From af0af77f3c16962fcd10bdda49e7e3815c369065 Mon Sep 17 00:00:00 2001
From: John Houston <jhouston@hashicorp.com>
Date: Wed, 18 Nov 2020 17:51:50 -0500
Subject: [PATCH] Support config_path and config_paths

---
 kubernetes/provider.go           |  18 +++++-
 kubernetes/provider_test.go      | 102 +++++++++----------------------
 website/docs/index.html.markdown |   5 +-
 3 files changed, 48 insertions(+), 77 deletions(-)

diff --git a/kubernetes/provider.go b/kubernetes/provider.go
index 3245dbd647..2b40cbe872 100644
--- a/kubernetes/provider.go
+++ b/kubernetes/provider.go
@@ -76,6 +76,12 @@ func Provider() *schema.Provider {
 				Optional:    true,
 				Description: "A list of paths to kube config files. Can be set with KUBE_CONFIG_PATHS environment variable.",
 			},
+			"config_path": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("KUBE_CONFIG_PATH", ""),
+				Description: "Path to the kube config file, defaults to ~/.kube/config",
+			},
 			"config_context": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -263,7 +269,10 @@ func initializeConfiguration(d *schema.ResourceData) (*restclient.Config, error)
 	loader := &clientcmd.ClientConfigLoadingRules{}
 
 	configPaths := []string{}
-	if v, ok := d.Get("config_paths").([]string); ok && len(v) > 0 {
+
+	if v, ok := d.Get("config_path").(string); ok && v != "" {
+		configPaths = []string{v}
+	} else if v, ok := d.Get("config_paths").([]string); ok && len(v) > 0 {
 		configPaths = v
 	} else if v := os.Getenv("KUBE_CONFIG_PATHS"); v != "" {
 		// NOTE we have to do this here because the schema
@@ -281,7 +290,12 @@ func initializeConfiguration(d *schema.ResourceData) (*restclient.Config, error)
 			log.Printf("[DEBUG] Using kubeconfig: %s", path)
 			expandedPaths = append(expandedPaths, path)
 		}
-		loader.Precedence = expandedPaths
+
+		if len(expandedPaths) == 1 {
+			loader.ExplicitPath = expandedPaths[0]
+		} else {
+			loader.Precedence = expandedPaths
+		}
 
 		ctxSuffix := "; default context"
 
diff --git a/kubernetes/provider_test.go b/kubernetes/provider_test.go
index 3015b250e2..55024a652c 100644
--- a/kubernetes/provider_test.go
+++ b/kubernetes/provider_test.go
@@ -73,7 +73,7 @@ func TestProvider_configure(t *testing.T) {
 	resetEnv := unsetEnv(t)
 	defer resetEnv()
 
-	os.Setenv("KUBE_CONFIG_PATHS", "test-fixtures/kube-config.yaml")
+	os.Setenv("KUBE_CONFIG_PATH", "test-fixtures/kube-config.yaml")
 	os.Setenv("KUBE_CTX", "gcp")
 
 	rc := terraform.NewResourceConfigRaw(map[string]interface{}{})
@@ -87,79 +87,33 @@ func TestProvider_configure(t *testing.T) {
 func unsetEnv(t *testing.T) func() {
 	e := getEnv()
 
-	if err := os.Unsetenv("KUBE_CONFIG_PATHS"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_CONFIG_PATHS: %s", err)
+	envVars := map[string]string{
+		"KUBE_CONFIG_PATH": e.ConfigPath,
+		"KUBE_CONFIG_PATHS": strings.Join(e.ConfigPaths, ":"),
+		"KUBE_CTX": e.Ctx,
+		"KUBE_CTX_AUTH_INFO": e.CtxAuthInfo,
+		"KUBE_CTX_CLUSTER": e.CtxCluster,
+		"KUBE_HOST": e.Host,
+		"KUBE_USER": e.User,
+		"KUBE_PASSWORD": e.Password,
+		"KUBE_CLIENT_CERT_DATA": e.ClientCertData,
+		"KUBE_CLIENT_KEY_DATA": e.ClientKeyData,
+		"KUBE_CLUSTER_CA_CERT_DATA": e.ClusterCACertData,
+		"KUBE_INSECURE": e.Insecure,
+		"KUBE_TOKEN": e.Token,
 	}
-	if err := os.Unsetenv("KUBE_CTX"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_CTX: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_CTX_AUTH_INFO"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_CTX_AUTH_INFO: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_CTX_CLUSTER"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_CTX_CLUSTER: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_HOST"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_HOST: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_USER"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_USER: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_PASSWORD"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_PASSWORD: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_CLIENT_CERT_DATA"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_CLIENT_CERT_DATA: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_CLIENT_KEY_DATA"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_CLIENT_KEY_DATA: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_CLUSTER_CA_CERT_DATA"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_CLUSTER_CA_CERT_DATA: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_INSECURE"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_INSECURE: %s", err)
-	}
-	if err := os.Unsetenv("KUBE_TOKEN"); err != nil {
-		t.Fatalf("Error unsetting env var KUBE_TOKEN: %s", err)
+
+	for k, _ := range envVars {
+		if err := os.Unsetenv(k); err != nil {
+			t.Fatalf("Error unsetting env var %s: %s", k, err)
+		}	
 	}
 
