add openshift ex config patch to modify master-config.yaml

Author: deads2k

contrib/completions/bash/openshift

@@ -15537,6 +15537,92 @@ _openshift_ex_build-chain()
     must_have_one_noun=()
 }
 
+_openshift_ex_config_patch()
+{
+    last_command="openshift_ex_config_patch"
+    commands=()
+
+    flags=()
+    two_word_flags=()
+    flags_with_completion=()
+    flags_completion=()
+
+    flags+=("--patch=")
+    two_word_flags+=("-p")
+    flags+=("--type=")
+    flags+=("--api-version=")
+    flags+=("--as=")
+    flags+=("--certificate-authority=")
+    flags_with_completion+=("--certificate-authority")
+    flags_completion+=("_filedir")
+    flags+=("--client-certificate=")
+    flags_with_completion+=("--client-certificate")
+    flags_completion+=("_filedir")
+    flags+=("--client-key=")
+    flags_with_completion+=("--client-key")
+    flags_completion+=("_filedir")
+    flags+=("--cluster=")
+    flags+=("--config=")
+    flags_with_completion+=("--config")
+    flags_completion+=("_filedir")
+    flags+=("--context=")
+    flags+=("--google-json-key=")
+    flags+=("--insecure-skip-tls-verify")
+    flags+=("--log-flush-frequency=")
+    flags+=("--match-server-version")
+    flags+=("--namespace=")
+    two_word_flags+=("-n")
+    flags+=("--server=")
+    flags+=("--token=")
+    flags+=("--user=")
+
+    must_have_one_flag=()
+    must_have_one_flag+=("--patch=")
+    must_have_one_flag+=("-p")
+    must_have_one_noun=()
+}
+
+_openshift_ex_config()
+{
+    last_command="openshift_ex_config"
+    commands=()
+    commands+=("patch")
+
+    flags=()
+    two_word_flags=()
+    flags_with_completion=()
+    flags_completion=()
+
+    flags+=("--api-version=")
+    flags+=("--as=")
+    flags+=("--certificate-authority=")
+    flags_with_completion+=("--certificate-authority")
+    flags_completion+=("_filedir")
+    flags+=("--client-certificate=")
+    flags_with_completion+=("--client-certificate")
+    flags_completion+=("_filedir")
+    flags+=("--client-key=")
+    flags_with_completion+=("--client-key")
+    flags_completion+=("_filedir")
+    flags+=("--cluster=")
+    flags+=("--config=")
+    flags_with_completion+=("--config")
+    flags_completion+=("_filedir")
+    flags+=("--context=")
+    flags+=("--google-json-key=")
+    flags+=("--insecure-skip-tls-verify")
+    flags+=("--log-flush-frequency=")
+    flags+=("--match-server-version")
+    flags+=("--namespace=")
+    two_word_flags+=("-n")
+    flags+=("--server=")
+    flags+=("--token=")
+    flags+=("--user=")
+
+    must_have_one_flag=()
+    must_have_one_noun=()
+}
+
 _openshift_ex_options()
 {
     last_command="openshift_ex_options"
@@ -15698,6 +15784,7 @@ _openshift_ex()
     commands=()
     commands+=("ipfailover")
     commands+=("build-chain")
+    commands+=("config")
     commands+=("options")
     commands+=("sync-groups")
     commands+=("prune-groups")

hack/test-cmd.sh

@@ -182,8 +182,12 @@ openshift start \
   --images="${USE_IMAGES}"
 
 # Don't try this at home.  We don't have flags for setting etcd ports in the config, but we want deconflicted ones.  Use sed to replace defaults in a completely unsafe way
-os::util::sed "s/:4001$/:${ETCD_PORT}/g" ${SERVER_CONFIG_DIR}/master/master-config.yaml
-os::util::sed "s/:7001$/:${ETCD_PEER_PORT}/g" ${SERVER_CONFIG_DIR}/master/master-config.yaml
+cp ${SERVER_CONFIG_DIR}/master/master-config.yaml ${SERVER_CONFIG_DIR}/master/master-config.orig.yaml
+openshift ex config patch ${SERVER_CONFIG_DIR}/master/master-config.orig.yaml --patch="{\"etcdConfig\": {\"address\": \"${ETCD_HOST}:${ETCD_PORT}\"}}" | \
+openshift ex config patch - --patch="{\"etcdConfig\": {\"servingInfo\": {\"bindAddress\": \"${API_HOST}:${ETCD_PORT}\"}}}" | \
+openshift ex config patch - --type json --patch="[{\"op\": \"replace\", \"path\": \"/etcdClientInfo/urls/0\", \"value\": \"${API_SCHEME}://${ETCD_HOST}:${ETCD_PORT}\"},{\"op\": \"remove\", \"path\": \"/etcdClientInfo/urls/1\"}]" | \
+openshift ex config patch - --patch="{\"etcdConfig\": {\"peerAddress\": \"${ETCD_HOST}:${ETCD_PEER_PORT}\"}}" | \
+openshift ex config patch - --patch="{\"etcdConfig\": {\"peerServingInfo\": {\"bindAddress\": \"${API_HOST}:${ETCD_PEER_PORT}\"}}}" > ${SERVER_CONFIG_DIR}/master/master-config.yaml
 
