tessl/npm-kubernetes--client-node
Comprehensive Node.js client library for interacting with Kubernetes clusters with full API coverage and TypeScript support
—
Pending
Quality
Pending
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Securityby
Pending
The risk profile of this skill
configuration.mddocs/
Configuration and Authentication
Configuration management and authentication for Kubernetes cluster access. The library supports multiple authentication methods, flexible configuration loading, and various cloud provider integrations.
Capabilities
KubeConfig Class
Central configuration class for managing Kubernetes cluster connections, user credentials, and contexts.
/**
* Main configuration class for Kubernetes cluster access
*/
class KubeConfig {
/** Load configuration from default locations (kubeconfig file, environment, in-cluster) */
loadFromDefault(options?: Partial<ConfigOptions>): void;
/** Load configuration from a specific kubeconfig file */
loadFromFile(file: string, opts?: Partial<ConfigOptions>): void;
/** Load configuration from a YAML string */
loadFromString(config: string, opts?: Partial<ConfigOptions>): void;
/** Load in-cluster service account configuration */
loadFromCluster(): void;
/** Load configuration from options object */
loadFromOptions(options: any): void;
/** Create a typed API client instance */
makeApiClient<T>(apiClientType: ApiType<T>): T;
/** Apply authentication to HTTPS request options */
applyToHTTPSOptions(opts: https.RequestOptions | WebSocket.ClientOptions): Promise<void>;
/** Apply authentication to fetch options */
applyToFetchOptions(opts: https.RequestOptions): Promise<RequestInit>;
/** Available clusters */
clusters: Cluster[];
/** Available users */
users: User[];
/** Available contexts */
contexts: Context[];
/** Active context name */
currentContext: string;
/** Get all contexts */
getContexts(): Context[];
/** Get all clusters */
getClusters(): Cluster[];
/** Get all users */
getUsers(): User[];
/** Get current context name */
getCurrentContext(): string;
/** Set current context */
setCurrentContext(context: string): void;
/** Get context object by name */
getContextObject(name: string): Context | null;
/** Get current cluster */
getCurrentCluster(): Cluster | null;
/** Get cluster by name */
getCluster(name: string): Cluster | null;
/** Get current user */
getCurrentUser(): User | null;
/** Get user by name */
getUser(name: string): User | null;
}Usage Examples:
import { KubeConfig, CoreV1Api } from '@kubernetes/client-node';
// Load from default location
const kc = new KubeConfig();
kc.loadFromDefault();
// Load from specific file
kc.loadFromFile('/path/to/kubeconfig');
// Load from YAML string
const yamlConfig = `
apiVersion: v1
clusters:
- cluster:
server: https://k8s.example.com
name: my-cluster
contexts:
- context:
cluster: my-cluster
user: my-user
name: my-context
current-context: my-context
users:
- name: my-user
user:
token: my-token
`;
kc.loadFromString(yamlConfig);
// Load in-cluster config (for pods running in Kubernetes)
kc.loadFromCluster();
// Create API client
const k8sApi = kc.makeApiClient(CoreV1Api);Configuration Types
Type definitions for cluster, user, and context configuration.
interface ConfigOptions {
/** How to handle invalid configuration entries */
onInvalidEntry: ActionOnInvalid;
}
interface Cluster {
/** Cluster name */
name: string;
/** API server URL */
server: string;
/** Certificate authority data (base64) */
caData?: string;
/** Certificate authority file path */
caFile?: string;
/** TLS server name for SNI */
tlsServerName?: string;
/** Skip TLS verification */
skipTLSVerify: boolean;
/** Proxy URL for cluster access */
proxyUrl?: string;
}
interface User {
/** User name */
name: string;
/** Authentication token */
token?: string;
/** Client certificate data (base64) */
certData?: string;
/** Client certificate file path */
certFile?: string;
/** Client key data (base64) */
keyData?: string;
/** Client key file path */
keyFile?: string;
/** Username for basic auth */
username?: string;
/** Password for basic auth */
password?: string;
/** Authentication provider configuration */
authProvider?: any;
/** Exec credential configuration */
exec?: any;
/** Impersonate user */
impersonateUser?: string;
}
interface Context {
/** Context name */
name: string;
/** Cluster name to use */
cluster: string;
/** User name to use */
user: string;
/** Default namespace */
namespace?: string;
}
const ActionOnInvalid = {
THROW: 'throw',
FILTER: 'filter'
} as const;
type ActionOnInvalid = typeof ActionOnInvalid[keyof typeof ActionOnInvalid];Configuration Utilities
Utility functions for working with configuration objects.
