DOCSP-46683: Kubernetes support for OIDC (#166)

Author: mcmorisi

source/fundamentals/enterprise-auth.txt

@@ -192,6 +192,27 @@ The following code example shows how to set these options when creating a
    :end-before: end-gcp-imds
    :emphasize-lines: 2-4
 
+Kubernetes
+~~~~~~~~~~
+
+If your application runs on a Kubernetes cluster, you can authenticate to MongoDB by using
+the {+driver-short+}'s built-in Kubernetes support.
+
+You can configure OIDC for Kubernetes by setting the ``mechanism`` field of your
+``Credential`` struct to ``AuthMechanism::MongoDbOidc``. Then, specify the
+authentication mechanism by setting the ``ENVIRONMENT`` property to ``k8s`` in the
+``mechanism_properties`` field.
+
+The following code example shows how to set these options when creating a
+``Client``:
+
+.. literalinclude:: /includes/fundamentals/code-snippets/enterprise-auth.rs
+   :language: rust
+   :dedent:
+   :start-after: start-kubernetes
+   :end-before: end-kubernetes
+   :emphasize-lines: 2-4
+
 .. _rust-mongodb-oidc-custom-callback:
 
 Custom Callback

source/includes/fundamentals/code-snippets/enterprise-auth.rs

@@ -60,6 +60,23 @@ async fn main() -> mongodb::error::Result<()> {
         .await?;
     // end-gcp-imds
 
+    // start-kubernetes
+    let credential = Credential::builder()
+    .mechanism(AuthMechanism::MongoDbOidc)
+    .mechanism_properties(
+        doc! { "ENVIRONMENT": "k8s" }
+    )
+    .build();
+
+    client_options.credential = Some(credential);
+    let client = Client::with_options(client_options)?;
+    let res = client
+        .database("test")
+        .collection::<Document>("test")
+        .find_one(doc! {})
+        .await?;
+    // end-kubernetes
+
     // start-custom-callback-machine
     let credential = Credential::builder()
     .mechanism(AuthMechanism::MongoDbOidc)