[
https://issues.apache.org/jira/browse/KNOX-3360?focusedWorklogId=1026875&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1026875
]
ASF GitHub Bot logged work on KNOX-3360:
----------------------------------------
Author: ASF GitHub Bot
Created on: 25/Jun/26 16:16
Start Date: 25/Jun/26 16:16
Worklog Time Spent: 10m
Work Description: hanicz commented on code in PR #1279:
URL: https://github.com/apache/knox/pull/1279#discussion_r3475911409
##########
gateway-server/src/main/java/org/apache/knox/gateway/util/KnoxCLI.java:
##########
@@ -1029,6 +1058,77 @@ public String getUsage() {
}
}
+ public class K8sAliasCreateCommand extends Command {
+
+ public static final String USAGE = "create-k8s-alias secret-name
[secret-name ...] [--namespace namespace]";
+ public static final String DESC = "The create-k8s-alias command reads one
or more Kubernetes\n"
+ + "Secrets and creates a Knox alias for
each. The namespace\n"
+ + "defaults to 'knox' and can be overridden
with --namespace.\n"
+ + "Every Secret must contain 'alias.name'
(the alias name)\n"
+ + "and 'alias.value' (the secret value);
'topology' is optional\n"
+ + "and defaults to the gateway-level
credential store ('__gateway').\n"
+ + "Uses in-cluster Kubernetes config.";
+
+ private static final String DEFAULT_NAMESPACE = "knox";
+ private static final String ENTRY_NAME = "alias.name";
+ private static final String ENTRY_TOPOLOGY = "topology";
+ private static final String ENTRY_KEY = "alias.value";
+ private static final String DEFAULT_TOPOLOGY = "__gateway";
+
+ private final List<String> secretNames;
+
+ public K8sAliasCreateCommand(List<String> secretNames) {
+ this.secretNames = secretNames;
+ }
+
+ @Override
+ public void execute() throws Exception {
+ AliasService as = getAliasService();
+ String ns = (namespace == null || namespace.isEmpty()) ?
DEFAULT_NAMESPACE : namespace;
+ try (KubernetesClient client = buildKubernetesClient()) {
+ for (String secretName : secretNames) {
+ Secret secret =
client.secrets().inNamespace(ns).withName(secretName).get();
+ if (secret == null) {
+ throw new IllegalStateException(
+ "Secret '" + secretName + "' not found in namespace '" + ns +
"'.");
+ }
+ String aliasName = requireEntry(secret, secretName, ENTRY_NAME);
+ String aliasValue = requireEntry(secret, secretName, ENTRY_KEY);
+ String topology = optionalEntry(secret, ENTRY_TOPOLOGY);
+ if (topology == null || topology.isEmpty()) {
+ topology = DEFAULT_TOPOLOGY;
+ }
+
+ as.addAliasForCluster(topology, aliasName, aliasValue);
+ out.println(aliasName + " has been successfully created in topology "
+ topology
+ + " (from secret " + secretName + ").");
+ }
+ }
+ }
+
+ private String requireEntry(Secret secret, String secretName, String
entryKey) {
+ String entry = optionalEntry(secret, entryKey);
+ if (entry == null || entry.isEmpty()) {
+ throw new IllegalStateException(
+ "Secret '" + secretName + "' is missing required entry '" +
entryKey + "'.");
+ }
+ return entry;
+ }
+
+ private String optionalEntry(Secret secret, String entryKey) {
+ if (secret.getData() != null && secret.getData().containsKey(entryKey)) {
Review Comment:
When the secret gets created k8s api converts stringData into data and
base64 encodes it.
Issue Time Tracking
-------------------
Worklog Id: (was: 1026875)
Time Spent: 50m (was: 40m)
> New KnoxCLI command to save alias from k8s secret
> -------------------------------------------------
>
> Key: KNOX-3360
> URL: https://issues.apache.org/jira/browse/KNOX-3360
> Project: Apache Knox
> Issue Type: New Feature
> Components: KnoxCLI
> Affects Versions: 2.1.0
> Reporter: Tamás Hanicz
> Assignee: Tamás Hanicz
> Priority: Major
> Time Spent: 50m
> Remaining Estimate: 0h
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)