From 494e0b50606c7c1debfb069109ee2f93eaf03d8f Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Mon, 27 Apr 2020 14:13:51 +0100 Subject: [PATCH 1/2] Runtime: Add Kubernetes ServiceAccounts & Remove imagePullSecrets --- runtime/kubernetes/service.go | 6 -- runtime/options.go | 9 --- runtime/service/proto/runtime.pb.go | 99 +++++++++++++---------------- runtime/service/proto/runtime.proto | 2 - runtime/service/service.go | 11 ++-- util/kubernetes/api/request.go | 2 +- util/kubernetes/client/client.go | 1 + util/kubernetes/client/templates.go | 35 +++++++--- util/kubernetes/client/types.go | 10 ++- 9 files changed, 84 insertions(+), 91 deletions(-) diff --git a/runtime/kubernetes/service.go b/runtime/kubernetes/service.go index 0efb2456..b3c02395 100644 --- a/runtime/kubernetes/service.go +++ b/runtime/kubernetes/service.go @@ -38,12 +38,6 @@ func newService(s *runtime.Service, c runtime.CreateOptions) *service { kdeploy.Spec.Template.Metadata.Annotations = make(map[string]string) } - // set the image pull secrets - kdeploy.Spec.Template.PodSpec.ImagePullSecrets = make([]client.ImagePullSecret, len(c.ImagePullSecrets)) - for i, s := range c.ImagePullSecrets { - kdeploy.Spec.Template.PodSpec.ImagePullSecrets[i] = client.ImagePullSecret{Name: s} - } - // create if non existent if s.Metadata == nil { s.Metadata = make(map[string]string) diff --git a/runtime/options.go b/runtime/options.go index 74c8e926..d7d9fe90 100644 --- a/runtime/options.go +++ b/runtime/options.go @@ -67,8 +67,6 @@ type CreateOptions struct { Retries int // Specify the image to use Image string - // Specify secrets to use when pulling the image - ImagePullSecrets []string // Namespace to create the service in Namespace string // Specify the context to use @@ -103,13 +101,6 @@ func CreateImage(img string) CreateOption { } } -// CreateImagePullSecret sets a secret to use -func CreateImagePullSecret(secrets ...string) CreateOption { - return func(o *CreateOptions) { - o.ImagePullSecrets = append(o.ImagePullSecrets, secrets...) - } -} - // CreateNamespace sets the namespace func CreateNamespace(ns string) CreateOption { return func(o *CreateOptions) { diff --git a/runtime/service/proto/runtime.pb.go b/runtime/service/proto/runtime.pb.go index 3d309bc6..09a56e9f 100644 --- a/runtime/service/proto/runtime.pb.go +++ b/runtime/service/proto/runtime.pb.go @@ -162,9 +162,7 @@ type CreateOptions struct { // create type of service Type string `protobuf:"bytes,5,opt,name=type,proto3" json:"type,omitempty"` // image to use - Image string `protobuf:"bytes,6,opt,name=image,proto3" json:"image,omitempty"` - // image secrets to