github.com/grailbio/base@v0.0.11/cmd/grail-access/k8s.go (about) 1 package main 2 3 import ( 4 "fmt" 5 "io/ioutil" 6 "path/filepath" 7 8 "github.com/grailbio/base/security/identity" 9 "v.io/v23/context" 10 "v.io/v23/security" 11 ) 12 13 const defaultK8sBlesserFlag = "/ticket-server.eng.grail.com:8102/blesser/k8s" 14 15 func fetchK8sBlessings(ctx *context.T) (blessing security.Blessings, err error) { 16 if blesserFlag == "" { 17 blesserFlag = defaultK8sBlesserFlag 18 } 19 stub := identity.K8sBlesserClient(blesserFlag) 20 21 caCrt, namespace, token, err := getFiles() 22 if err != nil { 23 return blessing, err 24 } 25 26 return stub.BlessK8s(ctx, caCrt, namespace, token, regionFlag) 27 } 28 29 func getFiles() (caCrt, namespace, token string, err error) { 30 caCrtPath, err := filepath.Abs(caCrtFlag) 31 if err != nil { 32 return "", "", "", fmt.Errorf("parsing ca.crt path: %w", err) 33 } 34 namespacePath, err := filepath.Abs(namespaceFlag) 35 if err != nil { 36 return "", "", "", fmt.Errorf("parsing namespace path: %w", err) 37 } 38 tokenPath, err := filepath.Abs(tokenFlag) 39 if err != nil { 40 return "", "", "", fmt.Errorf("parsing token path: %w", err) 41 } 42 caCrtData, err := ioutil.ReadFile(caCrtPath) 43 if err != nil { 44 return "", "", "", fmt.Errorf("opening ca.crt: %w", err) 45 } 46 namespaceData, err := ioutil.ReadFile(namespacePath) 47 if err != nil { 48 return "", "", "", fmt.Errorf("opening namespace file: %w", err) 49 50 } 51 tokenData, err := ioutil.ReadFile(tokenPath) 52 if err != nil { 53 return "", "", "", fmt.Errorf("opening token file: %w", err) 54 } 55 56 return string(caCrtData), string(namespaceData), string(tokenData), err 57 }