Refactory kn CLI

.dockerignore

@@ -0,0 +1,7 @@
+**/*.tfvars
+**/terraform.tfstate
+**/terraform.tfstate.backup
+**/.terraform
+inventory
+**/*.retry
+test-deployment

.gitignore

@@ -2,6 +2,6 @@
 **/terraform.tfstate
 **/terraform.tfstate.backup
 **/.terraform
-**/inventory
-**/packer-conf.json
+inventory
 **/*.retry
+test-deployment

.travis.yml

@@ -46,6 +46,8 @@ before_install:
   # Install pip deps
   - sudo pip install --upgrade pip
   - sudo pip install ansible-lint=="${ANSIBLE_LINT_VERSION}"
+  # Pull hadolint
+  - docker pull lukasmartinelli/hadolint
 
   # Check code quality
   # check Terraform
@@ -60,6 +62,8 @@ before_install:
   # check Shell
   - shellcheck $(find . -type f -name "*.sh")
   - shellcheck bin/*
+  # check Dockerfile
+  - docker run --rm -i lukasmartinelli/hadolint < Dockerfile
 
 # Build Docker image
 install: docker build -t kubenow/provisioners:latest .

Dockerfile

@@ -6,6 +6,10 @@ ENV TERRAFORM_VERSION=0.9.4
 ENV TERRAFORM_SHA256SUM=cc1cffee3b82820b7f049bb290b841762ee920aef3cf4d95382cc7ea01135707
 ENV ANSIBLE_VERSION=2.2.0.0
 ENV LIBCLOUD_VERSION=1.5.0
+ENV J2CLI_VERSION=0.3.1.post0
+ENV DNSPYTHON_VERSION=1.15.0
+ENV JMESPATH_VERSION=0.9.3
+ENV SHADE_VERSION=1.21.0
 
 # Install APK deps
 RUN apk add --update \
@@ -20,25 +24,26 @@ RUN apk add --update \
 
 # Install PIP deps
 RUN pip install \
-  ansible==$ANSIBLE_VERSION \
-  j2cli \
-  dnspython \
-  jmespath \
-  apache-libcloud==$LIBCLOUD_VERSION \
-  shade
+  ansible=="$ANSIBLE_VERSION" \
+  j2cli=="$J2CLI_VERSION" \
+  dnspython=="$DNSPYTHON_VERSION" \
+  jmespath=="$JMESPATH_VERSION" \
+  apache-libcloud=="$LIBCLOUD_VERSION" \
+  shade=="$SHADE_VERSION"
 
 # Install Terraform
-RUN curl https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip > \
-    terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
+RUN curl "https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip" > \
+    "terraform_${TERRAFORM_VERSION}_linux_amd64.zip" && \
     echo "${TERRAFORM_SHA256SUM}  terraform_${TERRAFORM_VERSION}_linux_amd64.zip" > \
-    terraform_${TERRAFORM_VERSION}_SHA256SUMS && \
-    sha256sum -cs terraform_${TERRAFORM_VERSION}_SHA256SUMS && \
-    unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /bin && \
-    rm -f terraform_${TERRAFORM_VERSION}_linux_amd64.zip
+    "terraform_${TERRAFORM_VERSION}_SHA256SUMS" && \
+    sha256sum -cs "terraform_${TERRAFORM_VERSION}_SHA256SUMS" && \
+    unzip "terraform_${TERRAFORM_VERSION}_linux_amd64.zip" -d /bin && \
+    rm -f "terraform_${TERRAFORM_VERSION}_linux_amd64.zip"
 
 # Add KubeNow (and group)
 COPY . /opt/KubeNow
+RUN cp /opt/KubeNow/bin/* /bin
 WORKDIR /opt/KubeNow
 
 # Set entrypoint
-ENTRYPOINT ["sh","-c"]
+ENTRYPOINT ["/opt/KubeNow/bin/docker-entrypoint"]

bin/docker-entrypoint

@@ -0,0 +1,28 @@
+#!/bin/ash
+# shellcheck shell=bash
+
+# Copy host PWD in container PWD
+cp /var/userdir/terraform.tfvars ./ 2>/dev/null
+cp -R /var/userdir/.terraform ./ 2>/dev/null
+cp /var/userdir/terraform.tfstate ./ 2>/dev/null
+cp /var/userdir/inventory ./ 2>/dev/null
+cp /var/userdir/ssh_key* ./ 2>/dev/null
+cp /var/userdir/service-account.json ./ 2>/dev/null
+
+# Setup SSH
+eval "$(ssh-agent -s)" &>/dev/null
+ssh-add ssh_key 2>/dev/null
+
+# Run user command
+"$@" ; URS_COMMAND_STATUS="$?"
+
+# Copy container PWD in host PWD
+cp -R ./.terraform /var/userdir/ 2>/dev/null
+cp ./terraform.tfstate /var/userdir/ 2>/dev/null
+cp ./inventory /var/userdir/ 2>/dev/null
+
+# Change ownership to host user
+chown -R "$HOST_USR_UID" /var/userdir/
+
+# Return user command status code
+exit "$URS_COMMAND_STATUS"

bin/init-kn

@@ -0,0 +1,16 @@
+#!/bin/ash
+# shellcheck shell=bash
+
+echo "Initializing $INIT_DIR deployment directory..."
+
+# Copy templates
+cp templates/terraform.tfvars.*-template /var/userdir
+
+# Generate and write kubetoken
+tokenID=$(openssl rand -hex 3)
+tokenVal=$(openssl rand -hex 8)
+token="$tokenID.$tokenVal"
+sed -i '' -e "s/your-kubeadm-token/${token}/g" /var/userdir/terraform.tfvars.*-template
+
+# Generate SSH keys
+ssh-keygen -t rsa -N '' -f /var/userdir/ssh_key

bin/kn

@@ -10,6 +10,7 @@ Commands:
   ansible             run Ansible. More help: kn ansible --help
   ansible-playbook    run an Ansible playbook.
                       More help: kn ansible-playbook --help
+  kubetoken           generate and print a kubeadm token
 EOM
 
