Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[GH-352] kubernetes auth for lookup #353

Draft
wants to merge 12 commits into
base: main
Choose a base branch
from

Conversation

pfeifferj
Copy link
Contributor

@pfeifferj pfeifferj commented Mar 1, 2023

SUMMARY

continuation of pr#220

ISSUE TYPE

Resolves #352
Closes #220

COMPONENT NAME

community.hashi_vault/plugins/lookup

ADDITIONAL INFORMATION

todo:

@github-actions
Copy link

github-actions bot commented Mar 1, 2023

Docs Build 📝

Thank you for contribution!✨

The docs for this PR have been published here:
https://ansible-collections.github.io/community.hashi_vault/pr/353

You can compare to the docs for the main branch here:
https://ansible-collections.github.io/community.hashi_vault/branch/main

The docsite for this PR is also available for download as an artifact from this run:
https://github.com/ansible-collections/community.hashi_vault/actions/runs/4407025680

File changes:

Click to see the diff comparison.

NOTE: only file modifications are shown here. New and deleted files are excluded.
See the file list and check the published docs to see those files.

The diff output was truncated because it exceeded the maximum size.

diff --git a/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/base/collections/community/hashi_vault/hashi_vault_lookup.html b/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/head/collections/community/hashi_vault/hashi_vault_lookup.html
index 1eabb59..48ec29d 100644
--- a/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/base/collections/community/hashi_vault/hashi_vault_lookup.html
+++ b/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/head/collections/community/hashi_vault/hashi_vault_lookup.html
@@ -192,11 +192,19 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;azure&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;jwt&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;cert&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;kubernetes&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;none&quot;</span></code></p></li>
 </ul>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">auth_method = token</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">auth_method = token</span>
 </pre></div>
@@ -235,7 +243,14 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>If specified, sets the value to use for the <code class="docutils literal notranslate"><span class="pre">X-Vault-AWS-IAM-Server-ID</span></code> header as part of <code class="docutils literal notranslate"><span class="pre">GetCallerIdentity</span></code> request.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">aws_iam_server_id = VALUE</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">aws_iam_server_id = VALUE</span>
 </pre></div>
@@ -372,7 +387,15 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>If not specified by any other means, the <code class="docutils literal notranslate"><span class="pre">VAULT_CACERT</span></code> environment variable will be used.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">ca_cert = VALUE</span>
+</pre></div>
+</div>
+<p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">ca_cert = VALUE</span>
 </pre></div>
@@ -436,6 +459,39 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div></td>
 </tr>
 <tr class="row-even"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-kubernetes_token"></div><p class="ansible-option-title" id="ansible-collections-community-hashi-vault-hashi-vault-lookup-parameter-kubernetes-token"><strong>kubernetes_token</strong></p>
+<a class="ansibleOptionLink" href="#parameter-kubernetes_token" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<p><span class="ansible-option-versionadded">added in community.hashi_vault 2.5.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p>The Kubernetes Token (JWT) to use for Kubernetes authentication to Vault.</p>
+<p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
+<ul class="simple">
+<li><p>Environment variable: <span class="target" id="index-21"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_KUBERNETES_TOKEN"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_KUBERNETES_TOKEN</span></code></a></p></li>
+<li><p>Variable: ansible_hashi_vault_kubernetes_token</p></li>
+</ul>
+</div></td>
+</tr>
+<tr class="row-odd"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-kubernetes_token_path"></div><p class="ansible-option-title" id="ansible-collections-community-hashi-vault-hashi-vault-lookup-parameter-kubernetes-token-path"><strong>kubernetes_token_path</strong></p>
+<a class="ansibleOptionLink" href="#parameter-kubernetes_token_path" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<p><span class="ansible-option-versionadded">added in community.hashi_vault 2.5.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p>If no kubernetes_token is specified, will try to read the token from this path.</p>
+<p class="ansible-option-line"><span class="ansible-option-default-bold">Default:</span> <code class="ansible-option-default docutils literal notranslate"><span class="pre">&quot;/var/run/secrets/kubernetes.io/serviceaccount/token&quot;</span></code></p>
+<p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
+<ul>
+<li><p>INI entry:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">kubernetes_token_path = /var/run/secrets/kubernetes.io/serviceaccount/token</span>
+</pre></div>
+</div>
+</li>
+<li><p>Environment variable: <span class="target" id="index-22"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_KUBERNETES_TOKEN_PATH"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_KUBERNETES_TOKEN_PATH</span></code></a></p></li>
+<li><p>Variable: ansible_hashi_vault_kubernetes_token_path</p></li>
+</ul>
+</div></td>
+</tr>
+<tr class="row-even"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-mount_point"></div><p class="ansible-option-title" id="ansible-collections-community-hashi-vault-hashi-vault-lookup-parameter-mount-point"><strong>mount_point</strong></p>
 <a class="ansibleOptionLink" href="#parameter-mount_point" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
@@ -451,7 +507,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.5.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-21"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_MOUNT_POINT"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_MOUNT_POINT</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-23"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_MOUNT_POINT"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_MOUNT_POINT</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.5.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_mount_point</p>
