Add Support for Exec-based Credential Plugin in Kustomization Provider #260
+105
−0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Refactor kubeconfig overrides and add expandStringSlice utility with tests
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces support for an exec-based credential plugin in the Kustomization Terraform provider, enhancing its authentication capabilities. The key changes include:
Provider Code Enhancement:
The
kustomize/provider.gofile has been modified to incorporate the exec-based credential configuration. The provider now includes a new configuration block,exec, which supports executing an external command for credential retrieval. The required and optional parameters are handled within the provider's schema.Supporting Functionality:
A new function,
expandStringSlice, has been added tokustomize/structures.goto assist in processing command arguments. This function addresses a Terraform parser issue by converting nil elements in argument lists to empty strings.Unit Testing:
Corresponding unit tests for
expandStringSlicehave been added inkustomize/structures_test.go. These tests ensure that the function correctly handles non-empty strings, nil elements, and empty arrays.Documentation Update:
The documentation has been updated to include the new
execconfiguration block. This block allows users to specify an external command that can be executed to retrieve user credentials using the exec-based credential plugin. Parameters such asapi_version,command,args, andenvare detailed to guide users in configuring this feature.These enhancements provide users with a more flexible authentication mechanism, allowing integration with custom credential providers. This update aligns the provider with modern Kubernetes practices, offering a robust solution for dynamic and secure credential management.