use - ImagePullSecrets []string `protobuf:"bytes,7,rep,name=image_pull_secrets,json=imagePullSecrets,proto3" json:"image_pull_secrets,omitempty"` + Image string `protobuf:"bytes,6,opt,name=image,proto3" json:"image,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -237,13 +235,6 @@ func (m *CreateOptions) GetImage() string { return "" } -func (m *CreateOptions) GetImagePullSecrets() []string { - if m != nil { - return m.ImagePullSecrets - } - return nil -} - type CreateRequest struct { Service *Service `protobuf:"bytes,1,opt,name=service,proto3" json:"service,omitempty"` Options *CreateOptions `protobuf:"bytes,2,opt,name=options,proto3" json:"options,omitempty"` @@ -821,49 +812,47 @@ func init() { } var fileDescriptor_976fccef828ab1f0 = []byte{ - // 689 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0x4b, 0x6f, 0xd3, 0x40, - 0x10, 0xae, 0xe3, 0x3c, 0xda, 0x09, 0x41, 0xd1, 0xaa, 0x42, 0xa6, 0xbc, 0x22, 0x5f, 0x28, 0x12, - 0x38, 0x28, 0x15, 0xe2, 0x25, 0x4e, 0x6d, 0xca, 0xa5, 0x15, 0xc8, 0x55, 0xcf, 0xd5, 0xd6, 0x19, - 0x19, 0xab, 0xb1, 0xd7, 0xec, 0xae, 0x23, 0xf5, 0xc4, 0x91, 0x9f, 0xc5, 0x91, 0x33, 0xff, 0x08, - 0xed, 0xc3, 0x8e, 0x93, 0xc6, 0xbd, 0xe4, 0x36, 0x33, 0x9e, 0x9d, 0xfd, 0xbe, 0x6f, 0x66, 0xc7, - 0xf0, 0x25, 0x4e, 0xe4, 0x8f, 0xe2, 0x3a, 0x88, 0x58, 0x3a, 0x4e, 0x93, 0x88, 0xb3, 0x71, 0xcc, - 0xde, 0x18, 0x83, 0x17, 0x99, 0x4c, 0x52, 0x1c, 0x0b, 0xe4, 0x8b, 0x24, 0xc2, 0x71, 0xce, 0x99, - 0xac, 0xa2, 0x81, 0xf6, 0xc8, 0x30, 0x66, 0x81, 0xce, 0x0e, 0x6c, 0xdc, 0xff, 0xe7, 0x40, 0xef, - 0xc2, 0x9c, 0x20, 0x04, 0xda, 0x19, 0x4d, 0xd1, 0x73, 0x46, 0xce, 0xe1, 0x5e, 0xa8, 0x6d, 0xe2, - 0x41, 0x6f, 0x81, 0x5c, 0x24, 0x2c, 0xf3, 0x5a, 0x3a, 0x5c, 0xba, 0xe4, 0x11, 0x74, 0x05, 0x2b, - 0x78, 0x84, 0x9e, 0xab, 0x3f, 0x58, 0x8f, 0x1c, 0xc3, 0x6e, 0x8a, 0x92, 0xce, 0xa8, 0xa4, 0x5e, - 0x7b, 0xe4, 0x1e, 0xf6, 0x27, 0x2f, 0x83, 0xf5, 0x6b, 0x03, 0x7b, 0x65, 0x70, 0x6e, 0x33, 0xa7, - 0x99, 0xe4, 0xb7, 0x61, 0x75, 0xf0, 0xe0, 0x33, 0x0c, 0x56, 0x3e, 0x91, 0x21, 0xb8, 0x37, 0x78, - 0x6b, 0xa1, 0x29, 0x93, 0xec, 0x43, 0x67, 0x41, 0xe7, 0x05, 0x5a, 0x5c, 0xc6, 0xf9, 0xd4, 0xfa, - 0xe0, 0xf8, 0x29, 0x74, 0xa6, 0x0b, 0xcc, 0xa4, 0x22, 0x24, 0x6f, 0xf3, 0x8a, 0x90, 0xb2, 0xc9, - 0x53, 0xd8, 0x53, 0x08, 0x84, 0xa4, 0x69, 0xae, 0x8f, 0xba, 0xe1, 0x32, 0xa0, 0xe8, 0x5a, 0xfd, - 0x2c, 0xab, 0xd2, 0xad, 0x0b, 0xd1, 0x5e, 0x11, 0xc2, 0xff, 0xe3, 0xc0, 0xe0, 0x98, 0x23, 0x95, - 0xf8, 0x2d, 0x97, 0x09, 0xcb, 0x84, 0xca, 0x8d, 0x58, 0x9a, 0xd2, 0x6c, 0xe6, 0x39, 0x23, 0x57, - 0xe5, 0x5a, 0x57, 0x21, 0xa2, 0x3c, 0x16, 0x5e, 0x4b, 0x87, 0xb5, 0xad, 0xa8, 0x61, 0xb6, 0xf0, - 0x5c, 0x1d, 0x52, 