 # Start openshift
 OPENSHIFT_ON_PANIC=crash openshift start master \

hack/util.sh

@@ -84,8 +84,12 @@ function configure_os_server {
 
 
 	# Don't try this at home.  We don't have flags for setting etcd ports in the config, but we want deconflicted ones.  Use sed to replace defaults in a completely unsafe way
-	os::util::sed "s/:4001$/:${ETCD_PORT}/g" ${SERVER_CONFIG_DIR}/master/master-config.yaml
-	os::util::sed "s/:7001$/:${ETCD_PEER_PORT}/g" ${SERVER_CONFIG_DIR}/master/master-config.yaml
+	cp ${SERVER_CONFIG_DIR}/master/master-config.yaml ${SERVER_CONFIG_DIR}/master/master-config.orig.yaml
+	openshift ex config patch ${SERVER_CONFIG_DIR}/master/master-config.orig.yaml --patch="{\"etcdConfig\": {\"address\": \"${ETCD_HOST}:${ETCD_PORT}\"}}" | \
+	openshift ex config patch - --patch="{\"etcdConfig\": {\"servingInfo\": {\"bindAddress\": \"${API_HOST}:${ETCD_PORT}\"}}}" | \
+	openshift ex config patch - --type json --patch="[{\"op\": \"replace\", \"path\": \"/etcdClientInfo/urls/0\", \"value\": \"${API_SCHEME}://${ETCD_HOST}:${ETCD_PORT}\"},{\"op\": \"remove\", \"path\": \"/etcdClientInfo/urls/1\"}]" | \
+	openshift ex config patch - --patch="{\"etcdConfig\": {\"peerAddress\": \"${ETCD_HOST}:${ETCD_PEER_PORT}\"}}" | \
+	openshift ex config patch - --patch="{\"etcdConfig\": {\"peerServingInfo\": {\"bindAddress\": \"${API_HOST}:${ETCD_PEER_PORT}\"}}}" > ${SERVER_CONFIG_DIR}/master/master-config.yaml
 
 
 	# Make oc use ${MASTER_CONFIG_DIR}/admin.kubeconfig, and ignore anything in the running user's $HOME dir

pkg/cmd/experimental/config/config.go

@@ -0,0 +1,29 @@
+package config
+
+import (
+	"io"
+
+	"github.com/spf13/cobra"
+
+	cmdutil "github.com/openshift/origin/pkg/cmd/util"
+	"github.com/openshift/origin/pkg/cmd/util/clientcmd"
+)
+
+const ConfigRecommendedName = "config"
+
+const configLong = `
+Manage cluster configuration files like master-config.yaml.
+`
+
+func NewCmdConfig(name, fullName string, f *clientcmd.Factory, out, errout io.Writer) *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   name,
+		Short: "Manage config",
+		Long:  configLong,
+		Run:   cmdutil.DefaultSubCommandRun(out),
+	}
+
+	cmd.AddCommand(NewCmdPatch(PatchRecommendedName, fullName+" "+PatchRecommendedName, f, out))
+
+	return cmd
+}

