From fa4ac32b6fad5ae71d5404736112ebc0c9cde13b Mon Sep 17 00:00:00 2001 From: klakshma21 Date: Wed, 11 Sep 2024 11:23:50 -0500 Subject: [PATCH] chore(RHTAPWATCH-1248): Provide admin user/pwd combo for ephemeral clusters - Add admin username and password in the credentials volume - Add `APIserverURL` and `ConsoleURL` status field values from the CTI in the results Signed-off-by: Kousalya Lakshmanan --- ...aas-get-ephemeral-cluster-credentials.yaml | 32 ++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml b/stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml index 9d5fac377e..aa6ef94830 100644 --- a/stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml +++ b/stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml @@ -4,7 +4,7 @@ metadata: name: eaas-get-ephemeral-cluster-credentials spec: description: >- - This StepAction queries the EaaS hub cluster to get the kubeconfig for an ephemeral cluster + This StepAction queries the EaaS hub cluster to get the kubeconfig, username, and password for an ephemeral cluster by name. Credentials are stored in a mounted volume that must be provided as a param. image: registry.redhat.io/openshift4/ose-cli@sha256:15da03b04318bcc842060b71e9dd6d6c2595edb4e8fdd11b0c6781eeb03ca182 params: @@ -26,11 +26,23 @@ spec: results: - name: kubeconfig description: Relative path to the kubeconfig in the mounted volume + - name: username + description: Relative path to the username file in the mounted volume + - name: passwordPath + description: Relative path to the password file in the mounted volume + - name: apiServerURL + description: API server URL of the cluster + - name: consoleURL + description: Console URL of the cluster env: - name: CLUSTER_NAME value: "$(params.clusterName)" - name: CLUSTER_KUBECONFIG value: "/credentials/$(params.clusterName)-kubeconfig" + - name: CLUSTER_USERNAME + value: "/credentials/$(params.clusterName)-username" + - name: CLUSTER_PASSWORD + value: "/credentials/$(params.clusterName)-password" - name: KUBECONFIG value: /tmp/eaas-kubeconfig - name: KUBECONFIG_VALUE @@ -56,3 +68,21 @@ spec: "${OC[@]}" get secret $SECRET -o go-template --template="{{.data.kubeconfig|base64decode}}" > $CLUSTER_KUBECONFIG echo "Wrote kubeconfig to $CLUSTER_KUBECONFIG" echo -n $(basename $CLUSTER_KUBECONFIG) > $(step.results.kubeconfig.path) + + # Get username and password + ADMIN_PASSWORD_SECRET=$("${OC[@]}" get cti $CLUSTER_NAME -o=jsonpath='{.status.adminPassword.name}') + echo "Found admin password secret: $ADMIN_PASSWORD_SECRET" + "${OC[@]}" get secret $ADMIN_PASSWORD_SECRET -o jsonpath='{.data.username}' | base64 -d > $CLUSTER_USERNAME + "${OC[@]}" get secret $ADMIN_PASSWORD_SECRET -o jsonpath='{.data.password}' | base64 -d > $CLUSTER_PASSWORD + echo "Wrote username to $CLUSTER_USERNAME" + echo "Wrote password to $CLUSTER_PASSWORD" + echo -n $(basename $CLUSTER_USERNAME) > $(step.results.username.path) + echo -n $(basename $CLUSTER_PASSWORD) > $(step.results.passwordPath.path) + + # Get `APIserverURL` and `ConsoleURL` status field values + API_SERVER_URL=$("${OC[@]}" get cti $CLUSTER_NAME -o=jsonpath='{.status.apiServerURL}') + CONSOLE_URL=$("${OC[@]}" get cti $CLUSTER_NAME -o=jsonpath='{.status.consoleURL}') + echo "API Server URL: $API_SERVER_URL" + echo "Console URL: $CONSOLE_URL" + echo -n "$API_SERVER_URL" > $(step.results.apiServerURL.path) + echo -n "$CONSOLE_URL" > $(step.results.consoleURL.path)