From 930caf4157c4ea497a22ba14594d009d5a986e4d Mon Sep 17 00:00:00 2001 From: EraKin575 Date: Fri, 21 Jun 2024 18:24:10 +0530 Subject: [PATCH 1/2] added include flags to include security context --- pkg/kn/commands/service/export.go | 44 ++++++++++++++++++++++++------- 1 file changed, 34 insertions(+), 10 deletions(-) diff --git a/pkg/kn/commands/service/export.go b/pkg/kn/commands/service/export.go index 570da9961a..32418cf1b9 100644 --- a/pkg/kn/commands/service/export.go +++ b/pkg/kn/commands/service/export.go @@ -77,7 +77,7 @@ const ( // NewServiceExportCommand returns a new command for exporting a service. func NewServiceExportCommand(p *commands.KnParams) *cobra.Command { - // For machine readable output + // For machine-readable output machineReadablePrintFlags := genericclioptions.NewPrintFlags("") command := &cobra.Command{ @@ -127,11 +127,25 @@ func NewServiceExportCommand(p *commands.KnParams) *cobra.Command { } flags := command.Flags() commands.AddNamespaceFlags(flags, false) + flags.StringArray("include", nil, "Include certain info") flags.Bool("with-revisions", false, "Export all routed revisions (Beta)") flags.String("mode", "", "Format for exporting all routed revisions. One of replay|export (Beta)") + flags.StringArray("include", nil, "Include certain info") machineReadablePrintFlags.AddFlags(command) return command } +func isSecurityContextIncluded(cmd *cobra.Command) (bool, error) { + includes, err := cmd.Flags().GetStringArray("include") + if err != nil { + return false, err + } + for _, include := range includes { + if include == "securityContext" { + return true, nil + } + } + return false, nil +} func exportService(cmd *cobra.Command, service *servingv1.Service, client clientservingv1.KnServingClient, printer printers.ResourcePrinter) error { withRevisions, err := cmd.Flags().GetBool("with-revisions") @@ -139,20 +153,25 @@ func exportService(cmd *cobra.Command, service *servingv1.Service, client client return err } + withSecurityContext, err := isSecurityContextIncluded(cmd) + if err != nil { + return err + } + mode, err := cmd.Flags().GetString("mode") if err != nil { return err } if mode == ModeReplay { - svcList, err := exportServiceListForReplay(cmd.Context(), service.DeepCopy(), client, withRevisions) + svcList, err := exportServiceListForReplay(cmd.Context(), service.DeepCopy(), client, withRevisions, withSecurityContext) if err != nil { return err } return printer.PrintObj(svcList, cmd.OutOrStdout()) } // default is export mode - knExport, err := exportForKNImport(cmd.Context(), service.DeepCopy(), client, withRevisions) + knExport, err := exportForKNImport(cmd.Context(), service.DeepCopy(), client, withRevisions, withSecurityContext) if err != nil { return err } @@ -160,7 +179,7 @@ func exportService(cmd *cobra.Command, service *servingv1.Service, client client return printer.PrintObj(knExport, cmd.OutOrStdout()) } -func exportLatestService(latestSvc *servingv1.Service, withRoutes bool) *servingv1.Service { +func exportLatestService(latestSvc *servingv1.Service, withRoutes bool, withSecurityContext bool) *servingv1.Service { exportedSvc := servingv1.Service{ ObjectMeta: metav1.ObjectMeta{ Name: latestSvc.ObjectMeta.Name, @@ -178,6 +197,12 @@ func exportLatestService(latestSvc *servingv1.Service, withRoutes bool) *serving if withRoutes { exportedSvc.Spec.RouteSpec = latestSvc.Spec.RouteSpec } + if withSecurityContext { + exportedSvc.Spec.Template.Spec.SecurityContext = nil + for i := range exportedSvc.Spec.Template.Spec.Containers { + exportedSvc.Spec.Template.Spec.Containers[i].SecurityContext = nil + } + } stripIgnoredAnnotationsFromService(&exportedSvc) stripIgnoredLabelsFromService(&exportedSvc) @@ -225,9 +250,9 @@ func constructServiceFromRevision(latestSvc *servingv1.Service, revision *servin return exportedSvc } -func exportServiceListForReplay(ctx context.Context, latestSvc *servingv1.Service, client clientservingv1.KnServingClient, withRevisions bool) (runtime.Object, error) { +func exportServiceListForReplay(ctx context.Context, latestSvc *servingv1.Service, client clientservingv1.KnServingClient, withRevisions bool, withSecurityContext bool) (runtime.Object, error) { if !withRevisions { - return exportLatestService(latestSvc, false), nil + return exportLatestService(latestSvc, false, withSecurityContext), nil } var exportedSvcItems []servingv1.Service @@ -244,8 +269,7 @@ func exportServiceListForReplay(ctx context.Context, latestSvc *servingv1.Servic } //add latest service, add traffic if more than one revision exist - exportedSvcItems = append(exportedSvcItems, *(exportLatestService(latestSvc, len(revisionList.Items) > 1))) - + exportedSvcItems = append(exportedSvcItems, *(exportLatestService(latestSvc, len(revisionList.Items) > 1, withSecurityContext))) typeMeta := metav1.TypeMeta{ APIVersion: "v1", Kind: "List", @@ -258,7 +282,7 @@ func exportServiceListForReplay(ctx context.Context, latestSvc *servingv1.Servic return exportedSvcList, nil } -func exportForKNImport(ctx context.Context, latestSvc *servingv1.Service, client clientservingv1.KnServingClient, withRevisions bool) (*clientv1alpha1.Export, error) { +func exportForKNImport(ctx context.Context, latestSvc *servingv1.Service, client clientservingv1.KnServingClient, withRevisions bool, withSecurityContext bool) (*clientv1alpha1.Export, error) { var exportedRevItems []servingv1.Revision revisionHistoryCount := 0 if withRevisions { @@ -283,7 +307,7 @@ func exportForKNImport(ctx context.Context, latestSvc *servingv1.Service, client knExport := &clientv1alpha1.Export{ TypeMeta: typeMeta, Spec: clientv1alpha1.ExportSpec{ - Service: *(exportLatestService(latestSvc, revisionHistoryCount > 1)), + Service: *(exportLatestService(latestSvc, revisionHistoryCount > 1, withSecurityContext)), Revisions: exportedRevItems, }, } From 4f43783072ff5b3eb32e8848b821a7d67aef6858 Mon Sep 17 00:00:00 2001 From: EraKin575 Date: Sat, 22 Jun 2024 14:16:21 +0530 Subject: [PATCH 2/2] added include flags to include security context --- pkg/kn/commands/service/export.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/kn/commands/service/export.go b/pkg/kn/commands/service/export.go index 32418cf1b9..b01d1f4d2d 100644 --- a/pkg/kn/commands/service/export.go +++ b/pkg/kn/commands/service/export.go @@ -197,7 +197,7 @@ func exportLatestService(latestSvc *servingv1.Service, withRoutes bool, withSecu if withRoutes { exportedSvc.Spec.RouteSpec = latestSvc.Spec.RouteSpec } - if withSecurityContext { + if !withSecurityContext { exportedSvc.Spec.Template.Spec.SecurityContext = nil for i := range exportedSvc.Spec.Template.Spec.Containers { exportedSvc.Spec.Template.Spec.Containers[i].SecurityContext = nil