Add extraUsers for EKS kubeconfig contexts (#16)

* Add extraUsers to be configured for additional kubeconfig contexts

README.md

@@ -50,15 +50,20 @@ accounts:
       - us-west-2
       - eu-west-1
     format: "prod.${region}.${clusterName}"
+    extraUsers:
+      - name: admin
+        profile: prod-admin-write
 ```
 
-Each entry in `accounts` has the following fields:
+Each entry in `accounts` can have the following fields:
 - `name` - A convenient name you wish to give for this AWS account
 - `profile` - The AWS profile name used to list & describe EKS clusters
 - `regions` - The list of AWS regions that will be searched for EKS clusters
 - `format` - The format of the kubeconfig contexts, users, and clusters. By default, all kubeconfig resources will be
 named `${name}.${region}.${clusterName}`. For example, if the `Dev` account within the config file above had a cluster
 within the `us-east-1` region named `test-v1.20`, the kubeconfig context would be named `Dev.us-east-1.test-v1.20`.
+- `extraUsers` - Additional profiles to use when creating the kubeconfig contexts. This can be helpful when there are
+multiple kubernetes users/groups setup within the cluster with their own permissions.
 
 ## Syncing Clusters
 

internal/clusters/eks.go

@@ -15,10 +15,16 @@ import (
 )
 
 type EKSAccount struct {
-	Profile string   `yaml:"profile"`
-	Regions []string `yaml:"regions"`
-	Name    string   `yaml:"name"`
-	Format  string   `yaml:"format"`
+	Profile    string    `yaml:"profile"`
+	Regions    []string  `yaml:"regions"`
+	Name       string    `yaml:"name"`
+	Format     string    `yaml:"format"`
+	ExtraUsers []EKSUser `yaml:"extraUsers,omitempty"`
+}
+
+type EKSUser struct {
+	Name    string `yaml:"name"`
+	Profile string `yaml:"profile"`
 }
 
 type EKSCluster struct {
@@ -114,10 +120,26 @@ func (a *EKSAccount) generateKubeConfigPatch(clusters []*EKSCluster) *kubecfg.Ku
 		patch.Users = append(patch.Users, &v1.NamedAuthInfo{
 			Name: userName,
 			AuthInfo: v1.AuthInfo{
-				Exec: a.generateIAMAuthenticatorExecConfig(cluster),
+				Exec: generateIAMAuthenticatorExecConfig(cluster, a.Profile),
 			},
 		})
 
+		for _, user := range a.ExtraUsers {
+			patch.Users = append(patch.Users, &v1.NamedAuthInfo{
+				Name: userName + "." + user.Name,
+				AuthInfo: v1.AuthInfo{
+					Exec: generateIAMAuthenticatorExecConfig(cluster, user.Profile),
+				},
+			})
+			patch.Contexts = append(patch.Contexts, &v1.NamedContext{
+				Name: contextName + "." + user.Name,
+				Context: v1.Context{
+					Cluster:  clusterName,
+					AuthInfo: userName + "." + user.Name,
+				},
+			})
+		}
+
 		patch.Contexts = append(patch.Contexts, &v1.NamedContext{
 			Name: contextName,
 			Context: v1.Context{
@@ -130,14 +152,14 @@ func (a *EKSAccount) generateKubeConfigPatch(clusters []*EKSCluster) *kubecfg.Ku
 	return patch
 }
 
-func (a *EKSAccount) generateIAMAuthenticatorExecConfig(cluster *EKSCluster) *v1.ExecConfig {
+func generateIAMAuthenticatorExecConfig(cluster *EKSCluster, profile string) *v1.ExecConfig {
 	return &v1.ExecConfig{
 		Command: "aws-iam-authenticator",
 		Args:    []string{"token", "-i", cluster.Name, "--region", cluster.Region},
 		Env: []v1.ExecEnvVar{
 			{
 				Name:  "AWS_PROFILE",
-				Value: a.Profile,
+				Value: profile,
 			},
 		},
 		APIVersion: "client.authentication.k8s.io/v1beta1",

internal/commands/root.go

@@ -19,7 +19,7 @@ var (
 var rootCmd = &cobra.Command{
 	Use:     "gogok8s",
 	Short:   "gogok8s helps manage your k8s cluster kubeconfig(s)",
-	Version: "v0.0.6",
+	Version: "v0.0.8",
 }
 
 func init() {