dapp 0.13.4 → 0.13.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/config/en/net_status.yml +1 -0
- data/lib/dapp.rb +4 -0
- data/lib/dapp/cli.rb +2 -1
- data/lib/dapp/cli/cli.rb +1 -0
- data/lib/dapp/cli/command/update.rb +14 -0
- data/lib/dapp/dapp/logging/base.rb +1 -9
- data/lib/dapp/dapp/logging/process.rb +1 -1
- data/lib/dapp/deployment/dapp/command/apply.rb +38 -50
- data/lib/dapp/deployment/kube_app.rb +107 -111
- data/lib/dapp/dimg/build/stage/artifact_base.rb +1 -5
- data/lib/dapp/dimg/dapp/command/build_context/export.rb +2 -4
- data/lib/dapp/dimg/dapp/command/build_context/import.rb +2 -4
- data/lib/dapp/dimg/dimg.rb +1 -3
- data/lib/dapp/kube/cli/command/kube.rb +2 -1
- data/lib/dapp/kube/cli/command/kube/secret_extract.rb +11 -1
- data/lib/dapp/kube/cli/command/kube/secret_generate.rb +5 -0
- data/lib/dapp/kube/cli/command/kube/secret_regenerate.rb +23 -0
- data/lib/dapp/kube/dapp/command/common.rb +28 -0
- data/lib/dapp/kube/dapp/command/deploy.rb +1 -17
- data/lib/dapp/kube/dapp/command/dismiss.rb +2 -4
- data/lib/dapp/kube/dapp/command/minikube_setup.rb +74 -68
- data/lib/dapp/kube/dapp/command/secret_extract.rb +30 -16
- data/lib/dapp/kube/dapp/command/secret_generate.rb +29 -15
- data/lib/dapp/kube/dapp/command/secret_regenerate.rb +39 -0
- data/lib/dapp/kube/dapp/dapp.rb +1 -0
- data/lib/dapp/version.rb +1 -1
- metadata +6 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 19d9262efa88dcc95e63826c17a15ceaeabcf417
|
|
4
|
+
data.tar.gz: edd444ed3ee8f5c2f3360fa00f81cb4ee54704fc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5f33daa8ff9806a7fcf8772daa91c4293f1376463dd60a491d50e27606b472280a881eda12c352f5adc5b9cd14ab45bd8c90731d3629c1533368c18a03311243
|
|
7
|
+
data.tar.gz: 161dad188386797eb8882af58119778b166ebc476a2bb4023ea5cfb6a745dd2847f53ad61b76671f4ff2cdccae28f69bba084de489fc9b78af6df7c569ef3262
|
data/config/en/net_status.yml
CHANGED
|
@@ -38,6 +38,7 @@ en:
|
|
|
38
38
|
values_file_not_found: "Values file `%{path}` not found!"
|
|
39
39
|
secret_values_file_not_found: "Secret values file `%{path}` not found!"
|
|
40
40
|
user_containers_detected: "User containers have been using images!\n%{ids}"
|
|
41
|
+
incorrect_yaml_structure: "Incorrect YAML structure in `%{path}`!"
|
|
41
42
|
dapp:
|
|
42
43
|
no_such_dimg: "No such dimg: `%{dimgs_patterns}`!"
|
|
43
44
|
no_such_app: "No such app: `%{apps_patterns}`!"
|
data/lib/dapp.rb
CHANGED
|
@@ -40,6 +40,8 @@ require 'dapp/error/shellout'
|
|
|
40
40
|
require 'dapp/exception/base'
|
|
41
41
|
require 'dapp/cli'
|
|
42
42
|
require 'dapp/cli/command/base'
|
|
43
|
+
require 'dapp/cli/command/update'
|
|
44
|
+
require 'dapp/cli/cli'
|
|
43
45
|
require 'dapp/config/directive/base'
|
|
44
46
|
require 'dapp/config/config'
|
|
45
47
|
require 'dapp/config/error/config'
|
|
@@ -112,6 +114,7 @@ require 'dapp/kube/cli/command/kube/dismiss'
|
|
|
112
114
|
require 'dapp/kube/cli/command/kube/secret_key_generate'
|
|
113
115
|
require 'dapp/kube/cli/command/kube/secret_generate'
|
|
114
116
|
require 'dapp/kube/cli/command/kube/secret_extract'
|
|
117
|
+
require 'dapp/kube/cli/command/kube/secret_regenerate'
|
|
115
118
|
require 'dapp/kube/cli/command/kube/minikube_setup'
|
|
116
119
|
require 'dapp/kube/cli/cli'
|
|
117
120
|
require 'dapp/kube/dapp/command/common'
|
|
@@ -120,6 +123,7 @@ require 'dapp/kube/dapp/command/dismiss'
|
|
|
120
123
|
require 'dapp/kube/dapp/command/secret_key_generate'
|
|
121
124
|
require 'dapp/kube/dapp/command/secret_generate'
|
|
122
125
|
require 'dapp/kube/dapp/command/secret_extract'
|
|
126
|
+
require 'dapp/kube/dapp/command/secret_regenerate'
|
|
123
127
|
require 'dapp/kube/dapp/command/minikube_setup'
|
|
124
128
|
require 'dapp/kube/dapp/dapp'
|
|
125
129
|
require 'dapp/kube/secret'
|
data/lib/dapp/cli.rb
CHANGED
|
@@ -5,7 +5,7 @@ module Dapp
|
|
|
5
5
|
extend Helper::Cli
|
|
6
6
|
include Helper::Trivia
|
|
7
7
|
|
|
8
|
-
SUBCOMMANDS = ['dimg', 'deployment', 'kube'].freeze
|
|
8
|
+
SUBCOMMANDS = ['dimg', 'deployment', 'kube', 'update'].freeze
|
|
9
9
|
|
|
10
10
|
banner <<BANNER.freeze
|
|
11
11
|
Usage: dapp subcommand [subcommand options]
|
|
@@ -15,6 +15,7 @@ Available subcommands: (for details, dapp SUB-COMMAND --help)
|
|
|
15
15
|
dapp dimg
|
|
16
16
|
dapp deployment
|
|
17
17
|
dapp kube
|
|
18
|
+
dapp update
|
|
18
19
|
|
|
19
20
|
Options:
|
|
20
21
|
BANNER
|
data/lib/dapp/cli/cli.rb
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
::Dapp::CLI.send(:include, ::Dapp::CLI::Command)
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
module Dapp
|
|
2
|
+
class CLI
|
|
3
|
+
module Command
|
|
4
|
+
class Update < ::Dapp::CLI
|
|
5
|
+
def run(_argv)
|
|
6
|
+
spec = Gem::Specification.find do |s|
|
|
7
|
+
File.fnmatch(File.join(s.full_gem_path, '*'), __FILE__)
|
|
8
|
+
end
|
|
9
|
+
Gem.install(spec.name, spec.version.approximate_recommendation)
|
|
10
|
+
end
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
end
|
|
@@ -46,9 +46,7 @@ module Dapp
|
|
|
46
46
|
|
|
47
47
|
def log_step_with_indent(step)
|
|
48
48
|
log_step(step)
|
|
49
|
-
with_log_indent
|
|
50
|
-
yield
|
|
51
|
-
end
|
|
49
|
+
with_log_indent { yield }
|
|
52
50
|
end
|
|
53
51
|
|
|
54
52
|
def log_step(*args, **kwargs)
|
|
@@ -96,12 +94,6 @@ module Dapp
|
|
|
96
94
|
end.join
|
|
97
95
|
end
|
|
98
96
|
|
|
99
|
-
def log_with_indent(message = '', **kwargs)
|
|
100
|
-
with_log_indent do
|
|
101
|
-
log(message, **kwargs)
|
|
102
|
-
end
|
|
103
|
-
end
|
|
104
|
-
|
|
105
97
|
def with_log_indent(with = true)
|
|
106
98
|
log_indent_next if with
|
|
107
99
|
yield
|
|
@@ -11,66 +11,54 @@ module Dapp
|
|
|
11
11
|
validate_tag_name!(image_version)
|
|
12
12
|
|
|
13
13
|
log_process("Applying deployment #{deployment.name}") do
|
|
14
|
-
|
|
15
|
-
deployment.kube.delete_unknown_resources!
