forked from kubernetes/kops
/
kubecfg_builder.go
138 lines (115 loc) · 3.78 KB
/
kubecfg_builder.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
package kutil
import (
"fmt"
"github.com/golang/glog"
"k8s.io/kubernetes/pkg/client/unversioned/clientcmd"
"os"
"os/exec"
"path"
"strings"
)
// KubeconfigBuilder builds a kubecfg file
// This logic previously lives in the bash scripts (create-kubeconfig in cluster/common.sh)
type KubeconfigBuilder struct {
KubectlPath string
KubeconfigPath string
KubeMasterIP string
Context string
KubeBearerToken string
KubeUser string
KubePassword string
CACert string
KubecfgCert string
KubecfgKey string
}
func (c *KubeconfigBuilder) Init() {
c.KubectlPath = "kubectl" // default to in-path
kubeconfig := os.Getenv(clientcmd.RecommendedConfigPathEnvVar)
if kubeconfig == "" {
kubeconfig = clientcmd.RecommendedHomeFile
}
c.KubeconfigPath = kubeconfig
}
func (c *KubeconfigBuilder) WriteKubecfg() error {
if _, err := os.Stat(c.KubeconfigPath); os.IsNotExist(err) {
err := os.MkdirAll(path.Dir(c.KubeconfigPath), 0700)
if err != nil {
return fmt.Errorf("error creating directories for %q: %v", c.KubeconfigPath, err)
}
f, err := os.OpenFile(c.KubeconfigPath, os.O_RDWR|os.O_CREATE, 0600)
if err != nil {
return fmt.Errorf("error creating config file %q: %v", c.KubeconfigPath, err)
}
f.Close()
}
var clusterArgs []string
clusterArgs = append(clusterArgs, "--server=https://"+c.KubeMasterIP)
if c.CACert == "" {
clusterArgs = append(clusterArgs, "--insecure-skip-tls-verify=true")
} else {
clusterArgs = append(clusterArgs, "--certificate-authority="+c.CACert)
clusterArgs = append(clusterArgs, "--embed-certs=true")
}
var userArgs []string
if c.KubeBearerToken != "" {
userArgs = append(userArgs, "--token="+c.KubeBearerToken)
} else if c.KubeUser != "" && c.KubePassword != "" {
userArgs = append(userArgs, "--username="+c.KubeUser)
userArgs = append(userArgs, "--password="+c.KubePassword)
}
if c.KubecfgCert != "" && c.KubecfgKey != "" {
userArgs = append(userArgs, "--client-certificate="+c.KubecfgCert)
userArgs = append(userArgs, "--client-key="+c.KubecfgKey)
userArgs = append(userArgs, "--embed-certs=true")
}
setClusterArgs := []string{"config", "set-cluster", c.Context}
setClusterArgs = append(setClusterArgs, clusterArgs...)
err := c.execKubectl(setClusterArgs...)
if err != nil {
return err
}
if len(userArgs) != 0 {
setCredentialsArgs := []string{"config", "set-credentials", c.Context}
setCredentialsArgs = append(setCredentialsArgs, userArgs...)
err := c.execKubectl(setCredentialsArgs...)
if err != nil {
return err
}
}
err = c.execKubectl("config", "set-context", c.Context, "--cluster="+c.Context, "--user="+c.Context)
if err != nil {
return err
}
err = c.execKubectl("config", "use-context", c.Context, "--cluster="+c.Context, "--user="+c.Context)
if err != nil {
return err
}
// If we have a bearer token, also create a credential entry with basic auth
// so that it is easy to discover the basic auth password for your cluster
// to use in a web browser.
if c.KubeUser != "" && c.KubePassword != "" {
err := c.execKubectl("config", "set-credentials", c.Context+"-basic-auth", "--username="+c.KubeUser, "--password="+c.KubePassword)
if err != nil {
return err
}
}
fmt.Printf("Wrote config for %s to %q\n", c.Context, c.KubeconfigPath)
return nil
}
func (c *KubeconfigBuilder) execKubectl(args ...string) error {
cmd := exec.Command(c.KubectlPath, args...)
env := os.Environ()
env = append(env, fmt.Sprintf("KUBECONFIG=%s", c.KubeconfigPath))
cmd.Env = env
glog.V(2).Infof("Running command: %s", strings.Join(cmd.Args, " "))
output, err := cmd.CombinedOutput()
if err != nil {
if len(output) != 0 {
glog.Info("error running kubectl. Output follows:")
glog.Info(string(output))
}
return fmt.Errorf("error running kubectl: %v", err)
}
glog.V(2).Info(string(output))
return nil
}