2 Copyright 2015 The Kubernetes Authors.
4 Licensed under the Apache License, Version 2.0 (the "License");
5 you may not use this file except in compliance with the License.
6 You may obtain a copy of the License at
8 http://www.apache.org/licenses/LICENSE-2.0
10 Unless required by applicable law or agreed to in writing, software
11 distributed under the License is distributed on an "AS IS" BASIS,
12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 See the License for the specific language governing permissions and
14 limitations under the License.
30 sDec, _ := base64.StdEncoding.DecodeString("REDACTED+")
31 redactedBytes = []byte(string(sDec))
32 sDec, _ = base64.StdEncoding.DecodeString("DATA+OMITTED")
33 dataOmittedBytes = []byte(string(sDec))
36 // IsConfigEmpty returns true if the config is empty.
37 func IsConfigEmpty(config *Config) bool {
38 return len(config.AuthInfos) == 0 && len(config.Clusters) == 0 && len(config.Contexts) == 0 &&
39 len(config.CurrentContext) == 0 &&
40 len(config.Preferences.Extensions) == 0 && !config.Preferences.Colors &&
41 len(config.Extensions) == 0
44 // MinifyConfig read the current context and uses that to keep only the relevant pieces of config
45 // This is useful for making secrets based on kubeconfig files
46 func MinifyConfig(config *Config) error {
47 if len(config.CurrentContext) == 0 {
48 return errors.New("current-context must exist in order to minify")
51 currContext, exists := config.Contexts[config.CurrentContext]
53 return fmt.Errorf("cannot locate context %v", config.CurrentContext)
56 newContexts := map[string]*Context{}
57 newContexts[config.CurrentContext] = currContext
59 newClusters := map[string]*Cluster{}
60 if len(currContext.Cluster) > 0 {
61 if _, exists := config.Clusters[currContext.Cluster]; !exists {
62 return fmt.Errorf("cannot locate cluster %v", currContext.Cluster)
65 newClusters[currContext.Cluster] = config.Clusters[currContext.Cluster]
68 newAuthInfos := map[string]*AuthInfo{}
69 if len(currContext.AuthInfo) > 0 {
70 if _, exists := config.AuthInfos[currContext.AuthInfo]; !exists {
71 return fmt.Errorf("cannot locate user %v", currContext.AuthInfo)
74 newAuthInfos[currContext.AuthInfo] = config.AuthInfos[currContext.AuthInfo]
77 config.AuthInfos = newAuthInfos
78 config.Clusters = newClusters
79 config.Contexts = newContexts
86 dataOmittedBytes []byte
89 // Flatten redacts raw data entries from the config object for a human-readable view.
90 func ShortenConfig(config *Config) {
91 // trick json encoder into printing a human readable string in the raw data
92 // by base64 decoding what we want to print. Relies on implementation of
93 // http://golang.org/pkg/encoding/json/#Marshal using base64 to encode []byte
94 for key, authInfo := range config.AuthInfos {
95 if len(authInfo.ClientKeyData) > 0 {
96 authInfo.ClientKeyData = redactedBytes
98 if len(authInfo.ClientCertificateData) > 0 {
99 authInfo.ClientCertificateData = redactedBytes
101 config.AuthInfos[key] = authInfo
103 for key, cluster := range config.Clusters {
104 if len(cluster.CertificateAuthorityData) > 0 {
105 cluster.CertificateAuthorityData = dataOmittedBytes
107 config.Clusters[key] = cluster
111 // Flatten changes the config object into a self contained config (useful for making secrets)
112 func FlattenConfig(config *Config) error {
113 for key, authInfo := range config.AuthInfos {
114 baseDir, err := MakeAbs(path.Dir(authInfo.LocationOfOrigin), "")
119 if err := FlattenContent(&authInfo.ClientCertificate, &authInfo.ClientCertificateData, baseDir); err != nil {
122 if err := FlattenContent(&authInfo.ClientKey, &authInfo.ClientKeyData, baseDir); err != nil {
126 config.AuthInfos[key] = authInfo
128 for key, cluster := range config.Clusters {
129 baseDir, err := MakeAbs(path.Dir(cluster.LocationOfOrigin), "")
134 if err := FlattenContent(&cluster.CertificateAuthority, &cluster.CertificateAuthorityData, baseDir); err != nil {
138 config.Clusters[key] = cluster
144 func FlattenContent(path *string, contents *[]byte, baseDir string) error {
146 if len(*contents) > 0 {
147 return errors.New("cannot have values for both path and contents")
151 absPath := ResolvePath(*path, baseDir)
152 *contents, err = ioutil.ReadFile(absPath)
163 // ResolvePath returns the path as an absolute paths, relative to the given base directory
164 func ResolvePath(path string, base string) string {
165 // Don't resolve empty paths
167 // Don't resolve absolute paths
168 if !filepath.IsAbs(path) {
169 return filepath.Join(base, path)
176 func MakeAbs(path, base string) (string, error) {
177 if filepath.IsAbs(path) {
181 cwd, err := os.Getwd()
187 return filepath.Join(base, path), nil