@@ -469,14 +525,22 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>If environment variable <code class="docutils literal notranslate"><span class="pre">VAULT_NAMESPACE</span></code> is set, its value will be used last among all ways to specify <em>namespace</em>.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">namespace = VALUE</span>
+</pre></div>
+</div>
+<p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">namespace = VALUE</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-22"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_NAMESPACE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_NAMESPACE</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-24"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_NAMESPACE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_NAMESPACE</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_namespace</p>
@@ -492,7 +556,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>Authentication password.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>Environment variable: <span class="target" id="index-23"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_PASSWORD"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_PASSWORD</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-25"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_PASSWORD"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_PASSWORD</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_password</p>
@@ -515,14 +579,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>If not specified, <a class="reference external" href="https://requests.readthedocs.io/en/master/user/advanced/#proxies">environment variables from the Requests library</a> are used.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">proxies = VALUE</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">proxies = VALUE</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-24"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_PROXIES"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_PROXIES</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-26"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_PROXIES"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_PROXIES</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_proxies</p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
 </li>
@@ -536,8 +607,8 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>The AWS region for which to create the connection.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul class="simple">
-<li><p>Environment variable: <span class="target" id="index-25"></span><a class="reference internal" href="../../environment_variables.html#envvar-EC2_REGION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">EC2_REGION</span></code></a></p></li>
-<li><p>Environment variable: <span class="target" id="index-26"></span><a class="reference internal" href="../../environment_variables.html#envvar-AWS_REGION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">AWS_REGION</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-27"></span><a class="reference internal" href="../../environment_variables.html#envvar-EC2_REGION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">EC2_REGION</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-28"></span><a class="reference internal" href="../../environment_variables.html#envvar-AWS_REGION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">AWS_REGION</span></code></a></p></li>
 </ul>
 </div></td>
 </tr>
@@ -555,14 +626,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>For detailed information on retries, see the collection User Guide.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">retries = VALUE</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">retries = VALUE</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-27"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_RETRIES"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_RETRIES</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-29"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_RETRIES"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_RETRIES</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_retries</p></li>
 </ul>
 </div></td>
@@ -581,14 +659,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </ul>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">retry_action = warn</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">retry_action = warn</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-28"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_RETRY_ACTION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_RETRY_ACTION</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-30"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_RETRY_ACTION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_RETRY_ACTION</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_retry_action</p></li>
 </ul>
 </div></td>
@@ -620,14 +705,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>For <code class="docutils literal notranslate"><span class="pre">azure</span></code> auth, <em>role_id</em> is required.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">role_id = VALUE</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">role_id = VALUE</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-29"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_ROLE_ID"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_ROLE_ID</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-31"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_ROLE_ID"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_ROLE_ID</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_role_id</p>
@@ -650,7 +742,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>Secret ID to be used for Vault AppRole authentication.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>Environment variable: <span class="target" id="index-30"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_SECRET_ID"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_SECRET_ID</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-32"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_SECRET_ID"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_SECRET_ID</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_secret_id</p>
@@ -668,14 +760,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>If not set, then the <code class="docutils literal notranslate"><span class="pre">hvac</span></code> library’s default is used.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">timeout = VALUE</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">timeout = VALUE</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-31"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TIMEOUT"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TIMEOUT</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-33"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TIMEOUT"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TIMEOUT</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_timeout</p></li>
