Skip to content

Commit 06a941d

Browse files
openshift-merge-robotopenshift-merge-robot
authored
Merge pull request #20558 from juanvallejo/jvallejo/update-sa-cmds
update serviceaccount cmds to use externals
2 parents fffca53 + d98a37b commit 06a941d

File tree

12 files changed

+125
-152
lines changed

12 files changed

+125
-152
lines changed

hack/import-restrictions.json

-2
Original file line numberDiff line numberDiff line change
@@ -569,8 +569,6 @@
569569
"github.com/openshift/origin/pkg/security/apis/security",
570570
"github.com/openshift/origin/pkg/security/securitycontextconstraints",
571571
"github.com/openshift/origin/pkg/security/securitycontextconstraints/util",
572-
"github.com/openshift/origin/pkg/serviceaccounts",
573-
"github.com/openshift/origin/pkg/serviceaccounts/util",
574572
"github.com/openshift/origin/pkg/service/admission",
575573
"github.com/openshift/origin/pkg/template/apis/template",
576574
"github.com/openshift/origin/pkg/template/apis/template/validation",

pkg/oc/cli/export/exporter.go

+3-3
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,8 @@ import (
1616
appsapi "github.com/openshift/origin/pkg/apps/apis/apps"
1717
buildapi "github.com/openshift/origin/pkg/build/apis/build"
1818
imageapi "github.com/openshift/origin/pkg/image/apis/image"
19+
osautil "github.com/openshift/origin/pkg/oc/lib/serviceaccount"
1920
routeapi "github.com/openshift/origin/pkg/route/apis/route"
20-
osautil "github.com/openshift/origin/pkg/serviceaccounts/util"
2121
)
2222

2323
var ErrExportOmit = fmt.Errorf("object is omitted")
@@ -103,7 +103,7 @@ func (e *DefaultExporter) Export(obj runtime.Object, exact bool) error {
103103
return nil
104104
}
105105

106-
dockercfgSecretPrefix := osautil.GetDockercfgSecretNamePrefix(t)
106+
dockercfgSecretPrefix := osautil.GetDockercfgSecretNamePrefix(t.Name)
107107
newImagePullSecrets := []kapi.LocalObjectReference{}
108108
for _, secretRef := range t.ImagePullSecrets {
109109
if strings.HasPrefix(secretRef.Name, dockercfgSecretPrefix) {
@@ -113,7 +113,7 @@ func (e *DefaultExporter) Export(obj runtime.Object, exact bool) error {
113113
}
114114
t.ImagePullSecrets = newImagePullSecrets
115115

116-
tokenSecretPrefix := osautil.GetTokenSecretNamePrefix(t)
116+
tokenSecretPrefix := osautil.GetTokenSecretNamePrefix(t.Name)
117117
newMountableSecrets := []kapi.ObjectReference{}
118118
for _, secretRef := range t.Secrets {
119119
if strings.HasPrefix(secretRef.Name, dockercfgSecretPrefix) ||

pkg/oc/cli/export/exporter_test.go

+10-10
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ import (
1212
appsapi "github.com/openshift/origin/pkg/apps/apis/apps"
1313
appstest "github.com/openshift/origin/pkg/apps/apis/apps/internaltest"
1414
imageapi "github.com/openshift/origin/pkg/image/apis/image"
15-
osautil "github.com/openshift/origin/pkg/serviceaccounts/util"
15+
osautil "github.com/openshift/origin/pkg/oc/lib/serviceaccount"
1616
)
1717

