github.com/oam-dev/cluster-gateway@v1.9.0/hack/patch/main.go (about) 1 package main 2 3 /* 4 Copyright 2021 The KubeVela Authors. 5 6 Licensed under the Apache License, Version 2.0 (the "License"); 7 you may not use this file except in compliance with the License. 8 You may obtain a copy of the License at 9 http://www.apache.org/licenses/LICENSE-2.0 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 import ( 18 "context" 19 "fmt" 20 "os" 21 22 "github.com/pkg/errors" 23 "github.com/spf13/cobra" 24 v1 "k8s.io/api/core/v1" 25 "k8s.io/apimachinery/pkg/runtime" 26 "k8s.io/apimachinery/pkg/types" 27 clientgoscheme "k8s.io/client-go/kubernetes/scheme" 28 apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1" 29 "sigs.k8s.io/controller-runtime/pkg/client" 30 "sigs.k8s.io/controller-runtime/pkg/client/config" 31 32 "github.com/oam-dev/cluster-gateway/pkg/apis/cluster/v1alpha1" 33 ) 34 35 const ( 36 FlagAPIServiceName = "target-APIService" 37 FlagSecretName = "secret-name" 38 FlagSecretNamespace = "secret-namespace" 39 FlagSecretCABundleKey = "secret-ca-bundle-key" 40 ) 41 42 func buildSchemeOrDie() *runtime.Scheme { 43 scheme := runtime.NewScheme() 44 if err := clientgoscheme.AddToScheme(scheme); err != nil { 45 fmt.Printf("build client-go scheme error: %v\n", err) 46 os.Exit(1) 47 } 48 if err := apiregistrationv1.AddToScheme(scheme); err != nil { 49 fmt.Printf("build api-registration scheme error: %v\n", err) 50 os.Exit(1) 51 } 52 return scheme 53 } 54 55 func main() { 56 var APIServiceName string 57 var secretName string 58 var secretNamespace string 59 var secretCABundleKey string 60 cmd := &cobra.Command{ 61 Use: "patch", 62 Short: "patch APIService CABundle from given secret", 63 RunE: func(cmd *cobra.Command, args []string) error { 64 c, err := client.New(config.GetConfigOrDie(), client.Options{Scheme: buildSchemeOrDie()}) 65 if err != nil { 66 return errors.Wrapf(err, "get k8s client error") 67 } 68 ctx := context.Background() 69 secret := &v1.Secret{} 70 if err = c.Get(ctx, types.NamespacedName{Namespace: secretNamespace, Name: secretName}, secret); err != nil { 71 return errors.Wrapf(err, "failed to get source secret") 72 } 73 apiService := &apiregistrationv1.APIService{} 74 if err = c.Get(ctx, types.NamespacedName{Name: APIServiceName}, apiService); err != nil { 75 return errors.Wrapf(err, "failed to get APIService") 76 } 77 caBundle, ok := secret.Data[secretCABundleKey] 78 if !ok { 79 return fmt.Errorf("failed to find caBundle in secret(%s/%s), key: %s", secretNamespace, secretName, secretCABundleKey) 80 } 81 apiService.Spec.InsecureSkipTLSVerify = false 82 apiService.Spec.CABundle = caBundle 83 if err = c.Update(ctx, apiService); err != nil { 84 return errors.Wrapf(err, "failed to update APIService") 85 } 86 fmt.Printf("successfully update APIService %s caBundle: \n%s\n", APIServiceName, caBundle) 87 return nil 88 }, 89 } 90 gv := v1alpha1.SchemeGroupVersion 91 apiServiceName := gv.Version + "." + gv.Group 92 cmd.Flags().StringVar(&APIServiceName, FlagAPIServiceName, apiServiceName, "specify the target APIService to patch caBundle") 93 cmd.Flags().StringVar(&secretName, FlagSecretName, "", "specify the source secret name") 94 cmd.Flags().StringVar(&secretNamespace, FlagSecretNamespace, "", "specify the source secret namespace") 95 cmd.Flags().StringVar(&secretCABundleKey, FlagSecretCABundleKey, "ca", "specify the CABundle key in source secret") 96 if err := cmd.Execute(); err != nil { 97 fmt.Printf("%v\n", err) 98 os.Exit(1) 99 } 100 }