Merge pull request #33 from IBM/deleteIngress

Delete ingress
IBM · Aug 11, 2021 · bdde63b · bdde63b
2 parents eebf839 + 94ce4e2
commit bdde63b
Show file tree

Hide file tree

Showing 4 changed files with 85 additions and 51 deletions.
diff --git a/src/common/functions.py b/src/common/functions.py
@@ -5,7 +5,7 @@
 from ibm_platform_services import ResourceControllerV2, ResourceManagerV2
 from ibm_cloud_networking_services import ZonesV1
 from ibm_cloud_sdk_core.authenticators import IAMAuthenticator
-
+import os
 
 class Color:
     PURPLE = '\033[95m'
@@ -82,6 +82,7 @@ class IntegrationInfo:
     standard = False
     token = None
     vpc_name = ''
+    id_token = ''
 
     # loads .env file if it exists
     def read_envfile(self, filename):
@@ -110,6 +111,24 @@ def read_envfile(self, filename):
             self.app_url = env_vars["APP_DOMAIN"]
             self.cis_api_key = env_vars["CIS_SERVICES_APIKEY"]
             self.api_endpoint = env_vars["API_ENDPOINT"]
+    def get_id_token(self):
+        if self.iks_master_url =="":
+            print(Color.RED+"ERROR: Public service endpoint for IKS Cluster is not enabled"+Color.END)
+        #1. get id token to make Kubernetes API calls
+        url = "https://iam.cloud.ibm.com/identity/token"
+
+        payload="grant_type=urn%3Aibm%3Aparams%3Aoauth%3Agrant-type%3Aapikey&apikey="+os.getenv("CIS_SERVICES_APIKEY")
+        headers = {
+            'content-type': 'application/x-www-form-urlencoded',
+            'Authorization': 'Basic a3ViZTprdWJl',
+            'cache-control': 'no-cache'
+        }
+        try:
+            response = requests.request("POST", url, headers=headers, data=payload)
+            data=json.loads(response.text)
+            self.id_token = data["id_token"]
+        except:
+            print(Color.RED+"ERROR: Unable to get id token"+Color.END)
 
     def request_token(self):
         """
@@ -138,7 +157,7 @@ def get_iks_info(self):
           'Authorization': self.token["access_token"],
           'X-Auth-Resource-Group': self.resource_id
         }
-        
+
         try:
             response = requests.request("GET", url, headers=headers, data=payload)
 

diff --git a/src/iks/create_ingress.py b/src/iks/create_ingress.py
@@ -1,10 +1,9 @@
 import requests
-import os
 import json
 from src.common.functions import Color as Color
 
 class IngressCreator:
-    def __init__(self, clusterNameOrID, resourceGroupID, namespace, secretName, serviceName, servicePort, accessToken, refreshToken, ingressSubdomain, iks_master_url):
+    def __init__(self, clusterNameOrID, resourceGroupID, namespace, secretName, serviceName, servicePort, accessToken, refreshToken, ingressSubdomain, iks_master_url, idToken):
         self.clusterNameOrID=clusterNameOrID
         self.resourceGroupID=resourceGroupID
         self.namespace=namespace
@@ -15,35 +14,17 @@ def __init__(self, clusterNameOrID, resourceGroupID, namespace, secretName, serv
         self.refreshToken=refreshToken
         self.ingressSubdomain=ingressSubdomain
         self.iks_master_url=iks_master_url
+        self.idToken=idToken
+
+    def create_ingress(self):  
 
-    def create_ingress(self):
-      if self.iks_master_url =="":
-        print(Color.RED+"ERROR: Public service endpoint for IKS Cluster is not enabled"+Color.END)
-      #1. get id token to make kubernetes API calls
-      url = "https://iam.cloud.ibm.com/identity/token"
-
-      payload="grant_type=urn%3Aibm%3Aparams%3Aoauth%3Agrant-type%3Aapikey&apikey="+os.getenv("CIS_SERVICES_APIKEY")
-      headers = {
-        'content-type': 'application/x-www-form-urlencoded',
-        'Authorization': 'Basic a3ViZTprdWJl',
-        'cache-control': 'no-cache'
-      }
-      try:
-        response = requests.request("POST", url, headers=headers, data=payload)
-        data=json.loads(response.text)
-        idToken=data["id_token"]
-      except:
-        print(Color.RED+"ERROR: Unable to get id token"+Color.END)
-
-
-
-      #2. apply yaml file through kubernetes API
+      #1. apply ingress file with the Kubernetes API
       url = self.iks_master_url+"/apis/networking.k8s.io/v1beta1/namespaces/"+self.namespace+"/ingresses"
       payload = json.dumps({
         "apiVersion": "networking.k8s.io/v1beta1",
         "kind": "Ingress",
         "metadata": {
-          "name": "cis-cert",
+          "name": "cis-ingress",
           "annotations": {
             "nginx.ingress.kubernetes.io/ssl-redirect": "false"
           }
@@ -76,13 +57,13 @@ def create_ingress(self):
         }
       })
       headers = {
-        'Authorization': 'bearer'+' '+idToken,
+        'Authorization': 'bearer'+' '+self.idToken,
         'Content-Type': 'application/json'
       }
       try:
         response = requests.request("POST", url, headers=headers, data=payload, verify=False)
         print(Color.GREEN+"SUCCESS: Created ingress file"+Color.END)
-        
+
       except:
         print(Color.RED+"ERROR: Unable to create ingress file"+Color.END)
 

