Closed emiran-orange closed 2 years ago
I don't think any of this change is required other then to bump the library and modify it to use bearer token path instead of the token directly. Not This lib depends upon https://github.com/ManageIQ/kubeclient which is where https://github.com/ManageIQ/kubeclient/pull/532 was merged in 2022-Feb-13. Actually, it looks like we could simply bump the dependency and it would already reload the bearer token from the path
Closing as I believe the change merged here https://github.com/fabric8io/fluent-plugin-kubernetes_metadata_filter/pull/330 addresses the issue
No, kubeclient only implemented token refresh on master branch, on top of faraday
+ http
gems, which will one day be released as 5.0 (can't really commit to timing but at current rate of me rarely working on it I'd say at least couple months :disappointed:).
None of the 4.y.z releases — in fact no released version of kubeclient — have token refresh. Options if you want it soon:
v4.y
branch. It uses a different rest-client
gem (+ same http
for watches), so it's not a trivial textual backport.Here is another way of doing it, reactively refresh the token when you get an Unauthorized error: https://github.com/fabric8io/fluent-plugin-kubernetes_metadata_filter/pull/337
Closing in favor of https://github.com/fabric8io/fluent-plugin-kubernetes_metadata_filter/pull/337
Recreate k8s client periodically. As discussed in #327 this seems a better approach than waiting for the token to expire.
NB: I couldn't reopen #326 hence this new PR (sorry for the mess)
Fixes #323