pkg/cmd/experimental/config/patch.go

@@ -0,0 +1,169 @@
+package config
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"strings"
+
+	"github.com/evanphx/json-patch"
+	"github.com/spf13/cobra"
+
+	"k8s.io/kubernetes/pkg/api"
+	"k8s.io/kubernetes/pkg/kubectl"
+	cmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
+	"k8s.io/kubernetes/pkg/kubectl/resource"
+	"k8s.io/kubernetes/pkg/runtime"
+	"k8s.io/kubernetes/pkg/util/sets"
+	"k8s.io/kubernetes/pkg/util/strategicpatch"
+	"k8s.io/kubernetes/pkg/util/yaml"
+
+	configapi "github.com/openshift/origin/pkg/cmd/server/api"
+	configapiinstall "github.com/openshift/origin/pkg/cmd/server/api/install"
+	"github.com/openshift/origin/pkg/cmd/util/clientcmd"
+)
+
+const PatchRecommendedName = "patch"
+
+var patchTypes = map[string]api.PatchType{"json": api.JSONPatchType, "merge": api.MergePatchType, "strategic": api.StrategicMergePatchType}
+
+// PatchOptions is the start of the data required to perform the operation.  As new fields are added, add them here instead of
+// referencing the cmd.Flags()
+type PatchOptions struct {
+	Filename  string
+	Patch     string
+	PatchType api.PatchType
+
+	Builder *resource.Builder
+
+	Out io.Writer
+}
+
+const (
+	patch_long    = `Patch the master-config.yaml or node-config.yaml`
+	patch_example = `
+# Set the auditConfig.enabled value to true
+%[1]s openshift.local.config/master/master-config.yaml --patch='{"auditConfig": {"enabled": true}}'`
+)
+
+func NewCmdPatch(name, fullName string, f *clientcmd.Factory, out io.Writer) *cobra.Command {
+	o := &PatchOptions{Out: out}
+
+	cmd := &cobra.Command{
+		Use:     name + " FILENAME -p PATCH",
+		Short:   "Update field(s) of a resource using a patch.",
+		Long:    patch_long,
+		Example: patch_example,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(o.Complete(f, cmd, args))
+			cmdutil.CheckErr(o.Validate())
+			cmdutil.CheckErr(o.RunPatch())
+		},
+	}
+	cmd.Flags().StringVarP(&o.Patch, "patch", "p", "", "The patch to be applied to the resource JSON file.")
+	cmd.MarkFlagRequired("patch")
+	cmd.Flags().String("type", "strategic", fmt.Sprintf("The type of patch being provided; one of %v", sets.StringKeySet(patchTypes).List()))
+
+	return cmd
+}
+
+func (o *PatchOptions) Complete(f *clientcmd.Factory, cmd *cobra.Command, args []string) error {
+	if len(args) != 1 {
+		return fmt.Errorf("exactly one FILENAME is allowed: %v", args)
+	}
+	o.Filename = args[0]
+
+	patchTypeString := strings.ToLower(cmdutil.GetFlagString(cmd, "type"))
+	ok := false
+	o.PatchType, ok = patchTypes[patchTypeString]
+	if !ok {
+		return cmdutil.UsageError(cmd, fmt.Sprintf("--type must be one of %v, not %q", sets.StringKeySet(patchTypes).List(), patchTypeString))
+	}
+
+	o.Builder = resource.NewBuilder(configapiinstall.NewRESTMapper(), configapi.Scheme, resource.DisabledClientForMapping{}, configapi.Codecs.LegacyCodec())
+
+	return nil
+}
+
+func (o *PatchOptions) Validate() error {
+	if len(o.Patch) == 0 {
+		return errors.New("must specify -p to patch")
+	}
+	if len(o.Filename) == 0 {
+		return errors.New("filename is required")
+	}
+
+	return nil
+}
+
+func (o *PatchOptions) RunPatch() error {
+	patchBytes, err := yaml.ToJSON([]byte(o.Patch))
+	if err != nil {
+		return fmt.Errorf("unable to parse %q: %v", o.Patch, err)
+	}
+
+	r := o.Builder.
+		FilenameParam(false, false, o.Filename).
+		Flatten().
+		Do()
+	err = r.Err()
+	if err != nil {
+		return err
+	}
+
+	infos, err := r.Infos()
+	if err != nil {
+		return err
+	}
+	if len(infos) > 1 {
+		return fmt.Errorf("multiple resources provided")
+	}
+	info := infos[0]
+
+	originalObjJS, err := runtime.Encode(configapi.Codecs.LegacyCodec(), info.VersionedObject.(runtime.Object))
+	if err != nil {
+		return err
+	}
+	patchedObj, err := configapi.Scheme.DeepCopy(info.VersionedObject)
+	if err != nil {
+		return err
+	}
+	originalPatchedObjJS, err := getPatchedJS(o.PatchType, originalObjJS, patchBytes, patchedObj.(runtime.Object))
+	if err != nil {
+		return err
+	}
+
+	rawExtension := &runtime.Unknown{
+		Raw: originalPatchedObjJS,
+	}
+	printer, _, err := kubectl.GetPrinter("yaml", "")
+	if err != nil {
+		return err
+	}
+	if err := printer.PrintObj(rawExtension, o.Out); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func getPatchedJS(patchType api.PatchType, originalJS, patchJS []byte, obj runtime.Object) ([]byte, error) {
+	switch patchType {
+	case api.JSONPatchType:
+		patchObj, err := jsonpatch.DecodePatch(patchJS)
+		if err != nil {
+			return nil, err
+		}
+		return patchObj.Apply(originalJS)
+
+	case api.MergePatchType:
+		return jsonpatch.MergePatch(originalJS, patchJS)
+
+	case api.StrategicMergePatchType:
+		return strategicpatch.StrategicMergePatchData(originalJS, patchJS, obj)
+
+	default:
+		// only here as a safety net - go-restful filters content-type
+		return nil, fmt.Errorf("unknown Content-Type header for patch: %v", patchType)
+	}
+}

