|
|
|
@ -28,6 +28,9 @@ import (
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
"github.com/spf13/cobra"
|
|
|
|
corev1 "k8s.io/api/core/v1"
|
|
|
|
corev1 "k8s.io/api/core/v1"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
"github.com/fluxcd/pkg/git"
|
|
|
|
|
|
|
|
"github.com/fluxcd/pkg/git/gogit"
|
|
|
|
|
|
|
|
|
|
|
|
"github.com/fluxcd/flux2/v2/internal/flags"
|
|
|
|
"github.com/fluxcd/flux2/v2/internal/flags"
|
|
|
|
"github.com/fluxcd/flux2/v2/internal/utils"
|
|
|
|
"github.com/fluxcd/flux2/v2/internal/utils"
|
|
|
|
"github.com/fluxcd/flux2/v2/pkg/bootstrap"
|
|
|
|
"github.com/fluxcd/flux2/v2/pkg/bootstrap"
|
|
|
|
@ -35,8 +38,6 @@ import (
|
|
|
|
"github.com/fluxcd/flux2/v2/pkg/manifestgen/install"
|
|
|
|
"github.com/fluxcd/flux2/v2/pkg/manifestgen/install"
|
|
|
|
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sourcesecret"
|
|
|
|
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sourcesecret"
|
|
|
|
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sync"
|
|
|
|
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sync"
|
|
|
|
"github.com/fluxcd/pkg/git"
|
|
|
|
|
|
|
|
"github.com/fluxcd/pkg/git/gogit"
|
|
|
|
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
var bootstrapGitCmd = &cobra.Command{
|
|
|
|
var bootstrapGitCmd = &cobra.Command{
|
|
|
|
@ -66,6 +67,9 @@ command will perform an upgrade if needed.`,
|
|
|
|
|
|
|
|
|
|
|
|
# Run bootstrap for a Git repository on Azure Devops
|
|
|
|
# Run bootstrap for a Git repository on Azure Devops
|
|
|
|
flux bootstrap git --url=ssh://git@ssh.dev.azure.com/v3/<org>/<project>/<repository> --ssh-key-algorithm=rsa --ssh-rsa-bits=4096 --path=clusters/my-cluster
|
|
|
|
flux bootstrap git --url=ssh://git@ssh.dev.azure.com/v3/<org>/<project>/<repository> --ssh-key-algorithm=rsa --ssh-rsa-bits=4096 --path=clusters/my-cluster
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Run bootstrap for a Git repository on Oracle VBS
|
|
|
|
|
|
|
|
flux bootstrap git --url=https://repository_url.git --with-bearer-token=true --password=PAT --path=clusters/my-cluster
|
|
|
|
`,
|
|
|
|
`,
|
|
|
|
RunE: bootstrapGitCmdRun,
|
|
|
|
RunE: bootstrapGitCmdRun,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -78,6 +82,7 @@ type gitFlags struct {
|
|
|
|
password string
|
|
|
|
password string
|
|
|
|
silent bool
|
|
|
|
silent bool
|
|
|
|
insecureHttpAllowed bool
|
|
|
|
insecureHttpAllowed bool
|
|
|
|
|
|
|
|
withBearerToken bool
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
const (
|
|
|
|
@ -94,6 +99,7 @@ func init() {
|
|
|
|
bootstrapGitCmd.Flags().StringVarP(&gitArgs.password, "password", "p", "", "basic authentication password")
|
|
|
|
bootstrapGitCmd.Flags().StringVarP(&gitArgs.password, "password", "p", "", "basic authentication password")
|
|
|
|
bootstrapGitCmd.Flags().BoolVarP(&gitArgs.silent, "silent", "s", false, "assumes the deploy key is already setup, skips confirmation")
|
|
|
|
bootstrapGitCmd.Flags().BoolVarP(&gitArgs.silent, "silent", "s", false, "assumes the deploy key is already setup, skips confirmation")
|
|
|
|
bootstrapGitCmd.Flags().BoolVar(&gitArgs.insecureHttpAllowed, "allow-insecure-http", false, "allows insecure HTTP connections")
|
|
|
|
bootstrapGitCmd.Flags().BoolVar(&gitArgs.insecureHttpAllowed, "allow-insecure-http", false, "allows insecure HTTP connections")
|
|
|
|
|
|
|
|
bootstrapGitCmd.Flags().BoolVar(&gitArgs.withBearerToken, "with-bearer-token", false, "use password as bearer token for Authorization header")
|
|
|
|
|
|
|
|
|
|
|
|
bootstrapCmd.AddCommand(bootstrapGitCmd)
|
|
|
|
bootstrapCmd.AddCommand(bootstrapGitCmd)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -189,6 +195,11 @@ func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
|
|
|
|
if gitArgs.insecureHttpAllowed {
|
|
|
|
if gitArgs.insecureHttpAllowed {
|
|
|
|
clientOpts = append(clientOpts, gogit.WithInsecureCredentialsOverHTTP())
|
|
|
|
clientOpts = append(clientOpts, gogit.WithInsecureCredentialsOverHTTP())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if gitArgs.withBearerToken && gitArgs.password != "" {
|
|
|
|
|
|
|
|
configureGitWithBearerToken(gitArgs.password) // This will configure the local Git configuration
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
gitClient, err := gogit.NewClient(tmpDir, authOpts, clientOpts...)
|
|
|
|
gitClient, err := gogit.NewClient(tmpDir, authOpts, clientOpts...)
|
|
|
|
if err != nil {
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("failed to create a Git client: %w", err)
|
|
|
|
return fmt.Errorf("failed to create a Git client: %w", err)
|
|
|
|
@ -201,6 +212,7 @@ func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
|
|
|
|
Namespace: *kubeconfigArgs.Namespace,
|
|
|
|
Namespace: *kubeconfigArgs.Namespace,
|
|
|
|
Components: bootstrapComponents(),
|
|
|
|
Components: bootstrapComponents(),
|
|
|
|
Registry: bootstrapArgs.registry,
|
|
|
|
Registry: bootstrapArgs.registry,
|
|
|
|
|
|
|
|
RegistryCredential: bootstrapArgs.registryCredential,
|
|
|
|
ImagePullSecret: bootstrapArgs.imagePullSecret,
|
|
|
|
ImagePullSecret: bootstrapArgs.imagePullSecret,
|
|
|
|
WatchAllNamespaces: bootstrapArgs.watchAllNamespaces,
|
|
|
|
WatchAllNamespaces: bootstrapArgs.watchAllNamespaces,
|
|
|
|
NetworkPolicy: bootstrapArgs.networkPolicy,
|
|
|
|
NetworkPolicy: bootstrapArgs.networkPolicy,
|
|
|
|
@ -374,3 +386,12 @@ func promptPublicKey(ctx context.Context, secret corev1.Secret, _ sourcesecret.O
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
func configureGitWithBearerToken(token string) {
|
|
|
|
|
|
|
|
cmd := exec.Command("git", "config", "--global", "http.extraHeader", fmt.Sprintf("Authorization: Bearer %s", token))
|
|
|
|
|
|
|
|
cmd.Stdout = os.Stdout
|
|
|
|
|
|
|
|
cmd.Stderr = os.Stderr
|
|
|
|
|
|
|
|
if err := cmd.Run(); err != nil {
|
|
|
|
|
|
|
|
log.Printf("Failed to set global git config: %v", err)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
toomaj
1 year ago