|
|
14
|
+
deployment.kube.delete_unknown_resources!
|
|
16
15
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
deployment.kube.run_job!(spec, name)
|
|
23
|
-
end
|
|
24
|
-
end
|
|
16
|
+
deployment.to_kube_bootstrap_pods(repo, image_version).each do |name, spec|
|
|
17
|
+
next if deployment.kube.pod_succeeded?(name)
|
|
18
|
+
deployment.kube.delete_pod!(name) if deployment.kube.pod_exist?(name)
|
|
19
|
+
log_process(:bootstrap) do
|
|
20
|
+
deployment.kube.run_job!(spec, name)
|
|
25
21
|
end
|
|
22
|
+
end
|
|
26
23
|
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
deployment.kube.run_job!(spec, name)
|
|
32
|
-
end
|
|
33
|
-
end
|
|
24
|
+
deployment.to_kube_before_apply_job_pods(repo, image_version).each do |name, spec|
|
|
25
|
+
log_process(:before_apply_job) do
|
|
26
|
+
deployment.kube.delete_pod!(name) if deployment.kube.pod_exist?(name)
|
|
27
|
+
deployment.kube.run_job!(spec, name)
|
|
34
28
|
end
|
|
29
|
+
end
|
|
35
30
|
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
end
|
|
31
|
+
deployment.apps.each do |app|
|
|
32
|
+
log_process("Applying app #{app.name}") do
|
|
33
|
+
(app.kube.existing_deployments_names - app.to_kube_deployments(repo, image_version).keys).each do |deployment_name|
|
|
34
|
+
app.kube.delete_deployment!(deployment_name)
|
|
35
|
+
end
|
|
42
36
|
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
37
|
+
(app.kube.existing_services_names - app.to_kube_services.keys).each do |service_name|
|
|
38
|
+
app.kube.delete_service!(service_name)
|
|
39
|
+
end
|
|
46
40
|
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
end
|
|
55
|
-
end
|
|
41
|
+
app.to_kube_bootstrap_pods(repo, image_version).each do |name, spec|
|
|
42
|
+
next if app.kube.pod_succeeded?(name)
|
|
43
|
+
app.kube.delete_pod!(name) if app.kube.pod_exist?(name)
|
|
44
|
+
log_process(:bootstrap) do
|
|
45
|
+
app.kube.run_job!(spec, name)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
56
48
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
end
|
|
64
|
-
end
|
|
49
|
+
app.to_kube_before_apply_job_pods(repo, image_version).each do |name, spec|
|
|
50
|
+
log_process(:before_apply_job) do
|
|
51
|
+
app.kube.delete_pod!(name) if app.kube.pod_exist?(name)
|
|
52
|
+
app.kube.run_job!(spec, name)
|
|
53
|
+
end
|
|
54
|
+
end
|
|
65
55
|
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
56
|
+
app.to_kube_deployments(repo, image_version).each do |name, spec|
|
|
57
|
+
app.kube.apply_deployment!(name, spec)
|
|
58
|
+
end
|
|
69
59
|
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
end
|
|
73
|
-
end
|
|
60
|
+
app.to_kube_services.each do |name, spec|
|
|
61
|
+
app.kube.apply_service!(name, spec)
|
|
74
62
|
end
|
|
75
63
|
end
|
|
76
64
|
end
|
|
@@ -75,16 +75,14 @@ module Dapp
|
|
|
75
75
|
end
|
|
76
76
|
|
|
77
77
|
def _dump_service_info(srv)
|
|
78
|
-
app.deployment.dapp.
|
|
79
|
-
|
|
80
|
-
app.deployment.dapp.log_info("clusterIP: #{srv['spec']['clusterIP']}")
|
|
78
|
+
app.deployment.dapp.log_info("type: #{srv['spec']['type']}")
|
|
79
|
+
app.deployment.dapp.log_info("clusterIP: #{srv['spec']['clusterIP']}")
|
|
81
80
|
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
end
|
|
81
|
+
srv['spec'].fetch('ports', []).each do |port|
|
|
82
|
+
app.deployment.dapp.log_info("Port #{port['port']}:")
|
|
83
|
+
app.deployment.dapp.with_log_indent do
|
|
84
|
+
%w(protocol targetPort nodePort).each do |field_name|
|
|
85
|
+
app.deployment.dapp.log_info("#{field_name}: #{_field_value_for_log(port[field_name])}")
