diff --git a/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/security/KubernetesNamedAccountCredentials.java b/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/security/KubernetesNamedAccountCredentials.java index 29ac8bc08e2..592c4bac1b8 100644 --- a/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/security/KubernetesNamedAccountCredentials.java +++ b/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/security/KubernetesNamedAccountCredentials.java @@ -22,6 +22,7 @@ import com.netflix.spinnaker.clouddriver.kubernetes.v1.security.KubernetesV1Credentials; import com.netflix.spinnaker.clouddriver.kubernetes.v2.description.manifest.KubernetesManifest; import com.netflix.spinnaker.clouddriver.kubernetes.v2.names.KubernetesManifestNamer; +import com.netflix.spinnaker.clouddriver.kubernetes.v2.op.job.KubectlJobExecutor; import com.netflix.spinnaker.clouddriver.kubernetes.v2.security.KubernetesV2Credentials; import com.netflix.spinnaker.clouddriver.names.NamerRegistry; import com.netflix.spinnaker.clouddriver.security.AccountCredentials; @@ -171,6 +172,7 @@ static class Builder { List dockerRegistries; Registry spectatorRegistry; AccountCredentialsRepository accountCredentialsRepository; + KubectlJobExecutor jobExecutor; boolean debug; Builder name(String name) { @@ -276,6 +278,11 @@ Builder accountCredentialsRepository(AccountCredentialsRepository accountCredent return this; } + Builder jobExecutor(KubectlJobExecutor jobExecutor) { + this.jobExecutor = jobExecutor; + return this; + } + Builder debug(boolean debug) { this.debug = debug; return this; @@ -313,6 +320,7 @@ private C buildCredentials() { .omitNamespaces(omitNamespaces) .registry(spectatorRegistry) .debug(debug) + .jobExecutor(jobExecutor) .build(); default: throw new IllegalArgumentException("Unknown provider type: " + providerVersion); diff --git a/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/security/KubernetesNamedAccountCredentialsInitializer.groovy b/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/security/KubernetesNamedAccountCredentialsInitializer.groovy index 7a0e3fb1cf1..3699d650fdd 100644 --- a/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/security/KubernetesNamedAccountCredentialsInitializer.groovy +++ b/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/security/KubernetesNamedAccountCredentialsInitializer.groovy @@ -20,6 +20,7 @@ import com.netflix.spectator.api.Registry import com.netflix.spinnaker.cats.module.CatsModule import com.netflix.spinnaker.cats.provider.ProviderSynchronizerTypeWrapper import com.netflix.spinnaker.clouddriver.kubernetes.config.KubernetesConfigurationProperties +import com.netflix.spinnaker.clouddriver.kubernetes.v2.op.job.KubectlJobExecutor import com.netflix.spinnaker.clouddriver.security.AccountCredentialsRepository import com.netflix.spinnaker.clouddriver.security.CredentialsInitializerSynchronizable import com.netflix.spinnaker.clouddriver.security.ProviderUtils @@ -37,6 +38,7 @@ class KubernetesNamedAccountCredentialsInitializer implements CredentialsInitial private static final Integer DEFAULT_CACHE_THREADS = 1 @Autowired Registry spectatorRegistry + @Autowired KubectlJobExecutor jobExecutor @Bean List kubernetesNamedAccountCredentials( @@ -91,6 +93,7 @@ class KubernetesNamedAccountCredentialsInitializer implements CredentialsInitial .requiredGroupMembership(managedAccount.requiredGroupMembership) .permissions(managedAccount.permissions.build()) .spectatorRegistry(spectatorRegistry) + .jobExecutor(jobExecutor) .debug(managedAccount.debug) .build() diff --git a/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/v2/op/job/KubectlJobExecutor.java b/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/v2/op/job/KubectlJobExecutor.java index c068b1ae6d6..47b01e81639 100644 --- a/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/v2/op/job/KubectlJobExecutor.java +++ b/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/v2/op/job/KubectlJobExecutor.java @@ -276,7 +276,9 @@ private List kubectlNamespacedAuthPrefix(KubernetesV2Credentials credent namespace = credentials.getDefaultNamespace(); } - command.add("--namespace=" + namespace); + if (StringUtils.isNotEmpty(namespace)) { + command.add("--namespace=" + namespace); + } return command; } diff --git a/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/v2/security/KubernetesV2Credentials.java b/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/v2/security/KubernetesV2Credentials.java