wip

Author: sechmann

internal/cli/cluster/cmds.go

@@ -17,6 +17,7 @@ func Command() *cli.Command {
 func subCommands() []*cli.Command {
 	return []*cli.Command{
 		kubeconfigCmd(),
+		kubeconfigV2Cmd(),
 		listCmd(),
 	}
 }

internal/cli/cluster/kubeconfig.go

@@ -2,11 +2,13 @@ package cluster
 
 import (
 	"fmt"
+	"path/filepath"
 	"strings"
 
 	"github.com/nais/narcos/internal/gcp"
 	"github.com/nais/narcos/internal/kubeconfig"
 	"github.com/urfave/cli/v2"
+	kubeClient "k8s.io/client-go/tools/clientcmd"
 )
 
 func kubeconfigCmd() *cli.Command {
@@ -74,3 +76,63 @@ gcloud auth login --update-adc`,
 		},
 	}
 }
+
+func kubeconfigV2Cmd() *cli.Command {
+	tenantConfigDir := filepath.Join(kubeClient.RecommendedConfigDir, "tenants")
+	desc := fmt.Sprintf(`Create kubeconfig files for connecting to available clusters.
+		Will create config files in %q.
+		This requires that you have the gcloud command line tool installed, configured and logged in using:
+		gcloud auth login --update-adc
+		`, tenantConfigDir)
+	return &cli.Command{
+		Name:        "kubeconfigv2",
+		Aliases:     []string{"kcv2"},
+		Description: desc,
+		Flags: []cli.Flag{
+			&cli.BoolFlag{
+				Name:    "verbose",
+				Aliases: []string{"v"},
+			},
+		},
+		UseShortOptionHandling: true,
+		Before: func(context *cli.Context) error {
+			return gcp.ValidateUserLogin(context.Context)
+		},
+		Action: func(context *cli.Context) error {
+			verbose := context.Bool("verbose")
+
+			fmt.Println("Getting clusters...")
+			clusters, err := gcp.GetClusters(context.Context)
+			if err != nil {
+				return err
+			}
+
+			if len(clusters) == 0 {
+				return fmt.Errorf("no clusters found")
+			}
+
+			fmt.Printf("Found %v clusters\n", len(clusters))
+
+			emails, err := gcp.GetUserEmails(context.Context)
+			if err != nil {
+				return err
+			}
+
+			hasSuffix := func(emails []string, suffix string) string {
+				for _, email := range emails {
+					if strings.HasSuffix(email, suffix) {
+						return email
+					}
+				}
+				panic("no user with suffix " + suffix + " found")
+			}
+
+			err = kubeconfig.RecreateCreateTenantKubeconfigs(hasSuffix(emails, "@nais.io"), clusters, verbose)
+			if err != nil {
+				return err
+			}
+
+			return nil
+		},
+	}
+}

internal/kubeconfig/kubeconfig.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"os"
 	"os/exec"
+	"path/filepath"
 
 	"github.com/go-logr/logr"
 	"github.com/nais/narcos/internal/gcp"
@@ -30,11 +31,7 @@ func CreateKubeconfig(email string, clusters []gcp.Cluster, overwrite, clean, ve
 		config.Clusters = map[string]*api.Cluster{}
 	}
 
-	err = addUsers(config, clusters, email, overwrite, verbose)
-	if err != nil {
-		return err
-	}
-
+	addUsers(config, clusters, email, overwrite, verbose)
 	err = addClusters(config, clusters, email, overwrite, verbose)
 	if err != nil {
 		return err
@@ -59,3 +56,56 @@ func CreateKubeconfig(email string, clusters []gcp.Cluster, overwrite, clean, ve
 	}
 	return nil
 }
+
+func RecreateCreateTenantKubeconfigs(email string, clusters []gcp.Cluster, verbose bool) error {
+	overwrite := true
+	clustersByTenant := make(map[string][]gcp.Cluster)
+	for _, cluster := range clusters {
+		clustersByTenant[cluster.Tenant] = append(clustersByTenant[cluster.Tenant], cluster)
+	}
+
+	for tenant, clusters := range clustersByTenant {
+		// first we wipe/create the config file
+		dir := filepath.Join(kubeClient.RecommendedConfigDir, "tenants")
+		err := os.MkdirAll(dir, 0500)
+		if err != nil {
+			return err
+		}
+
+		path := filepath.Join(dir, tenant+".yaml")
+		_, err = os.Create(path)
+		if err != nil {
+			return fmt.Errorf("make config file(%q): %w", path, err)
+		}
+
+		config := api.NewConfig()
+		config.AuthInfos = map[string]*api.AuthInfo{}
+		config.Contexts = map[string]*api.Context{}
+		config.Clusters = map[string]*api.Cluster{}
+
+		addUsers(config, clusters, email, overwrite, verbose)
+		err = addClusters(config, clusters, email, overwrite, verbose)
+		if err != nil {
+			return err
+		}
+
+		err = kubeClient.WriteToFile(*config, path)
+		if err != nil {
+			return err
+		}
+
+		fmt.Println("Kubeconfig written to", path)
+
+		for _, user := range config.AuthInfos {
+			if user == nil || user.Exec == nil {
+				continue
+			}
+			_, err = exec.LookPath(user.Exec.Command)
+			if err != nil {
+				fmt.Printf("%v\nWARNING: %v not found in PATH.\n", os.Stderr, user.Exec.Command)
+				fmt.Printf("%v\n%v\n", os.Stderr, user.Exec.InstallHint)
+			}
+		}
+	}
+	return nil
+}

internal/kubeconfig/user.go

@@ -7,13 +7,12 @@ import (
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 )
 
-func addUsers(config *clientcmdapi.Config, clusters []gcp.Cluster, email string, overwrite, verbose bool) error {
+func addUsers(config *clientcmdapi.Config, clusters []gcp.Cluster, email string, overwrite, verbose bool) {
 	addGCPUser(config, email, overwrite, verbose)
-
-	return addOnpremUser(config, clusters, overwrite, verbose)
+	addOnpremUser(config, clusters, overwrite, verbose)
 }
 
-func addOnpremUser(config *clientcmdapi.Config, clusters []gcp.Cluster, overwrite, verbose bool) error {
+func addOnpremUser(config *clientcmdapi.Config, clusters []gcp.Cluster, overwrite, verbose bool) {
 	for _, cluster := range clusters {
 		if cluster.Kind == gcp.KindOnprem {
 			user := cluster.User
@@ -48,10 +47,9 @@ func addOnpremUser(config *clientcmdapi.Config, clusters []gcp.Cluster, overwrit
 
 			fmt.Printf("Added user %v to config\n", user.UserName)
 
-			return nil
+			return
 		}
 	}
-	return nil
 }
 
 func addGCPUser(config *clientcmdapi.Config, email string, overwrite, verbose bool) {