diff --git a/cli/command/context/options.go b/cli/command/context/options.go index 977926397469..2f0b0084e85d 100644 --- a/cli/command/context/options.go +++ b/cli/command/context/options.go @@ -2,8 +2,6 @@ package context import ( "fmt" - "os" - "path/filepath" "strconv" "strings" @@ -13,7 +11,6 @@ import ( "github.com/docker/cli/cli/context/kubernetes" "github.com/docker/cli/cli/context/store" "github.com/docker/docker/client" - "github.com/docker/docker/pkg/homedir" "github.com/pkg/errors" ) @@ -186,12 +183,7 @@ func getKubernetesEndpoint(dockerCli command.Cli, config map[string]string) (*ku return &res, nil } - // fallback to env-based kubeconfig - kubeconfig := os.Getenv("KUBECONFIG") - if kubeconfig == "" { - kubeconfig = filepath.Join(homedir.Get(), ".kube/config") - } - ep, err := kubernetes.FromKubeConfig(kubeconfig, "", "") + ep, err := kubernetes.FromKubeConfig("", "", "") if err != nil { return nil, err } diff --git a/cli/context/kubernetes/load.go b/cli/context/kubernetes/load.go index 99f2a00ea0ca..4b759dd7d0f3 100644 --- a/cli/context/kubernetes/load.go +++ b/cli/context/kubernetes/load.go @@ -1,14 +1,10 @@ package kubernetes import ( - "os" - "path/filepath" - "github.com/docker/cli/cli/command" "github.com/docker/cli/cli/context" "github.com/docker/cli/cli/context/store" api "github.com/docker/compose-on-kubernetes/api" - "github.com/docker/docker/pkg/homedir" "github.com/pkg/errors" "k8s.io/client-go/tools/clientcmd" clientcmdapi "k8s.io/client-go/tools/clientcmd/api" @@ -22,6 +18,7 @@ type EndpointMeta struct { AuthProvider *clientcmdapi.AuthProviderConfig `json:",omitempty"` Exec *clientcmdapi.ExecConfig `json:",omitempty"` UsernamePassword *UsernamePassword `json:"usernamePassword,omitempty"` + Token string `json:"token,omitempty"` } // UsernamePassword contains username/password auth info @@ -64,6 +61,7 @@ func (c *Endpoint) KubernetesConfig() clientcmd.ClientConfig { cluster.Server = c.Host cluster.InsecureSkipTLSVerify = c.SkipTLSVerify authInfo := clientcmdapi.NewAuthInfo() + authInfo.Token = c.Token if c.TLSData != nil { cluster.CertificateAuthorityData = c.TLSData.CA authInfo.ClientCertificateData = c.TLSData.Cert @@ -89,11 +87,7 @@ func (c *Endpoint) KubernetesConfig() clientcmd.ClientConfig { // ResolveDefault returns endpoint metadata for the default Kubernetes // endpoint, which is derived from the env-based kubeconfig. func (c *EndpointMeta) ResolveDefault(stackOrchestrator command.Orchestrator) (interface{}, *store.EndpointTLSData, error) { - kubeconfig := os.Getenv("KUBECONFIG") - if kubeconfig == "" { - kubeconfig = filepath.Join(homedir.Get(), ".kube/config") - } - kubeEP, err := FromKubeConfig(kubeconfig, "", "") + kubeEP, err := FromKubeConfig("", "", "") if err != nil { if stackOrchestrator == command.OrchestratorKubernetes || stackOrchestrator == command.OrchestratorAll { return nil, nil, errors.Wrapf(err, "default orchestrator is %s but unable to resolve kubernetes endpoint", stackOrchestrator) diff --git a/cli/context/kubernetes/save.go b/cli/context/kubernetes/save.go index 032a01d46ab9..4183db464ac1 100644 --- a/cli/context/kubernetes/save.go +++ b/cli/context/kubernetes/save.go @@ -10,8 +10,13 @@ import ( // FromKubeConfig creates a Kubernetes endpoint from a Kubeconfig file func FromKubeConfig(kubeconfig, kubeContext, namespaceOverride string) (Endpoint, error) { + loadingRules := clientcmd.NewDefaultClientConfigLoadingRules() + if kubeconfig != "" { + loadingRules = &clientcmd.ClientConfigLoadingRules{ExplicitPath: kubeconfig} + } + cfg := clientcmd.NewNonInteractiveDeferredLoadingClientConfig( - &clientcmd.ClientConfigLoadingRules{ExplicitPath: kubeconfig}, + loadingRules, &clientcmd.ConfigOverrides{CurrentContext: kubeContext, Context: clientcmdapi.Context{Namespace: namespaceOverride}}) ns, _, err := cfg.Namespace() if err != nil { @@ -56,6 +61,7 @@ func FromKubeConfig(kubeconfig, kubeContext, namespaceOverride string) (Endpoint AuthProvider: clientcfg.AuthProvider, Exec: clientcfg.ExecProvider, UsernamePassword: usernamePassword, + Token: clientcfg.BearerToken, }, TLSData: tlsData, }, nil