From afdde383210294c3da573decc44b5ce55cffcb94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arda=20G=C3=BC=C3=A7l=C3=BC?= Date: Mon, 20 Dec 2021 21:12:56 +0300 Subject: [PATCH] Enable setting proxyurl in kubeconfig via kubectl config (#105566) * Enable setting proxyurl in kubeconfig via kubectl config This PR enables setting `proxy-url` in kubeconfig via kubectl config. * Add godoc for proxy-url unit tests --- .../client-go/tools/clientcmd/overrides.go | 4 + .../kubectl/pkg/cmd/config/create_cluster.go | 11 ++- .../pkg/cmd/config/create_cluster_test.go | 80 +++++++++++++++++++ 3 files changed, 94 insertions(+), 1 deletion(-) diff --git a/staging/src/k8s.io/client-go/tools/clientcmd/overrides.go b/staging/src/k8s.io/client-go/tools/clientcmd/overrides.go index ff643cc13da..4c290db5547 100644 --- a/staging/src/k8s.io/client-go/tools/clientcmd/overrides.go +++ b/staging/src/k8s.io/client-go/tools/clientcmd/overrides.go @@ -73,6 +73,7 @@ type ClusterOverrideFlags struct { CertificateAuthority FlagInfo InsecureSkipTLSVerify FlagInfo TLSServerName FlagInfo + ProxyURL FlagInfo } // FlagInfo contains information about how to register a flag. This struct is useful if you want to provide a way for an extender to @@ -160,6 +161,7 @@ const ( FlagUsername = "username" FlagPassword = "password" FlagTimeout = "request-timeout" + FlagProxyURL = "proxy-url" ) // RecommendedConfigOverrideFlags is a convenience method to return recommended flag names prefixed with a string of your choosing @@ -195,6 +197,7 @@ func RecommendedClusterOverrideFlags(prefix string) ClusterOverrideFlags { CertificateAuthority: FlagInfo{prefix + FlagCAFile, "", "", "Path to a cert file for the certificate authority"}, InsecureSkipTLSVerify: FlagInfo{prefix + FlagInsecure, "", "false", "If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure"}, TLSServerName: FlagInfo{prefix + FlagTLSServerName, "", "", "If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used."}, + ProxyURL: FlagInfo{prefix + FlagProxyURL, "", "", "If provided, this URL will be used to connect via proxy"}, } } @@ -234,6 +237,7 @@ func BindClusterFlags(clusterInfo *clientcmdapi.Cluster, flags *pflag.FlagSet, f flagNames.CertificateAuthority.BindStringFlag(flags, &clusterInfo.CertificateAuthority) flagNames.InsecureSkipTLSVerify.BindBoolFlag(flags, &clusterInfo.InsecureSkipTLSVerify) flagNames.TLSServerName.BindStringFlag(flags, &clusterInfo.TLSServerName) + flagNames.ProxyURL.BindStringFlag(flags, &clusterInfo.ProxyURL) } // BindFlags is a convenience method to bind the specified flags to their associated variables diff --git a/staging/src/k8s.io/kubectl/pkg/cmd/config/create_cluster.go b/staging/src/k8s.io/kubectl/pkg/cmd/config/create_cluster.go index 3a48a7e592c..9d45045169f 100644 --- a/staging/src/k8s.io/kubectl/pkg/cmd/config/create_cluster.go +++ b/staging/src/k8s.io/kubectl/pkg/cmd/config/create_cluster.go @@ -41,6 +41,7 @@ type createClusterOptions struct { insecureSkipTLSVerify cliflag.Tristate certificateAuthority cliflag.StringFlag embedCAData cliflag.Tristate + proxyURL cliflag.StringFlag } var ( @@ -60,7 +61,10 @@ var ( kubectl config set-cluster e2e --insecure-skip-tls-verify=true # Set custom TLS server name to use for validation for the e2e cluster entry - kubectl config set-cluster e2e --tls-server-name=my-cluster-name`) + kubectl config set-cluster e2e --tls-server-name=my-cluster-name + + # Set proxy url for the e2e cluster entry + kubectl config set-cluster e2e --proxy-url=https://1.2.3.4`) ) // NewCmdConfigSetCluster returns a Command instance for 'config set-cluster' sub command @@ -90,6 +94,7 @@ func NewCmdConfigSetCluster(out