Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore : csr approval example using json patch net package #816

Merged
merged 4 commits into from
Apr 1, 2022
Merged

chore : csr approval example using json patch net package #816

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e373d69
chore : csr approval example using json patch net package
Apr 1, 2022
9c67196
chore : use top level feature, remove k8s client and use reference in…
Apr 1, 2022
5592f4c
chore : remove target framework
Apr 1, 2022
ac27d14
fix : remove redundant reference package
Apr 1, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
86 changes: 86 additions & 0 deletions examples/csrApproval/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
using System.Net;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Text.Json;
using Json.Patch;
using k8s;
using k8s.Models;

namespace csrApproval
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

optional

https://docs.microsoft.com/en-us/dotnet/csharp/fundamentals/program-structure/top-level-statements

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added using top level statement

{
internal class Program
{
private static string GenerateCertificate(string name)
{
var sanBuilder = new SubjectAlternativeNameBuilder();
sanBuilder.AddIpAddress(IPAddress.Loopback);
sanBuilder.AddIpAddress(IPAddress.IPv6Loopback);
sanBuilder.AddDnsName("localhost");
sanBuilder.AddDnsName(Environment.MachineName);

var distinguishedName = new X500DistinguishedName(name);

using var rsa = RSA.Create(4096);
var request = new CertificateRequest(distinguishedName, rsa, HashAlgorithmName.SHA256,RSASignaturePadding.Pkcs1);

request.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.DataEncipherment | X509KeyUsageFlags.KeyEncipherment | X509KeyUsageFlags.DigitalSignature , false));
request.CertificateExtensions.Add(new X509EnhancedKeyUsageExtension(new OidCollection { new ("1.3.6.1.5.5.7.3.1") }, false));
request.CertificateExtensions.Add(sanBuilder.Build());
var csr = request.CreateSigningRequest();
var pemKey = "-----BEGIN CERTIFICATE REQUEST-----\r\n" +
Convert.ToBase64String(csr) +
"\r\n-----END CERTIFICATE REQUEST-----";

return pemKey;
}

private static async Task Main(string[] args)
{
var config = KubernetesClientConfiguration.BuildConfigFromConfigFile();
IKubernetes client = new Kubernetes(config);
Console.WriteLine("Starting Request!");
var name = "demo";
var x509 = GenerateCertificate(name);
var encodedCsr= Encoding.UTF8.GetBytes(x509);

var request = new V1CertificateSigningRequest
{
ApiVersion = "certificates.k8s.io/v1",
Kind = "CertificateSigningRequest",
Metadata = new V1ObjectMeta
{
Name = name
},
Spec = new V1CertificateSigningRequestSpec
{
Request = encodedCsr,
SignerName = "kubernetes.io/kube-apiserver-client",
Usages = new List<string> { "client auth" },
ExpirationSeconds = 600 // minimum should be 10 minutes
}
};

await client.CreateCertificateSigningRequestAsync(request);

var serializeOptions = new JsonSerializerOptions
{
PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
WriteIndented = true
};
var readCert = await client.ReadCertificateSigningRequestAsync(name);
var old = JsonSerializer.SerializeToDocument(readCert, serializeOptions);

var replace = new List<V1CertificateSigningRequestCondition>
{
new("True", "Approved", DateTime.UtcNow, DateTime.UtcNow, "This certificate was approved by k8s client", "Approve")
};
readCert.Status.Conditions = replace;

var expected = JsonSerializer.SerializeToDocument(readCert, serializeOptions);

var patch = old.CreatePatch(expected);
await client.PatchCertificateSigningRequestApprovalAsync(new V1Patch(patch, V1Patch.PatchType.JsonPatch), name);
}
}
}
15 changes: 15 additions & 0 deletions examples/csrApproval/csrApproval.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
<Project Sdk="Microsoft.NET.Sdk">

<PropertyGroup>
<OutputType>Exe</OutputType>
kibernetik542 marked this conversation as resolved.
Show resolved Hide resolved
<TargetFramework>net6.0</TargetFramework>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

target can be removed as well

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
</PropertyGroup>

<ItemGroup>
<PackageReference Include="JsonPatch.Net" Version="1.1.2" />
<PackageReference Include="KubernetesClient" Version="7.1.9" />
</ItemGroup>

</Project>
15 changes: 15 additions & 0 deletions kubernetes-client.sln
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "KubernetesClient.Models", "
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "KubernetesClient.Basic", "src\KubernetesClient.Basic\KubernetesClient.Basic.csproj", "{927995F5-05CC-4078-8805-8E6CC06914D8}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "csrApproval", "examples\csrApproval\csrApproval.csproj", "{F626860C-F141-45B3-9DDD-88AD3932ACAF}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Expand Down Expand Up @@ -327,6 +329,18 @@ Global
{927995F5-05CC-4078-8805-8E6CC06914D8}.Release|x64.Build.0 = Release|Any CPU
{927995F5-05CC-4078-8805-8E6CC06914D8}.Release|x86.ActiveCfg = Release|Any CPU
{927995F5-05CC-4078-8805-8E6CC06914D8}.Release|x86.Build.0 = Release|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Debug|Any CPU.Build.0 = Debug|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Debug|x64.ActiveCfg = Debug|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Debug|x64.Build.0 = Debug|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Debug|x86.ActiveCfg = Debug|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Debug|x86.Build.0 = Debug|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Release|Any CPU.ActiveCfg = Release|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Release|Any CPU.Build.0 = Release|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Release|x64.ActiveCfg = Release|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Release|x64.Build.0 = Release|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Release|x86.ActiveCfg = Release|Any CPU
{F626860C-F141-45B3-9DDD-88AD3932ACAF}.Release|x86.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
Expand Down Expand Up @@ -354,6 +368,7 @@ Global
{17AB0AD8-6C90-42DD-880C-16B5AC4A373F} = {B70AFB57-57C9-46DC-84BE-11B7DDD34B40}
{F066A4D8-2EF0-4C07-AC0D-BD325DE3FFA8} = {3D1864AA-1FFC-4512-BB13-46055E410F73}
{927995F5-05CC-4078-8805-8E6CC06914D8} = {3D1864AA-1FFC-4512-BB13-46055E410F73}
{F626860C-F141-45B3-9DDD-88AD3932ACAF} = {B70AFB57-57C9-46DC-84BE-11B7DDD34B40}
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {049A763A-C891-4E8D-80CF-89DD3E22ADC7}
Expand Down