Add remote/util.go helpers to work with KubeConfig Secrets

Signed-off-by: Vince Prignano <[email protected]>

Author: vincepri

pkg/controller/BUILD.bazel

@@ -6,7 +6,7 @@ go_library(
         "add_machinedeployment.go",
         "add_machineset.go",
         "add_node.go",
-        "noderef_controller.go",
+        "controller.go",
     ],
     importpath = "sigs.k8s.io/cluster-api/pkg/controller",
     visibility = ["//visibility:public"],

pkg/controller/cluster/BUILD.bazel

@@ -14,6 +14,7 @@ go_library(
         "//pkg/controller/error:go_default_library",
         "//pkg/util:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
         "//vendor/k8s.io/klog:go_default_library",
         "//vendor/sigs.k8s.io/controller-runtime/pkg/client:go_default_library",

pkg/controller/remote/BUILD.bazel

@@ -0,0 +1,13 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = ["util.go"],
+    importpath = "sigs.k8s.io/cluster-api/pkg/controller/remote",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//vendor/github.com/pkg/errors:go_default_library",
+        "//vendor/k8s.io/api/core/v1:go_default_library",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/client:go_default_library",
+    ],
+)

pkg/controller/remote/util.go

@@ -0,0 +1,68 @@
+/*
+Copyright 2019 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remote
+
+import (
+	"context"
+	"encoding/base64"
+	"fmt"
+
+	"github.com/pkg/errors"
+	corev1 "k8s.io/api/core/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+const (
+	kubeconfigSecretKey = "value"
+)
+
+// KubeConfigSecretName generates the expected name for the Kubeconfig secret
+// to access a remote cluster given the cluster's name.
+func KubeConfigSecretName(cluster string) string {
+	return fmt.Sprintf("%s-kubeconfig", cluster)
+}
+
+// GetKubeConfigSecret retrieves the KubeConfig Secret (if any)
+// from the given cluster name and namespace.
+func GetKubeConfigSecret(c client.Client, cluster, namespace string) (*corev1.Secret, error) {
+	secret := &corev1.Secret{}
+	secretKey := client.ObjectKey{
+		Namespace: namespace,
+		Name:      KubeConfigSecretName(cluster),
+	}
+
+	if err := c.Get(context.TODO(), secretKey, secret); err != nil {
+		return nil, err
+	}
+
+	return secret, nil
+}
+
+// DecodeKubeConfigSecret uses the Secret to retrieve and decode the data.
+func DecodeKubeConfigSecret(secret *corev1.Secret) ([]byte, error) {
+	encodedKubeconfig, ok := secret.Data[kubeconfigSecretKey]
+	if !ok {
+		return nil, errors.Errorf("missing value in secret %s/%s", secret.Namespace, secret.Name)
+	}
+
+	kubeconfig, err := base64.StdEncoding.DecodeString(string(encodedKubeconfig))
+	if err != nil {
+		return nil, errors.Wrapf(err, "cannot decode kubeconfig secret %s/%s", secret.Namespace, secret.Name)
+	}
+
+	return kubeconfig, nil
+}