,:dZddlmZddlmZddlmZddlmZddlZddlmZddl m Z dd l m Z dd l mZdd l mZdd l mZdd l mZddlmZddlmZddlmZGddej0ZGddeZdZGddeZdZddZdZddZ ddZ!dZ"y) zFUtilities for loading and parsing kubeconfig used for Connect Gateway.)absolute_import) annotations)division)unicode_literalsN)Any) kubeconfig)config) exceptions)log) properties)yaml)encoding)files) platformsceZdZdZy)Errorz0Class for errors raised by kubeconfig utilities.N__name__ __module__ __qualname____doc__Clib/googlecloudsdk/command_lib/container/fleet/gwkubeconfig_util.pyrr%s8rrceZdZdZy)MissingEnvVarErrorzDAn exception raised when required environment variables are missing.Nrrrrrr)sLrrgke_gcloud_auth_plugin_cacheceZdZdZddZedZedZdZdZ dZ e dZ e d Z e ddd Ze d Ze d ZedZdddZy ) Kubeconfigz1Interface for interacting with a kubeconfig file.c.||_||_i|_i|_i|_|jdD]}||j|d<|jdD]}||j|d<|jdD]}||j|d<y)Nclustersnameuserscontexts) _filename_datar!r#r$)selfraw_datafilenameclusterusercontexts r__init__zKubeconfig.__init__2sDNDJDMDJDM::j)'.dmmGFO$* 7#!%djjf$::j)'.dmmGFO$*rc |jdSNcurrent-contextr&r's rcurrent_contextzKubeconfig.current_context?s ::' ((rc|jSN)r%r2s rr)zKubeconfig.filenameCs >>rc|jj|d|jj|d|jj|d|jj d|k(rd|jd<yy)Nr0)r$popr!r#r&get)r'keys rClearzKubeconfig.ClearGsfMMc4 MMc4 JJNN3 zz~~'(C/&(djj"#0rct|jj|jd<t|jj|jd<t|j j|jd<t j|jd}tj|jd5}t j|j|dddtjj|j}tjj|t}tjj!|rtj"|dyy#1swYxYw)zjSave kubeconfig to file. Raises: Error: don't have the permission to open kubeconfig file. r!r#r$NT)privater7)listr!valuesr&r#r$r dump file_utils FileWriterr%ospathdirnamejoin&GKE_GCLOUD_AUTH_PLUGIN_CACHE_FILE_NAMEexistsWriteFileAtomically)r'_fprE gke_gcloud_auth_plugin_file_paths r SaveToFilezKubeconfig.SaveToFileNs "$--"6"6"89DJJztzz0023DJJw!$--"6"6"89DJJz $**d#A   t~~t < ii B =ggoodnn-G')ww||7(9$ ww~~67$$%ErJ8 = formattypeKeyError)clsdatar:errors r _ValidatezKubeconfig._Validatels  , >2#$s)T*)00cDcOLN N3 > .55e< ==>sA+A A<A77A<c tj|}|j ||||S#tj$r*}tdj||jd}~wwxYw)Nz&unable to load kubeconfig for {0}: {1})r load_pathrrR inner_errorrX)rUr)rVrWs r LoadFromFilezKubeconfig.LoadFromFileysl( ^^H %dMM$ tX  ::( :AA E%%' (((s1A.%A))A.Nc tj|}|j ||s|j }|||S#tj$r}td|jd}~wwxYw)aParse a YAML kubeconfig. Args: raw_data: The YAML data to parse path: The path to associate with the data. Defaults to calling `Kubeconfig.DefaultPath()`. Returns: A `Kubeconfig` instance. Raises: Error: The data is not valid YAML. z"unable to parse kubeconfig bytes: N)r loadrr[rX DefaultPath)rUr(rDrVrWs r LoadFromByteszKubeconfig.LoadFromBytessqL YYx dMM$  __ d tT? ::L 6u7H7H6IJ KKLsAA3A..A3cR |j|S#ttf$r}tjdj ||t jtjj||t|}|j|cYd}~Sd}~wwxYw)zARead in the kubeconfig, and if it doesn't exist create one there.z6unable to load default kubeconfig: {0}; recreating {1}N) r\rIOErrorr debugrRrAMakeDirrCrDrEEmptyKubeconfigrM)rUr)rWrs r LoadOrCreatezKubeconfig.LoadOrCreates   h '' 7  iiHOO 23((3j  sB&A9B!B&!B&cH|jtjSr5)rfrr_)rUs rDefaultzKubeconfig.Defaults   J224 55rcJtjtjd}|rA|j tj d}tj j|Stjtjd}|stjjrtjtjd}tjtjd}|r"|r tj j||}|s$tjtjd}|sDtdjtjjr d d tj j|d d S) z(Return default path for kubeconfig file. KUBECONFIGrHOME HOMEDRIVEHOMEPATH USERPROFILEzVenvironment variable {vars} or KUBECONFIG must be set to store credentials for kubectlz&HOMEDRIVE/HOMEPATH, USERPROFILE, HOME,)varsz.kuber )rGetEncodedValuerCenvironsplitpathseprDabspathrOperatingSystem IsWindowsrFrrR)rhome_dir home_drive home_paths rr_zKubeconfig.DefaultPathsG))"**lCJ##BJJ/2j WW__Z (('' F;H  11;;=++BJJ Dj**2::zBi  77<< I6 ++BJJ F   $$*F**446<%+%D EE=C%+%D EE 77<<'8 44rch||}}|r||}}|j|jxs |jtt|jj t|jj z|_tt|j j t|j j z|_tt|jj t|jj z|_y)aBMerge another kubeconfig into self. By default, in case of overlapping keys, the value in self is kept and the value in the other kubeconfig is lost. Args: kubeconfig: a Kubeconfig instance overwrite: whether to overwrite overlapping keys in self with data from the other kubeconfig. N)rOr3dictr>r!itemsr#r$)r'r overwriteleftrights rMergezKubeconfig.Merges %D4Ed4//H53H3HI U^^ ! ! #$tDMM,?,?,A'BBDDM U[[   !D)9)9);$<<>DJ U^^ ! ! #$tDMM,?,?,A'BBDDMr)r(zdict[str, Any]r)strr5)r(bytesrDrreturnr)F)rrr}boolrNone)rrrrr-propertyr3r)r;rMrO classmethodrXr\r`rfrh staticmethodr_rrrrrr/s9 / ) )  )K6, > >2  66554Drrcd|i}||dS)z0Generate and return a cluster kubeconfig object.server)r"r*r)r"rr*s rClusterrs" ' rc0tj||S)auGenerate and return a user kubeconfig object. Args: name: str, nickname for this user entry. auth_provider: str, authentication provider if not using `exec`. `exec` may still be used regardless of this parameter's value. Returns: dict, valid kubeconfig user entry. Raises: Error: if no auth_provider is not provided when `exec` is not used. r" auth_provider)container_kubeconfigUserrs rrrs  " " ! rzPath to sdk installation not found. Please switch to application default credentials using one of $ gcloud config set container/use_application_default_credentials true $ export CLOUDSDK_CONTAINER_USE_APPLICATION_DEFAULT_CREDENTIALS=truecd|i}|dk(rtjjjj sd}t j jrd}tjj}|(tjttttj j#||dddd}||d <|S) aGenerate and return an auth provider config. Constructs an auth provider config entry readable by kubectl. This tells kubectl to call out to a specific gcloud command and parse the output to retrieve access tokens to authenticate to the kubernetes master. Kubernetes gcp auth provider plugin at https://github.com/kubernetes/kubernetes/tree/master/staging/src/k8s.io/client-go/plugin/pkg/client/auth/gcp Args: name: auth provider name Returns: dict, valid auth provider config entry. Raises: Error: Path to sdk installation not found. Please switch to application default credentials using one of $ gcloud config set container/use_application_default_credentials true $ export CLOUDSDK_CONTAINER_USE_APPLICATION_DEFAULT_CREDENTIALS=true. r"gcpgcloudz gcloud.cmdz"config config-helper --format=jsonz{.credential.access_token}z{.credential.token_expiry})zcmd-pathzcmd-argsz token-keyz expiry-keyr )r VALUES containeruse_app_default_credentialsGetBoolrrurvr Paths sdk_bin_pathr rWSDK_BIN_PATH_NOT_FOUNDrrCrDrF)r"providerbin_namercfgs r _AuthProviderrs(d^( em!!==EEGH  **,h<<>..L ii&' ( ))GGLLx8812 CHX /rc$||d}|r||d<||dS)z0Generate and return a context kubeconfig object.)r*r+ namespace)r"r,r)r"r*r+rctxs rContextr8s0 # C  rcdggddigdS)Nv1r7Config) apiVersionr$r!r0kind preferencesr#rrrrrereFs! rr5)r)#r __future__rrrrrCtypingr googlecloudsdk.api_lib.containerrrgooglecloudsdk.corer r core_exceptionsr r r googlecloudsdk.core.utilrrrArrrrGobjectrrrrrrrerrrrs M&"' O&=#*$-8.9O ! !9MM*H&pDpDf&H-`  r