From afdfb75234af3907b5e7fdf19b92ea4f6ce35126 Mon Sep 17 00:00:00 2001 From: Vibhav Bobade Date: Sat, 14 Dec 2019 05:59:32 +0530 Subject: [PATCH 1/2] Pass kube user token via cli, introduce HELM_KUBETOKEN envvar Signed-off-by: Vibhav Bobade --- pkg/cli/environment.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/pkg/cli/environment.go b/pkg/cli/environment.go index 5f947aec7..16127c1cd 100644 --- a/pkg/cli/environment.go +++ b/pkg/cli/environment.go @@ -46,6 +46,8 @@ type EnvSettings struct { KubeConfig string // KubeContext is the name of the kubeconfig context. KubeContext string + // Bearer Token used for authentication + Token string // Debug indicates whether or not Helm is running in Debug mode. Debug bool // RegistryConfig is the path to the registry config file. @@ -77,6 +79,7 @@ func (s *EnvSettings) AddFlags(fs *pflag.FlagSet) { fs.StringVarP(&s.namespace, "namespace", "n", s.namespace, "namespace scope for this request") fs.StringVar(&s.KubeConfig, "kubeconfig", "", "path to the kubeconfig file") fs.StringVar(&s.KubeContext, "kube-context", s.KubeContext, "name of the kubeconfig context to use") + fs.StringVar(&s.Token, "token", s.Token, "bearer token used for authentication") fs.BoolVar(&s.Debug, "debug", s.Debug, "enable verbose output") fs.StringVar(&s.RegistryConfig, "registry-config", s.RegistryConfig, "path to the registry config file") fs.StringVar(&s.RepositoryConfig, "repository-config", s.RepositoryConfig, "path to the file containing repository names and URLs") @@ -100,6 +103,7 @@ func (s *EnvSettings) EnvVars() map[string]string { "HELM_REPOSITORY_CONFIG": s.RepositoryConfig, "HELM_NAMESPACE": s.Namespace(), "HELM_KUBECONTEXT": s.KubeContext, + "HELM_KUBETOKEN": s.Token, } if s.KubeConfig != "" { @@ -124,7 +128,9 @@ func (s *EnvSettings) Namespace() string { //RESTClientGetter gets the kubeconfig from EnvSettings func (s *EnvSettings) RESTClientGetter() genericclioptions.RESTClientGetter { s.configOnce.Do(func() { - s.config = kube.GetConfig(s.KubeConfig, s.KubeContext, s.namespace) + clientConfig := kube.GetConfig(s.KubeConfig, s.KubeContext, s.namespace) + clientConfig.BearerToken = &s.Token + s.config = clientConfig }) return s.config } From 4bd3b8fc06d3750174d52e3950800e67cfc63210 Mon Sep 17 00:00:00 2001 From: Vibhav Bobade Date: Mon, 16 Dec 2019 13:28:36 +0530 Subject: [PATCH 2/2] Pass the apiserver address/port via cli, introduce HELM_KUBEAPISERVER envvar Signed-off-by: Vibhav Bobade --- cmd/helm/load_plugins.go | 2 +- pkg/cli/environment.go | 22 +++++++++++++++++----- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/cmd/helm/load_plugins.go b/cmd/helm/load_plugins.go index f2fb5c01d..610b187d9 100644 --- a/cmd/helm/load_plugins.go +++ b/cmd/helm/load_plugins.go @@ -127,7 +127,7 @@ func loadPlugins(baseCmd *cobra.Command, out io.Writer) { func manuallyProcessArgs(args []string) ([]string, []string) { known := []string{} unknown := []string{} - kvargs := []string{"--kube-context", "--namespace", "-n", "--kubeconfig", "--registry-config", "--repository-cache", "--repository-config"} + kvargs := []string{"--kube-context", "--namespace", "-n", "--kubeconfig", "--kube-apiserver", "--kube-token", "--registry-config", "--repository-cache", "--repository-config"} knownArg := func(a string) bool { for _, pre := range kvargs { if strings.HasPrefix(a, pre+"=") { diff --git a/pkg/cli/environment.go b/pkg/cli/environment.go index 16127c1cd..1e3b23617 100644 --- a/pkg/cli/environment.go +++ b/pkg/cli/environment.go @@ -46,8 +46,10 @@ type EnvSettings struct { KubeConfig string // KubeContext is the name of the kubeconfig context. KubeContext string - // Bearer Token used for authentication - Token string + // Bearer KubeToken used for authentication + KubeToken string + // Kubernetes API Server Endpoint for authentication + KubeAPIServer string // Debug indicates whether or not Helm is running in Debug mode. Debug bool // RegistryConfig is the path to the registry config file. @@ -65,6 +67,8 @@ func New() *EnvSettings { env := EnvSettings{ namespace: os.Getenv("HELM_NAMESPACE"), KubeContext: os.Getenv("HELM_KUBECONTEXT"), + KubeToken: os.Getenv("HELM_KUBETOKEN"), + KubeAPIServer: os.Getenv("HELM_KUBEAPISERVER"), PluginsDirectory: envOr("HELM_PLUGINS", helmpath.DataPath("plugins")), RegistryConfig: envOr("HELM_REGISTRY_CONFIG", helmpath.ConfigPath("registry.json")), RepositoryConfig: envOr("HELM_REPOSITORY_CONFIG", helmpath.ConfigPath("repositories.yaml")), @@ -79,7 +83,8 @@ func (s *EnvSettings) AddFlags(fs *pflag.FlagSet) { fs.StringVarP(&s.namespace, "namespace", "n", s.namespace, "namespace scope for this request") fs.StringVar(&s.KubeConfig, "kubeconfig", "", "path to the kubeconfig file") fs.StringVar(&s.KubeContext, "kube-context", s.KubeContext, "name of the kubeconfig context to use") - fs.StringVar(&s.Token, "token", s.Token, "bearer token used for authentication") + fs.StringVar(&s.KubeToken, "kube-token", s.KubeToken, "bearer token used for authentication") + fs.StringVar(&s.KubeAPIServer, "kube-apiserver", s.KubeAPIServer, "the address and the port for the Kubernetes API server") fs.BoolVar(&s.Debug, "debug", s.Debug, "enable verbose output") fs.StringVar(&s.RegistryConfig, "registry-config", s.RegistryConfig, "path to the registry config file") fs.StringVar(&s.RepositoryConfig, "repository-config", s.RepositoryConfig, "path to the file containing repository names and URLs") @@ -103,7 +108,8 @@ func (s *EnvSettings) EnvVars() map[string]string { "HELM_REPOSITORY_CONFIG": s.RepositoryConfig, "HELM_NAMESPACE": s.Namespace(), "HELM_KUBECONTEXT": s.KubeContext, - "HELM_KUBETOKEN": s.Token, + "HELM_KUBETOKEN": s.KubeToken, + "HELM_KUBEAPISERVER": s.KubeAPIServer, } if s.KubeConfig != "" { @@ -129,7 +135,13 @@ func (s *EnvSettings) Namespace() string { func (s *EnvSettings) RESTClientGetter() genericclioptions.RESTClientGetter { s.configOnce.Do(func() { clientConfig := kube.GetConfig(s.KubeConfig, s.KubeContext, s.namespace) - clientConfig.BearerToken = &s.Token + if len(s.KubeToken) > 0 { + clientConfig.BearerToken = &s.KubeToken + } + if len(s.KubeAPIServer) > 0 { + clientConfig.APIServer = &s.KubeAPIServer + } + s.config = clientConfig }) return s.config