/
parse.go
132 lines (126 loc) · 3.89 KB
/
parse.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
package kubernetes
import (
"context"
"errors"
"fmt"
"github.com/armory/spinnaker-operator/pkg/accounts/account"
"github.com/armory/spinnaker-operator/pkg/apis/spinnaker/interfaces"
"github.com/armory/spinnaker-operator/pkg/inspect"
"github.com/armory/spinnaker-operator/pkg/secrets"
"github.com/armory/spinnaker-operator/pkg/util"
"github.com/ghodss/yaml"
v1 "k8s.io/client-go/tools/clientcmd/api/v1"
yamlk8s "sigs.k8s.io/yaml"
)
func (k *AccountType) FromCRD(account interfaces.SpinnakerAccount) (account.Account, error) {
a := k.newAccount()
a.Name = account.GetName()
a.Settings = account.GetSpec().Settings
a.Auth = account.GetSpec().Kubernetes
if a.Auth == nil {
return nil, noKubernetesDefinedError
}
// Parse settings relevant to the environment
if err := inspect.Source(&a.Env, account.GetSpec().Settings); err != nil {
return nil, err
}
return a, nil
}
func (k *AccountType) FromSpinnakerConfig(ctx context.Context, settings map[string]interface{}) (account.Account, error) {
a := k.newAccount()
n, ok := settings["name"]
if !ok {
return nil, fmt.Errorf("%s account missing name", a.GetType())
}
if name, ok := n.(string); ok {
a.Name = name
} else {
return nil, fmt.Errorf("name is not a string")
}
auth, err := k.authFromSpinnakerConfig(ctx, a.Name, settings)
if err != nil {
return nil, err
}
a.Auth = auth
a.Settings = settings
return a, nil
}
func (k *AccountType) authFromSpinnakerConfig(ctx context.Context, name string, settings map[string]interface{}) (*interfaces.KubernetesAuth, error) {
res := &interfaces.KubernetesAuth{}
kubeconfigFile, err := inspect.GetObjectPropString(ctx, settings, "kubeconfigFile")
if err == nil {
res.KubeconfigFile = kubeconfigFile
return res, nil
}
sa, ok := settings["serviceAccount"]
if ok {
s, sok := sa.(bool)
if !sok {
return nil, fmt.Errorf("serviceAccount is not a boolean: %s", sa)
}
res.UseServiceAccount = s
return res, nil
}
kubeContent, ok := settings["kubeconfigContents"]
if ok {
c := &v1.Config{}
sKube, sok := kubeContent.(string)
if !sok {
return nil, fmt.Errorf("kubeconfigContents is not a string: %s", kubeContent)
}
bytes := []byte(sKube)
err := yamlk8s.Unmarshal(bytes, c)
if err != nil {
return nil, err
}
res.Kubeconfig = c
return res, nil
}
return nil, fmt.Errorf("unable to parse account %s: no valid kubeconfig file, kubeconfig content or service account information found", name)
}
// ToSpinnakerSettings outputs an account (either parsed from CRD or from settings) to Spinnaker settings
func (k *Account) ToSpinnakerSettings(ctx context.Context) (map[string]interface{}, error) {
m := k.BaseAccount.BaseToSpinnakerSettings(k)
if k.Auth != nil {
m["providerVersion"] = "V2"
if err := k.kubeAuthToSpinnakerSettings(ctx, m); err != nil {
return nil, err
}
}
return m, nil
}
func (k *Account) kubeAuthToSpinnakerSettings(ctx context.Context, settings map[string]interface{}) error {
if k.Auth.KubeconfigFile != "" {
// Must be referencing a file either as a secret or made available to Spinnaker out of band
// pass as is
settings[KubeconfigFileSettings] = k.Auth.KubeconfigFile
return nil
}
if k.Auth.Kubeconfig != nil {
// Let's just serialize the inlined kubeconfig
b, err := yaml.Marshal(k.Auth.Kubeconfig)
if err != nil {
return err
}
settings[KubeconfigFileContentSettings] = string(b)
return nil
}
if k.Auth.KubeconfigSecret != nil {
sc, err := secrets.FromContextWithError(ctx)
if err != nil {
return err
}
config, err := util.GetSecretContent(sc.RestConfig, sc.Namespace, k.Auth.KubeconfigSecret.Name, k.Auth.KubeconfigSecret.Key)
if err != nil {
return err
}
// TODO change to a file, track it and add to secret
settings[KubeconfigFileContentSettings] = config
return nil
}
if k.Auth.UseServiceAccount {
settings[UseServiceAccount] = k.Auth.UseServiceAccount
return nil
}
return errors.New("auth method not implemented")
}