public static KubernetesClientConfiguration InClusterConfig()
        {
            if (!IsInCluster())
            {
                var local = LocalClusterConfig();
                if (local is null)
                {
                    throw new KubeConfigException("unable to load in-cluster configuration token and ca.crt must exists, KUBERNETES_SERVICE_HOST and KUBERNETES_SERVICE_PORT must be defined");
                }

                return(local);
            }

            var token      = File.ReadAllText(Path.Combine(ServiceAccountPath, ServiceAccountTokenKeyFileName));
            var rootCAFile = Path.Combine(ServiceAccountPath, ServiceAccountRootCAKeyFileName);

            var host = Environment.GetEnvironmentVariable("KUBERNETES_SERVICE_HOST");
            var port = Environment.GetEnvironmentVariable("KUBERNETES_SERVICE_PORT");

            return(new KubernetesClientConfiguration
            {
                Host = new UriBuilder("https", host, Convert.ToInt32(port)).ToString(),
                AccessToken = token,
                SslCaCerts = CertUtils.LoadPemFileCert(rootCAFile)
            });
        }
Ejemplo n.º 2
0
        public void InvalidBundleCert()
        {
            var caCert   = CertUtils.LoadPemFileCert("assets/ca-bundle.crt");
            var testCert = new X509Certificate2("assets/ca2.crt");
            var chain    = new X509Chain();
            var errors   = SslPolicyErrors.RemoteCertificateChainErrors;

            var result = Kubernetes.CertificateValidationCallBack(this, caCert, testCert, chain, errors);

            Assert.False(result);
        }
Ejemplo n.º 3
0
        public void LoadPemWithMultiCert()
        {
            var certCollection = CertUtils.LoadPemFileCert("assets/ca-bundle.crt");

            var intermediateCert = new X509Certificate2("assets/ca-bundle-intermediate.crt");
            var rootCert         = new X509Certificate2("assets/ca-bundle-root.crt");

            Assert.Equal(2, certCollection.Count);

            Assert.True(certCollection[0].RawData.SequenceEqual(intermediateCert.RawData));
            Assert.True(certCollection[1].RawData.SequenceEqual(rootCert.RawData));
        }
Ejemplo n.º 4
0
        public void ValidBundleCert()
        {
            var caCert = CertUtils.LoadPemFileCert("assets/ca-bundle.crt");

            // Load the intermediate cert
            //
            var testCert = caCert[0];
            var chain    = new X509Chain();
            var errors   = SslPolicyErrors.RemoteCertificateChainErrors;

            var result = Kubernetes.CertificateValidationCallBack(this, caCert, testCert, chain, errors);

            Assert.True(result);
        }
Ejemplo n.º 5
0
        public void LoadPemWithMultiCert()
        {
            var cert = CertUtils.LoadPemFileCert("assets/ca3.crt");

            Assert.NotNull(cert.PublicKey);
        }