 	return func() {
-		if err := os.Setenv("KUBE_CONFIG_PATHS", strings.Join(e.ConfigPaths, ":")); err != nil {
-			t.Fatalf("Error resetting env var KUBE_CONFIG_PATHS: %s", err)
-		}
-		if err := os.Setenv("KUBE_CTX", e.Ctx); err != nil {
-			t.Fatalf("Error resetting env var KUBE_CTX: %s", err)
-		}
-		if err := os.Setenv("KUBE_CTX_AUTH_INFO", e.CtxAuthInfo); err != nil {
-			t.Fatalf("Error resetting env var KUBE_CTX_AUTH_INFO: %s", err)
-		}
-		if err := os.Setenv("KUBE_CTX_CLUSTER", e.CtxCluster); err != nil {
-			t.Fatalf("Error resetting env var KUBE_CTX_CLUSTER: %s", err)
-		}
-		if err := os.Setenv("KUBE_HOST", e.Host); err != nil {
-			t.Fatalf("Error resetting env var KUBE_HOST: %s", err)
-		}
-		if err := os.Setenv("KUBE_USER", e.User); err != nil {
-			t.Fatalf("Error resetting env var KUBE_USER: %s", err)
-		}
-		if err := os.Setenv("KUBE_PASSWORD", e.Password); err != nil {
-			t.Fatalf("Error resetting env var KUBE_PASSWORD: %s", err)
-		}
-		if err := os.Setenv("KUBE_CLIENT_CERT_DATA", e.ClientCertData); err != nil {
-			t.Fatalf("Error resetting env var KUBE_CLIENT_CERT_DATA: %s", err)
-		}
-		if err := os.Setenv("KUBE_CLIENT_KEY_DATA", e.ClientKeyData); err != nil {
-			t.Fatalf("Error resetting env var KUBE_CLIENT_KEY_DATA: %s", err)
-		}
-		if err := os.Setenv("KUBE_CLUSTER_CA_CERT_DATA", e.ClusterCACertData); err != nil {
-			t.Fatalf("Error resetting env var KUBE_CLUSTER_CA_CERT_DATA: %s", err)
-		}
-		if err := os.Setenv("KUBE_INSECURE", e.Insecure); err != nil {
-			t.Fatalf("Error resetting env var KUBE_INSECURE: %s", err)
-		}
-		if err := os.Setenv("KUBE_TOKEN", e.Token); err != nil {
-			t.Fatalf("Error resetting env var KUBE_TOKEN: %s", err)
+		for k, v := range envVars {
+			if err := os.Setenv(k, v); err != nil {
+				t.Fatalf("Error resetting env var %s: %s", k, err)
+			}	
 		}
 	}
 }
@@ -178,7 +132,10 @@ func getEnv() *currentEnv {
 		Insecure:          os.Getenv("KUBE_INSECURE"),
 		Token:             os.Getenv("KUBE_TOKEN"),
 	}
-	if v := os.Getenv("KUBE_CONFIG_PATHS"); v != "" {
+	if v := os.Getenv("KUBE_CONFIG_PATH"); v != "" {
+		e.ConfigPath = v
+	}
+	if v := os.Getenv("KUBE_CONFIG_PATH"); v != "" {
 		e.ConfigPaths = strings.Split(v, ":")
 	}
 	return e
@@ -188,7 +145,7 @@ func testAccPreCheck(t *testing.T) {
 	ctx := context.TODO()
 	hasFileCfg := (os.Getenv("KUBE_CTX_AUTH_INFO") != "" && os.Getenv("KUBE_CTX_CLUSTER") != "") ||
 		os.Getenv("KUBE_CTX") != "" ||
-		os.Getenv("KUBE_CONFIG_PATHS") != ""
+		os.Getenv("KUBE_CONFIG_PATH") != ""
 	hasUserCredentials := os.Getenv("KUBE_USER") != "" && os.Getenv("KUBE_PASSWORD") != ""
 	hasClientCert := os.Getenv("KUBE_CLIENT_CERT_DATA") != "" && os.Getenv("KUBE_CLIENT_KEY_DATA") != ""
 	hasStaticCfg := (os.Getenv("KUBE_HOST") != "" &&
@@ -424,6 +381,7 @@ func clusterVersionLessThan(vs string) bool {
 }
 
 type currentEnv struct {
+	ConfigPath       string
 	ConfigPaths       []string
 	Ctx               string
 	CtxAuthInfo       string
diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown
index e9687eead0..b45c37b1f0 100644
--- a/website/docs/index.html.markdown
+++ b/website/docs/index.html.markdown
@@ -15,9 +15,7 @@ Use the navigation to the left to read about the available resources.
 
 ```hcl
 provider "kubernetes" {
-  config_paths = [
-    "~/.kube/config"
-  ]
+  config_path    = "~/.kube/config"
   config_context = "my-context"
 }
 
@@ -124,6 +122,7 @@ The following arguments are supported:
 * `client_certificate` - (Optional) PEM-encoded client certificate for TLS authentication. Can be sourced from `KUBE_CLIENT_CERT_DATA`.
 * `client_key` - (Optional) PEM-encoded client certificate key for TLS authentication. Can be sourced from `KUBE_CLIENT_KEY_DATA`.
 * `cluster_ca_certificate` - (Optional) PEM-encoded root certificates bundle for TLS authentication. Can be sourced from `KUBE_CLUSTER_CA_CERT_DATA`.
+* `config_path` - (Optional) A path to a kube config files. Can be sourced from `KUBE_CONFIG_PATH`.
 * `config_paths` - (Optional) A list of paths to the kube config files. Can be sourced from `KUBE_CONFIG_PATHS`, which allows `:` to be used to delimit multiple paths.
 * `config_context` - (Optional) Context to choose from the config file. Can be sourced from `KUBE_CTX`.
 * `config_context_auth_info` - (Optional) Authentication info context of the kube config (name of the kubeconfig user, `--user` flag in `kubectl`). Can be sourced from `KUBE_CTX_AUTH_INFO`.