/**
* Create cluster array from configuration data
*/
function newClusters(a: any, opts?: Partial<ConfigOptions>): Cluster[];
/**
* Create user array from configuration data
*/
function newUsers(a: any, opts?: Partial<ConfigOptions>): User[];
/**
* Create context array from configuration data
*/
function newContexts(a: any, opts?: Partial<ConfigOptions>): Context[];
/**
* Export cluster to configuration format
*/
function exportCluster(cluster: Cluster): any;
/**
* Export user to configuration format
*/
function exportUser(user: User): any;
/**
* Export context to configuration format
*/
function exportContext(context: Context): any;
/**
* Make an absolute file path
*/
function makeAbsolutePath(root: string, file: string): string;
/**
* Load buffer from file or string
*/
function bufferFromFileOrString(file?: string, data?: string): Buffer | null;
/**
* Find user home directory
*/
function findHomeDir(platform?: string): string | null;
/**
* Find named object in list
*/
function findObject<T>(list: T[], name: string, key: string): T | null;Authentication Providers
The library includes support for various authentication providers through the Authenticator interface.
interface Authenticator {
/** Check if this authenticator handles the user configuration */
isAuthProvider(user: User): boolean;
/** Apply authentication to request options */
applyAuthentication(user: User, opts: any): Promise<void>;
}Available Authentication Providers:
- AzureAuth: Azure Active Directory authentication
- GoogleCloudPlatformAuth: Google Cloud authentication
- OpenIDConnectAuth: OIDC authentication
- ExecAuth: External command authentication
- FileAuth: File-based token authentication
Usage Example:
import { KubeConfig, GoogleCloudPlatformAuth } from '@kubernetes/client-node';
const kc = new KubeConfig();
kc.loadFromDefault();
// Authentication is automatically handled when making API calls
const k8sApi = kc.makeApiClient(CoreV1Api);
const pods = await k8sApi.listNamespacedPod('default');In-Cluster Configuration
For applications running inside Kubernetes pods, the library can automatically load service account credentials.
import { KubeConfig } from '@kubernetes/client-node';
// This loads the service account token and CA certificate
// from the standard locations: /var/run/secrets/kubernetes.io/serviceaccount/
const kc = new KubeConfig();
kc.loadFromCluster();
const k8sApi = kc.makeApiClient(CoreV1Api);Error Handling
Authentication errors and configuration issues are reported through standard JavaScript errors.
import { KubeConfig } from '@kubernetes/client-node';
try {
const kc = new KubeConfig();
kc.loadFromFile('/invalid/path/kubeconfig');
} catch (error) {
console.error('Configuration error:', error.message);
}Configuration Examples
Multi-cluster configuration:
const kc = new KubeConfig();
kc.loadFromDefault();
// Switch between contexts
kc.currentContext = 'production-cluster';
const prodApi = kc.makeApiClient(CoreV1Api);
kc.currentContext = 'staging-cluster';
const stagingApi = kc.makeApiClient(CoreV1Api);Custom authentication:
const kc = new KubeConfig();
kc.loadFromOptions({
clusters: [{
name: 'my-cluster',
server: 'https://k8s.example.com',
skipTLSVerify: false
}],
users: [{
name: 'my-user',
token: 'bearer-token-here'
}],
contexts: [{
name: 'my-context',
cluster: 'my-cluster',
user: 'my-user',
namespace: 'my-namespace'
}],
currentContext: 'my-context'
});