 </ul>
 </div></td>
@@ -689,7 +788,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>The order of token loading (first found wins) is <code class="docutils literal notranslate"><span class="pre">token</span> <span class="pre">param</span> <span class="pre">-&gt;</span> <span class="pre">ansible</span> <span class="pre">var</span> <span class="pre">-&gt;</span> <span class="pre">ANSIBLE_HASHI_VAULT_TOKEN</span> <span class="pre">-&gt;</span> <span class="pre">VAULT_TOKEN</span> <span class="pre">-&gt;</span> <span class="pre">token</span> <span class="pre">file</span></code>.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>Environment variable: <span class="target" id="index-32"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-34"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_token</p>
@@ -706,14 +805,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p class="ansible-option-line"><span class="ansible-option-default-bold">Default:</span> <code class="ansible-option-default docutils literal notranslate"><span class="pre">&quot;.vault-token&quot;</span></code></p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">token_file = .vault-token</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">token_file = .vault-token</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-33"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_FILE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_FILE</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-35"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_FILE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_FILE</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_token_file</p>
@@ -729,14 +835,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>If no token is specified, will try to read the <em>token_file</em> from this path.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">token_path = VALUE</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">token_path = VALUE</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-34"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_PATH"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_PATH</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-36"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_PATH"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_PATH</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_token_path</p>
@@ -759,14 +872,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </ul>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">token_validate = false</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">token_validate = false</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-35"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_VALIDATE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_VALIDATE</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-37"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_VALIDATE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_VALIDATE</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_token_validate</p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
 </li>
@@ -782,14 +902,21 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>If <code class="docutils literal notranslate"><span class="pre">VAULT_ADDR</span></code> is also not defined then an error will be raised.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>INI entry:</p>
+<li><p>INI entries:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">lookup_hashi_vault</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">url = VALUE</span>
+</pre></div>
+</div>
+<p>Removed in: version 3.0.0</p>
+<p>Why: collection-wide config section</p>
+<p>Alternative: use section [hashi_vault_collection]</p>
 <div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
 <span class="l l-Scalar l-Scalar-Plain">url = VALUE</span>
 </pre></div>
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-36"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_ADDR"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_ADDR</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-38"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_ADDR"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_ADDR</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_url</p>
@@ -808,7 +935,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>Authentication user name.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>Environment variable: <span class="target" id="index-37"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_USERNAME"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_USERNAME</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-39"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_USERNAME"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_USERNAME</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_username</p>
diff --git a/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/base/collections/community/hashi_vault/vault_kv1_get_lookup.html b/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/head/collections/community/hashi_vault/vault_kv1_get_lookup.html
index e9cddd4..ec28d76 100644
--- a/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/base/collections/community/hashi_vault/vault_kv1_get_lookup.html
+++ b/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/head/collections/community/hashi_vault/vault_kv1_get_lookup.html
@@ -212,6 +212,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;azure&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;jwt&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;cert&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;kubernetes&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;none&quot;</span></code></p></li>
 </ul>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
@@ -468,6 +469,39 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div></td>
 </tr>
 <tr class="row-odd"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-kubernetes_token"></div><p class="ansible-option-title" id="ansible-collections-community-hashi-vault-vault-kv1-get-lookup-parameter-kubernetes-token"><strong>kubernetes_token</strong></p>
+<a class="ansibleOptionLink" href="#parameter-kubernetes_token" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<p><span class="ansible-option-versionadded">added in community.hashi_vault 2.5.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p>The Kubernetes Token (JWT) to use for Kubernetes authentication to Vault.</p>
+<p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
+<ul class="simple">
+<li><p>Environment variable: <span class="target" id="index-21"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_KUBERNETES_TOKEN"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_KUBERNETES_TOKEN</span></code></a></p></li>
