From 813e251ee7a380fac29c28a8607de807874b1e43 Mon Sep 17 00:00:00 2001
From: 11-Sarthak <sarthakjr4@gmail.com>
Date: Sat, 13 Dec 2025 00:27:04 +0530
Subject: [PATCH] Fix: handle invalid RFC3339 expirationTimestamp in exec
 plugin output

---
 kubernetes/base/config/kube_config.py | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/kubernetes/base/config/kube_config.py b/kubernetes/base/config/kube_config.py
index 00623a340..41bbd7bf8 100644
--- a/kubernetes/base/config/kube_config.py
+++ b/kubernetes/base/config/kube_config.py
@@ -530,11 +530,16 @@ def _load_from_exec_plugin(self):
                 logging.error('exec: missing token or clientCertificateData '
                               'field in plugin output')
                 return None
-            if 'expirationTimestamp' in status:
-                self.expiry = parse_rfc3339(status['expirationTimestamp'])
+            if 'expirationTimestamp' in status: 
+                try:
+                    self.expiry = parse_rfc3339(status['expirationTimestamp'])
+                except ValueError as e:
+                    logging.error(f"Failed to parse expirationTimestamp: {status['expirationTimestamp']!r}, error: {e}")
+                    self.expiry = None
             return True
         except Exception as e:
             logging.error(str(e))
+                
 
     def _load_user_token(self):
         base_path = self._get_base_path(self._user.path)