)4dZddlmZddlmZddlmZddlmZddlmZddl m Z ddl m Z d Z d Zejej ej"j$Gd d ej&Zejej ej"j*Gd dej&Zejej ej"j.Gddej&Zy)zFetch cluster credentials.)absolute_import)division)unicode_literals)util)base)flags)logzzcluster {0} is not RUNNING. The kubernetes API may or may not be available. Check the cluster status for more information.cftj|d}|d}||}|j|j|}tj j d|j|}|j}|xr|jxr |j }|rLtjjs.tjdj|j|j!|s2t j"t$j|j&||fS)z2Base operations for `get-credentials` run command. api_adapter location_getz(Fetching cluster endpoint and auth data.zNget-credentials requires `container.clusters.getCredentials` permission on {0})rCheckKubectlInstalled ParseClusternamer statusPrint GetCluster masterAuthclientCertificate clientKey ClusterConfigUseGCPAuthProviderErrorformat projectId IsRunningwarningNOT_RUNNING_MSG clusterId) argscontextadapterr location cluster_refclusterauth missing_credss 1lib/surface/container/clusters/get_credentials.py_BaseRunr( s M "'(, $ ($$TYY9+**=>   { +'   $I 6 6I4>>J-4--@@B ** #VK$9$9:    7 #KK&&{'<'<=> + c.eZdZdZddiZedZdZy)GetCredentialsaFetch credentials for a running cluster. {command} updates a `kubeconfig` file with appropriate credentials and endpoint information to point `kubectl` at a specific cluster in Google Kubernetes Engine. It takes a project and a zone as parameters, passed through by set defaults or flags. By default, credentials are written to `HOME/.kube/config`. You can provide an alternate path by setting the `KUBECONFIG` environment variable. If `KUBECONFIG` contains multiple paths, the first one is used. This command enables switching to a specific cluster, when working with multiple clusters. It can also be used to access a previously created cluster from a new workstation. By default, {command} will configure kubectl to automatically refresh its credentials using the same identity as gcloud. If you are running kubectl as part of an application, it is recommended to use [application default credentials](https://cloud.google.com/docs/authentication/production). To configure a `kubeconfig` file to use application default credentials, set the container/use_application_default_credentials [Cloud SDK property](https://cloud.google.com/sdk/docs/properties) to true before running {command} See [](https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl) for kubectl usage with Google Kubernetes Engine and [](https://kubernetes.io/docs/reference/generated/kubectl/kubectl-commands) for available kubectl commands. EXAMPLES To switch to working on your cluster 'sample-cluster', run: $ {command} sample-cluster --location=us-central1-f ctj|tj|tj|tj|yzRegister flags for this command. Args: parser: An argparse.ArgumentParser-like object. It is mocked out in order to capture some information, but behaves like an ArgumentParser. N)rAddGetCredentialsArgsAddDnsEndpointFlagAddKubecontextOverrideFlagAddUseIamTokenFlagparsers r'ArgszGetCredentials.Argsbs< ' V$ $$V, V$r)c t||j\}}tjj ||j |j |j|j|j|jy)This is what gets called when the user runs this command. Args: args: an argparse namespace. All the arguments that were provided to this command invocation. Raises: util.Error: if the cluster is unreachable or not running. )use_dns_endpointimpersonate_service_accountkubecontext_override use_iam_tokenN) r(r rrPersistr internal_ip dns_endpointr:r;r<selfrr$r#s r'RunzGetCredentials.Runosk$D$,,7G[ **$($D$D!66((r)N__name__ __module__ __qualname____doc__ detailed_help staticmethodr6rBr)r'r+r+9s1> - % %r)r+c.eZdZdZddiZedZdZy)GetCredentialsBeta0Fetch credentials for a running cluster. {command} updates a `kubeconfig` file with appropriate credentials and endpoint information to point `kubectl` at a specific cluster in Google Kubernetes Engine. It takes a project and a zone as parameters, passed through by set defaults or flags. By default, credentials are written to `HOME/.kube/config`. You can provide an alternate path by setting the `KUBECONFIG` environment variable. If `KUBECONFIG` contains multiple paths, the first one is used. This command enables switching to a specific cluster, when working with multiple clusters. It can also be used to access a previously created cluster from a new workstation. By default, {command} will configure kubectl to automatically refresh its credentials using the same identity as gcloud. If you are running kubectl as part of an application, it is recommended to use [application default credentials](https://cloud.google.com/docs/authentication/production). To configure a `kubeconfig` file to use application default credentials, set the container/use_application_default_credentials [Cloud SDK property](https://cloud.google.com/sdk/docs/properties) to true before running {command} See [](https://cloud.google.com/kubernetes-engine/docs/kubectl) for kubectl documentation. r,r-ctj|tj|tj|tj|tj |tj |y)z Register flags for this command.Nrr0AddCrossConnectSubnetworkFlagAddPrivateEndpointFQDNFlagr1r2r3r4s r'r6zGetCredentialsBeta.ArgssX ' ''/ $$V, V$ $$V, V$r)c :tj|t||j\}}tj j ||j|j|j|j|j|j|jyr8)r;r<NrVerifyGetCredentialsFlagsr(r rrr=rr>cross_connect_subnetworkprivate_endpoint_fqdnr?r;r<r@s r'rBzGetCredentialsBeta.Run ##D)#D$,,7G[  %% "" !66(( r)NrCrJr)r'rLrLs18 -%%r)rLc.eZdZdZddiZedZdZy)GetCredentialsAlpharMr,r-ctj|tj|tj|tj|tj |tj |yr/rOr4s r'r6zGetCredentialsAlpha.ArgssX ' ''/ $$V, V$ $$V, V$r)c :tj|t||j\}}tj j ||j|j|j|j|j|j|jyrSrTr@s r'rBzGetCredentialsAlpha.RunrXr)NrCrJr)r'rZrZs18 - % %r)rZN)rG __future__rrr googlecloudsdk.api_lib.containerrgooglecloudsdk.callioper$googlecloudsdk.command_lib.containerrgooglecloudsdk.corer rr(UniverseCompatible ReleaseTracks ReleaseTrackGACommandr+BETArLALPHArZrJr)r'ris!&'1(6#2 2D%%(()GT\\G*GTD%%**+CC,CLD%%++,H$,,H-Hr)