|
|
88
86
|
end
|
|
89
87
|
end
|
|
90
88
|
end
|
|
@@ -118,125 +116,123 @@ module Dapp
|
|
|
118
116
|
# NOTICE: является одним из критериев завершения ожидания на данный момент.
|
|
119
117
|
def _wait_for_deployment(d, old_d_revision: nil)
|
|
120
118
|
app.deployment.dapp.log_process("Waiting for kubernetes Deployment #{d['metadata']['name']} readiness") do
|
|
121
|
-
|
|
122
|
-
known_events_by_pod = {}
|
|
119
|
+
known_events_by_pod = {}
|
|
123
120
|
|
|
124
|
-
|
|
125
|
-
|
|
121
|
+
loop do
|
|
122
|
+
d_revision = d.fetch('metadata', {}).fetch('annotations', {}).fetch('deployment.kubernetes.io/revision', nil)
|
|
126
123
|
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
124
|
+
app.deployment.dapp.log_step("[#{Time.now}] Poll kubernetes Deployment status")
|
|
125
|
+
app.deployment.dapp.with_log_indent do
|
|
126
|
+
app.deployment.dapp.log_info("Target replicas: #{_field_value_for_log(d['spec']['replicas'])}")
|
|
127
|
+
app.deployment.dapp.log_info("Updated replicas: #{_field_value_for_log(d['status']['updatedReplicas'])} / #{_field_value_for_log(d['spec']['replicas'])}")
|
|
128
|
+
app.deployment.dapp.log_info("Available replicas: #{_field_value_for_log(d['status']['availableReplicas'])} / #{_field_value_for_log(d['spec']['replicas'])}")
|
|
129
|
+
app.deployment.dapp.log_info("Ready replicas: #{_field_value_for_log(d['status']['readyReplicas'])} / #{_field_value_for_log(d['spec']['replicas'])}")
|
|
130
|
+
app.deployment.dapp.log_info("Old deployment.kubernetes.io/revision: #{_field_value_for_log(old_d_revision)}")
|
|
131
|
+
app.deployment.dapp.log_info("Current deployment.kubernetes.io/revision: #{_field_value_for_log(d_revision)}")
|
|
132
|
+
end
|
|
136
133
|
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
end
|
|
134
|
+
rs = nil
|
|
135
|
+
if d_revision
|
|
136
|
+
# Находим актуальный, текущий ReplicaSet.
|
|
137
|
+
# Если такая ситуация, когда есть несколько подходящих по revision ReplicaSet, то берем старейший по дате создания.
|
|
138
|
+
# Также делает kubectl: https://github.com/kubernetes/kubernetes/blob/d86a01570ba243e8d75057415113a0ff4d68c96b/pkg/controller/deployment/util/deployment_util.go#L664
|
|
139
|
+
rs = app.deployment.kubernetes.replicaset_list['items']
|
|
140
|
+
.select do |_rs|
|
|
141
|
+
Array(_rs['metadata']['ownerReferences']).any? do |owner_reference|
|
|
142
|
+
owner_reference['uid'] == d['metadata']['uid']
|
|
147
143
|
end
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
144
|
+
end
|
|
145
|
+
.select do |_rs|
|
|
146
|
+
rs_revision = _rs.fetch('metadata', {}).fetch('annotations', {}).fetch('deployment.kubernetes.io/revision', nil)
|
|
147
|
+
(rs_revision and (d_revision == rs_revision))
|
|
148
|
+
end
|
|
149
|
+
.sort_by do |_rs|
|
|
150
|
+
Time.parse _rs['metadata']['creationTimestamp']
|
|
151
|
+
end.first
|
|
152
|
+
end
|
|
156
153
|
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
end
|
|
154
|
+
if rs
|
|
155
|
+
# Pod'ы связанные с активным ReplicaSet
|
|
156
|
+
rs_pods = app.deployment.kubernetes
|
|
157
|
+
.pod_list(labelSelector: labels.map{|k, v| "#{k}=#{v}"}.join(','))['items']
|
|
158
|
+
.select do |pod|
|
|
159
|
+
Array(pod['metadata']['ownerReferences']).any? do |owner_reference|
|
|
160
|
+
owner_reference['uid'] == rs['metadata']['uid']
|
|
165
161
|
end
|
|
162
|
+
end
|
|
166
163
|
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
rs_pods.each do |pod|
|
|
171
|
-
app.deployment.dapp.with_log_indent do
|
|
172
|
-
app.deployment.dapp.log_info("* #{pod['metadata']['name']}")
|
|
164
|
+
app.deployment.dapp.with_log_indent do
|
|
165
|
+
app.deployment.dapp.log_info("Pods:") if rs_pods.any?
|
|
173
166
|
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
.reject do |event|
|
|
178
|
-
known_events_by_pod[pod['metadata']['name']].include? event['metadata']['uid']
|
|
179
|
-
end
|
|
167
|
+
rs_pods.each do |pod|
|
|
168
|
+
app.deployment.dapp.with_log_indent do
|
|
169
|
+
app.deployment.dapp.log_info("* #{pod['metadata']['name']}")
|
|
180
170
|
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
known_events_by_pod[pod['metadata']['name']] << event['metadata']['uid']
|
|
187
|
-
end
|
|
171
|
+
known_events_by_pod[pod['metadata']['name']] ||= []
|
|
172
|
+
pod_events = app.deployment.kubernetes
|
|
173
|
+
.event_list(fieldSelector: "involvedObject.uid=#{pod['metadata']['uid']}")['items']
|
|
174
|
+
.reject do |event|
|
|
175
|
+
known_events_by_pod[pod['metadata']['name']].include? event['metadata']['uid']
|
|
188
176
|
end
|
|
189
177
|
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
if ready_condition['reason'] == 'ContainersNotReady'
|
|
194
|
-
Array(pod['status']['containerStatuses']).each do |container_status|
|
|
195
|
-
next if container_status['ready']
|
|
196
|
-
|
|
197
|
-
waiting_reason = container_status.fetch('state', {}).fetch('waiting', {}).fetch('reason', nil)
|
|
198
|
-
case waiting_reason
|
|
199
|
-
when 'ImagePullBackOff', 'ErrImagePull'
|
|
200
|
-
raise Error::Base,
|
|
201
|
-
code: :image_not_found,
|
|
202
|
-
data: {app: app.name,
|
|
203
|
-
pod_name: pod['metadata']['name'],
|
|
204
|
-
reason: container_status['state']['waiting']['reason'],
|
|
205
|
-
message: container_status['state']['waiting']['message']}
|
|
206
|
-
when 'CrashLoopBackOff'
|
|
207
|
-
raise Error::Base,
|
|
208
|
-
code: :container_crash,
|
|
209
|
-
data: {app: app.name,
|
|
210
|
-
pod_name: pod['metadata']['name'],
|
|
211
|
-
reason: container_status['state']['waiting']['reason'],
|
|
212
|
-
message: container_status['state']['waiting']['message']}
|
|
213
|
-
end
|
|
214
|
-
end
|
|
215
|
-
else
|
|
178
|
+
if pod_events.any?
|
|
179
|
+
pod_events.each do |event|
|
|
216
180
|
app.deployment.dapp.with_log_indent do
|
|
217
|
-
app.deployment.dapp.