1818
func TestExport(t *testing.T) {
@@ -93,12 +93,12 @@ func TestExport(t *testing.T) {
9393
Name: baseSA.Name,
9494
},
9595
ImagePullSecrets: []kapi.LocalObjectReference{
96-
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA) + "-foo"},
96+
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA.Name) + "-foo"},
9797
{Name: "another-pull-secret"},
9898
},
9999
Secrets: []kapi.ObjectReference{
100-
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA) + "-foo"},
101-
{Name: osautil.GetTokenSecretNamePrefix(baseSA) + "-foo"},
100+
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA.Name) + "-foo"},
101+
{Name: osautil.GetTokenSecretNamePrefix(baseSA.Name) + "-foo"},
102102
{Name: "another-mountable-secret"},
103103
},
104104
},
@@ -122,12 +122,12 @@ func TestExport(t *testing.T) {
122122
Name: baseSA.Name,
123123
},
124124
ImagePullSecrets: []kapi.LocalObjectReference{
125-
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA) + "-foo"},
125+
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA.Name) + "-foo"},
126126
{Name: "another-pull-secret"},
127127
},
128128
Secrets: []kapi.ObjectReference{
129-
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA) + "-foo"},
130-
{Name: osautil.GetTokenSecretNamePrefix(baseSA) + "-foo"},
129+
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA.Name) + "-foo"},
130+
{Name: osautil.GetTokenSecretNamePrefix(baseSA.Name) + "-foo"},
131131
{Name: "another-mountable-secret"},
132132
},
133133
},
@@ -136,12 +136,12 @@ func TestExport(t *testing.T) {
136136
Name: baseSA.Name,
137137
},
138138
ImagePullSecrets: []kapi.LocalObjectReference{
139-
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA) + "-foo"},
139+
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA.Name) + "-foo"},
140140
{Name: "another-pull-secret"},
141141
},
142142
Secrets: []kapi.ObjectReference{
143-
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA) + "-foo"},
144-
{Name: osautil.GetTokenSecretNamePrefix(baseSA) + "-foo"},
143+
{Name: osautil.GetDockercfgSecretNamePrefix(baseSA.Name) + "-foo"},
144+
{Name: osautil.GetTokenSecretNamePrefix(baseSA.Name) + "-foo"},
145145
{Name: "another-mountable-secret"},
146146
},
147147
},

pkg/oc/cli/serviceaccounts/create_kubeconfig.go

+18-18
Original file line numberDiff line numberDiff line change
@@ -3,20 +3,18 @@ package serviceaccounts
33
import (
44
"errors"
55
"fmt"
6-
"io"
7-
"os"
86

97
"github.com/spf13/cobra"
108

9+
corev1 "k8s.io/api/core/v1"
1110
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
11+
corev1client "k8s.io/client-go/kubernetes/typed/core/v1"
1212
kclientcmd "k8s.io/client-go/tools/clientcmd"
1313
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
14-
kapi "k8s.io/kubernetes/pkg/apis/core"
15-
kcoreclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion"
1614
"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
1715
cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
18-
19-
"github.com/openshift/origin/pkg/serviceaccounts"
16+
"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
17+
sautil "k8s.io/kubernetes/pkg/serviceaccount"
2018
)
2119

2220
const (
@@ -46,20 +44,22 @@ var (
4644

4745
type CreateKubeconfigOptions struct {
4846
SAName string
49-
SAClient kcoreclient.ServiceAccountInterface
50-
SecretsClient kcoreclient.SecretInterface
47+
SAClient corev1client.ServiceAccountInterface
48+
SecretsClient corev1client.SecretInterface
5149
RawConfig clientcmdapi.Config
5250
ContextNamespace string
5351

54-
Out io.Writer
55-
Err io.Writer
52+
genericclioptions.IOStreams
5653
}
5754

58-
func NewCommandCreateKubeconfig(name, fullname string, f cmdutil.Factory, out io.Writer) *cobra.Command {
59-
options := &CreateKubeconfigOptions{
60-
Out: out,
61-
Err: os.Stderr,
55+
func NewCreateKubeconfigOptions(streams genericclioptions.IOStreams) *CreateKubeconfigOptions {
56+
return &CreateKubeconfigOptions{
57+
IOStreams: streams,
6258
}
59+
}
60+
61+
func NewCommandCreateKubeconfig(name, fullname string, f cmdutil.Factory, streams genericclioptions.IOStreams) *cobra.Command {
62+
options := NewCreateKubeconfigOptions(streams)
6363

6464
cmd := &cobra.Command{
6565
Use: fmt.Sprintf(createKubeconfigUsage, name),
@@ -87,7 +87,7 @@ func (o *CreateKubeconfigOptions) Complete(args []string, f cmdutil.Factory, cmd
8787
if err != nil {
8888
return err
8989
}
90-
client, err := kcoreclient.NewForConfig(clientConfig)
90+
client, err := corev1client.NewForConfig(clientConfig)
9191
if err != nil {
9292
return err
9393
}
@@ -120,7 +120,7 @@ func (o *CreateKubeconfigOptions) Validate() error {
120120
return errors.New("API clients must not be nil in order to create a new service account token")
121121
}
122122

123-
if o.Out == nil || o.Err == nil {
123+
if o.Out == nil || o.ErrOut == nil {
124124
return errors.New("cannot proceed if output or error writers are nil")
125125
}
126126

