From 459cb72bc620b5b281ad7016f9653fb49a5b72c9 Mon Sep 17 00:00:00 2001 From: Mike Danese Date: Tue, 14 May 2019 09:29:16 -0700 Subject: [PATCH] BoundServiceAccountTokenVolume: fix InClusterConfig Kubernetes-commit: 4198f28855cbda6dac61408fcba6f2d576a9347c --- rest/transport.go | 7 ++++--- tools/clientcmd/client_config.go | 2 ++ 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/rest/transport.go b/rest/transport.go index bd5749dc..de33ecbf 100644 --- a/rest/transport.go +++ b/rest/transport.go @@ -74,9 +74,10 @@ func (c *Config) TransportConfig() (*transport.Config, error) { KeyFile: c.KeyFile, KeyData: c.KeyData, }, - Username: c.Username, - Password: c.Password, - BearerToken: c.BearerToken, + Username: c.Username, + Password: c.Password, + BearerToken: c.BearerToken, + BearerTokenFile: c.BearerTokenFile, Impersonate: transport.ImpersonationConfig{ UserName: c.Impersonate.UserName, Groups: c.Impersonate.Groups, diff --git a/tools/clientcmd/client_config.go b/tools/clientcmd/client_config.go index 878e0df7..c62ee03c 100644 --- a/tools/clientcmd/client_config.go +++ b/tools/clientcmd/client_config.go @@ -228,6 +228,7 @@ func (config *DirectClientConfig) getUserIdentificationPartialConfig(configAuthI // blindly overwrite existing values based on precedence if len(configAuthInfo.Token) > 0 { mergedConfig.BearerToken = configAuthInfo.Token + mergedConfig.BearerTokenFile = configAuthInfo.TokenFile } else if len(configAuthInfo.TokenFile) > 0 { tokenBytes, err := ioutil.ReadFile(configAuthInfo.TokenFile) if err != nil { @@ -491,6 +492,7 @@ func (config *inClusterClientConfig) ClientConfig() (*restclient.Config, error) } if token := config.overrides.AuthInfo.Token; len(token) > 0 { icc.BearerToken = token + icc.BearerTokenFile = "" } if certificateAuthorityFile := config.overrides.ClusterInfo.CertificateAuthority; len(certificateAuthorityFile) > 0 { icc.TLSClientConfig.CAFile = certificateAuthorityFile