This repository was archived by the owner on Jan 16, 2025. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathkubeconnect.sh
executable file
·117 lines (93 loc) · 2.37 KB
/
kubeconnect.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
#!/bin/bash
set -o pipefail
ME=$(realpath $0)
SCRIPTDIR=$(dirname $ME)
# check if KUBECONFIG is set
if [ -z "$KUBECONFIG" ] ; then
echo "KUBECONFIG not set"
exit 0
fi
if [ -z "$DEPLOYMENTNAMESPACE" ] ; then
DEPLOYMENTNAMESPACE=default
fi
DEPLOYMENTNAME=
DUMPPREFIX=
USEEA=0
while [ "$1" != "" ]; do
case $1 in
-n ) shift
DEPLOYMENTNAMESPACE=$1
;;
-ea ) USEEA=1
;;
--dump ) shift
DUMPPREFIX=$1
;;
* )
if [ -n "$DEPLOYMENTNAME" ] ; then
echo "Use $0 <deploymentname> [-n <namespace>] [-ea]"
exit 1
fi
DEPLOYMENTNAME=$1
esac
shift
done
if [ -z "$DEPLOYMENTNAMESPACE" ] ; then
echo "invalid namespace"
exit 0
fi
echo Using namespace $DEPLOYMENTNAMESPACE
if [ -z "$DEPLOYMENTNAME" ] ; then
echo "DEPLOYMENTNAME not set"
exit 0
fi
echo Using deployment $DEPLOYMENTNAME
DEPLOYMENTRES=$(kubectl get arango -o json -n $DEPLOYMENTNAMESPACE $DEPLOYMENTNAME)
JWTSECRETNAME=$(echo $DEPLOYMENTRES | jq -r .spec.auth.jwtSecretName)
TLSCA=$(echo $DEPLOYMENTRES | jq -r .spec.tls.caSecretName)
EASERVICE=null
if [ "$USEEA" != "0" ] ; then
EASERVICE=$(kubectl get service -o json -n $DEPLOYMENTNAMESPACE $DEPLOYMENTNAME-ea | jq -r .status.loadBalancer.ingress[0].ip)
fi
JWT=
JWTSECRET=
if [ "$JWTSECRETNAME" != "None" ] ; then
JWTSECRET=$(kubectl get secret -o json -n $DEPLOYMENTNAMESPACE $JWTSECRETNAME | jq -r .data.token | base64 -d -w0)
if [ ! $? -eq 0 ] ; then
echo "Failed to get jwt-secret"
exit 0
fi
JWT=$(jwtgen -a HS256 -s "$JWTSECRET" -c server_id=hans -c iss=arangodb)
echo $JWT
fi
AGENTPOD=$(kubectl get pods -o json -n $DEPLOYMENTNAMESPACE -l role=agent,arango_deployment=$DEPLOYMENTNAME | jq -r .items[0].metadata.name)
if [ ! $? -eq 0 ] ; then
echo "Failed to get agency-pod"
exit 0
fi
MUSTFORWARD=1
HOST=localhost
PORT=9898
SCHEME=https
AAAPARAMS=-k
if [ "$TLSCA" = "None" ] ; then
echo Using http, no encryption.
SCHEME=http
AAAPARAMS=
fi
if [ "$DUMPPREFIX" != "" ] ; then
AAAPARAMS=$AAAPARAMS --dump=$DUMPPREFIX
fi
if [ "$EASERVICE" != "null" ] ; then
HOST=$EASERVICE
PORT=8529
MUSTFORWARD=0
fi
if [ "$MUSTFORWARD" == "1" ] ; then
# create pod port-forwarding
kubectl port-forward -n $DEPLOYMENTNAMESPACE $AGENTPOD 9898:8529 &
PFPID=$!
sleep 2
fi
python3 $SCRIPTDIR/aaa.py $AAAPARAMS $SCHEME://$HOST:$PORT/ $JWT
kill -9 $PFPID