What happened (please include outputs or screenshots):
➜ k8s-exec /usr/local/Cellar/python/3.7.4_1/bin/python3 ./kubectl-exec.py
/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py:847: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
InsecureRequestWarning)
Traceback (most recent call last):
File "./kubectl-exec.py", line 9, in <module>
config.load_kube_config()
File "/usr/local/lib/python3.7/site-packages/kubernetes/config/kube_config.py", line 667, in load_kube_config
loader.load_and_set(config)
File "/usr/local/lib/python3.7/site-packages/kubernetes/config/kube_config.py", line 474, in load_and_set
self._load_authentication()
File "/usr/local/lib/python3.7/site-packages/kubernetes/config/kube_config.py", line 205, in _load_authentication
if self._load_auth_provider_token():
File "/usr/local/lib/python3.7/site-packages/kubernetes/config/kube_config.py", line 224, in _load_auth_provider_token
return self._load_oid_token(provider)
File "/usr/local/lib/python3.7/site-packages/kubernetes/config/kube_config.py", line 325, in _load_oid_token
self._refresh_oidc(provider)
File "/usr/local/lib/python3.7/site-packages/kubernetes/config/kube_config.py", line 375, in _refresh_oidc
'client_secret': provider['config']['client-secret']
File "/usr/local/lib/python3.7/site-packages/kubernetes/config/kube_config.py", line 512, in __getitem__
% (key, self.name))
kubernetes.config.config_exception.ConfigException: Invalid kube-config file. Expected key client-secret in ...
What you expected to happen:
No error
How to reproduce it (as minimally and precisely as possible):
- Setup an OIDC IdP with a public endpoint
- Integrate with your API server
- Generate a kube config using the configuration with NO
client-secret
- Use the API
Anything else we need to know?:
client-secret is optional and should not be considered to be required. As a workaround adding en empty client-secret works
Environment:
- Kubernetes version (
kubectl version):
Client Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.0", GitCommit:"70132b0f130acc0bed193d9ba59dd186f0e634cf", GitTreeState:"clean", BuildDate:"2019-12-13T11:52:32Z", GoVersion:"go1.13.4", Compiler:"gc", Platform:"darwin/amd64"}
- OS (e.g., MacOS 10.13.6):
MacOS Catalina
- Python version (
python --version)
3.7.4
- Python client version (
pip list | grep kubernetes)
11.0.0b2
What happened (please include outputs or screenshots):
What you expected to happen:
No error
How to reproduce it (as minimally and precisely as possible):
client-secretAnything else we need to know?:
client-secretis optional and should not be considered to be required. As a workaround adding en emptyclient-secretworksEnvironment:
kubectl version):Client Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.0", GitCommit:"70132b0f130acc0bed193d9ba59dd186f0e634cf", GitTreeState:"clean", BuildDate:"2019-12-13T11:52:32Z", GoVersion:"go1.13.4", Compiler:"gc", Platform:"darwin/amd64"}
MacOS Catalina
python --version)3.7.4
pip list | grep kubernetes)11.0.0b2