From 0ab522fe8c79942cfd3fad643071b579327c2087 Mon Sep 17 00:00:00 2001 From: bravof Date: Tue, 23 Nov 2021 19:33:18 -0300 Subject: [PATCH] feature: helm charts repos with certs Change-Id: I427d20f6e184c889de91a384d921eb7edaf00e95 Signed-off-by: bravof --- n2vc/k8s_conn.py | 9 +++++++- n2vc/k8s_helm_base_conn.py | 43 +++++++++++++++++++++++++++++++++----- n2vc/k8s_juju_conn.py | 3 +++ 3 files changed, 49 insertions(+), 6 deletions(-) diff --git a/n2vc/k8s_conn.py b/n2vc/k8s_conn.py index 55b340a..a4b98db 100644 --- a/n2vc/k8s_conn.py +++ b/n2vc/k8s_conn.py @@ -78,7 +78,14 @@ class K8sConnector(abc.ABC, Loggable): @abc.abstractmethod async def repo_add( - self, cluster_uuid: str, name: str, url: str, repo_type: str = "chart" + self, + cluster_uuid: str, + name: str, + url: str, + repo_type: str = "chart", + cert: str = None, + user: str = None, + password: str = None, ): """ Add a new repository to OSM database diff --git a/n2vc/k8s_helm_base_conn.py b/n2vc/k8s_helm_base_conn.py index 703bd73..b72c986 100644 --- a/n2vc/k8s_helm_base_conn.py +++ b/n2vc/k8s_helm_base_conn.py @@ -151,7 +151,14 @@ class K8sHelmBaseConnector(K8sConnector): return cluster_id, n2vc_installed_sw async def repo_add( - self, cluster_uuid: str, name: str, url: str, repo_type: str = "chart" + self, + cluster_uuid: str, + name: str, + url: str, + repo_type: str = "chart", + cert: str = None, + user: str = None, + password: str = None, ): self.log.debug( "Cluster {}, adding {} repository {}. URL: {}".format( @@ -177,9 +184,25 @@ class K8sHelmBaseConnector(K8sConnector): ) # helm repo add name url - command = "env KUBECONFIG={} {} repo add {} {}".format( + command = ("env KUBECONFIG={} {} repo add {} {}").format( paths["kube_config"], self._helm_command, name, url ) + + if cert: + temp_cert_file = os.path.join( + self.fs.path, "{}/helmcerts/".format(cluster_id), "temp.crt" + ) + os.makedirs(os.path.dirname(temp_cert_file), exist_ok=True) + with open(temp_cert_file, "w") as the_cert: + the_cert.write(cert) + command += " --ca-file {}".format(temp_cert_file) + + if user: + command += " --username={}".format(user) + + if password: + command += " --password={}".format(password) + self.log.debug("adding repo: {}".format(command)) await self._local_async_exec( command=command, raise_exception_on_error=True, env=env @@ -1102,9 +1125,19 @@ class K8sHelmBaseConnector(K8sConnector): # add repo self.log.debug("add repo {}".format(db_repo["name"])) - await self.repo_add( - cluster_uuid, db_repo["name"], db_repo["url"] - ) + if "ca_cert" in db_repo: + await self.repo_add( + cluster_uuid, + db_repo["name"], + db_repo["url"], + cert=db_repo["ca_cert"], + ) + else: + await self.repo_add( + cluster_uuid, + db_repo["name"], + db_repo["url"], + ) added_repo_dict[repo_id] = db_repo["name"] except Exception as e: raise K8sException( diff --git a/n2vc/k8s_juju_conn.py b/n2vc/k8s_juju_conn.py index 1704ec0..1e400c2 100644 --- a/n2vc/k8s_juju_conn.py +++ b/n2vc/k8s_juju_conn.py @@ -193,6 +193,9 @@ class K8sJujuConnector(K8sConnector): name: str, url: str, _type: str = "charm", + cert: str = None, + user: str = None, + password: str = None, ): raise MethodNotImplemented() -- 2.17.1