From 90133b5cfe0f5f8c14ab4c58b87a43cfea83a7ee Mon Sep 17 00:00:00 2001 From: Justin SB Date: Sun, 25 Oct 2020 14:21:40 -0400 Subject: [PATCH] Default to exporting a kubecfg, even without credentials We do log a hint for the user when we have exported an empty kubecfg, but this now supports the "current cluster" UX. Issue #9990 --- cmd/kops/update_cluster.go | 14 +++++++++----- docs/cli/kops_update_cluster.md | 2 +- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/cmd/kops/update_cluster.go b/cmd/kops/update_cluster.go index 869601552b7e6..82f83a8cec97d 100644 --- a/cmd/kops/update_cluster.go +++ b/cmd/kops/update_cluster.go @@ -84,7 +84,10 @@ func (o *UpdateClusterOptions) InitDefaults() { o.Target = "direct" o.SSHPublicKey = "" o.OutDir = "" - o.CreateKubecfg = false + + // By default we export a kubecfg, but it doesn't have a static/eternal credential in it any more. + o.CreateKubecfg = true + o.RunTasksOptions.InitDefaults() } @@ -149,10 +152,6 @@ func RunUpdateCluster(ctx context.Context, f *util.Factory, clusterName string, return nil, fmt.Errorf("cannot use both --admin and --user") } - if c.CreateKubecfg && c.admin == 0 && c.user == "" { - return nil, fmt.Errorf("--create-kube-config requires that either --admin or --user is set") - } - if c.admin != 0 && !c.CreateKubecfg { klog.Info("--admin implies --create-kube-config") c.CreateKubecfg = true @@ -312,6 +311,7 @@ func RunUpdateCluster(ctx context.Context, f *util.Factory, clusterName string, firstRun = !hasKubecfg klog.Infof("Exporting kubecfg for cluster") + // TODO: Another flag? useKopsAuthenticationPlugin := false conf, err := kubeconfig.BuildKubecfg( @@ -332,6 +332,10 @@ func RunUpdateCluster(ctx context.Context, f *util.Factory, clusterName string, if err != nil { return nil, err } + + if c.admin == 0 && c.user == "" { + klog.Warningf("Exported kubecfg with no user authentication; use --admin, --user or --auth-plugin flags with `kops export kubecfg`") + } } if !isDryrun { diff --git a/docs/cli/kops_update_cluster.md b/docs/cli/kops_update_cluster.md index 9c3f2b176a980..675943ff53c53 100644 --- a/docs/cli/kops_update_cluster.md +++ b/docs/cli/kops_update_cluster.md @@ -27,7 +27,7 @@ kops update cluster [flags] ``` --admin duration[=18h0m0s] Also export a cluster admin user credential with the specified lifetime and add it to the cluster context --allow-kops-downgrade Allow an older version of kops to update the cluster than last used - --create-kube-config Will control automatically creating the kube config file on your local filesystem + --create-kube-config Will control automatically creating the kube config file on your local filesystem (default true) -h, --help help for cluster --internal Use the cluster's internal DNS name. Implies --create-kube-config --lifecycle-overrides strings comma separated list of phase overrides, example: SecurityGroups=Ignore,InternetGateway=ExistsAndWarnIfChanges