openshift · openshift-merge-robot · Aug 30, 2018 · Aug 24, 2018 · Aug 22, 2018 · Aug 24, 2018
diff --git a/Documentation/design/resource_dep.dot b/Documentation/design/resource_dep.dot
@@ -76,8 +76,8 @@ strict digraph resource {
   // Kubeconfigs
   {
     node [style=filled,color=lightblue];
-    kubelet_kubeconfig [label="kubeconfig-kubelet"];
-    kubeconfig [label="kubeconfig"];
+    kubeconfig_admin [label="kubeconfig-admin"];
+    kubeconfig_kubelet [label="kubeconfig-kubelet"];
   }
 
 
@@ -106,8 +106,8 @@ strict digraph resource {
   root_ca_bundle -> mcc_bundle;
   install_config -> mcc_bundle;
 
-  root_ca_bundle -> kubeconfig;
-  root_ca_bundle -> kubelet_kubeconfig;
+  root_ca_bundle -> kubeconfig_admin;
+  root_ca_bundle -> kubeconfig_kubelet;
   root_ca_bundle -> bootstrap_control_plane;
   root_ca_bundle -> master_ignition;
   root_ca_bundle -> worker_ignition;
@@ -131,12 +131,12 @@ strict digraph resource {
   aggregator_ca_bundle -> clusterapi_apiserver_bundle;
   aggregator_ca_bundle -> bootstrap_ignition;
 
-  admin_bundle -> kubeconfig;
+  admin_bundle -> kubeconfig_admin;
 
-  kubelet_bundle -> kubelet_kubeconfig;
+  kubelet_bundle -> kubeconfig_kubelet;
 
-  install_config -> kubeconfig;
-  install_config -> kubelet_kubeconfig;
+  install_config -> kubeconfig_admin;
+  install_config -> kubeconfig_kubelet;
 
   apiserver_bundle -> bootstrap_control_plane;
 
@@ -164,8 +164,8 @@ strict digraph resource {
   bootstrap_control_plane -> bootstrap_ignition;
   misc_manifests -> bootstrap_ignition;
 
-  kubelet_kubeconfig -> bootstrap_ignition;
-  kubelet_kubeconfig -> master_ignition;
+  kubeconfig_kubelet -> bootstrap_ignition;
+  kubeconfig_kubelet -> master_ignition;
 
   bootstrap_ignition -> terraform_state;
   master_ignition -> terraform_state;
@@ -196,9 +196,9 @@ strict digraph resource {
   bootstrap_control_plane -> manifests;
   misc_manifests -> manifests;
 
-  kubelet_kubeconfig -> manifests;
-  kubeconfig -> manifests;
-  kubeconfig -> cluster;
+  kubeconfig_kubelet -> manifests;
+  kubeconfig_admin -> manifests;
+  kubeconfig_admin -> cluster;
 
   bootstrap_ignition -> ignition_configs;
   master_ignition -> ignition_configs;

diff --git a/Documentation/design/resource_dep.svg b/Documentation/design/resource_dep.svg
diff --git a/glide.lock b/glide.lock
diff --git a/pkg/asset/asset.go b/pkg/asset/asset.go
@@ -1,5 +1,10 @@
 package asset
 
+import (
+	"fmt"
+	"path/filepath"
+)
+
 // Asset used to install OpenShift.
 type Asset interface {
 	// Dependencies returns the assets upon which this asset directly depends.
@@ -8,3 +13,19 @@ type Asset interface {
 	// Generate generates this asset given the states of its dependent assets.
 	Generate(map[Asset]*State) (*State, error)
 }
+
+// GetDataByFilename searches the file in the asset.State.Contents, and returns its data.
+// filename is the base name of the file.
+func GetDataByFilename(a Asset, parents map[Asset]*State, filename string) ([]byte, error) {
+	st, ok := parents[a]
+	if !ok {
+		return nil, fmt.Errorf("failed to find %T in parents", a)
+	}
+
+	for _, c := range st.Contents {
+		if filepath.Base(c.Name) == filename {
+			return c.Data, nil
+		}
+	}
+	return nil, fmt.Errorf("failed to find data in %v with filename == %q", st, filename)
+}
diff --git a/pkg/asset/installconfig/installconfig.go b/pkg/asset/installconfig/installconfig.go
@@ -97,3 +97,19 @@ func (a *installConfig) Generate(dependencies map[asset.Asset]*asset.State) (*as
 