|
|
181
|
+
app.deployment.dapp.log_info("[#{event['metadata']['creationTimestamp']}] #{event['message']}")
|
|
218
182
|
end
|
|
183
|
+
known_events_by_pod[pod['metadata']['name']] << event['metadata']['uid']
|
|
219
184
|
end
|
|
220
|
-
end
|
|
221
|
-
end # rs_pods.each
|
|
222
|
-
end # with_log_indent
|
|
223
|
-
end
|
|
185
|
+
end
|
|
224
186
|
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
187
|
+
ready_condition = pod['status'].fetch('conditions', {}).find {|condition| condition['type'] == 'Ready'}
|
|
188
|
+
next if (not ready_condition) or (ready_condition['status'] == 'True')
|
|
189
|
+
|
|
190
|
+
if ready_condition['reason'] == 'ContainersNotReady'
|
|
191
|
+
Array(pod['status']['containerStatuses']).each do |container_status|
|
|
192
|
+
next if container_status['ready']
|
|
193
|
+
|
|
194
|
+
waiting_reason = container_status.fetch('state', {}).fetch('waiting', {}).fetch('reason', nil)
|
|
195
|
+
case waiting_reason
|
|
196
|
+
when 'ImagePullBackOff', 'ErrImagePull'
|
|
197
|
+
raise Error::Base,
|
|
198
|
+
code: :image_not_found,
|
|
199
|
+
data: {app: app.name,
|
|
200
|
+
pod_name: pod['metadata']['name'],
|
|
201
|
+
reason: container_status['state']['waiting']['reason'],
|
|
202
|
+
message: container_status['state']['waiting']['message']}
|
|
203
|
+
when 'CrashLoopBackOff'
|
|
204
|
+
raise Error::Base,
|
|
205
|
+
code: :container_crash,
|
|
206
|
+
data: {app: app.name,
|
|
207
|
+
pod_name: pod['metadata']['name'],
|
|
208
|
+
reason: container_status['state']['waiting']['reason'],
|
|
209
|
+
message: container_status['state']['waiting']['message']}
|
|
210
|
+
end
|
|
211
|
+
end
|
|
212
|
+
else
|
|
213
|
+
app.deployment.dapp.with_log_indent do
|
|
214
|
+
app.deployment.dapp.log_warning("Unknown pod readiness condition reason '#{ready_condition['reason']}': #{ready_condition}")
|
|
215
|
+
end
|
|
216
|
+
end
|
|
217
|
+
end # with_log_indent
|
|
218
|
+
end # rs_pods.each
|
|
219
|
+
end # with_log_indent
|
|
220
|
+
end
|
|
235
221
|
|
|
236
|
-
|
|
237
|
-
|
|
222
|
+
break if begin
|
|
223
|
+
d_revision and
|
|
224
|
+
d['spec']['replicas'] and
|
|
225
|
+
d['status']['updatedReplicas'] and
|
|
226
|
+
d['status']['availableReplicas'] and
|
|
227
|
+
d['status']['readyReplicas'] and
|
|
228
|
+
(d['status']['updatedReplicas'] >= d['spec']['replicas']) and
|
|
229
|
+
(d['status']['availableReplicas'] >= d['spec']['replicas']) and
|
|
230
|
+
(d['status']['readyReplicas'] >= d['spec']['replicas'])
|
|
238
231
|
end
|
|
239
|
-
|
|
232
|
+
|
|
233
|
+
sleep 1
|
|
234
|
+
d = app.deployment.kubernetes.deployment(d['metadata']['name'])
|
|
235
|
+
end
|
|
240
236
|
end
|
|
241
237
|
end
|
|
242
238
|
|
|
@@ -50,11 +50,7 @@ module Dapp
|
|
|
50
50
|
def artifacts_dimgs_build!
|
|
51
51
|
artifacts.each do |artifact|
|
|
52
52
|
process = dimg.dapp.t(code: 'process.artifact_building', data: { name: artifact[:name] })
|
|
53
|
-
dimg.dapp.log_secondary_process(process)
|
|
54
|
-
dimg.dapp.with_log_indent do
|
|
55
|
-
artifact[:dimg].build!
|
|
56
|
-
end
|
|
57
|
-
end
|
|
53
|
+
dimg.dapp.log_secondary_process(process) { artifact[:dimg].build! }
|
|
58
54
|
end
|
|
59
55
|
end
|
|
60
56
|
|
|
@@ -6,10 +6,8 @@ module Dapp
|
|
|
6
6
|
module Export
|
|
7
7
|
def build_context_export
|
|
8
8
|
log_process(:'export context') do
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
export_build_context_build_tar
|
|
12
|
-
end
|
|
9
|
+
export_build_context_image_tar
|
|
10
|
+
export_build_context_build_tar
|
|
13
11
|
end
|
|
14
12
|
end
|
|
15
13
|
|
|
@@ -9,10 +9,8 @@ module Dapp
|
|
|
9
9
|
data: { path: build_context_path } unless build_context_path.exist?
|
|
10
10
|
|
|
11
11
|
log_process(:'import context') do
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
import_build_context_image_tar
|
|
15
|
-
end
|
|
12
|
+
import_build_context_build_tar
|
|
13
|
+
import_build_context_image_tar
|
|
16
14
|
end
|
|
17
15
|
end
|
|
18
16
|
|
data/lib/dapp/dimg/dimg.rb
CHANGED
|
@@ -85,9 +85,7 @@ module Dapp
|
|
|
85
85
|
dapp.lock("image.#{hashsum image_name}") do
|
|
86
86
|
::Dapp::Dimg::Image::Stage.cache_reset(image_name)
|
|
87
87
|
dapp.log_process(image_name, process: dapp.t(code: 'status.process.pushing')) do
|
|
88
|
-
|
|
89
|
-
image.export!(image_name)
|
|
90
|
-
end
|
|
88
|
+
image.export!(image_name)
|
|
91
89
|
end
|
|
92
90
|
end
|
|
93
91
|
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module Dapp::Kube::CLI
|
|
2
2
|
module Command
|
|
3
3
|
class Kube < ::Dapp::CLI
|
|
4
|
-
SUBCOMMANDS = ['secret generate', 'secret key generate', 'deploy', 'dismiss', 'secret extract', 'minikube setup'].freeze
|
|
4
|
+
SUBCOMMANDS = ['secret generate', 'secret key generate', 'secret regenerate', 'deploy', 'dismiss', 'secret extract', 'minikube setup'].freeze
|
|
5
5
|
|
|
6
6
|
banner <<BANNER.freeze
|
|
7
7
|
Usage: dapp kube subcommand [subcommand options]
|
|
@@ -13,6 +13,7 @@ Available subcommands: (for details, dapp kube SUB-COMMAND --help)
|
|
|
13
13
|
dapp kube secret key generate [options]
|
|
14
14
|
dapp kube secret generate [FILE_PATH] [options]
|
|
15
15
|
dapp kube secret extract [FILE_PATH] [options]
|
|
16
|
+
dapp kube secret regenerate [SECRET_VALUES_FILE_PATH ...] [options]
|
|
16
17
|
dapp kube minikube setup
|
|
17
18
|
|
|
18
19
|
Options:
|
|
@@ -11,11 +11,21 @@ BANNER
|
|
|
11
11
|
|
|
12
12
|
option :output_file_path,
|
|
13
13
|
short: '-o OUTPUT_FILE_PATH',
|
|
14
|
+
description: 'Output file',
|
|
14
15
|
required: false
|
|
15
16
|
|
|
17
|
+
option :values,
|
|
18
|
+
long: '--values',
|
|
19
|
+
description: 'Decode secret values file',
|
|
20
|
+
default: false
|
|
21
|
+
|
|
16
22
|
def run(argv = ARGV)
|
|
17
23
|
self.class.parse_options(self, argv)
|
|
18
|
-
file_path =
|
|
24
|
+
file_path = begin
|
|
25
|
+
if cli_options[:values] || !cli_arguments.empty?
