From a10b3c43ff54a23d974ab70dd26a5a39818ed9b3 Mon Sep 17 00:00:00 2001 From: cappyzawa Date: Sat, 31 Aug 2019 03:00:03 +0900 Subject: [PATCH 1/3] add namespace to cluster resource. I expect this to reduce args passed to `kubectl apply`. Signed-off-by: cappyzawa --- cmd/kubeconfigwriter/main.go | 5 ++-- docs/resources.md | 1 + .../pipeline/v1alpha1/cluster_resource.go | 26 +++++++++++-------- .../v1alpha1/cluster_resource_test.go | 18 +++++++++++++ 4 files changed, 37 insertions(+), 13 deletions(-) diff --git a/cmd/kubeconfigwriter/main.go b/cmd/kubeconfigwriter/main.go index 5dbd9d1aac6..9da6b1e6a38 100644 --- a/cmd/kubeconfigwriter/main.go +++ b/cmd/kubeconfigwriter/main.go @@ -81,8 +81,9 @@ func createKubeconfigFile(resource *v1alpha1.ClusterResource, logger *zap.Sugare Password: pass, } context := &clientcmdapi.Context{ - Cluster: resource.Name, - AuthInfo: resource.Username, + Cluster: resource.Name, + AuthInfo: resource.Username, + Namespace: resource.Namespace, } c := clientcmdapi.NewConfig() c.Clusters[resource.Name] = cluster diff --git a/docs/resources.md b/docs/resources.md index b8aa2929adb..062c4dc8869 100644 --- a/docs/resources.md +++ b/docs/resources.md @@ -356,6 +356,7 @@ The Cluster resource has the following parameters: - `url` (required): Host url of the master node - `username` (required): the user with access to the cluster - `password`: to be used for clusters with basic auth +- `namespace`: The namespace to be given to the target namespace - `token`: to be used for authentication, if present will be used ahead of the password - `insecure`: to indicate server should be accessed without verifying the TLS diff --git a/pkg/apis/pipeline/v1alpha1/cluster_resource.go b/pkg/apis/pipeline/v1alpha1/cluster_resource.go index 3ae7194f989..4915b1ae20d 100644 --- a/pkg/apis/pipeline/v1alpha1/cluster_resource.go +++ b/pkg/apis/pipeline/v1alpha1/cluster_resource.go @@ -41,8 +41,9 @@ type ClusterResource struct { URL string `json:"url"` Revision string `json:"revision"` // Server requires Basic authentication - Username string `json:"username"` - Password string `json:"password"` + Username string `json:"username"` + Password string `json:"password"` + Namespace string `json:"namespace"` // Server requires Bearer authentication. This client will not attempt to use // refresh tokens for an OAuth2 flow. // Token overrides userame and password @@ -74,6 +75,8 @@ func NewClusterResource(r *PipelineResource) (*ClusterResource, error) { clusterResource.Revision = param.Value case strings.EqualFold(param.Name, "Username"): clusterResource.Username = param.Value + case strings.EqualFold(param.Name, "Namespace"): + clusterResource.Namespace = param.Value case strings.EqualFold(param.Name, "Password"): clusterResource.Password = param.Value case strings.EqualFold(param.Name, "Token"): @@ -121,15 +124,16 @@ func (s *ClusterResource) GetURL() string { // Replacements is used for template replacement on a ClusterResource inside of a Taskrun. func (s *ClusterResource) Replacements() map[string]string { return map[string]string{ - "name": s.Name, - "type": string(s.Type), - "url": s.URL, - "revision": s.Revision, - "username": s.Username, - "password": s.Password, - "token": s.Token, - "insecure": strconv.FormatBool(s.Insecure), - "cadata": string(s.CAData), + "name": s.Name, + "type": string(s.Type), + "url": s.URL, + "revision": s.Revision, + "username": s.Username, + "password": s.Password, + "namespace": s.Namespace, + "token": s.Token, + "insecure": strconv.FormatBool(s.Insecure), + "cadata": string(s.CAData), } } diff --git a/pkg/apis/pipeline/v1alpha1/cluster_resource_test.go b/pkg/apis/pipeline/v1alpha1/cluster_resource_test.go index 099fb74a7ab..82e70095eb1 100644 --- a/pkg/apis/pipeline/v1alpha1/cluster_resource_test.go +++ b/pkg/apis/pipeline/v1alpha1/cluster_resource_test.go @@ -80,6 +80,24 @@ func TestNewClusterResource(t *testing.T) { Token: "my-token", Insecure: true, }, + }, { + desc: "basic cluster resource with namespace", + resource: tb.PipelineResource("test-cluster-resource", "default", tb.PipelineResourceSpec( + v1alpha1.PipelineResourceTypeCluster, + tb.PipelineResourceSpecParam("name", "test_cluster_resource"), + tb.PipelineResourceSpecParam("url", "http://10.10.10.10"), + tb.PipelineResourceSpecParam("cadata", "bXktY2x1c3Rlci1jZXJ0Cg"), + tb.PipelineResourceSpecParam("token", "my-token"), + tb.PipelineResourceSpecParam("namespace", "my-namespace"), + )), + want: &v1alpha1.ClusterResource{ + Name: "test_cluster_resource", + Type: v1alpha1.PipelineResourceTypeCluster, + URL: "http://10.10.10.10", + CAData: []byte("my-cluster-cert"), + Token: "my-token", + Namespace: "my-namespace", + }, }, { desc: "basic resource with secrets", resource: tb.PipelineResource("test-cluster-resource", "default", tb.PipelineResourceSpec( From 1745d829829237824026f1e02970d15fa80df06a Mon Sep 17 00:00:00 2001 From: cappyzawa Date: Thu, 5 Sep 2019 01:28:41 +0900 Subject: [PATCH 2/3] fix based on https://github.com/tektoncd/pipeline/pull/1255#discussion_r320827984 Signed-off-by: cappyzawa --- cmd/kubeconfigwriter/main.go | 5 +++-- docs/resources.md | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/cmd/kubeconfigwriter/main.go b/cmd/kubeconfigwriter/main.go index 9da6b1e6a38..912080a2f9d 100644 --- a/cmd/kubeconfigwriter/main.go +++ b/cmd/kubeconfigwriter/main.go @@ -81,8 +81,9 @@ func createKubeconfigFile(resource *v1alpha1.ClusterResource, logger *zap.Sugare Password: pass, } context := &clientcmdapi.Context{ - Cluster: resource.Name, - AuthInfo: resource.Username, + Cluster: resource.Name, + AuthInfo: resource.Username, + // Namespace isn't written to kubeconfig if this is empty Namespace: resource.Namespace, } c := clientcmdapi.NewConfig() diff --git a/docs/resources.md b/docs/resources.md index 062c4dc8869..eb458253fa9 100644 --- a/docs/resources.md +++ b/docs/resources.md @@ -356,7 +356,7 @@ The Cluster resource has the following parameters: - `url` (required): Host url of the master node - `username` (required): the user with access to the cluster - `password`: to be used for clusters with basic auth -- `namespace`: The namespace to be given to the target namespace +- `namespace`: The namespace to target in the cluster - `token`: to be used for authentication, if present will be used ahead of the password - `insecure`: to indicate server should be accessed without verifying the TLS From eceadc40b742c6ac27359d9acc47f4e086da0deb Mon Sep 17 00:00:00 2001 From: cappyzawa Date: Thu, 5 Sep 2019 03:05:12 +0900 Subject: [PATCH 3/3] add namespace to GetDownloadSteps Signed-off-by: cappyzawa add namespace as cluser3's parameter to input_resource_test Signed-off-by: cappyzawa --- pkg/apis/pipeline/v1alpha1/cluster_resource_test.go | 2 +- pkg/reconciler/taskrun/resources/input_resource_test.go | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/pkg/apis/pipeline/v1alpha1/cluster_resource_test.go b/pkg/apis/pipeline/v1alpha1/cluster_resource_test.go index 82e70095eb1..717afa1ad83 100644 --- a/pkg/apis/pipeline/v1alpha1/cluster_resource_test.go +++ b/pkg/apis/pipeline/v1alpha1/cluster_resource_test.go @@ -150,7 +150,7 @@ func Test_ClusterResource_GetDownloadSteps(t *testing.T) { Name: "kubeconfig-9l9zj", Image: "override-with-kubeconfig-writer:latest", Command: []string{"/ko-app/kubeconfigwriter"}, - Args: []string{"-clusterConfig", `{"name":"test-cluster-resource","type":"cluster","url":"http://10.10.10.10","revision":"","username":"","password":"","token":"","Insecure":false,"cadata":null,"secrets":[{"fieldName":"cadata","secretKey":"cadatakey","secretName":"secret1"}]}`}, + Args: []string{"-clusterConfig", `{"name":"test-cluster-resource","type":"cluster","url":"http://10.10.10.10","revision":"","username":"","password":"","namespace":"","token":"","Insecure":false,"cadata":null,"secrets":[{"fieldName":"cadata","secretKey":"cadatakey","secretName":"secret1"}]}`}, Env: []corev1.EnvVar{{ Name: "CADATA", ValueFrom: &corev1.EnvVarSource{ diff --git a/pkg/reconciler/taskrun/resources/input_resource_test.go b/pkg/reconciler/taskrun/resources/input_resource_test.go index 1919ae165b6..2821c2f21ef 100644 --- a/pkg/reconciler/taskrun/resources/input_resource_test.go +++ b/pkg/reconciler/taskrun/resources/input_resource_test.go @@ -131,6 +131,9 @@ func setUp(t *testing.T) { }, { Name: "Url", Value: "http://10.10.10.10", + }, { + Name: "Namespace", + Value: "namespace1", }, { Name: "CAdata", // echo "my-ca-cert" | base64 @@ -639,7 +642,7 @@ func TestAddResourceToTask(t *testing.T) { Image: "override-with-kubeconfig-writer:latest", Command: []string{"/ko-app/kubeconfigwriter"}, Args: []string{ - "-clusterConfig", `{"name":"cluster3","type":"cluster","url":"http://10.10.10.10","revision":"","username":"","password":"","token":"","Insecure":false,"cadata":"bXktY2EtY2VydAo=","secrets":null}`, + "-clusterConfig", `{"name":"cluster3","type":"cluster","url":"http://10.10.10.10","revision":"","username":"","password":"","namespace":"namespace1","token":"","Insecure":false,"cadata":"bXktY2EtY2VydAo=","secrets":null}`, }, }}}, }, @@ -681,7 +684,7 @@ func TestAddResourceToTask(t *testing.T) { Image: "override-with-kubeconfig-writer:latest", Command: []string{"/ko-app/kubeconfigwriter"}, Args: []string{ - "-clusterConfig", `{"name":"cluster2","type":"cluster","url":"http://10.10.10.10","revision":"","username":"","password":"","token":"","Insecure":false,"cadata":null,"secrets":[{"fieldName":"cadata","secretKey":"cadatakey","secretName":"secret1"}]}`, + "-clusterConfig", `{"name":"cluster2","type":"cluster","url":"http://10.10.10.10","revision":"","username":"","password":"","namespace":"","token":"","Insecure":false,"cadata":null,"secrets":[{"fieldName":"cadata","secretKey":"cadatakey","secretName":"secret1"}]}`, }, Env: []corev1.EnvVar{{ ValueFrom: &corev1.EnvVarSource{