Merge pull request #102 from minhdanh/skip-kube-init

Support skipping kubeconfig creation
This commit is contained in:
Erin Call 2020-08-25 22:20:05 -07:00 committed by GitHub
commit cfc59a46ef
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 32 additions and 12 deletions

1
.gitignore vendored
View file

@ -4,6 +4,7 @@
*.dll *.dll
*.so *.so
*.dylib *.dylib
*.swp
.idea .idea

View file

@ -31,10 +31,11 @@ Installations are triggered when the `mode` setting is "upgrade." They can also
|------------------------|----------------|----------|------------------------|---------| |------------------------|----------------|----------|------------------------|---------|
| chart | string | yes | | The chart to use for this installation. | | chart | string | yes | | The chart to use for this installation. |
| release | string | yes | | The release name for helm to use. | | release | string | yes | | The release name for helm to use. |
| kube_api_server | string | yes | api_server | API endpoint for the Kubernetes cluster. | | skip_kubeconfig | boolean | | | Whether to skip kubeconfig file creation. |
| kube_token | string | yes | kubernetes_token | Token for authenticating to Kubernetes. | | kube_api_server | string | yes | api_server | API endpoint for the Kubernetes cluster. This is ignored if `skip_kubeconfig` is `true`. |
| kube_service_account | string | | service_account | Service account for authenticating to Kubernetes. Default is `helm`. | | kube_token | string | yes | kubernetes_token | Token for authenticating to Kubernetes. This is ignored if `skip_kubeconfig` is `true`. |
| kube_certificate | string | | kubernetes_certificate | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. | | kube_service_account | string | | service_account | Service account for authenticating to Kubernetes. Default is `helm`. This is ignored if `skip_kubeconfig` is `true`. |
| kube_certificate | string | | kubernetes_certificate | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. This is ignored if `skip_kubeconfig` is `true`. |
| chart_version | string | | | Specific chart version to install. | | chart_version | string | | | Specific chart version to install. |
| dry_run | boolean | | | Pass `--dry-run` to `helm upgrade`. | | dry_run | boolean | | | Pass `--dry-run` to `helm upgrade`. |
| dependencies_action | string | | | Calls `helm dependency build` OR `helm dependency update` before running the main command. Possible values: `build`, `update`. | | dependencies_action | string | | | Calls `helm dependency build` OR `helm dependency update` before running the main command. Possible values: `build`, `update`. |
@ -47,7 +48,7 @@ Installations are triggered when the `mode` setting is "upgrade." They can also
| string_values | list\<string\> | | | Chart values to use as the `--set-string` argument to `helm upgrade`. | | string_values | list\<string\> | | | Chart values to use as the `--set-string` argument to `helm upgrade`. |
| values_files | list\<string\> | | | Values to use as `--values` arguments to `helm upgrade`. | | values_files | list\<string\> | | | Values to use as `--values` arguments to `helm upgrade`. |
| reuse_values | boolean | | | Reuse the values from a previous release. | | reuse_values | boolean | | | Reuse the values from a previous release. |
| skip_tls_verify | boolean | | | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. | | skip_tls_verify | boolean | | | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. This is ignored if `skip_kubeconfig` is `true`. |
## Uninstallation ## Uninstallation
@ -56,14 +57,15 @@ Uninstallations are triggered when the `mode` setting is "uninstall" or "delete.
| Param name | Type | Required | Alias | Purpose | | Param name | Type | Required | Alias | Purpose |
|------------------------|----------|----------|------------------------|---------| |------------------------|----------|----------|------------------------|---------|
| release | string | yes | | The release name for helm to use. | | release | string | yes | | The release name for helm to use. |
| kube_api_server | string | yes | api_server | API endpoint for the Kubernetes cluster. | | skip_kubeconfig | boolean | | | Whether to skip kubeconfig file creation. |
| kube_token | string | yes | kubernetes_token | Token for authenticating to Kubernetes. | | kube_api_server | string | yes | api_server | API endpoint for the Kubernetes cluster. This is ignored if `skip_kubeconfig` is `true`. |
| kube_service_account | string | | service_account | Service account for authenticating to Kubernetes. Default is `helm`. | | kube_token | string | yes | kubernetes_token | Token for authenticating to Kubernetes. This is ignored if `skip_kubeconfig` is `true`. |
| kube_certificate | string | | kubernetes_certificate | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. | | kube_service_account | string | | service_account | Service account for authenticating to Kubernetes. Default is `helm`. This is ignored if `skip_kubeconfig` is `true`. |
| kube_certificate | string | | kubernetes_certificate | Base64 encoded TLS certificate used by the Kubernetes cluster's certificate authority. This is ignored if `skip_kubeconfig` is `true`. |
| keep_history | boolean | | | Pass `--keep-history` to `helm uninstall`, to retain the release history. | | keep_history | boolean | | | Pass `--keep-history` to `helm uninstall`, to retain the release history. |
| dry_run | boolean | | | Pass `--dry-run` to `helm uninstall`. | | dry_run | boolean | | | Pass `--dry-run` to `helm uninstall`. |
| timeout | duration | | | Timeout for any *individual* Kubernetes operation. The uninstallation's full runtime may exceed this duration. | | timeout | duration | | | Timeout for any *individual* Kubernetes operation. The uninstallation's full runtime may exceed this duration. |
| skip_tls_verify | boolean | | | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. | | skip_tls_verify | boolean | | | Connect to the Kubernetes cluster without checking for a valid TLS certificate. Not recommended in production. This is ignored if `skip_kubeconfig` is `true`. |
| chart | string | | | Required when the global `update_dependencies` parameter is true. No effect otherwise. | | chart | string | | | Required when the global `update_dependencies` parameter is true. No effect otherwise. |
### Where to put settings ### Where to put settings