+<li><p>Variable: ansible_hashi_vault_kubernetes_token</p></li>
+</ul>
+</div></td>
+</tr>
+<tr class="row-even"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-kubernetes_token_path"></div><p class="ansible-option-title" id="ansible-collections-community-hashi-vault-vault-kv1-get-lookup-parameter-kubernetes-token-path"><strong>kubernetes_token_path</strong></p>
+<a class="ansibleOptionLink" href="#parameter-kubernetes_token_path" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<p><span class="ansible-option-versionadded">added in community.hashi_vault 2.5.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p>If no kubernetes_token is specified, will try to read the token from this path.</p>
+<p class="ansible-option-line"><span class="ansible-option-default-bold">Default:</span> <code class="ansible-option-default docutils literal notranslate"><span class="pre">&quot;/var/run/secrets/kubernetes.io/serviceaccount/token&quot;</span></code></p>
+<p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
+<ul>
+<li><p>INI entry:</p>
+<div class="highlight-YAML+Jinja notranslate"><div class="highlight"><pre><span></span><span class="p p-Indicator">[</span><span class="nv">hashi_vault_collection</span><span class="p p-Indicator">]</span>
+<span class="l l-Scalar l-Scalar-Plain">kubernetes_token_path = /var/run/secrets/kubernetes.io/serviceaccount/token</span>
+</pre></div>
+</div>
+</li>
+<li><p>Environment variable: <span class="target" id="index-22"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_KUBERNETES_TOKEN_PATH"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_KUBERNETES_TOKEN_PATH</span></code></a></p></li>
+<li><p>Variable: ansible_hashi_vault_kubernetes_token_path</p></li>
+</ul>
+</div></td>
+</tr>
+<tr class="row-odd"><td><div class="ansible-option-cell">
 <div class="ansibleOptionAnchor" id="parameter-mount_point"></div><p class="ansible-option-title" id="ansible-collections-community-hashi-vault-vault-kv1-get-lookup-parameter-mount-point"><strong>mount_point</strong></p>
 <a class="ansibleOptionLink" href="#parameter-mount_point" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
 </div></td>
@@ -483,7 +517,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.5.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-21"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_MOUNT_POINT"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_MOUNT_POINT</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-23"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_MOUNT_POINT"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_MOUNT_POINT</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.5.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_mount_point</p>
@@ -508,7 +542,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-22"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_NAMESPACE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_NAMESPACE</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-24"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_NAMESPACE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_NAMESPACE</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_namespace</p>
@@ -524,7 +558,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>Authentication password.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>Environment variable: <span class="target" id="index-23"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_PASSWORD"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_PASSWORD</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-25"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_PASSWORD"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_PASSWORD</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_password</p>
@@ -554,7 +588,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-24"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_PROXIES"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_PROXIES</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-26"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_PROXIES"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_PROXIES</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_proxies</p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
 </li>
@@ -568,8 +602,8 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>The AWS region for which to create the connection.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul class="simple">
-<li><p>Environment variable: <span class="target" id="index-25"></span><a class="reference internal" href="../../environment_variables.html#envvar-EC2_REGION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">EC2_REGION</span></code></a></p></li>
-<li><p>Environment variable: <span class="target" id="index-26"></span><a class="reference internal" href="../../environment_variables.html#envvar-AWS_REGION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">AWS_REGION</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-27"></span><a class="reference internal" href="../../environment_variables.html#envvar-EC2_REGION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">EC2_REGION</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-28"></span><a class="reference internal" href="../../environment_variables.html#envvar-AWS_REGION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">AWS_REGION</span></code></a></p></li>
 </ul>
 </div></td>
 </tr>
@@ -594,7 +628,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-27"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_RETRIES"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_RETRIES</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-29"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_RETRIES"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_RETRIES</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_retries</p></li>
 </ul>
 </div></td>
@@ -620,7 +654,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-28"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_RETRY_ACTION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_RETRY_ACTION</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-30"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_RETRY_ACTION"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_RETRY_ACTION</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_retry_action</p></li>
 </ul>
 </div></td>
@@ -641,7 +675,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-29"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_ROLE_ID"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_ROLE_ID</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-31"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_ROLE_ID"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_ROLE_ID</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_role_id</p>
