generated from cloudoperators/repository-template
-
Notifications
You must be signed in to change notification settings - Fork 1
/
kubeconfig.go
121 lines (104 loc) · 3.51 KB
/
kubeconfig.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Greenhouse contributors
// SPDX-License-Identifier: Apache-2.0
package main
import (
"fmt"
"os"
"github.com/sirupsen/logrus"
"k8s.io/client-go/rest"
"k8s.io/client-go/tools/clientcmd"
"k8s.io/client-go/tools/clientcmd/api"
)
type KubeConfig struct {
config api.Config
logger *logrus.Logger
dataDir string
}
func (kc KubeConfig) addUser(name string, cfg *rest.Config, namespace string) {
kc.config.Contexts[name] = &api.Context{
Cluster: "default",
AuthInfo: name,
}
if namespace != "" {
kc.config.Contexts[name].Namespace = namespace
}
kc.config.AuthInfos[name] = &api.AuthInfo{
ClientCertificateData: cfg.CertData,
ClientKeyData: cfg.KeyData,
}
kc.logger.Infof("Added user %s to kubeconfig", name)
}
func (kc KubeConfig) writeFile(name string) error {
kc.logger.Info("Creating kubeconfig file")
kubeconfigFileName := kc.dataDir + "/" + name
if err := os.Truncate(kubeconfigFileName, 0); err != nil {
kc.logger.Printf("Failed to truncate: %v - continuing", err)
}
content, err := clientcmd.Write(kc.config)
if err != nil {
return fmt.Errorf("unable to write kubeconfig content: %w", err)
}
err = os.MkdirAll(kc.dataDir, os.ModePerm)
if err != nil {
return fmt.Errorf("unable to create target dir: %w", err)
}
kubeconfigFile, err := os.OpenFile(kubeconfigFileName, os.O_CREATE|os.O_WRONLY, os.FileMode(0755))
if err != nil {
return fmt.Errorf("unable to open kubeconfig file: %w", err)
}
defer func() {
if err = kubeconfigFile.Close(); err != nil {
err = fmt.Errorf("unable to close kubeconfig file: %w", err)
}
}()
if _, err := kubeconfigFile.Write(content); err != nil {
return fmt.Errorf("unable to write kubeconfig file: %w", err)
}
kc.logger.Infof("Created kubeconfig file: %s", kubeconfigFile.Name())
return err
}
func (kc KubeConfig) writeCertDataToFiles() error {
kc.logger.Info("Creating cert files")
for name, authData := range kc.config.AuthInfos {
certFileNameStub := kc.dataDir + "/" + name + ".client"
if err := os.Truncate(certFileNameStub+".key", 0); err != nil {
kc.logger.Printf("Failed trying to truncate: %v - continuing", err)
}
if err := os.Truncate(certFileNameStub+".crt", 0); err != nil {
kc.logger.Printf("Failed trying to truncate: %v - continuing", err)
}
err := os.MkdirAll(kc.dataDir, os.ModePerm)
if err != nil {
return fmt.Errorf("unable to create target dir: %w", err)
}
certFile, err := os.OpenFile(certFileNameStub+".crt", os.O_CREATE|os.O_WRONLY, os.FileMode(0755))
if err != nil {
return fmt.Errorf("unable to open certfile: %w", err)
}
// FIXME: defer called in for loop
defer func() {
if err := certFile.Close(); err != nil {
kc.logger.Errorf("unable to close certfile: %s", err.Error())
}
}()
if _, err := certFile.Write(authData.ClientCertificateData); err != nil {
return fmt.Errorf("unable to write certfile: %w", err)
}
kc.logger.Infof("Created certfile: %s", certFile.Name())
keyFile, err := os.OpenFile(certFileNameStub+".key", os.O_CREATE|os.O_WRONLY, os.FileMode(0755))
if err != nil {
return fmt.Errorf("unable to open keyfile: %w", err)
}
// FIXME: defer called in for loop
defer func() {
if err := keyFile.Close(); err != nil {
kc.logger.Errorf("unable to close keyfile: %s", err.Error())
}
}()
if _, err := keyFile.Write(authData.ClientKeyData); err != nil {
return fmt.Errorf("unable to write keyfile: %w", err)
}
kc.logger.Infof("Created keyfile: %s", keyFile.Name())
}
return nil
}