io.Writer, configAccess clientcmd.ConfigAccess) cmd.MarkFlagFilename(clientcmd.FlagCAFile) f = cmd.Flags().VarPF(&options.embedCAData, clientcmd.FlagEmbedCerts, "", clientcmd.FlagEmbedCerts+" for the cluster entry in kubeconfig") f.NoOptDefVal = "true" + cmd.Flags().Var(&options.proxyURL, clientcmd.FlagProxyURL, clientcmd.FlagProxyURL+" for the cluster entry in kubeconfig") return cmd } @@ -157,6 +162,10 @@ func (o *createClusterOptions) modifyCluster(existingCluster clientcmdapi.Cluste } } + if o.proxyURL.Provided() { + modifiedCluster.ProxyURL = o.proxyURL.Value() + } + return modifiedCluster } diff --git a/staging/src/k8s.io/kubectl/pkg/cmd/config/create_cluster_test.go b/staging/src/k8s.io/kubectl/pkg/cmd/config/create_cluster_test.go index 00f00c566fc..9021e0290d7 100644 --- a/staging/src/k8s.io/kubectl/pkg/cmd/config/create_cluster_test.go +++ b/staging/src/k8s.io/kubectl/pkg/cmd/config/create_cluster_test.go @@ -55,6 +55,31 @@ func TestCreateCluster(t *testing.T) { test.run(t) } +func TestCreateClusterWithProxy(t *testing.T) { + conf := clientcmdapi.Config{} + test := createClusterTest{ + description: "Testing 'kubectl config set-cluster' with a new cluster", + config: conf, + args: []string{"my-cluster"}, + flags: []string{ + "--server=http://192.168.0.1", + "--tls-server-name=my-cluster-name", + "--proxy-url=http://192.168.0.2", + }, + expected: `Cluster "my-cluster" set.` + "\n", + expectedConfig: clientcmdapi.Config{ + Clusters: map[string]*clientcmdapi.Cluster{ + "my-cluster": { + Server: "http://192.168.0.1", + TLSServerName: "my-cluster-name", + ProxyURL: "http://192.168.0.2", + }, + }, + }, + } + test.run(t) +} + func TestModifyCluster(t *testing.T) { conf := clientcmdapi.Config{ Clusters: map[string]*clientcmdapi.Cluster{ @@ -78,6 +103,61 @@ func TestModifyCluster(t *testing.T) { test.run(t) } +// TestModifyClusterWithProxy tests setting proxy-url in kubeconfig +func TestModifyClusterWithProxy(t *testing.T) { + conf := clientcmdapi.Config{ + Clusters: map[string]*clientcmdapi.Cluster{ + "my-cluster": {Server: "https://192.168.0.1", TLSServerName: "to-be-cleared"}, + }, + } + test := createClusterTest{ + description: "Testing 'kubectl config set-cluster' with an existing cluster", + config: conf, + args: []string{"my-cluster"}, + flags: []string{ + "--server=https://192.168.0.99", + "--proxy-url=https://192.168.0.100", + }, + expected: `Cluster "my-cluster" set.` + "\n", + expectedConfig: clientcmdapi.Config{ + Clusters: map[string]*clientcmdapi.Cluster{ + "my-cluster": {Server: "https://192.168.0.99", ProxyURL: "https://192.168.0.100"}, + }, + }, + } + test.run(t) +} + +// TestModifyClusterWithProxyOverride tests updating proxy-url +// in kubeconfig which already exists +func TestModifyClusterWithProxyOverride(t *testing.T) { + conf := clientcmdapi.Config{ + Clusters: map[string]*clientcmdapi.Cluster{ + "my-cluster": { + Server: "https://192.168.0.1", + TLSServerName: "to-be-cleared", + ProxyURL: "https://192.168.0.2", + }, + }, + } + test := createClusterTest{ + description: "Testing 'kubectl config set-cluster' with an existing cluster", + config: conf, + args: []string{"my-cluster"}, + flags: []string{ + "--server=https://192.168.0.99", + "--proxy-url=https://192.168.0.100", + }, + expected: `Cluster "my-cluster" set.` + "\n", + expectedConfig: clientcmdapi.Config{ + Clusters: map[string]*clientcmdapi.Cluster{ + "my-cluster": {Server: "https://192.168.0.99", ProxyURL: "https://192.168.0.100"}, + }, + }, + } + test.run(t) +} + func TestModifyClusterServerAndTLS(t *testing.T) { conf := clientcmdapi.Config{ Clusters: map[string]*clientcmdapi.Cluster{