@@ -657,7 +691,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>Secret ID to be used for Vault AppRole authentication.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>Environment variable: <span class="target" id="index-30"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_SECRET_ID"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_SECRET_ID</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-32"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_SECRET_ID"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_SECRET_ID</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_secret_id</p>
@@ -682,7 +716,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-31"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TIMEOUT"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TIMEOUT</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-33"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TIMEOUT"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TIMEOUT</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_timeout</p></li>
 </ul>
 </div></td>
@@ -696,7 +730,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <p>The order of token loading (first found wins) is <code class="docutils literal notranslate"><span class="pre">token</span> <span class="pre">param</span> <span class="pre">-&gt;</span> <span class="pre">ansible</span> <span class="pre">var</span> <span class="pre">-&gt;</span> <span class="pre">ANSIBLE_HASHI_VAULT_TOKEN</span> <span class="pre">-&gt;</span> <span class="pre">VAULT_TOKEN</span> <span class="pre">-&gt;</span> <span class="pre">token</span> <span class="pre">file</span></code>.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>Environment variable: <span class="target" id="index-32"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-34"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_token</p>
@@ -720,7 +754,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-33"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_FILE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_FILE</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-35"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_FILE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_FILE</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_token_file</p>
@@ -743,7 +777,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-34"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_PATH"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_PATH</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-36"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_PATH"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_PATH</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_token_path</p>
@@ -773,7 +807,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-35"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_VALIDATE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_VALIDATE</span></code></a></p></li>
+<li><p>Environment variable: <span class="target" id="index-37"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_TOKEN_VALIDATE"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_TOKEN_VALIDATE</span></code></a></p></li>
 <li><p>Variable: ansible_hashi_vault_token_validate</p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
 </li>
@@ -796,7 +830,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.4.0</span></p>
 </li>
-<li><p>Environment variable: <span class="target" id="index-36"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_ADDR"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_ADDR</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-38"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_ADDR"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_ADDR</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 0.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_url</p>
@@ -815,7 +849,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <td><div class="ansible-option-cell"><p>Authentication user name.</p>
 <p class="ansible-option-line"><span class="ansible-option-configuration">Configuration:</span></p>
 <ul>
-<li><p>Environment variable: <span class="target" id="index-37"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_USERNAME"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_USERNAME</span></code></a></p>
+<li><p>Environment variable: <span class="target" id="index-39"></span><a class="reference internal" href="../../environment_variables.html#envvar-ANSIBLE_HASHI_VAULT_USERNAME"><code class="xref std std-envvar docutils literal notranslate"><span class="pre">ANSIBLE_HASHI_VAULT_USERNAME</span></code></a></p>
 <p><span class="ansible-option-versionadded">added in community.hashi_vault 1.2.0</span></p>
 </li>
 <li><p>Variable: ansible_hashi_vault_username</p>
diff --git a/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/base/collections/community/hashi_vault/vault_kv1_get_module.html b/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/head/collections/community/hashi_vault/vault_kv1_get_module.html
index f5b9e05..e89599f 100644
--- a/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/base/collections/community/hashi_vault/vault_kv1_get_module.html
+++ b/home/runner/work/community.hashi_vault/community.hashi_vault/docsbuild/head/collections/community/hashi_vault/vault_kv1_get_module.html
@@ -192,6 +192,7 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;azure&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;jwt&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;cert&quot;</span></code></p></li>
+<li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;kubernetes&quot;</span></code></p></li>
 <li><p><code class="ansible-option-choices-entry docutils literal notranslate"><span class="pre">&quot;none&quot;</span></code></p></li>
 </ul>
 </div></td>
@@ -316,6 +317,23 @@ see <a class="reference internal" href="#ansible-collections-community-hashi-vau
 </div></td>
 </tr>
 <tr class="row-odd"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-kubernetes_token"></div><p class="ansible-option-title" id="ansible-collections-community-hashi-vault-vault-kv1-get-module-parameter-kubernetes-token"><strong>kubernetes_token</strong></p>
+<a class="ansibleOptionLink" href="#parameter-kubernetes_token" title="Permalink to this option"></a><p class="ansible-option-type-line"><span class="ansible-option-type">string</span></p>
+<p><span class="ansible-option-versionadded">added in community.hashi_vault 2.5.0</span></p>
+</div></td>
+<td><div class="ansible-option-cell"><p>The Kubernetes Token (JWT) to use for Kubernetes authentication to Vault.</p>
+</div></td>
+</tr>
+<tr class="row-even"><td><div class="ansible-option-cell">
+<div class="ansibleOptionAnchor" id="parameter-kubernetes_token_path"></div><p class="ansible-option-title" id="ansible-collections-community-hashi-vault-vault-kv1-get-module