 	return state, nil
 }
+
+// GetInstallConfig returns the *types.InstallConfig from the parent asset map.
+func GetInstallConfig(installConfig asset.Asset, parents map[asset.Asset]*asset.State) (*types.InstallConfig, error) {
+	var cfg types.InstallConfig
+
+	st, ok := parents[installConfig]
+	if !ok {
+		return nil, fmt.Errorf("failed to find %T in parents", installConfig)
+	}
+
+	if err := yaml.Unmarshal(st.Contents[0].Data, &cfg); err != nil {
+		return nil, fmt.Errorf("failed to unmarshal the installconfig: %v", err)
+	}
+
+	return &cfg, nil
+}
diff --git a/pkg/asset/kubeconfig/doc.go b/pkg/asset/kubeconfig/doc.go
@@ -0,0 +1,2 @@
+// Package kubeconfig defines and generates the kubeconfig assets.
+package kubeconfig
diff --git a/pkg/asset/kubeconfig/kubeconfig.go b/pkg/asset/kubeconfig/kubeconfig.go
@@ -0,0 +1,122 @@
+package kubeconfig
+
+import (
+	"fmt"
+	"path/filepath"
+
+	"github.com/ghodss/yaml"
+	"github.com/openshift/installer/pkg/asset"
+	"github.com/openshift/installer/pkg/asset/installconfig"
+	"github.com/openshift/installer/pkg/asset/tls"
+	clientcmd "k8s.io/client-go/tools/clientcmd/api/v1"
+)
+
+const (
+	// KubeconfigUserNameAdmin is the user name of the admin kubeconfig.
+	KubeconfigUserNameAdmin = "admin"
+	// KubeconfigUserNameKubelet is the user name of the kubelet kubeconfig.
+	KubeconfigUserNameKubelet = "kubelet"
+)
+
+// Kubeconfig implements the asset.Asset interface that generates
+// the admin kubeconfig and kubelet kubeconfig.
+type Kubeconfig struct {
+	rootDir       string
+	userName      string // admin or kubelet.
+	rootCA        asset.Asset
+	certKey       asset.Asset
+	installConfig asset.Asset
+}
+
+var _ asset.Asset = (*Kubeconfig)(nil)
+
+// Dependencies returns the dependency of the kubeconfig.
+func (k *Kubeconfig) Dependencies() []asset.Asset {
+	return []asset.Asset{
+		k.rootCA,
+		k.certKey,
+		k.installConfig,
+	}
+}
+
+// Generate generates the kubeconfig.
+func (k *Kubeconfig) Generate(parents map[asset.Asset]*asset.State) (*asset.State, error) {
+	var err error
+
+	caCertData, err := asset.GetDataByFilename(k.rootCA, parents, tls.RootCACertName)
+	if err != nil {
+		return nil, err
+	}
+
+	var keyFilename, certFilename string
+	switch k.userName {
+	case KubeconfigUserNameAdmin:
+		keyFilename, certFilename = tls.AdminKeyName, tls.AdminCertName
+	case KubeconfigUserNameKubelet:
+		keyFilename, certFilename = tls.KubeletKeyName, tls.KubeletCertName
+	}
+	clientKeyData, err := asset.GetDataByFilename(k.certKey, parents, keyFilename)
+	if err != nil {
+		return nil, err
+	}
+	clientCertData, err := asset.GetDataByFilename(k.certKey, parents, certFilename)
+	if err != nil {
+		return nil, err
+	}
+	installConfig, err := installconfig.GetInstallConfig(k.installConfig, parents)
+	if err != nil {
+		return nil, err
+	}
+
+	kubeconfig := clientcmd.Config{
+		Clusters: []clientcmd.NamedCluster{
+			{
+				Name: installConfig.Name,
+				Cluster: clientcmd.Cluster{
+					Server: fmt.Sprintf("https://%s-api.%s:6443", installConfig.Name, installConfig.BaseDomain),
+					CertificateAuthorityData: caCertData,
+				},
+			},
+		},
+		AuthInfos: []clientcmd.NamedAuthInfo{
+			{
+				Name: k.userName,
+				AuthInfo: clientcmd.AuthInfo{
+					ClientCertificateData: clientCertData,
+					ClientKeyData:         clientKeyData,
+				},
+			},
+		},
+		Contexts: []clientcmd.NamedContext{
+			{
+				Name: k.userName,
+				Context: clientcmd.Context{
+					Cluster:  installConfig.Name,
+					AuthInfo: k.userName,
+				},
+			},
+		},
+		CurrentContext: k.userName,
+	}
+
+	data, err := yaml.Marshal(kubeconfig)
+	if err != nil {
+		return nil, err
+	}
+
+	st := &asset.State{
+		Contents: []asset.Content{
+			{
+				// E.g. generated/auth/kubeconfig-admin.
+				Name: filepath.Join(k.rootDir, "auth", fmt.Sprintf("kubeconfig-%s", k.userName)),
+				Data: data,
+			},
+		},
+	}
+
+	if err := st.PersistToFile(); err != nil {
+		return nil, err
+	}
+
+	return st, nil
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		// Package kubeconfig defines and generates the kubeconfig assets.
		package kubeconfig