diff --git a/src/iks/delete_ingress.py b/src/iks/delete_ingress.py
@@ -0,0 +1,30 @@
+import requests
+import json
+from src.common.functions import Color as Color
+
+class DeleteIngress:
+    def __init__(self, namespace, id_token, iks_master_url) -> None:
+        self.namespace = namespace
+        self.id_token= id_token
+        self.iks_master_url = iks_master_url
+
+    def delete_ingress(self):
+
+        #Delete ingress file with Kubernetes API
+        url = self.iks_master_url+"/apis/networking.k8s.io/v1beta1/namespaces/"+self.namespace+"/ingresses/cis-ingress"
+
+        payload={}
+        headers = {
+        'Authorization': 'bearer '+self.id_token
+        }
+
+        try:
+            response = requests.request("DELETE", url, headers=headers, data=payload, verify=False)
+            data=json.loads(response.text)
+
+            if data["status"]!="Failure":            
+                print(Color.GREEN+"SUCCESS: Deleted ingress file"+Color.END)
+            else:
+                print(Color.RED+"ERROR: Unable to delete ingress file"+Color.END)
+        except:
+            print(Color.RED+"ERROR: Unable to delete ingress file"+Color.END)
diff --git a/src/iks/iks.py b/src/iks/iks.py
@@ -1,3 +1,4 @@
+from src.iks.delete_ingress import DeleteIngress
 from src.iks.certcreate_iks import SecretCertificateCreator
 from src.iks.create_ingress import IngressCreator
 from src.common.dns_creator import DNSCreator
@@ -73,11 +74,17 @@ def handle_args(args):
     # common arguments
     UserInfo.request_token()
 
-    if not UserInfo.delete:
-        UserInfo.iks_cluster_id = args.iks_cluster_id
-        if UserInfo.iks_cluster_id is None:
-            print("You did not specify an IKS cluster ID.")
-            sys.exit(1)
+
+    UserInfo.iks_cluster_id = args.iks_cluster_id
+    if UserInfo.iks_cluster_id is None:
+        print("You did not specify an IKS cluster ID.")
+        sys.exit(1)
+
+    UserInfo.resource_group = args.resource_group
+    if UserInfo.resource_group is None:
+        print("You did not specify a resource group.")
+        sys.exit(1)
+    UserInfo.get_resource_id()
 
     iks_info = UserInfo.get_iks_info()
 
@@ -88,13 +95,6 @@ def handle_args(args):
 
     # terraforming vs. not terraforming
     if UserInfo.terraforming and not UserInfo.delete:
-        UserInfo.resource_group = args.resource_group
-        if UserInfo.resource_group is None:
-            print("You did not specify a resource group.")
-            sys.exit(1)
-
-        UserInfo.get_resource_id()
-
         UserInfo.cis_name = args.name
         if UserInfo.cis_name is None:
             print("You did not specify a CIS Name.")
@@ -111,11 +111,6 @@ def handle_args(args):
             print("You did not specify a VPC instance name.")
             sys.exit(1)
 
-        UserInfo.resource_group = args.resource_group
-        if UserInfo.resource_group is None:
-            print("You did not specify a resource group.")
-            sys.exit(1)
-
         UserInfo.namespace = args.namespace
         if UserInfo.namespace is None:         
             print("You did not specify a namespace for IKS cluster.")
@@ -157,8 +152,14 @@ def iks(args):
 
     UserInfo = handle_args(args)
     if UserInfo.delete and not UserInfo.terraforming:
+
         delete_dns = DeleteDNS(UserInfo.crn, UserInfo.zone_id, UserInfo.api_endpoint, UserInfo.cis_domain)
         delete_dns.delete_dns()
+
+
+        UserInfo.get_id_token()
+        delete_ingress = DeleteIngress(UserInfo.namespace,UserInfo.id_token,UserInfo.iks_master_url)
+        delete_ingress.delete_ingress()
 
     elif UserInfo.delete and UserInfo.terraforming:
         delete_workspaces = DeleteWorkspace(UserInfo.crn, UserInfo.zone_id,
@@ -191,7 +192,7 @@ def iks(args):
         # 2. Generate certificate in manager if necessary
 
         UserInfo.cert_name="cis-cert"
-        '''
+
         cms_id = UserInfo.get_cms()
         # print("\n"+cms_id)
         user_cert = SecretCertificateCreator(
@@ -204,11 +205,12 @@ def iks(args):
             cert_name=UserInfo.cert_name
             )
         user_cert.create_secret()
-
+        
 
-        '''
-        #3 generate ingress
 
+        #3 Generate ingress file
+
+        UserInfo.get_id_token()
         UserInfo.secret_name=UserInfo.cert_name
         user_ingress = IngressCreator(
             clusterNameOrID=UserInfo.iks_cluster_id,
@@ -220,8 +222,10 @@ def iks(args):
             accessToken=UserInfo.token["access_token"], 
             refreshToken=UserInfo.token["refresh_token"],
             ingressSubdomain=UserInfo.app_url,
-            iks_master_url=UserInfo.iks_master_url
+            iks_master_url=UserInfo.iks_master_url,
+            idToken=UserInfo.id_token
         )
+
         user_ingress.create_ingress()