github.com/qsunny/k8s@v0.0.0-20220101153623-e6dca256d5bf/examples-master/staging/https-nginx/make_secret.go

github.com/qsunny/k8s@v0.0.0-20220101153623-e6dca256d5bf/examples-master/staging/https-nginx/make_secret.go (about)

     1  /*
     2  Copyright 2015 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  // A small script that converts the given open ssl public/private keys to
    18  // a secret that it writes to stdout as json. Most common use case is to
    19  // create a secret from self signed certificates used to authenticate with
    20  // a devserver. Usage: go run make_secret.go -crt ca.crt -key priv.key > secret.json
    21  package main
    22  
    23  import (
    24  	"flag"
    25  	"fmt"
    26  	"io/ioutil"
    27  	"log"
    28  
    29  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    30  	"k8s.io/apimachinery/pkg/runtime"
    31  	"k8s.io/kubernetes/pkg/api/legacyscheme"
    32  	api "k8s.io/kubernetes/pkg/apis/core"
    33  
    34  	// This installs the legacy v1 API
    35  	_ "k8s.io/kubernetes/pkg/apis/core/install"
    36  )
    37  
    38  // TODO:
    39  // Add a -o flag that writes to the specified destination file.
    40  // Teach the script to create crt and key if -crt and -key aren't specified.
    41  var (
    42  	crt = flag.String("crt", "", "path to nginx certificates.")
    43  	key = flag.String("key", "", "path to nginx private key.")
    44  )
    45  
    46  func read(file string) []byte {
    47  	b, err := ioutil.ReadFile(file)
    48  	if err != nil {
    49  		log.Fatalf("Cannot read file %v, %v", file, err)
    50  	}
    51  	return b
    52  }
    53  
    54  func main() {
    55  	flag.Parse()
    56  	if *crt == "" || *key == "" {
    57  		log.Fatalf("Need to specify -crt -key and -template")
    58  	}
    59  	nginxCrt := read(*crt)
    60  	nginxKey := read(*key)
    61  	secret := &api.Secret{
    62  		ObjectMeta: metav1.ObjectMeta{
    63  			Name: "nginxsecret",
    64  		},
    65  		Data: map[string][]byte{
    66  			"nginx.crt": nginxCrt,
    67  			"nginx.key": nginxKey,
    68  		},
    69  	}
    70  	fmt.Printf(runtime.EncodeOrDie(legacyscheme.Codecs.LegacyCodec(legacyscheme.Registry.EnabledVersions()...), secret))
    71  }