obmarg / kazan

Kubernetes API client for Elixir
https://hex.pm/packages/kazan
MIT License
140 stars 35 forks source link

Cannot read config #64

Closed ghost closed 5 years ago

ghost commented 5 years ago
iex(3)> server = Kazan.Server.from_kubeconfig(System.user_home <> "/.kube/config")
** (FunctionClauseError) no function clause matching in Kazan.Server.get_cert/2    

    The following arguments were given to Kazan.Server.get_cert/2:

        # 1
        %{"insecure-skip-tls-verify" => true, "server" => "https://localhost:6443"}

        # 2 
        "/Users/b/.kube"

    Attempted function clauses (showing 2 out of 2):

        defp get_cert(%{"certificate-authority" => certfile}, basepath)
        defp get_cert(%{"certificate-authority-data" => certdata}, _)

    (kazan) lib/kazan/server.ex:255: Kazan.Server.get_cert/2
    (kazan) lib/kazan/server.ex:57: Kazan.Server.from_kubeconfig/2
jessiahr commented 5 years ago

I am also hitting this issue.

ghost commented 5 years ago

I'm running docker for mac - ~/.kube/config is :

apiVersion: v1
clusters:
- cluster:
    insecure-skip-tls-verify: true
    server: https://localhost:6443
  name: docker-desktop
contexts:
- context:
    cluster: docker-desktop
    user: docker-desktop
  name: docker-desktop
- context:
    cluster: docker-desktop
    user: docker-desktop
  name: docker-for-desktop
current-context: docker-desktop
kind: Config
preferences: {}
users:
- name: docker-desktop
  user:
    client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5RENDQWR5Z0F3SUJBZ0lJVHpxQjAwUFVnell3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB4T1RBMk1URXhOVFV6TWpoYUZ3MHlNREEyTVRFd09EVTRNek5hTURZeApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1Sc3dHUVlEVlFRREV4SmtiMk5yWlhJdFptOXlMV1JsCmMydDBiM0F3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQ3JxbDIyY2t3UXFqZzIKa3JWeUVPSUplMXlqYktXSFJibmRWUG1HWGZNZDNLYjZFQ2puanljd29pZGVKNkhwekRnaGU5anUvVHA0QnhYTQpxSFk4OTQ5UjNpeFRUVTNBMnp3cFBMUm9BOUMxYURsQWFQNEJSc0tKbThjbzJpcUlBYkROcjNsYkxEY3BoWlJXCkhuTDZFVng5WjZ4bm1FY2cyREpRUk4zVVU0cEJleVJoN1ovUExmdEw0SW0zMFpNcnl4WnFBM0JqdDQrL1ZJWVQKWFVrNEViRzVUV21iY3VMTURIU01pc2MwY05BaFRXMG4raG9pUDJ6WHdjbkNSdmdxanhCZi9rcExneHVVTFJ3WApkK1p5N3hiWDJDZWhiMmtPVFZkbktjeDdMOUhxbEZoYXQ1c3RMTFdDalVVa21INFFxRW9wb2o4dFk4ajdCbUpsCjJjSm91NjZWQWdNQkFBR2pKekFsTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUVEREFLQmdnckJnRUYKQlFjREFqQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFSc1VGUUorN0RPOGowWUVyeFpRS3BsZkkxeFNaZ1FiaApTNVpCTXlJVWkrdHRYNExHd243ZHh0YTMxQ1IvN01tZEFEQ0xiVkxNa213alJ4b1NJZXpwVVFoSUROdjZYNzVSCis3RHRoR0tKbW4zeVhSMXRMdGsxZlYxT2hEUTl1aDdYTUU3WDZUWks3aWs5YUU2cU5YS0xZejNZRGsvbG1kZXEKaXM4ZGUveEMvRFN5UTZuWDFmc3B3V3c0YkZtWUdMdUxCYjVtbnMrSmhzbVZsbERlQmtOUGhvMlc3amVSU1Z1NApzVlpFZlMwWkxnN2E1MnIwNHduSHJBUEY2NFJxYStWVHV5NjlLZmNaUEt2K0ZzVTBTVnN5cnhrd0JIb2ttU0hFCkNqNkozcTlRTm5NRWhLandBMzZPVVN3Mk5GcFpZSzdLRUVVVTNDQ1NrSFJleENkalkvUHJPQT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBcTZwZHRuSk1FS280TnBLMWNoRGlDWHRjbzJ5bGgwVzUzVlQ1aGwzekhkeW0raEFvCjU0OG5NS0luWGllaDZjdzRJWHZZN3YwNmVBY1Z6S2gyUFBlUFVkNHNVMDFOd05zOEtUeTBhQVBRdFdnNVFHaisKQVViQ2ladkhLTm9xaUFHd3phOTVXeXczS1lXVVZoNXkraEZjZldlc1o1aEhJTmd5VUVUZDFGT0tRWHNrWWUyZgp6eTM3UytDSnQ5R1RLOHNXYWdOd1k3ZVB2MVNHRTExSk9CR3h1VTFwbTNMaXpBeDBqSXJITkhEUUlVMXRKL29hCklqOXMxOEhKd2tiNEtvOFFYLzVLUzRNYmxDMGNGM2ZtY3U4VzE5Z25vVzlwRGsxWFp5bk1leS9SNnBSWVdyZWIKTFN5MWdvMUZKSmgrRUtoS0thSS9MV1BJK3daaVpkbkNhTHV1bFFJREFRQUJBb0lCQUQ4WHU1K3R2SVUzZXJlYwpEakloUUdLSnc0K1JBL21HeC93d0doR25nQTVPcGRRc2trd2hFaDlPeWJkU1M3RVpUTndKbjc2ZXRabWR5UVpTCk9EcktKaFBKMjNLMmE4aGhDMmlBbGpIUWpTblBaNU5qdzArR3lVTTRUT2VYMzUvak55OHh1aUduUzVMb05JKysKV3pYTG9ibTVtK1RyVStFZmRNYUp1Um9ycGhuUVpUcm5xd1hpdEZGcVY4NjF2RHdhbTIzSm01dWl5eE1EaHBqOApneC9SYlNkVnJnWXZia2wrbEozajBBeFRJSTcrQU4wWmEwQndRNXZvVzF5c2VwY3FZM3FDRFlkQnZ1K0dKaFl5CnJEUW1DcDY4SmVsTGtEcURMK2JUMThWT2RURXkvYkdCRlJqTlpOZ2ZhblpGYitrS0YwOFY5S3J2VUJJRTF6NjUKRStHRWZpRUNnWUVBM3JJdVZBK2pQbHNXQ1g0QkNzZW9xUGRwQ1BnUUFISTVHcG56WUdzUEtSQmJUWVhpbUZGbgp6YUlLQ0FHMERhOUw4OW9WTzFYVHNuQ3BmVVhFckhVYTUwYnNFZnNpa3dBN0hHc3l0NTBIL1ZjQTBDUVlxUG9HClc1elJKVHNKNjRsWFB3Nmw0Mkc4SWxXUUR4Z0ZpN2FRRlRTSTE3TnFOaWtwNlF4RGFkTXlQR2tDZ1lFQXhWYUEKKzk4eUNJNzczY0MrWVdpcDY0WnNtbWF2MmxFUXBhTDZySkZSQUc1VlZJZ2VtTUdRNzRYQkZHUlRqWWJNanRDRgpnQkpJNDNxSXZkczlRS1lRZmw1Y2FpVmlJdVZJRklXTE9vOXZnTzJYUEpCV1FYOU1XS3RwRnJUUGluNGFUYTJRClFzVDd0aTNwTnFCWlJzYmM2S1UvU1JkK3FMWFFnN3BIVnpUdkMwMENnWUVBMHNXNTYzM1JkNWNtU0YybUJ0bnAKMitJdTIzcE5TdDdSQlVob2ZQMVhIL3FITDl4a0Z0NFZiUjdNZDcrRTl0N08rRUdVanRBd3lWYXdWQXpRbEpsUgptVXdhNnZuU1EyZVlpdEU2ODJZQXhkcXV2bEVydGVMT1dhOFdsREpJdFZFTDduYWlzNDh4VFIzR2QwSzVIUDd4ClorQ05FL3FQc0N0TnEzRWI3UEVqUHVFQ2dZQXd1UFB0dkNUSlVpeERpeFEyVHJZdGJhb2cwUnU0Qm0zYXg0dW0KMGRZekNnck5iVEpJdXZvQytYNDdmNjNWY3FQTTJ4VXJFdGltT1puTGJuY0lJRGhRU3hIOEx6QzB0dkYrQjU3aApuWXFGUmFRaWt1eUpEVm9YUm5NUzVSK2M3UmVuZUNQM0tGV1JuSEpKUjN2amFyUWVTTGFBWUdtb1ZBT2drbnlNCnZvZ0t2UUtCZ1FDelQyTzFveWwxR1VlZVNMQ25DbVJmZlZYSW1aRWhueTN2WFpwZzQ5aG1hWEpMcjUyMC9lUy8KQzVWdThTeGhaLzRpS3gzTVNPNU9lNlpRVitZRnN5a2FnZGhVMUprMFZjbHZXWUdhcjkxWUU1MmpUVlVyOEFqSApWREFFM2RCLzVIamVqeW9BVmpPV1l2Y2NSRUNEZ2hhaFUwcUVpMGthM0ZHcEdLR0JxRzI4bmc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
obmarg commented 5 years ago

Hi @bryanhuntesl - sorry, missed this yesterday, otherwise i would have replied sooner.

Looks like you might have a config style that i've not previously encountered, where the cluster config is missing a CA cert. Since you have insecure-skip-tls-verify: true this shouldn't matter - perhaps I need to add a case where it ignores the missing cert if this is set to true.

As a workaround in the meantime, you could probably put an empty certificate-authority-data: entry in your cluster config - suspect that'd work.