@pfeifferj pfeifferj marked this pull request as ready for review March 1, 2023 12:38
@pfeifferj pfeifferj changed the title DRAFT: kubernetes auth for lookup [GH-352] kubernetes auth for lookup Mar 1, 2023
@briantist
Copy link
Collaborator

briantist commented Mar 2, 2023

Hi @pfeifferj welcome! Thanks for looking to continue the work in #220 .

First, I'd like to ensure that the commits in this branch that came from that PR still retain the original author's info to ensure proper credit. Let me know if you need a hand trying to get that info in the commits.

Also @chris93111 if you are interested in picking this work up again, please let us know, maybe you can collaborate with @pfeifferj if that's the case?

Otherwise, there's a few issues correct from the original commits, a previous rebase in that PR seems to have incorrectly resolved some conflicts, so there are some strange changes in here for example the changes to the hashi_vault lookup (those should be removed).

The version_added will also need to be changed but that's best done closer to the PR's completion since there may be releases between then and now.

Other than that, please look over my comments in #220 carefully, as most of those asks still apply.

For example, we'll want to ensure we have unit and integration tests.

Please also take a look at the Contributor guide.

It would be great to get this completed, and I can help with some aspects like testing, as time permits.

@briantist briantist added the enhancement New feature or request label Mar 2, 2023
@pfeifferj
Copy link
Contributor Author

pfeifferj commented Mar 3, 2023

Hi @briantist, Thank you for your comments, sounds good! I'll fix the commit attribution later today. Are you okay with the commits still being squashed to keep the history more readable, though? As for the rest, I will create sub-tasks in the PR description so we can keep track of those :)

I would propose this based on the git log:

pic-selected-230303-1105-59

@pfeifferj pfeifferj marked this pull request as draft March 3, 2023 07:17
@chris93111
Copy link
Contributor

Hi @briantist i have no problem with this PR , I have trouble finding time to make the working CI (k3d and vault)
if @pfeifferj can help no problem, if we can both be contributors, that's cool
I use this lookup in production for over a year

@briantist
Copy link
Collaborator

I'll fix the commit attribution later today. Are you okay with the commits still being squashed to keep the history more readable, though?

Yes squashing is fine. I think I might have a few commits in that history but I'm only concerned with attribution for @chris93111 , any commits from me were minor suggestions or whatever and I don't care if those get squashed or removed.

