refactor: complete node-fetch to undici migration

Author: davidgamero

examples/raw-example.js

@@ -1,5 +1,5 @@
 import * as k8s from '@kubernetes/client-node';
-import fetch from 'node-fetch';
+import { fetch } from 'undici';
 import https from 'node:https';
 
 const kc = new k8s.KubeConfig();

package-lock.json

@@ -58,14 +58,12 @@
     "dependencies": {
         "@types/js-yaml": "^4.0.1",
         "@types/node": "^25.0.0",
-        "@types/node-fetch": "^2.6.13",
         "@types/stream-buffers": "^3.0.3",
         "form-data": "^4.0.0",
         "hpagent": "^1.2.0",
         "isomorphic-ws": "^5.0.0",
         "js-yaml": "^4.1.0",
         "jsonpath-plus": "^10.3.0",
-        "node-fetch": "^2.7.0",
         "openid-client": "^6.1.3",
         "rfc4648": "^1.3.0",
         "socks": "^2.8.4",

package.json

@@ -6,7 +6,6 @@ import yaml from 'js-yaml';
 import net from 'node:net';
 import path from 'node:path';
 
-import { Headers, RequestInit } from 'node-fetch';
 import {
     Agent as UndiciAgent,
     ProxyAgent as UndiciProxyAgent,
@@ -229,29 +228,6 @@ export class KubeConfig implements SecurityAuthentication {
         this.makePathsAbsolute(rootDirectory);
     }
 
-    public async applyToFetchOptions(opts: https.RequestOptions): Promise<RequestInit> {
-        await this.applyToHTTPSOptions(opts);
-        const headers = new Headers();
-        for (const [key, val] of Object.entries(opts.headers || {})) {
-            if (Array.isArray(val)) {
-                val.forEach((innerVal) => {
-                    headers.append(key, innerVal);
-                });
-            } else if (typeof val === 'number' || typeof val === 'string') {
-                headers.set(key, val.toString());
-            }
-        }
-        if (opts.auth) {
-            headers.set('Authorization', 'Basic ' + Buffer.from(opts.auth).toString('base64'));
-        }
-        return {
-            agent: opts.agent,
-            headers,
-            method: opts.method,
-            timeout: opts.timeout,
-        } as RequestInit;
-    }
-
     public async applyToHTTPSOptions(opts: https.RequestOptions | WebSocket.ClientOptions): Promise<void> {
         const user = this.getCurrentUser();
         const cluster = this.getCurrentCluster();

src/config.ts

@@ -11,16 +11,15 @@ import child_process from 'node:child_process';
 import { readFileSync } from 'node:fs';
 import https from 'node:https';
 import http from 'node:http';
-import { Agent, RequestOptions } from 'node:https';
+import { RequestOptions } from 'node:https';
 import path, { dirname, join } from 'node:path';
 import { fileURLToPath } from 'node:url';
 
 import mockfs from 'mock-fs';
 
 import { Authenticator } from './auth.js';
-import fetch, { Headers } from 'node-fetch';
 import { HttpMethod } from './index.js';
-import { assertRequestAgentsEqual, assertRequestOptionsEqual } from './test/match-buffer.js';
+import { assertRequestOptionsEqual } from './test/match-buffer.js';
 import { CoreV1Api, RequestContext } from './api.js';
 import { bufferFromFileOrString, findHomeDir, findObject, KubeConfig, makeAbsolutePath } from './config.js';
 import { ActionOnInvalid, Cluster, newClusters, newContexts, newUsers, User } from './config_types.js';
@@ -276,42 +275,6 @@ describe('KubeConfig', () => {
         });
     });
 
-    describe('applytoFetchOptions', () => {
-        it('should apply cert configs', async () => {
-            const kc = new KubeConfig();
-            kc.loadFromFile(kcFileName);
-            kc.setCurrentContext('passwd');
-
-            const opts: https.RequestOptions = {
-                method: 'POST',
-                timeout: 5,
-                headers: {
-                    number: 5,
-                    string: 'str',
-                    empty: undefined,
-                    list: ['a', 'b'],
-                },
-            };
-            const requestInit = await kc.applyToFetchOptions(opts);
-            const expectedCA = Buffer.from('CADATA2', 'utf-8');
-            const expectedAgent = new https.Agent({
-                ca: expectedCA,
-                rejectUnauthorized: false,
-            });
-
-            strictEqual(requestInit.method, 'POST');
-            // timeout has been removed from the spec.
-            strictEqual((requestInit as any).timeout, 5);
-            const headers = requestInit.headers as Headers;
-            strictEqual(Array.from(headers).length, 4);
-            strictEqual(headers.get('Authorization'), 'Basic Zm9vOmJhcg==');
-            strictEqual(headers.get('list'), 'a, b');
-            strictEqual(headers.get('number'), '5');
-            strictEqual(headers.get('string'), 'str');
-            assertRequestAgentsEqual(requestInit.agent as Agent, expectedAgent);
-        });
-    });
-
     describe('applyHTTPSOptions', () => {
         it('should apply tls-server-name to https.RequestOptions', async () => {
             const kc = new KubeConfig();
@@ -625,10 +588,6 @@ describe('KubeConfig', () => {
             strictEqual(namespaceList.kind, 'NamespaceList');
             strictEqual(namespaceList.items.length, 1);
             strictEqual(namespaceList.items[0].metadata?.name, 'default');
-
-            const res2 = await fetch(`https://${host}:${port}`, await kc.applyToFetchOptions({}));
-            strictEqual(res2.status, 200);
-            strictEqual(await res2.text(), 'ok');
         });
     });
 

src/config_test.ts

@@ -1,6 +1,7 @@
-import fetch from 'node-fetch';
+import { fetch } from 'undici';
 import { KubeConfig } from './config.js';
 import { RequestOptions } from 'node:https';
+import { HttpMethod, RequestContext } from './gen/http/http.js';
 
 export class Health {
     public config: KubeConfig;
@@ -27,15 +28,17 @@ export class Health {
             throw new Error('No currently active cluster');
         }
 
-        const requestURL = new URL(cluster.server + path);
-        const requestInit = await this.config.applyToFetchOptions(opts);
-        if (opts.signal) {
-            requestInit.signal = opts.signal;
-        }
-        requestInit.method = 'GET';
+        const requestURL = cluster.server + path;
+        const ctx = new RequestContext(requestURL, HttpMethod.GET);
+        await this.config.applySecurityAuthentication(ctx);
 
         try {
-            const response = await fetch(requestURL.toString(), requestInit);
+            const response = await fetch(requestURL, {
+                method: 'GET',
+                headers: ctx.getHeaders(),
+                dispatcher: ctx.getDispatcher(),
+                signal: opts?.signal,
+            });
             const status = response.status;
             if (status === 200) {
                 return true;