feat: parse kubeconfig for bearer_token_file

Author: jperville

lib/kubeclient/config.rb

@@ -173,7 +173,9 @@ def fetch_user_key_data(user)
 
     def fetch_user_auth_options(user)
       options = {}
-      if user.key?('token')
+      if user.key?('tokenFile')
+        options[:bearer_token_file] = user['tokenFile']
+      elsif user.key?('token')
         options[:bearer_token] = user['token']
       elsif user.key?('exec_result') && user['exec_result'].key?('token')
         options[:bearer_token] = user['exec_result']['token']

test/config/userauth.kubeconfig

@@ -9,6 +9,11 @@ contexts:
     namespace: default
     user: system:admin:token
   name: localhost/system:admin:token
+- context:
+    cluster: localhost:6443
+    namespace: default
+    user: system:admin:token-file
+  name: localhost/system:admin:token-file
 - context:
     cluster: localhost:6443
     namespace: default
@@ -21,6 +26,9 @@ users:
 - name: system:admin:token
   user:
     token: 0123456789ABCDEF0123456789ABCDEF
+- name: system:admin:token-file
+  user:
+    tokenFile: /path/to/secret/token
 - name: system:admin:userpass
   user:
     username: admin

test/test_config.rb

@@ -98,18 +98,35 @@ def test_nouser
   def test_user_token
     config = Kubeclient::Config.read(config_file('userauth.kubeconfig'))
     assert_equal(
-      ['localhost/system:admin:token', 'localhost/system:admin:userpass'],
+      ['localhost/system:admin:token',
+       'localhost/system:admin:token-file',
+       'localhost/system:admin:userpass'],
       config.contexts
     )
     context = config.context('localhost/system:admin:token')
     check_context(context, ssl: true, custom_ca: false, client_cert: false)
     assert_equal('0123456789ABCDEF0123456789ABCDEF', context.auth_options[:bearer_token])
   end
 
+  def test_user_token_file
+    config = Kubeclient::Config.read(config_file('userauth.kubeconfig'))
+    assert_equal(
+      ['localhost/system:admin:token',
+       'localhost/system:admin:token-file',
+       'localhost/system:admin:userpass'],
+      config.contexts
+    )
+    context = config.context('localhost/system:admin:token-file')
+    check_context(context, ssl: true, custom_ca: false, client_cert: false)
+    assert_equal('/path/to/secret/token', context.auth_options[:bearer_token_file])
+  end
+
   def test_user_password
     config = Kubeclient::Config.read(config_file('userauth.kubeconfig'))
     assert_equal(
-      ['localhost/system:admin:token', 'localhost/system:admin:userpass'],
+      ['localhost/system:admin:token',
+       'localhost/system:admin:token-file',
+       'localhost/system:admin:userpass'],
       config.contexts
     )
     context = config.context('localhost/system:admin:userpass')