View file

@ -34,6 +34,7 @@ type Config struct {
ValuesFiles []string `split_words:"true"` // Arguments to pass to --values in applicable helm commands ValuesFiles []string `split_words:"true"` // Arguments to pass to --values in applicable helm commands
Namespace string `` // Kubernetes namespace for all helm commands Namespace string `` // Kubernetes namespace for all helm commands
KubeToken string `split_words:"true"` // Kubernetes authentication token to put in .kube/config KubeToken string `split_words:"true"` // Kubernetes authentication token to put in .kube/config
SkipKubeconfig bool `envconfig:"skip_kubeconfig"` // Skip kubeconfig creation
SkipTLSVerify bool `envconfig:"skip_tls_verify"` // Put insecure-skip-tls-verify in .kube/config SkipTLSVerify bool `envconfig:"skip_tls_verify"` // Put insecure-skip-tls-verify in .kube/config
Certificate string `envconfig:"kube_certificate"` // The Kubernetes cluster CA's self-signed certificate (must be base64-encoded) Certificate string `envconfig:"kube_certificate"` // The Kubernetes cluster CA's self-signed certificate (must be base64-encoded)
APIServer string `envconfig:"kube_api_server"` // The Kubernetes cluster's API endpoint APIServer string `envconfig:"kube_api_server"` // The Kubernetes cluster's API endpoint
@ -87,6 +88,12 @@ func NewConfig(stdout, stderr io.Writer) (*Config, error) {
return nil, err return nil, err
} }
if cfg.SkipKubeconfig {
if cfg.KubeToken != "" || cfg.Certificate != "" || cfg.APIServer != "" || cfg.ServiceAccount != "" || cfg.SkipTLSVerify {
fmt.Fprintf(cfg.Stderr, "Warning: skip_kubeconfig is set. The following kubeconfig-related settings will be ignored: kube_config, kube_certificate, kube_api_server, kube_service_account, skip_tls_verify.")
}
}
if justNumbers.MatchString(cfg.Timeout) { if justNumbers.MatchString(cfg.Timeout) {
cfg.Timeout = fmt.Sprintf("%ss", cfg.Timeout) cfg.Timeout = fmt.Sprintf("%ss", cfg.Timeout)
} }

View file

@ -92,7 +92,9 @@ func (p *Plan) Execute() error {
var upgrade = func(cfg env.Config) []Step { var upgrade = func(cfg env.Config) []Step {
var steps []Step var steps []Step
steps = append(steps, run.NewInitKube(cfg, kubeConfigTemplate, kubeConfigFile)) if !cfg.SkipKubeconfig {
steps = append(steps, run.NewInitKube(cfg, kubeConfigTemplate, kubeConfigFile))
}
for _, repo := range cfg.AddRepos { for _, repo := range cfg.AddRepos {
steps = append(steps, run.NewAddRepo(cfg, repo)) steps = append(steps, run.NewAddRepo(cfg, repo))
} }
@ -112,7 +114,9 @@ var upgrade = func(cfg env.Config) []Step {
var uninstall = func(cfg env.Config) []Step { var uninstall = func(cfg env.Config) []Step {
var steps []Step var steps []Step
steps = append(steps, run.NewInitKube(cfg, kubeConfigTemplate, kubeConfigFile)) if !cfg.SkipKubeconfig {
steps = append(steps, run.NewInitKube(cfg, kubeConfigTemplate, kubeConfigFile))
}
if cfg.UpdateDependencies { if cfg.UpdateDependencies {
steps = append(steps, run.NewDepUpdate(cfg)) steps = append(steps, run.NewDepUpdate(cfg))
} }

View file

@ -122,6 +122,12 @@ func (suite *PlanTestSuite) TestUpgrade() {
suite.IsType(&run.Upgrade{}, steps[1]) suite.IsType(&run.Upgrade{}, steps[1])
} }
func (suite *PlanTestSuite) TestUpgradeWithSkipKubeconfig() {
steps := upgrade(env.Config{SkipKubeconfig: true})
suite.Require().Equal(1, len(steps), "upgrade should return 1 step")
suite.IsType(&run.Upgrade{}, steps[0])
}
func (suite *PlanTestSuite) TestUpgradeWithUpdateDependencies() { func (suite *PlanTestSuite) TestUpgradeWithUpdateDependencies() {
cfg := env.Config{ cfg := env.Config{
UpdateDependencies: true, UpdateDependencies: true,