Add support for Kubernetes username/password auth

This is required for supporting some Kubernetes distributions such as
rancher/k3s.

It comes with a test case validating correct parsing of a k3s kubeconfig
file

Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>

cli/context/kubernetes/endpoint_test.go

@@ -194,3 +194,31 @@ func TestSaveLoadEKSConfig(t *testing.T) {
 	assert.NilError(t, err)
 	assert.DeepEqual(t, expectedCfg.ExecProvider, actualCfg.ExecProvider)
 }
+
+func TestSaveLoadK3SConfig(t *testing.T) {
+	storeDir, err := ioutil.TempDir("", t.Name())
+	assert.NilError(t, err)
+	defer os.RemoveAll(storeDir)
+	store := store.New(storeDir, testStoreCfg)
+	cfg, err := clientcmd.LoadFromFile("testdata/k3s-kubeconfig")
+	assert.NilError(t, err)
+	clientCfg := clientcmd.NewDefaultClientConfig(*cfg, &clientcmd.ConfigOverrides{})
+	expectedCfg, err := clientCfg.ClientConfig()
+	assert.NilError(t, err)
+	ep, err := FromKubeConfig("testdata/k3s-kubeconfig", "", "")
+	assert.NilError(t, err)
+	assert.NilError(t, save(store, ep, "k3s-context"))
+	persistedMetadata, err := store.GetMetadata("k3s-context")
+	assert.NilError(t, err)
+	persistedEPMeta := EndpointFromContext(persistedMetadata)
+	assert.Check(t, persistedEPMeta != nil)
+	persistedEP, err := persistedEPMeta.WithTLSData(store, "k3s-context")
+	assert.NilError(t, err)
+	persistedCfg := persistedEP.KubernetesConfig()
+	actualCfg, err := persistedCfg.ClientConfig()
+	assert.NilError(t, err)
+	assert.Check(t, len(actualCfg.Username) > 0)
+	assert.Check(t, len(actualCfg.Password) > 0)
+	assert.Equal(t, expectedCfg.Username, actualCfg.Username)
+	assert.Equal(t, expectedCfg.Password, actualCfg.Password)
+}

cli/context/kubernetes/load.go

@@ -21,6 +21,13 @@ type EndpointMeta struct {
 	DefaultNamespace string                           `json:",omitempty"`
 	AuthProvider     *clientcmdapi.AuthProviderConfig `json:",omitempty"`
 	Exec             *clientcmdapi.ExecConfig         `json:",omitempty"`
+	UsernamePassword *UsernamePassword                `json:"usernamePassword,omitempty"`
+}
+
+// UsernamePassword contains username/password auth info
+type UsernamePassword struct {
+	Username string `json:"username,omitempty"`
+	Password string `json:"password,omitempty"`
 }
 
 var _ command.EndpointDefaultResolver = &EndpointMeta{}
@@ -62,6 +69,10 @@ func (c *Endpoint) KubernetesConfig() clientcmd.ClientConfig {
 		authInfo.ClientCertificateData = c.TLSData.Cert
 		authInfo.ClientKeyData = c.TLSData.Key
 	}
+	if c.UsernamePassword != nil {
+		authInfo.Username = c.UsernamePassword.Username
+		authInfo.Password = c.UsernamePassword.Password
+	}
 	authInfo.AuthProvider = c.AuthProvider
 	authInfo.Exec = c.Exec
 	cfg.Clusters["cluster"] = cluster

cli/context/kubernetes/save.go

@@ -39,6 +39,13 @@ func FromKubeConfig(kubeconfig, kubeContext, namespaceOverride string) (Endpoint
 			Key:  key,
 		}
 	}
+	var usernamePassword *UsernamePassword
+	if clientcfg.Username != "" || clientcfg.Password != "" {
+		usernamePassword = &UsernamePassword{
+			Username: clientcfg.Username,
+			Password: clientcfg.Password,
+		}
+	}
 	return Endpoint{
 		EndpointMeta: EndpointMeta{
 			EndpointMetaBase: context.EndpointMetaBase{
@@ -48,6 +55,7 @@ func FromKubeConfig(kubeconfig, kubeContext, namespaceOverride string) (Endpoint
 			DefaultNamespace: ns,
 			AuthProvider:     clientcfg.AuthProvider,
 			Exec:             clientcfg.ExecProvider,
+			UsernamePassword: usernamePassword,
 		},
 		TLSData: tlsData,
 	}, nil

cli/context/kubernetes/testdata/k3s-kubeconfig

@@ -0,0 +1,20 @@
+apiVersion: v1
+clusters:
+- cluster:
+    certificate-authority-data: dGhlLWNh
+    server: https://someserver
+  name: test-cluster
+contexts:
+- context:
+    cluster: test-cluster
+    user: test-user
+    namespace: zoinx
+  name: test
+current-context: test
+kind: Config
+preferences: {}
+users:
+- name: test-user
+  user:
+    username: admin
+    password: testpwd