0xa6, 0x92, 0x96, 0x15, 0x32, 0x2f, 0xa4, 0xbd, 0xca, 0x7a, 0x15, 0x9f, 0x4e, - 0x8d, 0xcf, 0x3e, 0x74, 0x92, 0x94, 0xc6, 0xe8, 0x75, 0x8d, 0x0c, 0xda, 0x21, 0xaf, 0x81, 0x68, - 0xe3, 0x2a, 0x2f, 0xe6, 0xf3, 0x2b, 0x81, 0x11, 0x47, 0x29, 0xbc, 0x9e, 0xbe, 0x62, 0xa8, 0xbf, - 0x7c, 0x2f, 0xe6, 0xf3, 0x0b, 0x13, 0xf7, 0x7f, 0x95, 0x04, 0x42, 0xfc, 0x59, 0xa0, 0x90, 0xe4, - 0x68, 0x29, 0x83, 0xd2, 0xae, 0x3f, 0x79, 0xdc, 0xd8, 0xc2, 0xa5, 0x42, 0x1f, 0xa1, 0xc7, 0x8c, - 0x00, 0x5a, 0xd7, 0xfe, 0xe4, 0xc5, 0xdd, 0x43, 0x2b, 0x3a, 0x85, 0x65, 0xbe, 0x3f, 0x84, 0x87, - 0x25, 0x00, 0x91, 0xb3, 0x4c, 0xa0, 0x7f, 0x09, 0xfd, 0x10, 0xe9, 0xac, 0xa6, 0x68, 0x1d, 0xd0, - 0xe6, 0xbe, 0xac, 0x0d, 0x68, 0xa9, 0x96, 0xbb, 0x54, 0xcb, 0x3f, 0x35, 0x65, 0x4b, 0x9e, 0xef, - 0x97, 0x90, 0x0d, 0xcf, 0x67, 0x77, 0x21, 0xd7, 0x60, 0x2c, 0x01, 0x4f, 0xe1, 0x81, 0xa9, 0x63, - 0xe0, 0x92, 0x77, 0xb0, 0x6b, 0x01, 0x09, 0xdd, 0xf2, 0x7b, 0x15, 0xab, 0x52, 0xfd, 0x13, 0x18, - 0x9c, 0xe0, 0x1c, 0xb7, 0x13, 0x5e, 0xa9, 0x57, 0x56, 0xb1, 0xea, 0x9d, 0xc0, 0xe0, 0x32, 0x9f, - 0xd1, 0xed, 0xeb, 0x96, 0x55, 0x6c, 0xdd, 0x01, 0xf4, 0xcf, 0x12, 0x21, 0x6d, 0x55, 0xa5, 0x82, - 0x71, 0xb7, 0x53, 0xe1, 0x06, 0xfa, 0x67, 0x2c, 0x16, 0x25, 0xd6, 0xe6, 0x5e, 0xab, 0x95, 0x23, - 0x39, 0xd2, 0x54, 0xb7, 0x7a, 0x37, 0xb4, 0x9e, 0x7a, 0x03, 0x11, 0x2b, 0x32, 0xa9, 0x5b, 0xed, - 0x86, 0xc6, 0x51, 0x51, 0x91, 0x64, 0x11, 0xea, 0x47, 0xe4, 0x86, 0xc6, 0xf1, 0xff, 0x3a, 0xb0, - 0x77, 0xc6, 0xe2, 0x10, 0x23, 0xc6, 0x67, 0xab, 0xdb, 0xc0, 0x59, 0xdf, 0x06, 0xd3, 0xda, 0x2a, - 0x6b, 0x69, 0x3e, 0xaf, 0xee, 0xf2, 0xa9, 0x8a, 0x35, 0x2d, 0x33, 0x45, 0x28, 0x45, 0x21, 0xd4, - 0x23, 0xb5, 0x4b, 0xc5, 0xba, 0x5b, 0xad, 0xb9, 0xc9, 0x6f, 0x17, 0x7a, 0xa1, 0x01, 0x41, 0xce, - 0xa1, 0x6b, 0x1e, 0x10, 0x69, 0x7c, 0x74, 0x56, 0xde, 0x83, 0x51, 0x73, 0x82, 0xed, 0xf2, 0x0e, - 0xf9, 0x0a, 0x6d, 0x35, 0xde, 0xa4, 0xe1, 0x39, 0x94, 0xa5, 0x9e, 0x37, 0x7d, 0xae, 0x0a, 0x9d, - 0x43, 0xd7, 0x8c, 0xe6, 0x26, 0x5c, 0x2b, 0xa3, 0xbf, 0x09, 0xd7, 0xda, 0x54, 0xeb, 0x72, 0x66, - 0x22, 0x37, 0x95, 0x5b, 0x99, 0xf8, 0x4d, 0xe5, 0xd6, 0x86, 0x79, 0x87, 0x9c, 0x42, 0x5b, 0x0d, - 0xde, 0x26, 0x9a, 0xb5, 0x81, 0x3c, 0x78, 0x72, 0x4f, 0xd3, 0xfd, 0x9d, 0xb7, 0xce, 0x75, 0x57, - 0xff, 0x5d, 0x8f, 0xfe, 0x07, 0x00, 0x00, 0xff, 0xff, 0x4c, 0x31, 0x4d, 0x46, 0x9e, 0x07, 0x00, - 0x00, + // 662 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x55, 0xbb, 0x6e, 0xdb, 0x4a, + 0x10, 0x35, 0x45, 0x3d, 0xec, 0xd1, 0xd5, 0x85, 0xb1, 0x30, 0x02, 0xc6, 0x79, 0x09, 0x6c, 0xe2, + 0x14, 0xa1, 0x02, 0x19, 0x41, 0x5e, 0x48, 0x65, 0xcb, 0x69, 0x6c, 0x04, 0x60, 0xe0, 0x0f, 