Skip to content

Commit

Permalink
feat(deploy): add --skip-tls-verify-kube, --kube-api-server, --kube-c…
Browse files Browse the repository at this point in the history
…a-path, --kube-tls-server, --kube-token, --skip-tls-verify-helm-dependencies options to bundles

Signed-off-by: Ilya Lesikov <ilya@lesikov.com>
  • Loading branch information
ilya-lesikov committed Jan 22, 2025
1 parent 7256b90 commit a2a810c
Show file tree
Hide file tree
Showing 3 changed files with 42 additions and 6 deletions.
17 changes: 15 additions & 2 deletions cmd/werf/bundle/apply/apply.go
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,12 @@ func NewCmd(ctx context.Context) *cobra.Command {
common.SetupDockerConfig(&commonCmdData, cmd, "Command needs granted permissions to read, pull and push images into the specified repo, to pull base images")
common.SetupInsecureRegistry(&commonCmdData, cmd)
common.SetupInsecureHelmDependencies(&commonCmdData, cmd, false)
common.SetupSkipTLSVerifyKube(&commonCmdData, cmd)
common.SetupKubeApiServer(&commonCmdData, cmd)
common.SetupSkipTlsVerifyHelmDependencies(&commonCmdData, cmd)
common.SetupKubeCaPath(&commonCmdData, cmd)
common.SetupKubeTlsServer(&commonCmdData, cmd)
common.SetupKubeToken(&commonCmdData, cmd)
common.SetupSkipTlsVerifyRegistry(&commonCmdData, cmd)
common.SetupContainerRegistryMirror(&commonCmdData, cmd)

Expand Down Expand Up @@ -221,6 +227,11 @@ func runApply(ctx context.Context) error {
},
ReleasesHistoryMax: *commonCmdData.ReleasesHistoryMax,
RegistryClient: helmRegistryClient,
KubeToken: *commonCmdData.KubeToken,
KubeAPIServerName: *commonCmdData.KubeApiServer,
KubeCAPath: *commonCmdData.KubeCaPath,
KubeTLSServerName: *commonCmdData.KubeTlsServer,
KubeSkipTLSVerify: *commonCmdData.SkipTlsVerifyKube,
QPSLimit: *commonCmdData.KubeQpsLimit,
BurstLimit: *commonCmdData.KubeBurstLimit,
}); err != nil {
Expand Down Expand Up @@ -330,8 +341,10 @@ func runApply(ctx context.Context) error {
Mapper: clientFactory.Mapper(),
})

// FIXME(ilya-lesikov): there is more chartpath options, are they needed?
chartPathOptions := action.ChartPathOptions{}
chartPathOptions := action.ChartPathOptions{
InsecureSkipTLSverify: *commonCmdData.SkipTlsVerifyHelmDependencies,
PlainHTTP: *commonCmdData.InsecureHelmDependencies,
}
chartPathOptions.SetRegistryClient(actionConfig.RegistryClient)

actionConfig.Releases.MaxHistory = *commonCmdData.ReleasesHistoryMax
Expand Down
21 changes: 17 additions & 4 deletions cmd/werf/bundle/render/render.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,12 @@ func NewCmd(ctx context.Context) *cobra.Command {
common.SetupDockerConfig(&commonCmdData, cmd, "Command needs granted permissions to read, pull and push images into the specified repo, to pull base images")
common.SetupInsecureRegistry(&commonCmdData, cmd)
common.SetupInsecureHelmDependencies(&commonCmdData, cmd, false)
common.SetupSkipTLSVerifyKube(&commonCmdData, cmd)
common.SetupKubeApiServer(&commonCmdData, cmd)
common.SetupSkipTlsVerifyHelmDependencies(&commonCmdData, cmd)
common.SetupKubeCaPath(&commonCmdData, cmd)
common.SetupKubeTlsServer(&commonCmdData, cmd)
common.SetupKubeToken(&commonCmdData, cmd)
common.SetupSkipTlsVerifyRegistry(&commonCmdData, cmd)
common.SetupContainerRegistryMirror(&commonCmdData, cmd)

Expand Down Expand Up @@ -199,8 +205,13 @@ func runRender(ctx context.Context) error {
ConfigDataBase64: *commonCmdData.KubeConfigBase64,
ConfigPathMergeList: *commonCmdData.KubeConfigPathMergeList,
},
QPSLimit: *commonCmdData.KubeQpsLimit,
BurstLimit: *commonCmdData.KubeBurstLimit,
KubeToken: *commonCmdData.KubeToken,
KubeAPIServerName: *commonCmdData.KubeApiServer,
KubeCAPath: *commonCmdData.KubeCaPath,
KubeTLSServerName: *commonCmdData.KubeTlsServer,
KubeSkipTLSVerify: *commonCmdData.SkipTlsVerifyKube,
QPSLimit: *commonCmdData.KubeQpsLimit,
BurstLimit: *commonCmdData.KubeBurstLimit,
},
); err != nil {
return err
Expand Down Expand Up @@ -318,8 +329,10 @@ func runRender(ctx context.Context) error {
},
}, releaseNamespaceOptions)

// FIXME(ilya-lesikov): there is more chartpath options, are they needed?
chartPathOptions := action.ChartPathOptions{}
chartPathOptions := action.ChartPathOptions{
InsecureSkipTLSverify: *commonCmdData.SkipTlsVerifyHelmDependencies,
PlainHTTP: *commonCmdData.InsecureHelmDependencies,
}
chartPathOptions.SetRegistryClient(actionConfig.RegistryClient)

if !cmdData.Validate {
Expand Down
10 changes: 10 additions & 0 deletions pkg/deploy/helm/init.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,11 @@ type InitActionConfigOptions struct {
KubeConfigOptions kube.KubeConfigOptions
ReleasesHistoryMax int
RegistryClient *registry.Client
KubeToken string
KubeAPIServerName string
KubeCAPath string
KubeTLSServerName string
KubeSkipTLSVerify bool
QPSLimit int
BurstLimit int
}
Expand All @@ -36,6 +41,11 @@ func InitActionConfig(ctx context.Context, kubeInitializer KubeInitializer, name
configGetter, err := kube.NewKubeConfigGetter(kube.KubeConfigGetterOptions{
KubeConfigOptions: opts.KubeConfigOptions,
Namespace: namespace,
BearerToken: opts.KubeToken,
APIServer: opts.KubeAPIServerName,
CAFile: opts.KubeCAPath,
TLSServerName: opts.KubeTLSServerName,
SkipTLSVerify: opts.KubeSkipTLSVerify,
QPSLimit: opts.QPSLimit,
BurstLimit: opts.BurstLimit,
})
Expand Down

0 comments on commit a2a810c

Please sign in to comment.