def _load_from_exec_plugin(self): """ We override _load_from_exec_plugin method to also read and store expiration timestamp for aws-iam-authenticator. It will be later used for api token refresh. """ if 'exec' not in self._user: return None try: status = ExecProvider(self._user['exec']).run() if 'token' not in status: logging.error('exec: missing token field in plugin output') return None self.token = f"Bearer {status['token']}" # pylint: disable=W0201 ts_str = status.get('expirationTimestamp') if ts_str: self.api_key_expire_ts = _parse_timestamp(ts_str) return True except Exception as e: # pylint: disable=W0703 logging.error(str(e)) return None
def _load_from_exec_plugin(self): if 'exec' not in self._user: return try: status = ExecProvider(self._user['exec']).run() if 'token' not in status: logging.error('exec: missing token field in plugin output') return None self.token = "Bearer %s" % status['token'] return True except Exception as e: logging.error(str(e))
def _load_from_exec_plugin(self): """ We override _load_from_exec_plugin method to also read and store expiration timestamp for aws-iam-authenticator. It will be later used for api token refresh. """ if 'exec' not in self._user: return None try: status = ExecProvider(self._user['exec']).run() if 'token' not in status: logging.error('exec: missing token field in plugin output') return None self.token = "Bearer %s" % status['token'] # pylint: disable=W0201 ts_str = status.get('expirationTimestamp') if ts_str: self.api_key_expire_ts = calendar.timegm( datetime.strptime(ts_str, "%Y-%m-%dT%H:%M:%S%z").timetuple(), ) return True except Exception as e: # pylint: disable=W0703 logging.error(str(e))
def _load_from_exec_plugin(self): if 'exec' not in self._user: return try: base_path = self._get_base_path(self._cluster.path) status = ExecProvider(self._user['exec'], base_path).run() if 'token' in status: self.token = "Bearer %s" % status['token'] elif 'clientCertificateData' in status: # https://kubernetes.io/docs/reference/access-authn-authz/authentication/#input-and-output-formats # Plugin has provided certificates instead of a token. if 'clientKeyData' not in status: logging.error('exec: missing clientKeyData field in ' 'plugin output') return None self.cert_file = FileOrData( status, None, data_key_name='clientCertificateData', file_base_path=base_path, base64_file_content=False, temp_file_path=self._temp_file_path).as_file() self.key_file = FileOrData( status, None, data_key_name='clientKeyData', file_base_path=base_path, base64_file_content=False, temp_file_path=self._temp_file_path).as_file() else: logging.error('exec: missing token or clientCertificateData ' 'field in plugin output') return None if 'expirationTimestamp' in status: self.expiry = parse_rfc3339(status['expirationTimestamp']) return True except Exception as e: logging.error(str(e))