From df4dddb815aec9edf637d5fb00ddeafc01664ce2 Mon Sep 17 00:00:00 2001 From: Tom Cooper <57812123+coopernetes@users.noreply.github.com> Date: Sat, 23 Apr 2022 17:24:43 -0400 Subject: [PATCH] JSON output support + dep pinning (#16) * client-go 0.23.5, pin kind versions * set kind + node version in setup-kind action fix action prop fix ver str * JSON output * suppress test output * suppress more outputs --- .github/workflows/build.yml | 3 +++ README.md | 8 ++++++-- go.mod | 6 +++--- go.sum | 12 ++++++------ main.go | 10 ++++++++-- tests/k8s.sh | 9 ++++++--- 6 files changed, 32 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 651bc18..9eafbc7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,6 +26,9 @@ jobs: sudo cp kubeval /usr/local/bin - name: Setup kind uses: engineerd/setup-kind@v0.5.0 + with: + version: "v0.12.0" + image: kindest/node:v1.23.4@sha256:0e34f0d0fd448aa2f2819cfd74e99fe5793a6e4938b328f657c8e3f81ee0dfb9 - name: Run Kubernetes tests run: | kubectl cluster-info diff --git a/README.md b/README.md index dcfba10..c8309de 100644 --- a/README.md +++ b/README.md @@ -33,11 +33,15 @@ GO111MODULE="on" go get github.com/coopernetes/kube-role-gen ```bash $ kube-role-gen -h Usage of kube-role-gen: + -json + Generate JSON output. If unset, will default to YAML. -kubeconfig string - (optional) absolute path to the kubeconfig file (default "/home/user/.kube/config") + absolute path to the kubeconfig file. If set, this will override the default behavior and ignore KUBECONFIG environment variable and/or $HOME/.kube/config file location. -name string Override the name of the ClusterRole resource that is generated (default "foo-clusterrole") - -v Enable verbose logging + -pretty + Enable human-readable JSON output. This flag is ignored for YAML (always pretty-prints). + -v Enable verbose logging. ``` The resulting `ClusterRole` resource will be printed to stdout in YAML format. diff --git a/go.mod b/go.mod index 9bb6d38..b15f097 100644 --- a/go.mod +++ b/go.mod @@ -4,9 +4,9 @@ go 1.17 require ( github.com/elliotchance/orderedmap v1.4.0 - k8s.io/api v0.23.3 - k8s.io/apimachinery v0.23.3 - k8s.io/client-go v0.23.3 + k8s.io/api v0.23.5 + k8s.io/apimachinery v0.23.5 + k8s.io/client-go v0.23.5 ) require ( diff --git a/go.sum b/go.sum index 806a385..027f949 100644 --- a/go.sum +++ b/go.sum @@ -597,12 +597,12 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.23.3 h1:KNrME8KHGr12Ozjf8ytOewKzZh6hl/hHUZeHddT3a38= -k8s.io/api v0.23.3/go.mod h1:w258XdGyvCmnBj/vGzQMj6kzdufJZVUwEM1U2fRJwSQ= -k8s.io/apimachinery v0.23.3 h1:7IW6jxNzrXTsP0c8yXz2E5Yx/WTzVPTsHIx/2Vm0cIk= -k8s.io/apimachinery v0.23.3/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= -k8s.io/client-go v0.23.3 h1:23QYUmCQ/W6hW78xIwm3XqZrrKZM+LWDqW2zfo+szJs= -k8s.io/client-go v0.23.3/go.mod h1:47oMd+YvAOqZM7pcQ6neJtBiFH7alOyfunYN48VsmwE= +k8s.io/api v0.23.5 h1:zno3LUiMubxD/V1Zw3ijyKO3wxrhbUF1Ck+VjBvfaoA= +k8s.io/api v0.23.5/go.mod h1:Na4XuKng8PXJ2JsploYYrivXrINeTaycCGcYgF91Xm8= +k8s.io/apimachinery v0.23.5 h1:Va7dwhp8wgkUPWsEXk6XglXWU4IKYLKNlv8VkX7SDM0= +k8s.io/apimachinery v0.23.5/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= +k8s.io/client-go v0.23.5 h1:zUXHmEuqx0RY4+CsnkOn5l0GU+skkRXKGJrhmE2SLd8= +k8s.io/client-go v0.23.5/go.mod h1:flkeinTO1CirYgzMPRWxUCnV0G4Fbu2vLhYCObnt/r4= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= diff --git a/main.go b/main.go index 881a418..35158f7 100644 --- a/main.go +++ b/main.go @@ -20,7 +20,9 @@ func main() { roleNameArg := flag.String("name", "foo-clusterrole", "Override the name of the ClusterRole "+ "resource that is generated") - enableVerboseLogging := flag.Bool("v", false, "Enable verbose logging") + enableVerboseLogging := flag.Bool("v", false, "Enable verbose logging.") + enableJson := flag.Bool("json", false, "Generate JSON output. If unset, will default to YAML.") + enableJsonPretty := flag.Bool("pretty", false, "Enable human-readable JSON output. This flag is ignored for YAML (always pretty-prints).") kubeconfigFlag := flag.String("kubeconfig", "", "absolute path to the kubeconfig file. "+ "If set, this will override the default behavior and "+ "ignore KUBECONFIG environment variable and/or $HOME/.kube/config file location.") @@ -136,7 +138,11 @@ func main() { Rules: computedPolicyRules, } - serializer := k8sJson.NewSerializerWithOptions(k8sJson.DefaultMetaFactory, nil, nil, k8sJson.SerializerOptions{Yaml: true}) + options := k8sJson.SerializerOptions{ + Yaml: !*enableJson, + Pretty: *enableJsonPretty, + } + serializer := k8sJson.NewSerializerWithOptions(k8sJson.DefaultMetaFactory, nil, nil, options) var writer = bytes.NewBufferString("") e := serializer.Encode(completeRbac, writer) if e != nil { diff --git a/tests/k8s.sh b/tests/k8s.sh index d98ca71..234c8be 100755 --- a/tests/k8s.sh +++ b/tests/k8s.sh @@ -6,9 +6,12 @@ kube-role-gen | kubeval - kube-role-gen | kubectl apply --validate -f - kube-role-gen | conftest test --policy tests/gh-11.rego - +# https://github.com/coopernetes/kube-role-gen/issues/8 +kube-role-gen -json | python -m json.tool 2>&1 > /dev/null + # https://github.com/coopernetes/kube-role-gen/issues/14 if [ -f "$HOME/.kube/config" ]; then - mv $HOME/.kube/config /tmp/test-kubecfg - KUBECONFIG=/tmp/test-kubecfg kube-role-gen - kube-role-gen -kubeconfig /tmp/test-kubecfg + cp $HOME/.kube/config /tmp/test-kubecfg + KUBECONFIG=/tmp/test-kubecfg kube-role-gen | kubeval - + kube-role-gen -kubeconfig /tmp/test-kubecfg | kubeval - fi