summaryrefslogtreecommitdiff
path: root/vendor/k8s.io/client-go/transport/config.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/k8s.io/client-go/transport/config.go')
-rw-r--r--vendor/k8s.io/client-go/transport/config.go33
1 files changed, 29 insertions, 4 deletions
diff --git a/vendor/k8s.io/client-go/transport/config.go b/vendor/k8s.io/client-go/transport/config.go
index af347dafe..5de0a2cb1 100644
--- a/vendor/k8s.io/client-go/transport/config.go
+++ b/vendor/k8s.io/client-go/transport/config.go
@@ -17,6 +17,8 @@ limitations under the License.
package transport
import (
+ "context"
+ "crypto/tls"
"net"
"net/http"
)
@@ -37,6 +39,11 @@ type Config struct {
// Bearer token for authentication
BearerToken string
+ // Path to a file containing a BearerToken.
+ // If set, the contents are periodically read.
+ // The last successfully read value takes precedence over BearerToken.
+ BearerTokenFile string
+
// Impersonate is the config that this Config will impersonate using
Impersonate ImpersonationConfig
@@ -50,10 +57,13 @@ type Config struct {
// from TLSClientConfig, Transport, or http.DefaultTransport). The
// config may layer other RoundTrippers on top of the returned
// RoundTripper.
- WrapTransport func(rt http.RoundTripper) http.RoundTripper
+ //
+ // A future release will change this field to an array. Use config.Wrap()
+ // instead of setting this value directly.
+ WrapTransport WrapperFunc
// Dial specifies the dial function for creating unencrypted TCP connections.
- Dial func(network, addr string) (net.Conn, error)
+ Dial func(ctx context.Context, network, address string) (net.Conn, error)
}
// ImpersonationConfig has all the available impersonation options
@@ -78,12 +88,25 @@ func (c *Config) HasBasicAuth() bool {
// HasTokenAuth returns whether the configuration has token authentication or not.
func (c *Config) HasTokenAuth() bool {
- return len(c.BearerToken) != 0
+ return len(c.BearerToken) != 0 || len(c.BearerTokenFile) != 0
}
// HasCertAuth returns whether the configuration has certificate authentication or not.
func (c *Config) HasCertAuth() bool {
- return len(c.TLS.CertData) != 0 || len(c.TLS.CertFile) != 0
+ return (len(c.TLS.CertData) != 0 || len(c.TLS.CertFile) != 0) && (len(c.TLS.KeyData) != 0 || len(c.TLS.KeyFile) != 0)
+}
+
+// HasCertCallbacks returns whether the configuration has certificate callback or not.
+func (c *Config) HasCertCallback() bool {
+ return c.TLS.GetCert != nil
+}
+
+// Wrap adds a transport middleware function that will give the caller
+// an opportunity to wrap the underlying http.RoundTripper prior to the
+// first API call being made. The provided function is invoked after any
+// existing transport wrappers are invoked.
+func (c *Config) Wrap(fn WrapperFunc) {
+ c.WrapTransport = Wrappers(c.WrapTransport, fn)
}
// TLSConfig holds the information needed to set up a TLS transport.
@@ -98,4 +121,6 @@ type TLSConfig struct {
CAData []byte // Bytes of the PEM-encoded server trusted root certificates. Supercedes CAFile.
CertData []byte // Bytes of the PEM-encoded client certificate. Supercedes CertFile.
KeyData []byte // Bytes of the PEM-encoded client key. Supercedes KeyFile.
+
+ GetCert func() (*tls.Certificate, error) // Callback that returns a TLS client certificate. CertData, CertFile, KeyData and KeyFile supercede this field.
}