diff --git a/cluster/common.sh b/cluster/common.sh index e778e13fef898..f00558d101867 100644 --- a/cluster/common.sh +++ b/cluster/common.sh @@ -73,3 +73,31 @@ function clear-kubeconfig() { echo "Cleared config for ${CONTEXT} from ${KUBECONFIG}" } + +# Gets username, password for the current-context in kubeconfig, if they exist. +# Assumed vars: +# KUBECONFIG # if unset, defaults to global +# +# Vars set: +# KUBE_USER +# KUBE_PASSWORD +# +# KUBE_USER,KUBE_PASSWORD will be empty if no current-context is set, or +# the current-context user does not exist or contain basicauth entries. +function get-kubeconfig-basicauth() { + # Templates to safely extract the username,password for the current-context + # user. The long chain of 'with' commands avoids indexing nil if any of the + # entries ("current-context", "contexts"."current-context", "users", etc) + # is missing. + # Note: we save dot ('.') to $root because the 'with' action overrides it. + # See http://golang.org/pkg/text/template/. + local username='{{$root := .}}{{with index $root "current-context"}}{{with index $root "contexts" .}}{{with index . "user"}}{{with index $root "users" .}}{{index . "username"}}{{end}}{{end}}{{end}}{{end}}' + local password='{{$root := .}}{{with index $root "current-context"}}{{with index $root "contexts" .}}{{with index . "user"}}{{with index $root "users" .}}{{index . "password"}}{{end}}{{end}}{{end}}{{end}}' + KUBE_USER=$("${KUBE_ROOT}/cluster/kubectl.sh" config view -o template --template="${username}") + KUBE_PASSWORD=$("${KUBE_ROOT}/cluster/kubectl.sh" config view -o template --template="${password}") + # Handle empty/missing username|password + if [[ "${KUBE_USER}" == '' || "$KUBE_PASSWORD" == '' ]]; then + KUBE_USER='' + KUBE_PASSWORD='' + fi +} diff --git a/cluster/gce/util.sh b/cluster/gce/util.sh index 0b0349109b3b6..e1647ffdd6307 100755 --- a/cluster/gce/util.sh +++ b/cluster/gce/util.sh @@ -226,7 +226,7 @@ function detect-master () { } # Ensure that we have a password created for validating to the master. Will -# read from the kubernetes auth-file for the current context if available. +# read from kubeconfig for the current context if available. # # Assumed vars # KUBE_ROOT @@ -235,12 +235,7 @@ function detect-master () { # KUBE_USER # KUBE_PASSWORD function get-password { - # templates to extract the username,password for the current-context user - # Note: we save dot ('.') to $dot because the 'with' action overrides dot - local username='{{$dot := .}}{{with $ctx := index $dot "current-context"}}{{$user := index $dot "contexts" $ctx "user"}}{{index $dot "users" $user "username"}}{{end}}' - local password='{{$dot := .}}{{with $ctx := index $dot "current-context"}}{{$user := index $dot "contexts" $ctx "user"}}{{index $dot "users" $user "password"}}{{end}}' - KUBE_USER=$("${KUBE_ROOT}/cluster/kubectl.sh" config view -o template --template="${username}") - KUBE_PASSWORD=$("${KUBE_ROOT}/cluster/kubectl.sh" config view -o template --template="${password}") + get-kubeconfig-basicauth if [[ -z "${KUBE_USER}" || -z "${KUBE_PASSWORD}" ]]; then KUBE_USER=admin KUBE_PASSWORD=$(python -c 'import string,random; print "".join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _ in range(16))')