2020"""
2121
2222import abc
23- import openshift as oc
24- from openshift import OpenShiftPythonException
23+ from kubernetes import client , config
24+
25+ global api_client
26+ api_client = None
27+ global config_path
28+ config_path = None
2529
2630
2731class Authentication (metaclass = abc .ABCMeta ):
@@ -43,80 +47,131 @@ def logout(self):
4347 pass
4448
4549
50+ class KubeConfiguration (metaclass = abc .ABCMeta ):
51+ """
52+ An abstract class that defines the method for loading a user defined config file using the `load_kube_config()` function
53+ """
54+
55+ def load_kube_config (self ):
56+ """
57+ Method for setting your Kubernetes configuration to a certain file
58+ """
59+ pass
60+
61+ def logout (self ):
62+ """
63+ Method for logging out of the remote cluster
64+ """
65+ pass
66+
67+
4668class TokenAuthentication (Authentication ):
4769 """
48- `TokenAuthentication` is a subclass of `Authentication`. It can be used to authenticate to an OpenShift
70+ `TokenAuthentication` is a subclass of `Authentication`. It can be used to authenticate to a Kubernetes
4971 cluster when the user has an API token and the API server address.
5072 """
5173
52- def __init__ (self , token : str = None , server : str = None , skip_tls : bool = False ):
74+ def __init__ (
75+ self ,
76+ token : str ,
77+ server : str ,
78+ skip_tls : bool = False ,
79+ ca_cert_path : str = None ,
80+ ):
5381 """
5482 Initialize a TokenAuthentication object that requires a value for `token`, the API Token
55- and `server`, the API server address for authenticating to an OpenShift cluster.
83+ and `server`, the API server address for authenticating to a Kubernetes cluster.
5684 """
5785
5886 self .token = token
5987 self .server = server
6088 self .skip_tls = skip_tls
89+ self .ca_cert_path = ca_cert_path
6190
6291 def login (self ) -> str :
6392 """
64- This function is used to login to an OpenShift cluster using the user's API token and API server address.
65- Depending on the cluster, a user can choose to login in with " --insecure-skip-tls-verify` by setting `skip_tls`
66- to `True`.
93+ This function is used to log in to a Kubernetes cluster using the user's API token and API server address.
94+ Depending on the cluster, a user can choose to login in with ` --insecure-skip-tls-verify` by setting `skip_tls`
95+ to `True` or `--certificate-authority` by setting `skip_tls` to False and providing a path to a ca bundle with `ca_cert_path` .
6796 """
68- args = [f"--token={ self .token } , f"--server={ self .server } ]
69- if self .skip_tls :
70- args .append ("--insecure-skip-tls-verify" )
97+ global config_path
98+ global api_client
7199 try :
72- response = oc .invoke ("login" , args )
73- except OpenShiftPythonException as osp : # pragma: no cover
74- error_msg = osp .result .err ()
75- if "The server uses a certificate signed by unknown authority" in error_msg :
76- return "Error: certificate auth failure, please set `skip_tls=True` in TokenAuthentication"
77- elif "invalid" in error_msg :
78- raise PermissionError (error_msg )
100+ configuration = client .Configuration ()
101+ configuration .api_key_prefix ["authorization" ] = "Bearer"
102+ configuration .host = self .server
103+ configuration .api_key ["authorization" ] = self .token
104+ if self .skip_tls == False and self .ca_cert_path == None :
105+ configuration .verify_ssl = True
106+ elif self .skip_tls == False :
107+ configuration .ssl_ca_cert = self .ca_cert_path
79108 else :
80- return error_msg
81- return response .out ()
109+ configuration .verify_ssl = False
110+ api_client = client .ApiClient (configuration )
111+ client .AuthenticationApi (api_client ).get_api_group ()
112+ config_path = None
113+ return "Logged into %s" % self .server
114+ except client .ApiException : # pragma: no cover
115+ api_client = None
116+ print ("Authentication Error please provide the correct token + server" )
82117
83118 def logout (self ) -> str :
84119 """
85- This function is used to logout of an OpenShift cluster.
120+ This function is used to logout of a Kubernetes cluster.
86121 """
87- args = [f"--token={ self .token } , f"--server={ self .server } ]
88- response = oc .invoke ("logout" , args )
89- return response .out ()
122+ global config_path
123+ config_path = None
124+ global api_client
125+ api_client = None
126+ return "Successfully logged out of %s" % self .server
90127
91128
92- class PasswordUserAuthentication ( Authentication ):
129+ class KubeConfigFileAuthentication ( KubeConfiguration ):
93130 """
94- `PasswordUserAuthentication` is a subclass of `Authentication`. It can be used to authenticate to an OpenShift
95- cluster when the user has a username and password .
131+ A class that defines the necessary methods for passing a user's own Kubernetes config file.
132+ Specifically this class defines the `load_kube_config()` and `config_check()` functions .
96133 """
97134
98- def __init__ (
99- self ,
100- username : str = None ,
101- password : str = None ,
102- ):
103- """
104- Initialize a PasswordUserAuthentication object that requires a value for `username`
105- and `password` for authenticating to an OpenShift cluster.
106- """
107- self .username = username
108- self .password = password
135+ def __init__ (self , kube_config_path : str = None ):
136+ self .kube_config_path = kube_config_path
109137
110- def login (self ) -> str :
138+ def load_kube_config (self ):
111139 """
112- This function is used to login to an OpenShift cluster using the user's `username` and `password` .
140+ Function for loading a user's own predefined Kubernetes config file .
113141 """
114- response = oc .login (self .username , self .password )
115- return response .out ()
142+ global config_path
143+ global api_client
144+ try :
145+ if self .kube_config_path == None :
146+ return "Please specify a config file path"
147+ config_path = self .kube_config_path
148+ api_client = None
149+ config .load_kube_config (config_path )
150+ response = "Loaded user config file at path %s" % self .kube_config_path
151+ except config .ConfigException : # pragma: no cover
152+ config_path = None
153+ raise Exception ("Please specify a config file path" )
154+ return response
155+
156+
157+ def config_check () -> str :
158+ """
159+ Function for loading the config file at the default config location ~/.kube/config if the user has not
160+ specified their own config file or has logged in with their token and server.
161+ """
162+ global config_path
163+ global api_client
164+ if config_path == None and api_client == None :
165+ config .load_kube_config ()
166+ if config_path != None and api_client == None :
167+ return config_path
116168
117- def logout (self ) -> str :
118- """
119- This function is used to logout of an OpenShift cluster.
120- """
121- response = oc .invoke ("logout" )
122- return response .out ()
169+
170+ def api_config_handler () -> str :
171+ """
172+ This function is used to load the api client if the user has logged in
173+ """
174+ if api_client != None and config_path == None :
175+ return api_client
176+ else :
177+ return None
0 commit comments