index 1ebed7608fd..663ba91cf5b 100644 --- a/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/v2/security/KubernetesV2Credentials.java +++ b/clouddriver-kubernetes/src/main/groovy/com/netflix/spinnaker/clouddriver/kubernetes/v2/security/KubernetesV2Credentials.java @@ -25,14 +25,10 @@ import com.netflix.spinnaker.clouddriver.kubernetes.security.KubernetesCredentials; import com.netflix.spinnaker.clouddriver.kubernetes.v2.description.manifest.KubernetesApiVersion; import com.netflix.spinnaker.clouddriver.kubernetes.v2.description.manifest.KubernetesKind; -import io.kubernetes.client.ApiClient; +import com.netflix.spinnaker.clouddriver.kubernetes.v2.description.manifest.KubernetesManifest; +import com.netflix.spinnaker.clouddriver.kubernetes.v2.op.job.KubectlJobExecutor; import io.kubernetes.client.ApiException; -import io.kubernetes.client.apis.AppsV1beta1Api; -import io.kubernetes.client.apis.AppsV1beta2Api; -import io.kubernetes.client.apis.CoreV1Api; -import io.kubernetes.client.apis.ExtensionsV1beta1Api; import io.kubernetes.client.models.V1Service; -import io.kubernetes.client.util.Config; import io.kubernetes.client.util.KubeConfig; import lombok.Getter; import org.apache.commons.lang3.StringUtils; @@ -50,11 +46,7 @@ import java.util.stream.Collectors; public class KubernetesV2Credentials implements KubernetesCredentials { - private final ApiClient client; - private final CoreV1Api coreV1Api; - private final ExtensionsV1beta1Api extensionsV1beta1Api; - private final AppsV1beta1Api appsV1beta1Api; - private final AppsV1beta2Api appsV1beta2Api; + private final KubectlJobExecutor jobExecutor; private final Registry registry; private final Clock clock; private final String accountName; @@ -93,6 +85,7 @@ public static class Builder { List namespaces = new ArrayList<>(); List omitNamespaces = new ArrayList<>(); Registry registry; + KubectlJobExecutor jobExecutor; boolean debug; public Builder accountName(String accountName) { @@ -130,6 +123,11 @@ public Builder registry(Registry registry) { return this; } + public Builder jobExecutor(KubectlJobExecutor jobExecutor) { + this.jobExecutor = jobExecutor; + return this; + } + public Builder debug(boolean debug) { this.debug = debug; return this; @@ -151,18 +149,12 @@ public KubernetesV2Credentials build() { kubeconfig.setContext(context); } - ApiClient client = Config.fromConfig(kubeconfig); - - if (!StringUtils.isEmpty(userAgent)) { - client.setUserAgent(userAgent); - } - namespaces = namespaces == null ? new ArrayList<>() : namespaces; omitNamespaces = omitNamespaces == null ? new ArrayList<>() : omitNamespaces; return new KubernetesV2Credentials( accountName, - client, + jobExecutor, namespaces, omitNamespaces, registry, @@ -174,7 +166,7 @@ public KubernetesV2Credentials build() { } private KubernetesV2Credentials(@NotNull String accountName, - @NotNull ApiClient client, + @NotNull KubectlJobExecutor jobExecutor, @NotNull List namespaces, @NotNull List omitNamespaces, @NotNull Registry registry, @@ -186,15 +178,9 @@ private KubernetesV2Credentials(@NotNull String accountName, this.accountName = accountName; this.namespaces = namespaces; this.omitNamespaces = omitNamespaces; - this.client = client; - this.client.setDebugging(debug); + this.jobExecutor = jobExecutor; this.debug = debug; - this.coreV1Api = new CoreV1Api(this.client); - this.extensionsV1beta1Api = new ExtensionsV1beta1Api(this.client); - this.appsV1beta1Api = new AppsV1beta1Api(this.client); - this.appsV1beta2Api = new AppsV1beta2Api(this.client); - this.kubeconfigFile = kubeconfigFile; this.context = context; } @@ -202,18 +188,16 @@ private KubernetesV2Credentials(@NotNull String accountName, @Override public List getDeclaredNamespaces() { List result; - String labelSelector = null; - String fieldSelector = null; if (!namespaces.isEmpty()) { result = namespaces; } else { try { - result = coreV1Api.listNamespace(PRETTY, CONTINUE, fieldSelector, INCLUDE_UNINITIALIZED, labelSelector, LIMIT, DEFAULT_VERSION, TIMEOUT_SECONDS, WATCH) - .getItems() - .stream() - .map(n -> n.getMetadata().getName()) + List namespaceManifests = jobExecutor.getAll(this, KubernetesKind.NAMESPACE, ""); + result = namespaceManifests.stream() + .map(KubernetesManifest::getName) .collect(Collectors.toList()); - } catch (ApiException e) { + + } catch (KubectlJobExecutor.KubectlException e) { throw new RuntimeException(e); } }