|
|
26
|
+
self.class.required_argument(self, 'FILE_PATH')
|
|
27
|
+
end
|
|
28
|
+
end
|
|
19
29
|
::Dapp::Dapp.new(options: cli_options).public_send(run_method, file_path)
|
|
20
30
|
end
|
|
21
31
|
end
|
|
@@ -13,6 +13,11 @@ BANNER
|
|
|
13
13
|
short: '-o OUTPUT_FILE_PATH',
|
|
14
14
|
required: false
|
|
15
15
|
|
|
16
|
+
option :values,
|
|
17
|
+
long: '--values',
|
|
18
|
+
description: 'Decode secret values file',
|
|
19
|
+
default: false
|
|
20
|
+
|
|
16
21
|
def run(argv = ARGV)
|
|
17
22
|
self.class.parse_options(self, argv)
|
|
18
23
|
file_path = cli_arguments.empty? ? nil : cli_arguments.first
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
module Dapp::Kube::CLI::Command
|
|
2
|
+
class Kube < ::Dapp::CLI
|
|
3
|
+
class SecretRegenerate < Base
|
|
4
|
+
banner <<BANNER.freeze
|
|
5
|
+
Usage:
|
|
6
|
+
|
|
7
|
+
dapp kube secret regenerate [SECRET_VALUES_FILE_PATH ...] [options]
|
|
8
|
+
|
|
9
|
+
Options:
|
|
10
|
+
BANNER
|
|
11
|
+
|
|
12
|
+
option :old_secret_key,
|
|
13
|
+
long: '--old-secret-key KEY',
|
|
14
|
+
description: 'Old secret key',
|
|
15
|
+
required: true
|
|
16
|
+
|
|
17
|
+
def run(argv = ARGV)
|
|
18
|
+
self.class.parse_options(self, argv)
|
|
19
|
+
::Dapp::Dapp.new(options: cli_options).public_send(run_method, *cli_arguments)
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
@@ -15,6 +15,30 @@ module Dapp
|
|
|
15
15
|
kubernetes.namespace
|
|
16
16
|
end
|
|
17
17
|
|
|
18
|
+
def kube_helm_encode_json(secret, json)
|
|
19
|
+
encode_json = proc do |value|
|
|
20
|
+
case value
|
|
21
|
+
when Array then value.map { |v| encode_json.call(v) }
|
|
22
|
+
when Hash then kube_helm_encode_json(secret,value)
|
|
23
|
+
else
|
|
24
|
+
secret.nil? ? '' : secret.generate(value)
|
|
25
|
+
end
|
|
26
|
+
end
|
|
27
|
+
json.each { |k, v| json[k] = encode_json.call(v) }
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def kube_helm_decode_json(secret, json)
|
|
31
|
+
decode_value = proc do |value|
|
|
32
|
+
case value
|
|
33
|
+
when Array then value.map { |v| decode_value.call(v) }
|
|
34
|
+
when Hash then kube_helm_decode_json(secret,value)
|
|
35
|
+
else
|
|
36
|
+
secret.nil? ? '' : secret.extract(value)
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
json.each { |k, v| json[k] = decode_value.call(v) }
|
|
40
|
+
end
|
|
41
|
+
|
|
18
42
|
def secret_key_should_exist!
|
|
19
43
|
raise(Error::Command,
|
|
20
44
|
code: :secret_key_not_found,
|
|
@@ -22,6 +46,10 @@ module Dapp
|
|
|
22
46
|
) if secret.nil?
|
|
23
47
|
end
|
|
24
48
|
|
|
49
|
+
def kube_chart_path(*path)
|
|
50
|
+
self.path('.helm', *path).expand_path
|
|
51
|
+
end
|
|
52
|
+
|
|
25
53
|
def secret
|
|
26
54
|
@secret ||= begin
|
|
27
55
|
unless secret_key = ENV['DAPP_SECRET_KEY']
|
|
@@ -54,23 +54,11 @@ module Dapp
|
|
|
54
54
|
|
|
55
55
|
def kube_helm_decode_secret_values
|
|
56
56
|
kube_secret_values_paths.each_with_index do |secret_values_file, index|
|
|
57
|
-
decoded_data = kube_helm_decode_json(YAML::load(secret_values_file.read))
|
|
57
|
+
decoded_data = kube_helm_decode_json(secret, YAML::load(secret_values_file.read))
|
|
58
58
|
kube_tmp_chart_secret_values_paths[index].write(decoded_data.to_yaml)
|
|
59
59
|
end
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
-
def kube_helm_decode_json(json)
|
|
63
|
-
decode_value = proc do |value|
|
|
64
|
-
case value
|
|
65
|
-
when Array then value.map { |v| decode_value.call(v) }
|
|
66
|
-
when Hash then kube_helm_decode_json(value)
|
|
67
|
-
else
|
|
68
|
-
secret.nil? ? '' : secret.extract(value)
|
|
69
|
-
end
|
|
70
|
-
end
|
|
71
|
-
json.each { |k, v| json[k] = decode_value.call(v) }
|
|
72
|
-
end
|
|
73
|
-
|
|
74
62
|
def kube_helm_decode_secret_files
|
|
75
63
|
return unless kube_chart_secret_path.directory?
