From 55303625682a826e04a879f28a30611404ca0bb6 Mon Sep 17 00:00:00 2001 From: stefanprodan Date: Thu, 30 Apr 2020 10:59:23 +0300 Subject: [PATCH] Add credentials export option for git sources --- cmd/tk/export_kustomization.go | 8 ++++- cmd/tk/export_source.go | 6 ++++ cmd/tk/export_source_git.go | 59 ++++++++++++++++++++++++++++++++-- cmd/tk/utils.go | 2 ++ 4 files changed, 71 insertions(+), 4 deletions(-) diff --git a/cmd/tk/export_kustomization.go b/cmd/tk/export_kustomization.go index b100297d..dbb59b4b 100644 --- a/cmd/tk/export_kustomization.go +++ b/cmd/tk/export_kustomization.go @@ -16,7 +16,13 @@ var exportKsCmd = &cobra.Command{ Use: "kustomization [name]", Aliases: []string{"ks"}, Short: "Export kustomization in YAML format", - RunE: exportKsCmdRun, + Example: ` # Export all kustomizations + export kustomization --all > kustomizations.yaml + + # Export a kustomization + export kustomization my-app > kustomization.yaml +`, + RunE: exportKsCmdRun, } func init() { diff --git a/cmd/tk/export_source.go b/cmd/tk/export_source.go index 9412d16b..78524a98 100644 --- a/cmd/tk/export_source.go +++ b/cmd/tk/export_source.go @@ -9,6 +9,12 @@ var exportSourceCmd = &cobra.Command{ Short: "Export source commands", } +var ( + exportSourceWithCred bool +) + func init() { + exportSourceCmd.PersistentFlags().BoolVar(&exportSourceWithCred, "with-credentials", false, "include credential secrets") + exportCmd.AddCommand(exportSourceCmd) } diff --git a/cmd/tk/export_source_git.go b/cmd/tk/export_source_git.go index 18facc57..bd8535d6 100644 --- a/cmd/tk/export_source_git.go +++ b/cmd/tk/export_source_git.go @@ -6,6 +6,7 @@ import ( sourcev1 "github.com/fluxcd/source-controller/api/v1alpha1" "github.com/spf13/cobra" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" @@ -14,8 +15,14 @@ import ( var exportSourceGitCmd = &cobra.Command{ Use: "git [name]", - Short: "Export git source in YAML format", - RunE: exportSourceGitCmdRun, + Short: "Export git sources in YAML format", + Example: ` # Export all git sources + export source git --all > sources.yaml + + # Export a git source including the SSH keys or basic auth credentials + export source git my-private-repo --with-credentials > source.yaml +`, + RunE: exportSourceGitCmdRun, } func init() { @@ -51,6 +58,11 @@ func exportSourceGitCmdRun(cmd *cobra.Command, args []string) error { if err := exportGit(repository); err != nil { return err } + if exportSourceWithCred { + if err := exportGitCredentials(ctx, kubeClient, repository); err != nil { + return err + } + } } } else { name := args[0] @@ -63,7 +75,12 @@ func exportSourceGitCmdRun(cmd *cobra.Command, args []string) error { if err != nil { return err } - return exportGit(repository) + if err := exportGit(repository); err != nil { + return err + } + if exportSourceWithCred { + return exportGitCredentials(ctx, kubeClient, repository) + } } return nil } @@ -91,3 +108,39 @@ func exportGit(source sourcev1.GitRepository) error { fmt.Println(string(data)) return nil } + +func exportGitCredentials(ctx context.Context, kubeClinet client.Client, source sourcev1.GitRepository) error { + if source.Spec.SecretRef != nil { + namespacedName := types.NamespacedName{ + Namespace: source.Namespace, + Name: source.Spec.SecretRef.Name, + } + var cred corev1.Secret + err := kubeClinet.Get(ctx, namespacedName, &cred) + if err != nil { + return fmt.Errorf("get secret failed: %w", err) + } + + exported := corev1.Secret{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "v1", + Kind: "Secret", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: namespacedName.Name, + Namespace: namespacedName.Namespace, + }, + Data: cred.Data, + Type: cred.Type, + } + + data, err := yaml.Marshal(exported) + if err != nil { + return err + } + + fmt.Println("---") + fmt.Println(string(data)) + } + return nil +} diff --git a/cmd/tk/utils.go b/cmd/tk/utils.go index c5aaad86..41ae679f 100644 --- a/cmd/tk/utils.go +++ b/cmd/tk/utils.go @@ -12,6 +12,7 @@ import ( kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1alpha1" sourcev1 "github.com/fluxcd/source-controller/api/v1alpha1" + corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/tools/clientcmd" "sigs.k8s.io/controller-runtime/pkg/client" @@ -98,6 +99,7 @@ func (*Utils) kubeClient(config string) (client.Client, error) { } scheme := runtime.NewScheme() + _ = corev1.AddToScheme(scheme) _ = sourcev1.AddToScheme(scheme) _ = kustomizev1.AddToScheme(scheme)