@@ -139,8 +139,8 @@ func (o *CreateKubeconfigOptions) Run() error {
139139
continue
140140
}
141141

142-
if serviceaccounts.IsValidServiceAccountToken(serviceAccount, secret) {
143-
token, exists := secret.Data[kapi.ServiceAccountTokenKey]
142+
if sautil.IsServiceAccountToken(secret, serviceAccount) {
143+
token, exists := secret.Data[corev1.ServiceAccountTokenKey]
144144
if !exists {
145145
return fmt.Errorf("service account token %q for service account %q did not contain token data", secret.Name, serviceAccount.Name)
146146
}

pkg/oc/cli/serviceaccounts/gettoken.go

+16-15
Original file line numberDiff line numberDiff line change
@@ -3,19 +3,18 @@ package serviceaccounts
33
import (
44
"errors"
55
"fmt"
6-
"io"
7-
"os"
86

97
"github.com/spf13/cobra"
108

119
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
10+
corev1client "k8s.io/client-go/kubernetes/typed/core/v1"
1211
kapi "k8s.io/kubernetes/pkg/apis/core"
13-
kcoreclient "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset/typed/core/internalversion"
1412
"k8s.io/kubernetes/pkg/kubectl/cmd/templates"
1513
cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
14+
"k8s.io/kubernetes/pkg/kubectl/genericclioptions"
15+
sautil "k8s.io/kubernetes/pkg/serviceaccount"
1616

1717
"github.com/openshift/origin/pkg/cmd/util/term"
18-
"github.com/openshift/origin/pkg/serviceaccounts"
1918
)
2019

2120
const (
@@ -43,18 +42,20 @@ var (
4342

4443
type GetServiceAccountTokenOptions struct {
4544
SAName string
46-
SAClient kcoreclient.ServiceAccountInterface
47-
SecretsClient kcoreclient.SecretInterface
45+
SAClient corev1client.ServiceAccountInterface
46+
SecretsClient corev1client.SecretInterface
4847

49-
Out io.Writer
50-
Err io.Writer
48+
genericclioptions.IOStreams
5149
}
5250

53-
func NewCommandGetServiceAccountToken(name, fullname string, f cmdutil.Factory, out io.Writer) *cobra.Command {
54-
options := &GetServiceAccountTokenOptions{
55-
Out: out,
56-
Err: os.Stderr,
51+
func NewGetServiceAccountTokenOptions(streams genericclioptions.IOStreams) *GetServiceAccountTokenOptions {
52+
return &GetServiceAccountTokenOptions{
53+
IOStreams: streams,
5754
}
55+
}
56+
57+
func NewCommandGetServiceAccountToken(name, fullname string, f cmdutil.Factory, streams genericclioptions.IOStreams) *cobra.Command {
58+
options := NewGetServiceAccountTokenOptions(streams)
5859

5960
getServiceAccountTokenCommand := &cobra.Command{
6061
Use: fmt.Sprintf(getServiceAccountTokenUsage, name),
@@ -82,7 +83,7 @@ func (o *GetServiceAccountTokenOptions) Complete(args []string, f cmdutil.Factor
8283
if err != nil {
8384
return err
8485
}
85-
client, err := kcoreclient.NewForConfig(clientConfig)
86+
client, err := corev1client.NewForConfig(clientConfig)
8687
if err != nil {
8788
return err
8889
}
@@ -105,7 +106,7 @@ func (o *GetServiceAccountTokenOptions) Validate() error {
105106
return errors.New("API clients must not be nil in order to create a new service account token")
106107
}
107108

108-
if o.Out == nil || o.Err == nil {
109+
if o.Out == nil || o.ErrOut == nil {
109110
return errors.New("cannot proceed if output or error writers are nil")
110111
}
111112

@@ -124,7 +125,7 @@ func (o *GetServiceAccountTokenOptions) Run() error {
124125
continue
125126
}
126127

127-
if serviceaccounts.IsValidServiceAccountToken(serviceAccount, secret) {
128+
if sautil.IsServiceAccountToken(secret, serviceAccount) {
128129
token, exists := secret.Data[kapi.ServiceAccountTokenKey]
129130
if !exists {
130131
return fmt.Errorf("service account token %q for service account %q did not contain token data", secret.Name, serviceAccount.Name)

0 commit comments

Comments
 (0)