|
|
76
64
|
Dir.glob(kube_chart_secret_path.join('**/*')).each do |entry|
|
|
@@ -206,10 +194,6 @@ module Dapp
|
|
|
206
194
|
def kube_chart_secret_path(*path)
|
|
207
195
|
kube_chart_path('secret', *path).expand_path
|
|
208
196
|
end
|
|
209
|
-
|
|
210
|
-
def kube_chart_path(*path)
|
|
211
|
-
self.path('.helm', *path).expand_path
|
|
212
|
-
end
|
|
213
197
|
end
|
|
214
198
|
end
|
|
215
199
|
end
|
|
@@ -7,10 +7,8 @@ module Dapp
|
|
|
7
7
|
kube_check_helm!
|
|
8
8
|
kube_check_helm_release!
|
|
9
9
|
log_process("Delete release #{kube_release_name}") do
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
kubernetes.delete_namespace!(kube_namespace) if options[:with_namespace]
|
|
13
|
-
end
|
|
10
|
+
shellout! "helm delete #{kube_release_name} --purge"
|
|
11
|
+
kubernetes.delete_namespace!(kube_namespace) if options[:with_namespace]
|
|
14
12
|
end
|
|
15
13
|
end
|
|
16
14
|
|
|
@@ -55,7 +55,15 @@ module Dapp
|
|
|
55
55
|
end
|
|
56
56
|
|
|
57
57
|
def _minikube_run_daemon(name, &blk)
|
|
58
|
-
|
|
58
|
+
uid = Process.euid
|
|
59
|
+
if uid != 0 && File.exists?("/run/user/#{uid}")
|
|
60
|
+
pid_file_path = "/run/user/#{uid}/dapp_#{name}_daemon.pid"
|
|
61
|
+
elsif uid != 0
|
|
62
|
+
pid_file_path = "/tmp/dapp_#{name}_daemon.pid"
|
|
63
|
+
else
|
|
64
|
+
pid_file_path = "/run/dapp_#{name}_daemon.pid"
|
|
65
|
+
end
|
|
66
|
+
|
|
59
67
|
old_daemon_pid = begin
|
|
60
68
|
File.open(pid_file_path, 'r').read.strip.to_i
|
|
61
69
|
rescue Errno::ENOENT
|
|
@@ -126,99 +134,97 @@ module Dapp
|
|
|
126
134
|
def _minikube_run_registry
|
|
127
135
|
log_process("Run registry") do
|
|
128
136
|
_minikube_kubernetes.with_query(gracePeriodSeconds: 0) do
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
_minikube_kubernetes.delete_replicationcontroller! _minikube_registry_replicationcontroller_spec['metadata']['name']
|
|
132
|
-
|
|
133
|
-
shutdown_ok = false
|
|
134
|
-
600.times do
|
|
135
|
-
unless _minikube_kubernetes.replicationcontroller? _minikube_registry_replicationcontroller_spec['metadata']['name']
|
|
136
|
-
shutdown_ok = true
|
|
137
|
-
break
|
|
138
|
-
end
|
|
139
|
-
sleep 1
|
|
140
|
-
end
|
|
141
|
-
raise MinikubeSetupError, code: :registry_replicationcontroller_shutdown_failed unless shutdown_ok
|
|
142
|
-
end
|
|
137
|
+
if _minikube_kubernetes.replicationcontroller? _minikube_registry_replicationcontroller_spec['metadata']['name']
|
|
138
|
+
_minikube_kubernetes.delete_replicationcontroller! _minikube_registry_replicationcontroller_spec['metadata']['name']
|
|
143
139
|
|
|
144
|
-
_minikube_kubernetes.delete_pods! labelSelector: 'k8s-app=kube-registry'
|
|
145
140
|
shutdown_ok = false
|
|
146
141
|
600.times do
|
|
147
|
-
unless
|
|
142
|
+
unless _minikube_kubernetes.replicationcontroller? _minikube_registry_replicationcontroller_spec['metadata']['name']
|
|
148
143
|
shutdown_ok = true
|
|
149
144
|
break
|
|
150
145
|
end
|
|
151
146
|
sleep 1
|
|
152
147
|
end
|
|
153
|
-
raise MinikubeSetupError, code: :
|
|
148
|
+
raise MinikubeSetupError, code: :registry_replicationcontroller_shutdown_failed unless shutdown_ok
|
|
149
|
+
end
|
|
154
150
|
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
shutdown_ok = true
|
|
162
|
-
break
|
|
163
|
-
end
|
|
164
|
-
sleep 1
|
|
165
|
-
end
|
|
166
|
-
raise MinikubeSetupError, code: :registry_service_shutdown_failed unless shutdown_ok
|
|
151
|
+
_minikube_kubernetes.delete_pods! labelSelector: 'k8s-app=kube-registry'
|
|
152
|
+
shutdown_ok = false
|
|
153
|
+
600.times do
|
|
154
|
+
unless _minikube_find_registry_pod
|
|
155
|
+
shutdown_ok = true
|
|
156
|
+
break
|
|
167
157
|
end
|
|
158
|
+
sleep 1
|
|
159
|
+
end
|
|
160
|
+
raise MinikubeSetupError, code: :registry_pod_shutdown_failed unless shutdown_ok
|
|
168
161
|
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
shutdown_ok = false
|
|
173
|
-
600.times do
|
|
174
|
-
unless _minikube_kubernetes.pod? _minikube_registry_proxy_pod_spec['metadata']['name']
|
|
175
|
-
shutdown_ok = true
|
|
176
|
-
break
|
|
177
|
-
end
|
|
178
|
-
sleep 1
|
|
179
|
-
end
|
|
180
|
-
raise MinikubeSetupError, code: :registry_proxy_pod_shutdown_failed unless shutdown_ok
|
|
181
|
-
end
|
|
162
|
+
if _minikube_kubernetes.service? _minikube_registry_service_spec['metadata']['name']
|
|
163
|
+
_minikube_kubernetes.delete_service! _minikube_registry_service_spec['metadata']['name']
|
|
182
164
|
|
|
183
|
-
|
|
184
|
-
registry_pod_ok = false
|
|
165
|
+
shutdown_ok = false
|
|
185
166
|
600.times do
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
@_minikube_registry_pod_name = registry_pod['metadata']['name']
|
|
190
|
-
break
|
|
191
|
-
end
|
|
167
|
+
unless _minikube_kubernetes.service? _minikube_registry_service_spec['metadata']['name']
|
|
168
|
+
shutdown_ok = true
|
|
169
|
+
break
|
|
192
170
|
end
|
|
193
171
|
sleep 1
|
|
194
172