pkg/cmd/openshift/openshift.go

@@ -15,6 +15,7 @@ import (
 	"github.com/openshift/origin/pkg/cmd/cli"
 	"github.com/openshift/origin/pkg/cmd/cli/cmd"
 	"github.com/openshift/origin/pkg/cmd/experimental/buildchain"
+	configcmd "github.com/openshift/origin/pkg/cmd/experimental/config"
 	exipfailover "github.com/openshift/origin/pkg/cmd/experimental/ipfailover"
 	"github.com/openshift/origin/pkg/cmd/flagtypes"
 	"github.com/openshift/origin/pkg/cmd/infra/builder"
@@ -161,6 +162,7 @@ func newExperimentalCommand(name, fullName string) *cobra.Command {
 	experimental.AddCommand(validate.NewCommandValidate(validate.ValidateRecommendedName, fullName+" "+validate.ValidateRecommendedName, out))
 	experimental.AddCommand(exipfailover.NewCmdIPFailoverConfig(f, fullName, "ipfailover", out, errout))
 	experimental.AddCommand(buildchain.NewCmdBuildChain(name, fullName+" "+buildchain.BuildChainRecommendedCommandName, f, out))
+	experimental.AddCommand(configcmd.NewCmdConfig(configcmd.ConfigRecommendedName, fullName+" "+configcmd.ConfigRecommendedName, f, out, errout))
 	deprecatedDiag := diagnostics.NewCmdDiagnostics(diagnostics.DiagnosticsRecommendedName, fullName+" "+diagnostics.DiagnosticsRecommendedName, out)
 	deprecatedDiag.Deprecated = fmt.Sprintf(`use "oadm %[1]s" to run diagnostics instead.`, diagnostics.DiagnosticsRecommendedName)
 	experimental.AddCommand(deprecatedDiag)

pkg/cmd/server/api/install/install.go

@@ -1,6 +1,8 @@
 package install
 
 import (
+	"fmt"
+
 	"github.com/golang/glog"
 
 	"k8s.io/kubernetes/pkg/api/meta"
@@ -54,3 +56,29 @@ func addVersionsToScheme(externalVersions ...unversioned.GroupVersion) {
 		}
 	}
 }
+
+func interfacesFor(version unversioned.GroupVersion) (*meta.VersionInterfaces, error) {
+	switch version {
+	case configapiv1.SchemeGroupVersion:
+		return &meta.VersionInterfaces{
+			ObjectConvertor:  configapi.Scheme,
+			MetadataAccessor: accessor,
+		}, nil
+
+	default:
+		return nil, fmt.Errorf("unsupported storage version: %s", version)
+	}
+}
+
+func NewRESTMapper() meta.RESTMapper {
+	mapper := meta.NewDefaultRESTMapper(availableVersions, interfacesFor)
+	// enumerate all supported versions, get the kinds, and register with the mapper how to address
+	// our resources.
+	for _, gv := range availableVersions {
+		for kind := range configapi.Scheme.KnownTypes(gv) {
+			mapper.Add(gv.WithKind(kind), meta.RESTScopeRoot)
+		}
+	}
+
+	return mapper
+}