As for the rest, I will create sub-tasks in the PR description so we can keep track of those :)

Perfect, thank you!

i have no problem with this PR , I have trouble finding time to make the working CI (k3d and vault) if @pfeifferj can help no problem, if we can both be contributors, that's cool I use this lookup in production for over a year

Great! Thanks for following up. We have more than just the hashi_vault lookup now, and they all share auth methods, so when this merges, you'll also be able to use kubernetes auth with any of the other plugins (and modules!) we have.

@briantist briantist self-assigned this Mar 3, 2023
@pfeifferj pfeifferj force-pushed the patch-1 branch 5 times, most recently from cbd0d33 to aee8816 Compare March 5, 2023 19:02
@briantist
Copy link
Collaborator

Hi @pfeifferj , I might be able to help resolve some of these conflicts and older rebase artifacts, but I noticed several pushes today so I don't want to push up commits that might step on your work if you've still got some thing in flight locally.

Let me know if you'd like me to pull it down and try to resolve this stuff!

@pfeifferj
Copy link
Contributor Author

Hi @pfeifferj , I might be able to help resolve some of these conflicts and older rebase artifacts, but I noticed several pushes today so I don't want to push up commits that might step on your work if you've still got some thing in flight locally.
Let me know if you'd like me to pull it down and try to resolve this stuff!

hi @briantist those pushes were just to fix the commit history. Would be really great if you could help with the conflicts. I should have time to work on the tests next weekend :)

Cheers,
Josie

@briantist
Copy link
Collaborator

Ok, I've done a rebase against main to bring in those changes, and in the process I think I've resolved all the outstanding conflicts and such, so I think this is ready to be built upon for the tests and such. Thanks Josie!

@codecov
Copy link

codecov bot commented Mar 5, 2023

Codecov Report

Merging #353 (345eef8) into main (fcbfae5) will decrease coverage by 0.44%.
The diff coverage is 41.93%.

❗ Current head 345eef8 differs from pull request most recent head dad910a. Consider uploading reports for the commit dad910a to get more accurate results

@@            Coverage Diff             @@
##             main     #353      +/-   ##
==========================================
- Coverage   98.82%   98.39%   -0.44%     
==========================================
  Files          80       81       +1     
  Lines        4095     4112      +17     
  Branches      259      262       +3     
==========================================
- Hits         4047     4046       -1     
- Misses         39       57      +18     
  Partials        9        9              
Flag Coverage Δ
env_docker-default 98.39% <41.93%> (-0.44%) ⬇️
integration 80.51% <41.93%> (-0.58%) ⬇️
sanity 39.84% <38.70%> (+0.08%) ⬆️
target_ansible-doc 100.00% <ø> (ø)
target_auth_approle 89.47% <ø> (ø)
target_auth_aws_iam 50.00% <ø> (ø)
target_auth_azure 53.84% <ø> (ø)
target_auth_cert 86.36% <ø> (ø)
target_auth_jwt 91.30% <ø> (ø)
target_auth_ldap 89.47% <ø> (ø)
target_auth_none 100.00% <ø> (ø)
target_auth_token 71.42% <ø> (ø)
target_auth_userpass 85.71% <ø> (ø)
target_connection_options 74.76% <ø> (ø)
target_controller 83.02% <41.93%> (-0.77%) ⬇️
target_filter_vault_login_token 77.77% <ø> (ø)
target_import 39.84% <38.70%> (+0.08%) ⬆️
target_lookup_hashi_vault 81.33% <ø> (ø)
target_lookup_vault_ansible_settings 55.75% <41.93%> (-0.26%) ⬇️
target_lookup_vault_kv1_get 91.30% <ø> (ø)
target_lookup_vault_kv2_get 91.11% <ø> (ø)
target_lookup_vault_list 90.00% <ø> (ø)
target_lookup_vault_login 88.57% <ø> (ø)
target_lookup_vault_read 90.00% <ø> (ø)
target_lookup_vault_token_create 79.24% <ø> (ø)
target_lookup_vault_write 56.72% <41.93%> (-0.34%) ⬇️
target_module_utils 96.22% <41.93%> (-1.14%) ⬇️
target_module_vault_kv1_get 87.50% <ø> (ø)
target_module_vault_kv2_delete 56.20% <41.93%> (-0.73%) ⬇️
target_module_vault_kv2_get 87.23% <ø> (ø)
target_module_vault_list 85.71% <ø> (ø)
target_module_vault_login 83.72% <ø> (ø)
target_module_vault_pki_generate_certificate 78.72% <ø> (ø)
target_module_vault_read 85.71% <ø> (ø)
target_module_vault_token_create 91.66% <ø> (ø)
target_module_vault_write 55.55% <41.93%> (-0.70%) ⬇️
target_modules 81.12% <41.93%> (-0.67%) ⬇️
units 96.12% <41.93%> (-0.43%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
plugins/doc_fragments/auth.py 100.00% <ø> (ø)
plugins/module_utils/_auth_method_k8s.py 40.00% <40.00%> (ø)
plugins/module_utils/_authenticator.py 100.00% <100.00%> (ø)