|
end
|
|
195
|
-
raise MinikubeSetupError, code: :
|
|
173
|
+
raise MinikubeSetupError, code: :registry_service_shutdown_failed unless shutdown_ok
|
|
174
|
+
end
|
|
175
|
+
|
|
176
|
+
if _minikube_kubernetes.pod? _minikube_registry_proxy_pod_spec['metadata']['name']
|
|
177
|
+
_minikube_kubernetes.delete_pod! _minikube_registry_proxy_pod_spec['metadata']['name']
|
|
196
178
|
|
|
197
|
-
|
|
198
|
-
registry_service_ok = false
|
|
179
|
+
shutdown_ok = false
|
|
199
180
|
600.times do
|
|
200
|
-
|
|
201
|
-
|
|
181
|
+
unless _minikube_kubernetes.pod? _minikube_registry_proxy_pod_spec['metadata']['name']
|
|
182
|
+
shutdown_ok = true
|
|
202
183
|
break
|
|
203
184
|
end
|
|
204
185
|
sleep 1
|
|
205
186
|
end
|
|
206
|
-
raise MinikubeSetupError, code: :
|
|
187
|
+
raise MinikubeSetupError, code: :registry_proxy_pod_shutdown_failed unless shutdown_ok
|
|
188
|
+
end
|
|
207
189
|
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
190
|
+
_minikube_kubernetes.create_replicationcontroller!(_minikube_registry_replicationcontroller_spec)
|
|
191
|
+
registry_pod_ok = false
|
|
192
|
+
600.times do
|
|
193
|
+
if registry_pod = _minikube_find_registry_pod
|
|
194
|
+
if registry_pod['status']['phase'] == 'Running'
|
|
195
|
+
registry_pod_ok = true
|
|
196
|
+
@_minikube_registry_pod_name = registry_pod['metadata']['name']
|
|
197
|
+
break
|
|
198
|
+
end
|
|
199
|
+
end
|
|
200
|
+
sleep 1
|
|
201
|
+
end
|
|
202
|
+
raise MinikubeSetupError, code: :registry_pod_not_ok unless registry_pod_ok
|
|
203
|
+
|
|
204
|
+
_minikube_kubernetes.create_service!(_minikube_registry_service_spec)
|
|
205
|
+
registry_service_ok = false
|
|
206
|
+
600.times do
|
|
207
|
+
if _minikube_kubernetes.service? _minikube_registry_service_spec['metadata']['name']
|
|
208
|
+
registry_service_ok = true
|
|
209
|
+
break
|
|
210
|
+
end
|
|
211
|
+
sleep 1
|
|
212
|
+
end
|
|
213
|
+
raise MinikubeSetupError, code: :registry_service_not_ok unless registry_service_ok
|
|
214
|
+
|
|
215
|
+
_minikube_kubernetes.create_pod! _minikube_registry_proxy_pod_spec
|
|
216
|
+
registry_proxy_pod_ok = false
|
|
217
|
+
600.times do
|
|
218
|
+
if _minikube_kubernetes.pod? _minikube_registry_proxy_pod_spec['metadata']['name']
|
|
219
|
+
registry_proxy_pod = _minikube_kubernetes.pod(_minikube_registry_proxy_pod_spec['metadata']['name'])
|
|
220
|
+
if registry_proxy_pod['status']['phase'] == 'Running'
|
|
221
|
+
registry_proxy_pod_ok = true
|
|
222
|
+
break
|
|
217
223
|
end
|
|
218
|
-
sleep 1
|
|
219
224
|
end
|
|
220
|
-
|
|
225
|
+
sleep 1
|
|
221
226
|
end
|
|
227
|
+
raise MinikubeSetupError, code: :registry_proxy_pod_not_ok unless registry_proxy_pod_ok
|
|
222
228
|
end
|
|
223
229
|
end
|
|
224
230
|
end
|
|
@@ -6,10 +6,25 @@ module Dapp
|
|
|
6
6
|
def kube_secret_extract(file_path)
|
|
7
7
|
secret_key_should_exist!
|
|
8
8
|
|
|
9
|
-
|
|
10
|
-
|
|
9
|
+
data = begin
|
|
10
|
+
if file_path
|
|
11
|
+
raise Error::Command, code: :file_not_exist, data: { path: File.expand_path(file_path) } unless File.exist?(file_path)
|
|
12
|
+
|
|
13
|
+
if options[:values]
|
|
14
|
+
kube_extract_secret_values(file_path)
|
|
15
|
+
else
|
|
16
|
+
kube_extract_secret_file(file_path)
|
|
17
|
+
end
|
|
18
|
+
else
|
|
19
|
+
kube_extract_secret
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
if (output_file_path = options[:output_file_path])
|
|
24
|
+
FileUtils.mkpath File.dirname(output_file_path)
|
|
25
|
+
IO.binwrite(output_file_path, "#{data}\n")
|
|
11
26
|
else
|
|
12
|
-
|
|
27
|
+
puts data
|
|
13
28
|
end
|
|
14
29
|
end
|
|
15
30
|
|
|
@@ -17,27 +32,26 @@ module Dapp
|
|
|
17
32
|
data = begin
|
|
18
33
|
if $stdin.tty?
|
|
19
34
|
print 'Enter secret: '
|
|
20
|
-
$stdin.
|
|
35
|
+
$stdin.gets
|
|
21
36
|
else
|
|
22
37
|
$stdin.read
|
|
23
|
-
end
|
|
38
|
+
end.to_s.chomp
|
|
24
39
|
end
|
|
25
40
|
|
|
26
|
-
|
|
27
|
-
|
|
41
|
+
if data.empty?
|
|
42
|
+
exit 0
|
|
43
|
+
else
|
|
44
|
+
secret.extract(data)
|
|
28
45
|
end
|
|
29
46
|
end
|
|
30
47
|
|
|
31
|
-
def
|
|
32
|
-
raise Error::Command, code: :
|
|
48
|
+
def kube_extract_secret_values(file_path)
|
|
49
|
+
raise Error::Command, code: :incorrect_yaml_structure, data: { path: File.expand_path(file_path) } unless (json = YAML::load(File.read(file_path)))
|
|
50
|
+
kube_helm_decode_json(secret, json).to_yaml
|
|
51
|
+
end
|
|
33
52
|
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
puts decrypted_data
|
|
37
|
-
else
|
|
38
|
-
FileUtils.mkpath File.dirname(output_file_path)
|
|
39
|
-
IO.binwrite(output_file_path, "#{decrypted_data}\n")
|
|
40
|
-
end
|
|
53
|
+
def kube_extract_secret_file(file_path)
|
|
54
|
+
secret.extract(IO.binread(file_path).chomp("\n"))
|
|
41
55
|
end
|
|
42
56
|
end
|
|
43
57
|
end
|
|
@@ -6,10 +6,25 @@ module Dapp
|
|
|
6
6
|
def kube_secret_generate(file_path)
|
|
7
7
|
secret_key_should_exist!