0x58, + 0x53, 0x03, 0x86, 0xb0, 0x97, 0xcb, 0x70, 0x97, 0x02, 0x5c, 0xa5, 0x4c, 0x9d, 0xaf, 0x4a, 0x9d, + 0x3f, 0x0a, 0xf6, 0x41, 0x8a, 0x94, 0x48, 0x37, 0xea, 0x76, 0x46, 0xb3, 0x87, 0xe7, 0x9c, 0x99, + 0x59, 0xc1, 0xe7, 0x38, 0x91, 0xdf, 0x8b, 0x9b, 0x20, 0xe2, 0x6c, 0xc6, 0x92, 0x28, 0xe7, 0xb3, + 0x98, 0xbf, 0x36, 0x87, 0xbc, 0x48, 0x65, 0xc2, 0x70, 0x26, 0x30, 0x5f, 0x25, 0x11, 0xce, 0xb2, + 0x9c, 0xcb, 0x2a, 0x1b, 0xe8, 0x88, 0x1c, 0xc6, 0x3c, 0xd0, 0xd5, 0x81, 0xcd, 0xfb, 0x7f, 0x1d, + 0x18, 0x7d, 0x33, 0x37, 0x08, 0x81, 0x7e, 0x4a, 0x19, 0x7a, 0xce, 0xd4, 0x39, 0x39, 0x08, 0xf5, + 0x99, 0x78, 0x30, 0x5a, 0x61, 0x2e, 0x12, 0x9e, 0x7a, 0x3d, 0x9d, 0x2e, 0x43, 0xf2, 0x08, 0x86, + 0x82, 0x17, 0x79, 0x84, 0x9e, 0xab, 0x7f, 0xb0, 0x11, 0x39, 0x83, 0x7d, 0x86, 0x92, 0x2e, 0xa9, + 0xa4, 0x5e, 0x7f, 0xea, 0x9e, 0x8c, 0xe7, 0x2f, 0x83, 0xcd, 0xcf, 0x06, 0xf6, 0x93, 0xc1, 0x95, + 0xad, 0x5c, 0xa4, 0x32, 0xbf, 0x0f, 0xab, 0x8b, 0xc7, 0x9f, 0x60, 0xd2, 0xf8, 0x89, 0x1c, 0x82, + 0x7b, 0x8b, 0xf7, 0x96, 0x9a, 0x3a, 0x92, 0x23, 0x18, 0xac, 0xe8, 0x5d, 0x81, 0x96, 0x97, 0x09, + 0x3e, 0xf6, 0xde, 0x3b, 0x3e, 0x83, 0xc1, 0x62, 0x85, 0xa9, 0x54, 0x82, 0xe4, 0x7d, 0x56, 0x09, + 0x52, 0x67, 0xf2, 0x14, 0x0e, 0x14, 0x03, 0x21, 0x29, 0xcb, 0xf4, 0x55, 0x37, 0x5c, 0x27, 0x94, + 0x5c, 0xeb, 0x9f, 0x55, 0x55, 0x86, 0x75, 0x23, 0xfa, 0x0d, 0x23, 0xfc, 0xdf, 0x0e, 0x4c, 0xce, + 0x72, 0xa4, 0x12, 0xbf, 0x66, 0x32, 0xe1, 0xa9, 0x50, 0xb5, 0x11, 0x67, 0x8c, 0xa6, 0x4b, 0xcf, + 0x99, 0xba, 0xaa, 0xd6, 0x86, 0x8a, 0x11, 0xcd, 0x63, 0xe1, 0xf5, 0x74, 0x5a, 0x9f, 0x95, 0x34, + 0x4c, 0x57, 0x9e, 0xab, 0x53, 0xea, 0xa8, 0xac, 0xe5, 0x85, 0xcc, 0x0a, 0x69, 0x3f, 0x65, 0xa3, + 0x4a, 0xcf, 0xa0, 0xa6, 0xe7, 0x08, 0x06, 0x09, 0xa3, 0x31, 0x7a, 0x43, 0x63, 0x83, 0x0e, 0xfc, + 0x9f, 0x25, 0xa5, 0x10, 0x7f, 0x14, 0x28, 0x24, 0x39, 0x5d, 0x0b, 0x53, 0x6e, 0x8c, 0xe7, 0x8f, + 0x3b, 0x9b, 0xb2, 0xd6, 0xfc, 0x01, 0x46, 0xdc, 0x48, 0xd2, 0x4e, 0x8d, 0xe7, 0x2f, 0xb6, 0x2f, + 0x35, 0x94, 0x87, 0x65, 0xbd, 0x7f, 0x08, 0xff, 0x97, 0x04, 0x44, 0xc6, 0x53, 0x81, 0xfe, 0x35, + 0x8c, 0x43, 0xa4, 0xcb, 0x9a, 0x47, 0x75, 0x42, 0xed, 0x4e, 0x6f, 0x8c, 0x5c, 0xa9, 0xdf, 0x5d, + 0xeb, 0xf7, 0x2f, 0x0c, 0x6c, 0xa9, 0xf3, 0xdd, 0x9a, 0xb2, 0xd1, 0xf9, 0x6c, 0x9b, 0x72, 0x8d, + 0xc6, 0x9a, 0xf0, 0x02, 0xfe, 0x33, 0x38, 0x86, 0x2e, 0x79, 0x0b, 0xfb, 0x96, 0x90, 0xd0, 0x4d, + 0x7c, 0xd0, 0xb1, 0xaa, 0xd4, 0x3f, 0x87, 0xc9, 0x39, 0xde, 0xe1, 0x6e, 0xc6, 0x2b, 0xf7, 0x4a, + 0x14, 0xeb, 0xde, 0x39, 0x4c, 0xae, 0xb3, 0x25, 0xdd, 0x1d, 0xb7, 0x44, 0xb1, 0xb8, 0x13, 0x18, + 0x5f, 0x26, 0x42, 0x5a, 0x54, 0xe5, 0x82, 0x09, 0x77, 0x73, 0xe1, 0x16, 