 # Validate command
@@ -19,7 +20,7 @@ if [ "$#" -eq 0 ]; then
   exit 1
 fi
 COMMAND="$1"
-ALLOWED="help init terraform ansible ansible-playbook"
+ALLOWED="help init terraform ansible ansible-playbook kubetoken"
 if [[ ! "$ALLOWED" =~ $COMMAND ]]; then
   >&2 echo "Error: unrecognized command '$COMMAND'"
   echo "$USAGE"
@@ -46,49 +47,38 @@ if [ "$COMMAND" = "init" ]; then
     >&2 echo "Error: $INIT_DIR already exists"
     exit 1
   fi
-  # Init
-  echo "Initializing $INIT_DIR deployment directory..."
+  # Wrap docker run
   mkdir -p "$INIT_DIR"
-  # Copy templates
-  docker run --rm -v "$INIT_DIR":/var/userdir \
-    kubenow/provisioners \
-    'cp templates/terraform.tfvars.*-template /var/userdir'
-  # Generate and write kubetoken
-  # shellcheck disable=SC2016
-  token=$(docker run --rm kubenow/provisioners 'echo `openssl rand -hex 3`.`openssl rand -hex 8`')
-  sed -i '' -e "s/your-kubeadm-token/${token}/g" "$INIT_DIR"/terraform.tfvars.*-template
-  # Generate SSH keys
-  ssh-keygen -t rsa -N '' -f "$INIT_DIR"/ssh_key
-  exit 0
+  docker run --rm -it \
+    -v "$INIT_DIR":/var/userdir \
+    -e "HOST_USR_UID=$UID" \
+    kubenow/provisioners:"$KUBENOW_VERSION" \
+    "init-kn"
+  exit "$?"
 fi
 
 # Validate PWD
-if [ ! -f ssh_key ] || [ ! -f ssh_key.pub ] ; then
-    >&2 echo "Error: ssh_key not found. Are you in the right directory?"
-    exit 1
-fi
-if [ ! -f terraform.tfvars ] ; then
-    >&2 echo "Error: terraform.tfvars not found. Please create one using the templates."
-    exit 1
-fi
+if [ "$COMMAND" != "kubetoken" ]; then
+  if [ ! -f ssh_key ] || [ ! -f ssh_key.pub ] ; then
+      >&2 echo "Error: ssh_key not found. Are you in the right directory?"
+      exit 1
+  fi
+  if [ ! -f terraform.tfvars ] ; then
+      >&2 echo "Error: terraform.tfvars not found. Please create one using the templates."
+      exit 1
+  fi
 
-# If no version specified take stable
-if [ -z "$KUBENOW_VERSION" ] ; then
-  KUBENOW_VERSION="latest"
+  # If no version specified take stable
+  if [ -z "$KUBENOW_VERSION" ] ; then
+    KUBENOW_VERSION="latest"
+  fi
 fi
 
 # Wrap docker run
-# this run the user command inside a Docker container that has all of the deps
-# for KubeNow satisfied. Before running all the needed statusa and conf files 
-# are copied inside the container, and copied back to the host machine afterwards.
-# To avoid permission problems we change the ownership of the files to UID after
-# running the user command. 
-
-# shellcheck disable=SC2124
-USR_COMMAND="$@"
-# shellcheck disable=SC2016
+USR_COMMAND="$*"
 docker run --rm -it \
   -v "$PWD":/var/userdir \
+  -e "HOST_USR_UID=$UID" \
   -e "OS_USERNAME=$OS_USERNAME" \
   -e "OS_PASSWORD=$OS_PASSWORD" \
   -e "OS_AUTH_URL=$OS_AUTH_URL" \
@@ -99,17 +89,5 @@ docker run --rm -it \
   -e "OS_TENANT_ID=$OS_TENANT_ID" \
   -e "OS_TENANT_NAME=$OS_TENANT_NAME" \
   -e "OS_AUTH_VERSION=$OS_AUTH_VERSION" \
-  kubenow/provisioners:$KUBENOW_VERSION \
-  'cp /var/userdir/terraform.tfvars ./ 2>/dev/null ;
-  cp -R /var/userdir/.terraform ./ 2>/dev/null ;
-  cp /var/userdir/terraform.tfstate ./ 2>/dev/null ;
-  cp /var/userdir/inventory ./ 2>/dev/null ;
-  cp /var/userdir/ssh_key* ./ 2>/dev/null ;
-  cp /var/userdir/service-account.json ./ 2>/dev/null ;
-  eval `ssh-agent -s` &>/dev/null ; ssh-add ssh_key 2>/dev/null ;
-  '"$USR_COMMAND"' ; URS_COMMAND_STATUS=$? ;
-  cp -R ./.terraform /var/userdir/ 2>/dev/null ;
-  cp ./terraform.tfstate /var/userdir/ 2>/dev/null ;
-  cp ./inventory /var/userdir/ 2>/dev/null ;
-  chown -R '"$UID"' /var/userdir/ ;
-  exit $URS_COMMAND_STATUS'
+  kubenow/provisioners:"$KUBENOW_VERSION" \
+  "$USR_COMMAND"

generate_kubetoken.sh → bin/kubetoken

@@ -1,4 +1,5 @@
-#!/bin/bash
+#!/bin/ash
+# shellcheck shell=bash
 # kube token format: 7fa96f.ddb39492a1894689
 # see https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/util/tokens.go
 tokenID=$(openssl rand -hex 3)