Skip to content

Commit

Permalink
Merge pull request #2184 from FabianKramm/main
Browse files Browse the repository at this point in the history
refactor: use separate access key per vCluster
  • Loading branch information
FabianKramm authored Sep 27, 2024
2 parents 332be64 + 005bad9 commit dcfb601
Show file tree
Hide file tree
Showing 7 changed files with 223 additions and 36 deletions.
1 change: 0 additions & 1 deletion cmd/vclusterctl/cmd/platform/add/vcluster.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@ Add all vCluster instances in the host cluster:
vcluster platform add vcluster --project my-project --all
###############################################
`

addCmd := &cobra.Command{
Expand Down
9 changes: 9 additions & 0 deletions cmd/vclusterctl/cmd/platform/platform.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ import (
"github.com/loft-sh/vcluster/pkg/cli/flags"
"github.com/loft-sh/vcluster/pkg/platform/defaults"
"github.com/mitchellh/go-homedir"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)

Expand All @@ -36,6 +37,14 @@ func NewPlatformCmd(globalFlags *flags.GlobalFlags) (*cobra.Command, error) {
if len(os.Args) > 1 && os.Args[1] == "pro" {
log.GetInstance().Warnf("The \"vcluster pro\" command is deprecated, please use \"vcluster platform\" instead")
}

if globalFlags.Silent {
log.GetInstance().SetLevel(logrus.FatalLevel)
} else if globalFlags.Debug {
log.GetInstance().SetLevel(logrus.DebugLevel)
} else {
log.GetInstance().SetLevel(logrus.InfoLevel)
}
},
}
home, err := homedir.Dir()
Expand Down
2 changes: 2 additions & 0 deletions pkg/cli/add_vcluster_helm.go
Original file line number Diff line number Diff line change
Expand Up @@ -144,12 +144,14 @@ func addVClusterHelm(
globalFlags.LoadedConfig(log),
kubeClient,
options.ImportName,
vCluster.Name,
vCluster.Namespace,
options.Project,
options.AccessKey,
options.Host,
options.Insecure,
options.CertificateAuthorityData,
log,
)
if err != nil {
return err
Expand Down
5 changes: 3 additions & 2 deletions pkg/cli/config/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@ type DriverType string
type Platform struct {
metav1.TypeMeta `json:",inline"`

// VirtualClusterAccessKey will only be used as a fallback for older platforms and is deprecated.
VirtualClusterAccessKey string `json:"virtualClusterAccessKey,omitempty"`

// VirtualClusterAccessPointCertificates is a map of cached certificates for "access point" mode virtual clusters
VirtualClusterAccessPointCertificates map[string]VirtualClusterCertificatesEntry `json:"virtualClusterAccessPointCertificates,omitempty"`
// Host is the https endpoint of how to access loft
Expand All @@ -32,8 +35,6 @@ type Platform struct {
LastInstallContext string `json:"lastInstallContext,omitempty"`
// AccessKey is the access key for the given loft host
AccessKey string `json:"accesskey,omitempty"`
// VirtualClusterAccessKey is the access key for the given loft host to create virtual clusters
VirtualClusterAccessKey string `json:"virtualClusterAccessKey,omitempty"`
// Insecure specifies if the loft instance is insecure
Insecure bool `json:"insecure,omitempty"`
// CertificateAuthorityData is passed as certificate-authority-data to the platform config
Expand Down
8 changes: 4 additions & 4 deletions pkg/cli/create_helm.go
Original file line number Diff line number Diff line change
Expand Up @@ -301,7 +301,7 @@ func CreateHelm(ctx context.Context, options *CreateOptions, globalFlags *flags.

// create platform secret
if cmd.Add {
err = cmd.addVCluster(ctx, vClusterConfig)
err = cmd.addVCluster(ctx, vClusterName, vClusterConfig)
if err != nil {
return err
}
Expand Down Expand Up @@ -372,11 +372,11 @@ func (cmd *createHelm) parseVClusterYAML(chartValues string) (*config.Config, er
return vClusterConfig, nil
}

func (cmd *createHelm) addVCluster(ctx context.Context, vClusterConfig *config.Config) error {
func (cmd *createHelm) addVCluster(ctx context.Context, name string, vClusterConfig *config.Config) error {
platformConfig, err := vClusterConfig.GetPlatformConfig()
if err != nil {
return fmt.Errorf("get platform config: %w", err)
} else if platformConfig.APIKey.SecretName != "" {
} else if platformConfig.APIKey.SecretName != "" || platformConfig.APIKey.Namespace != "" {
return nil
}

Expand All @@ -390,7 +390,7 @@ func (cmd *createHelm) addVCluster(ctx context.Context, vClusterConfig *config.C
return nil
}

err = platform.ApplyPlatformSecret(ctx, cmd.LoadedConfig(cmd.log), cmd.kubeClient, "", cmd.Namespace, cmd.Project, "", "", false, cmd.LoadedConfig(cmd.log).Platform.CertificateAuthorityData)
err = platform.ApplyPlatformSecret(ctx, cmd.LoadedConfig(cmd.log), cmd.kubeClient, "", name, cmd.Namespace, cmd.Project, "", "", false, cmd.LoadedConfig(cmd.log).Platform.CertificateAuthorityData, cmd.log)
if err != nil {
return fmt.Errorf("apply platform secret: %w", err)
}
Expand Down
19 changes: 19 additions & 0 deletions pkg/k8s/k8s.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"fmt"
"io"
"net/http"
"os"
"os/exec"
"strings"
"time"
Expand Down Expand Up @@ -243,6 +244,24 @@ func RunCommand(ctx context.Context, command []string, component string) error {
cmd := exec.CommandContext(ctx, command[0], command[1:]...)
cmd.Stdout = writer.Writer()
cmd.Stderr = writer.Writer()
cmd.Cancel = func() error {
err := cmd.Process.Signal(os.Interrupt)
if err != nil {
return fmt.Errorf("signal %s: %w", command[0], err)
}

state, err := cmd.Process.Wait()
if err == nil && state.Pid() > 0 {
time.Sleep(2 * time.Second)
}

err = cmd.Process.Kill()
if err != nil {
return fmt.Errorf("kill %s: %w", command[0], err)
}

return nil
}
err = cmd.Run()

// make sure we wait for scanner to be done
Expand Down
Loading

0 comments on commit dcfb601

Please sign in to comment.