0xc6, 0x97, 0x3c, 0x16, + 0x25, 0xd7, 0xee, 0x5e, 0xab, 0x47, 0x44, 0xe6, 0x48, 0x99, 0x6e, 0xf5, 0x7e, 0x68, 0x23, 0x35, + 0xd5, 0x11, 0x2f, 0x52, 0xa9, 0x5b, 0xed, 0x86, 0x26, 0x50, 0x59, 0x91, 0xa4, 0x11, 0xea, 0xb5, + 0x70, 0x43, 0x13, 0xf8, 0x7f, 0x1c, 0x38, 0xb8, 0xe4, 0x71, 0x88, 0x11, 0xcf, 0x97, 0xcd, 0xfd, + 0x76, 0x36, 0xf7, 0x7b, 0x51, 0x7b, 0x9c, 0x7a, 0x5a, 0xcf, 0xab, 0x6d, 0x3d, 0x15, 0x58, 0xd7, + 0xf3, 0xa4, 0x04, 0x31, 0x14, 0x42, 0xad, 0x9d, 0x7d, 0x26, 0x6c, 0xb8, 0xd3, 0xc3, 0x35, 0xff, + 0xe5, 0xc2, 0x28, 0x34, 0x24, 0xc8, 0x15, 0x0c, 0xcd, 0x02, 0x91, 0xce, 0xa5, 0xb3, 0xf6, 0x1e, + 0x4f, 0xbb, 0x0b, 0x6c, 0x97, 0xf7, 0xc8, 0x17, 0xe8, 0xab, 0xf1, 0x26, 0x1d, 0xeb, 0x50, 0x42, + 0x3d, 0xef, 0xfa, 0xb9, 0x02, 0xba, 0x82, 0xa1, 0x19, 0xcd, 0x36, 0x5e, 0x8d, 0xd1, 0x6f, 0xe3, + 0xb5, 0x31, 0xd5, 0x1a, 0xce, 0x4c, 0x64, 0x1b, 0x5c, 0x63, 0xe2, 0xdb, 0xe0, 0x36, 0x86, 0x79, + 0x8f, 0x5c, 0x40, 0x5f, 0x0d, 0x5e, 0x9b, 0xcc, 0xda, 0x40, 0x1e, 0x3f, 0x79, 0xa0, 0xe9, 0xfe, + 0xde, 0x1b, 0xe7, 0x66, 0xa8, 0xff, 0x2f, 0x4f, 0xff, 0x05, 0x00, 0x00, 0xff, 0xff, 0x40, 0x42, + 0xb3, 0x4e, 0x70, 0x07, 0x00, 0x00, } diff --git a/runtime/service/proto/runtime.proto b/runtime/service/proto/runtime.proto index bbb6aa67..6c7033c9 100644 --- a/runtime/service/proto/runtime.proto +++ b/runtime/service/proto/runtime.proto @@ -41,8 +41,6 @@ message CreateOptions { string type = 5; // image to use string image = 6; - // image secrets to use - repeated string image_pull_secrets = 7; } message CreateRequest { diff --git a/runtime/service/service.go b/runtime/service/service.go index 6890d27f..06cfc2ad 100644 --- a/runtime/service/service.go +++ b/runtime/service/service.go @@ -52,12 +52,11 @@ func (s *svc) Create(svc *runtime.Service, opts ...runtime.CreateOption) error { Metadata: svc.Metadata, }, Options: &pb.CreateOptions{ - Command: options.Command, - Args: options.Args, - Env: options.Env, - Type: options.Type, - Image: options.Image, - ImagePullSecrets: options.ImagePullSecrets, + Command: options.Command, + Args: options.Args, + Env: options.Env, + Type: options.Type, + Image: options.Image, }, } diff --git a/util/kubernetes/api/request.go b/util/kubernetes/api/request.go index e5a96509..5abbeb7d 100644 --- a/util/kubernetes/api/request.go +++ b/util/kubernetes/api/request.go @@ -163,7 +163,7 @@ func (r *Request) request() (*http.Request, error) { case "namespace": // /api/v1/namespaces/ url = fmt.Sprintf("%s/api/v1/namespaces/", r.host) - case "pod", "service", "endpoint": + case "pod", "service", "endpoint", "serviceaccount": // /api/v1/namespaces/{namespace}/pods url = fmt.Sprintf("%s/api/v1/namespaces/%s/%ss/", r.host, r.namespace, r.resource) case "deployment": diff --git a/util/kubernetes/client/client.go b/util/kubernetes/client/client.go index 1518ba13..f1c27087 100644 --- a/util/kubernetes/client/client.go +++ b/util/kubernetes/client/client.go @@ -312,6 +312,7 @@ func NewDeployment(name, version, typ, namespace string) *Deployment { Template: &Template{ Metadata: Metadata, PodSpec: &PodSpec{ + ServiceAccountName: namespace, Containers: []Container{{ Name: name, Image: DefaultImage, diff --git a/util/kubernetes/client/templates.go b/util/kubernetes/client/templates.go index ebac3574..2442caf3 100644 --- a/util/kubernetes/client/templates.go +++ b/util/kubernetes/client/templates.go @@ -1,9 +1,10 @@ package client var templates = map[string]string{ - "deployment": deploymentTmpl, - "service": serviceTmpl, - "namespace": namespaceTmpl, + "deployment": deploymentTmpl, + "service": serviceTmpl, + "namespace": namespaceTmpl, + "serviceaccount": serviceAccountTmpl, } // stripped image pull policy always @@ -49,13 +50,8 @@ spec: {{ $key }}: "{{ $value }}" {{- end }} {{- end }} - spec: - imagePullSecrets: - {{- with .Spec.Template.PodSpec.ImagePullSecrets }} - {{- range . }} - - name: "{{ .Name }}" - {{- end }} - {{- end }} + spec: + serviceAccountName: {{ .Spec.Template.PodSpec.ServiceAccountName }} containers: {{- with .Spec.Template.PodSpec.Containers }} {{- range . }} @@ -128,3 +124,22 @@ metadata: {{- end }} {{- end }} ` + +var serviceAccountTmpl = ` +apiVersion: v1 +kind: ServiceAccount +metadata: + name: "{{ .Metadata.Name }}" + labels: + {{- with .Metadata.Labels }} + {{- range $key, $value := . }} + {{ $key }}: "{{ $value }}" + {{- end }} + {{- end }} +imagePullSecrets: +{{- with .ImagePullSecrets }} +{{- range . }} +- name: "{{ .Name }}" +{{- end }} +{{- end }} +` diff --git a/util/kubernetes/client/types.go b/util/kubernetes/client/types.go index 745a2661..3c4e20d9 100644 --- a/util/kubernetes/client/types.go +++ b/util/kubernetes/client/types.go @@ -93,8 +93,8 @@ type Metadata struct { // PodSpec is a pod type PodSpec struct { - Containers []Container `json:"containers"` - ImagePullSecrets []ImagePullSecret `json:"imagePullSecrets"` + Containers []Container `json:"containers"` + ServiceAccountName string `json:"serviceAccountName"` } // PodList @@ -194,3 +194,9 @@ type NamespaceList struct { type ImagePullSecret struct { Name string `json:"name"` } + +// ServiceAccount +type ServiceAccount struct { + Metadata *Metadata `json:"metadata,omitempty"` + ImagePullSecrets []ImagePullSecret `json:"imagePullSecrets,omitempty"` +} From 