|
|
8
8
|
|
|
9
|
-
|
|
10
|
-
|
|
9
|
+
data = begin
|
|
10
|
+
if file_path
|
|
11
|
+
raise Error::Command, code: :file_not_exist, data: { path: File.expand_path(file_path) } unless File.exist?(file_path)
|
|
12
|
+
|
|
13
|
+
if options[:values]
|
|
14
|
+
kube_secret_values(file_path)
|
|
15
|
+
else
|
|
16
|
+
kube_secret_file(file_path)
|
|
17
|
+
end
|
|
18
|
+
else
|
|
19
|
+
kube_secret
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
if (output_file_path = options[:output_file_path])
|
|
24
|
+
FileUtils.mkpath File.dirname(output_file_path)
|
|
25
|
+
IO.binwrite(output_file_path, "#{data}\n")
|
|
11
26
|
else
|
|
12
|
-
|
|
27
|
+
puts data
|
|
13
28
|
end
|
|
14
29
|
end
|
|
15
30
|
|
|
@@ -20,24 +35,23 @@ module Dapp
|
|
|
20
35
|
$stdin.noecho(&:gets).tap { print "\n" }
|
|
21
36
|
else
|
|
22
37
|
$stdin.read
|
|
23
|
-
end
|
|
38
|
+
end.to_s.chomp
|
|
24
39
|
end
|
|
25
40
|
|
|
26
|
-
|
|
27
|
-
|
|
41
|
+
if data.empty?
|
|
42
|
+
exit 0
|
|
43
|
+
else
|
|
44
|
+
secret.generate(data)
|
|
28
45
|
end
|
|
29
46
|
end
|
|
30
47
|
|
|
31
|
-
def
|
|
32
|
-
raise Error::Command, code: :
|
|
48
|
+
def kube_secret_values(file_path)
|
|
49
|
+
raise Error::Command, code: :incorrect_yaml_structure, data: { path: File.expand_path(file_path) } unless (json = YAML::load(File.read(file_path)))
|
|
50
|
+
kube_helm_encode_json(secret, json).to_yaml
|
|
51
|
+
end
|
|
33
52
|
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
puts encrypted_data
|
|
37
|
-
else
|
|
38
|
-
FileUtils.mkpath File.dirname(output_file_path)
|
|
39
|
-
IO.binwrite(output_file_path, "#{encrypted_data}\n")
|
|
40
|
-
end
|
|
53
|
+
def kube_secret_file(file_path)
|
|
54
|
+
secret.generate(IO.binread(file_path))
|
|
41
55
|
end
|
|
42
56
|
end
|
|
43
57
|
end
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
module Dapp
|
|
2
|
+
module Kube
|
|
3
|
+
module Dapp
|
|
4
|
+
module Command
|
|
5
|
+
module SecretRegenerate
|
|
6
|
+
def kube_secret_regenerate(*secret_values_paths)
|
|
7
|
+
regenerated_data = {}
|
|
8
|
+
|
|
9
|
+
secret_values_paths << kube_chart_path('secret-values.yaml') if kube_chart_path('secret-values.yaml').file?
|
|
10
|
+
secret_values_paths.each do |file_path|
|
|
11
|
+
raise Error::Command, code: :file_not_exist, data: { path: File.expand_path(file_path) } unless File.exist?(file_path)
|
|
12
|
+
regenerated_data[file_path] = kube_regenerate_secret_values(file_path)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
Dir.glob(kube_chart_path('secret/**/*'), File::FNM_DOTMATCH).each do |file_path|
|
|
16
|
+
next if File.directory?(file_path)
|
|
17
|
+
regenerated_data[file_path] = kube_regenerate_secret_file(file_path)
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
regenerated_data.each { |file_path, data| IO.binwrite(file_path, "#{data}\n") }
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
def kube_regenerate_secret_file(file_path)
|
|
24
|
+
secret.generate(old_secret.extract(IO.binread(file_path).chomp("\n")))
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def kube_regenerate_secret_values(file_path)
|
|
28
|
+
raise Error::Command, code: :incorrect_yaml_structure, data: { path: File.expand_path(file_path) } unless (json = YAML::load(File.read(file_path)))
|
|
29
|
+
kube_helm_encode_json(secret, kube_helm_decode_json(old_secret, json)).to_yaml
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def old_secret
|
|
33
|
+
@old_secret ||= Secret.new(options[:old_secret_key])
|
|
34
|
+
end
|
|
35
|
+
end
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
end
|
data/lib/dapp/kube/dapp/dapp.rb
CHANGED
data/lib/dapp/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dapp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.13.
|
|
4
|
+
version: 0.13.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dmitry Stolyarov
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-07-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: mixlib-shellout
|
|
@@ -403,7 +403,9 @@ files:
|
|
|
403
403
|
- config/en/net_status.yml
|
|
404
404
|
- lib/dapp.rb
|
|
405
405
|
- lib/dapp/cli.rb
|
|
406
|
+
- lib/dapp/cli/cli.rb
|
|
406
407
|
- lib/dapp/cli/command/base.rb
|
|
408
|
+
- lib/dapp/cli/command/update.rb
|
|
407
409
|
- lib/dapp/config/config.rb
|
|
408
410
|
- lib/dapp/config/directive/base.rb
|
|
409
411
|
- lib/dapp/config/error/config.rb
|
|
@@ -627,6 +629,7 @@ files:
|
|
|
627
629
|
- lib/dapp/kube/cli/command/kube/secret_extract.rb
|
|
628
630
|
- lib/dapp/kube/cli/command/kube/secret_generate.rb
|
|
629
631
|
- lib/dapp/kube/cli/command/kube/secret_key_generate.rb
|
|
632
|
+
- lib/dapp/kube/cli/command/kube/secret_regenerate.rb
|
|
630
633
|
- lib/dapp/kube/client.rb
|
|
631
634
|
- lib/dapp/kube/client/error.rb
|
|
632
635
|
- lib/dapp/kube/dapp/command/common.rb
|
|
@@ -636,6 +639,7 @@ files:
|
|
|
636
639
|
- lib/dapp/kube/dapp/command/secret_extract.rb
|
|
637
640
|
- lib/dapp/kube/dapp/command/secret_generate.rb
|
|
638
641
|
- lib/dapp/kube/dapp/command/secret_key_generate.rb
|
|
642
|
+
- lib/dapp/kube/dapp/command/secret_regenerate.rb
|
|
639
643
|
- lib/dapp/kube/dapp/dapp.rb
|
|
640
644
|
- lib/dapp/kube/error/base.rb
|
|
641
645
|
- lib/dapp/kube/error/command.rb
|