... and 2 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@pfeifferj
Copy link
Contributor Author

pfeifferj commented Mar 10, 2023

hi @briantist I'm looking into the tests now and wanted to touch base on what you think the best approach is. Should I just extend mmock for integration tests and the fixtures for unit tests?

@pfeifferj pfeifferj force-pushed the patch-1 branch 3 times, most recently from aef0ba6 to dfb9ba5 Compare March 10, 2023 10:27
@briantist
Copy link
Collaborator

I'm looking into the tests now and wanted to touch base on what you think the best approach is. Should I just extend mmock for integration tests and the fixtures for unit tests?

Extending MMock would be the easier way, but it will also be less accurate/effective.

In the previous PR I remember looking into it a little bit and it seemed like it'd be possible to set up k3s/k3d during testing, but I didn't get around to trying it, it was more of a suggestion. I also don't have any experience with using those.

So if you have some time to look into that it might be better long term, but it's a bigger ask.
I'd definitely accept new MMock endpoints instead.

Above is all for integration; we'll want to do units too but that won't require any external dependencies.

As a possible bonus, the same fixtures (JSON output) you might generate for some of the unit tests could prove useful for new MMock configs.

Take a look and let me know what you think, I'm sure I can help a bit if you get started and need a hand.


Side note, it looks like dfb9ba5 and c80f36d re-introduced some stuff from the old PR that I had fixed up in the previous commits, and some of that is still lingering. It looks like the second one tried to fix some of that.

There should be no changes in hashi_vault.py (the lookup) for example compared to main.

@pfeifferj
Copy link
Contributor Author

Extending MMock would be the easier way, but it will also be less accurate/effective.

In the previous PR I remember looking into it a little bit and it seemed like it'd be possible to set up k3s/k3d during testing, but > I didn't get around to trying it, it was more of a suggestion. I also don't have any experience with using those.

So if you have some time to look into that it might be better long term, but it's a bigger ask.
I'd definitely accept new MMock endpoints instead.

I haven't used k3s in a testing/ci context before but could look into it. I would suggest doing so in a follow-up ticket, though

Above is all for integration; we'll want to do units too but that won't require any external dependencies.

As a possible bonus, the same fixtures (JSON output) you might generate for some of the unit tests could prove useful for new MMock configs.

Take a look and let me know what you think, I'm sure I can help a bit if you get started and need a hand.

Great, thank you. I'll work on it some more and will get in touch for feedback.

Side note, it looks like dfb9ba5 and c80f36d re-introduced some stuff from the old PR that I had fixed up in the previous commits, and some of that is still lingering. It looks like the second one tried to fix some of that.

There should be no changes in hashi_vault.py (the lookup) for example compared to main.

My bad. I forgot to pull your fix and made a bit of a mess. Will take care of it now :)

@audriusb
Copy link

any plans on completing this? thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add support for Kubernetes Auth Method
4 participants