-
Notifications
You must be signed in to change notification settings - Fork 1
/
root.go
71 lines (58 loc) · 2.25 KB
/
root.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
package cmd
import (
"fmt"
"os"
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
"github.com/spf13/viper"
)
var (
// Used for flags.
cfgFile string
context string
rootCmd = &cobra.Command{
Use: "kubectl-lock",
Short: "A pane of glass between you and your Kubernetes clusters.",
Long: "kube-lock sits as an intermediary between you and kubectl, allowing you to lock and unlock contexts.\n\nThis aims to prevent misfires to production / high-value Kubernetes clusters that you might have strong IAM privileges on. kube-lock supports custom 'Profiles', allowing you to restrict certain verbs from being passed to high-value clusters. \n\nWARNING: This tool DOES NOT serve as an alternative to Kubernetes Role-Based Access Control, the de-facto standard method of configuring access to the Kubernetes API. This tool provides a convenient layer of protection if you happen to have privileged credentials to a Kubernetes cluster stored locally and an extra layer of protection is preferred.",
}
)
// Execute executes the root command.
func Execute() error {
return rootCmd.Execute()
}
func init() {
cobra.OnInitialize(initConfig)
rootCmd.PersistentFlags().BoolVarP(&debug, "debug", "d", false, "verbose logging")
rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.cobra.yaml)")
rootCmd.PersistentFlags().StringVar(&context, "context", "", "the Kubernetes context you want to address")
}
func initConfig() {
if cfgFile != "" {
// Use config file from the flag.
viper.SetConfigFile(cfgFile)
} else {
// Find home directory.
home, err := os.UserHomeDir()
cobra.CheckErr(err)
// Search config in home directory with name ".kube-lock" (without extension).
viper.AddConfigPath(home)
viper.SetConfigType("yaml")
viper.SetConfigName(".kube-lock")
configFilePath := home + "/.kube-lock.yaml"
_, err = os.Stat(configFilePath)
// create file if not exists
if os.IsNotExist(err) {
file, err := os.Create(configFilePath)
if err != nil {
fmt.Println(err.Error())
os.Exit(1)
}
defer file.Close()
fmt.Println("File Created Successfully", configFilePath)
}
}
viper.AutomaticEnv()
if err := viper.ReadInConfig(); err == nil {
log.Debug("Using config file:", viper.ConfigFileUsed())
}
}