8d7d6ef358c49820370de45f7dd243c7c4a68fee Mon Sep 17 00:00:00 2001 From: Ben Toogood Date: Mon, 27 Apr 2020 14:37:28 +0100 Subject: [PATCH 2/2] Add k8s secrets --- util/kubernetes/api/request.go | 6 +++--- util/kubernetes/client/templates.go | 21 +++++++++++++++++++++ util/kubernetes/client/types.go | 7 +++++++ 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/util/kubernetes/api/request.go b/util/kubernetes/api/request.go index 5abbeb7d..92bcbed6 100644 --- a/util/kubernetes/api/request.go +++ b/util/kubernetes/api/request.go @@ -163,12 +163,12 @@ func (r *Request) request() (*http.Request, error) { case "namespace": // /api/v1/namespaces/ url = fmt.Sprintf("%s/api/v1/namespaces/", r.host) - case "pod", "service", "endpoint", "serviceaccount": - // /api/v1/namespaces/{namespace}/pods - url = fmt.Sprintf("%s/api/v1/namespaces/%s/%ss/", r.host, r.namespace, r.resource) case "deployment": // /apis/apps/v1/namespaces/{namespace}/deployments/{name} url = fmt.Sprintf("%s/apis/apps/v1/namespaces/%s/%ss/", r.host, r.namespace, r.resource) + default: + // /api/v1/namespaces/{namespace}/{resource} + url = fmt.Sprintf("%s/api/v1/namespaces/%s/%ss/", r.host, r.namespace, r.resource) } // append resourceName if it is present diff --git a/util/kubernetes/client/templates.go b/util/kubernetes/client/templates.go index 2442caf3..9c2851c8 100644 --- a/util/kubernetes/client/templates.go +++ b/util/kubernetes/client/templates.go @@ -4,6 +4,7 @@ var templates = map[string]string{ "deployment": deploymentTmpl, "service": serviceTmpl, "namespace": namespaceTmpl, + "secret": secretTmpl, "serviceaccount": serviceAccountTmpl, } @@ -125,6 +126,26 @@ metadata: {{- end }} ` +var secretTmpl = ` +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Metadata.Name }}" + namespace: "{{ .Metadata.Namespace }}" + labels: + {{- with .Metadata.Labels }} + {{- range $key, $value := . }} + {{ $key }}: "{{ $value }}" + {{- end }} + {{- end }} +data: +{{- with .Data }} +{{- range $key, $value := . }} +{{ $key }}: "{{ $value }}" +{{- end }} +{{- end }} +` + var serviceAccountTmpl = ` apiVersion: v1 kind: ServiceAccount diff --git a/util/kubernetes/client/types.go b/util/kubernetes/client/types.go index 3c4e20d9..1dc13e4e 100644 --- a/util/kubernetes/client/types.go +++ b/util/kubernetes/client/types.go @@ -195,6 +195,13 @@ type ImagePullSecret struct { Name string `json:"name"` } +// Secret +type Secret struct { + Type string `json:"type,omitempty"` + Data map[string]string `json:"data"` + Metadata *Metadata `json:"metadata"` +} + // ServiceAccount type ServiceAccount struct { Metadata *Metadata `json:"metadata,omitempty"`