != null) {
+            Map<String, Object> authProviderMap = (Map<String, Object>) authProvider;
+            Map<String, Object> authConfig = (Map<String, Object>) authProviderMap.get("config");
+            if (authConfig != null) {
+                String token = (String) authConfig.get("access-token");
+                client.setAccessToken(token);
+            }
+        }
+
+        return client;
+    }
+
+    private static Map<String, Object> findObject(ArrayList<Object> list, String name) {
+        for (Object obj : list) {
+            Map<String, Object> map = (Map<String, Object>)obj;
+            if (name.equals((String)map.get("name"))) {
+                return map;
+            }
+        }
+        return null;
+    }
+}