Skip to content

Commit

Permalink
Added secrets section in Kubernetes Task
Browse files Browse the repository at this point in the history
  • Loading branch information
@Anumita
Anumita committed Mar 6, 2018
1 parent 1e3e611 commit f4874d2
Show file tree
Hide file tree
Showing 5 changed files with 160 additions and 58 deletions.
18 changes: 11 additions & 7 deletions Tasks/Kubernetes/Strings/resources.resjson/en-US/resources.resjson
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,13 @@
"loc.description": "Deploy, configure, update your Kubernetes cluster in Azure Container Service by running kubectl commands.",
"loc.instanceNameFormat": "kubectl $(command)",
"loc.group.displayName.commands": "Commands",
"loc.group.displayName.registry": "Container Registry Details",
"loc.group.displayName.secrets": "Secrets",
"loc.group.displayName.advanced": "Advanced",
"loc.group.displayName.output": "Output",
"loc.input.label.kubernetesServiceEndpoint": "Kubernetes Service Connection",
"loc.input.help.kubernetesServiceEndpoint": "Select a Kubernetes service connection.",
"loc.input.label.namespace": "Namespace",
"loc.input.help.namespace": "Name of the namespace to run the command in.",
"loc.input.label.command": "Command",
"loc.input.help.command": "Select a kubectl command.",
"loc.input.label.useConfigurationFile": "Use Configuration files",
Expand All @@ -17,6 +19,10 @@
"loc.input.help.configuration": "Filename, directory, or URL to kubernetes configuration files that will be used with the commands.",
"loc.input.label.arguments": "Arguments",
"loc.input.help.arguments": "Command arguments.",
"loc.input.label.secretType": "Type of secret",
"loc.input.help.secretType": "Select a type of secret",
"loc.input.label.secretArguments": "Arguments",
"loc.input.help.secretArguments": "Secret arguments.",
"loc.input.label.containerRegistryType": "Container Registry type",
"loc.input.help.containerRegistryType": "Select a Container registry type.",
"loc.input.label.dockerRegistryEndpoint": "Docker Registry Connection",
Expand All @@ -26,27 +32,25 @@
"loc.input.label.azureContainerRegistry": "Azure Container Registry",
"loc.input.help.azureContainerRegistry": "Select an Azure Container Registry. Required for commands that need to authenticate with a registry.",
"loc.input.label.secretName": "Secret name",
"loc.input.help.secretName": "Name of the docker-registry secret. You can use this secret name in the Kubernetes YAML configuration file.",
"loc.input.help.secretName": "Name of the secret. You can use this secret name in the Kubernetes YAML configuration file.",
"loc.input.label.forceUpdate": "Force update secret",
"loc.input.help.forceUpdate": "Delete the docker-registry secret if it exists and create a new one with updated values.",
"loc.input.help.forceUpdate": "Delete the secret if it exists and create a new one with updated values.",
"loc.input.label.versionOrLocation": "Kubectl",
"loc.input.label.versionSpec": "Version Spec",
"loc.input.help.versionSpec": "Version Spec of version to get. Examples: 1.7.0, 1.x.0, 4.x.0, 6.10.0, >=6.10.0",
"loc.input.label.checkLatest": "Check for Latest Version",
"loc.input.help.checkLatest": "Always checks online for the latest available version (stable.txt) that satisfies the version spec. This is typically false unless you have a specific scenario to always get latest. This will cause it to incur download costs when potentially not necessary, especially with the hosted build pool.",
"loc.input.label.specifyLocation": "Path to Kubectl",
"loc.input.help.specifyLocation": "Full path to the kubectl.exe",
"loc.input.label.namespace": "Namespace",
"loc.input.help.namespace": "Name of the namespace to run the command in.",
"loc.input.label.cwd": "Working directory",
"loc.input.help.cwd": "Working directory for the Kubectl command.",
"loc.input.label.outputFormat": "Output format",
"loc.input.help.outputFormat": "Output format.",
"loc.input.label.kubectlOutput": "Output variable name",
"loc.input.help.kubectlOutput": "Name of the variable in which output of the command should be saved.",
"loc.messages.DownloadingClient": "Downloading kubernetes client.",
"loc.messages.CreatingSecret": "Executing create docker-registry %s secret.",
"loc.messages.DeleteSecret": "Executing delete docker-registry %s secret",
"loc.messages.CreatingSecret": "Executing create %s secret.",
"loc.messages.DeleteSecret": "Executing delete %s secret",
"loc.messages.DockerRegistryConnectionNotSpecified": "Docker Registry connection details not specified",
"loc.messages.FileNotFoundException": "Can not find file at location: %s",
"loc.messages.DownloadingKubeCtlFromUrl": "Downloading Kubectl from Url: %s",
Expand Down
4 changes: 2 additions & 2 deletions Tasks/Kubernetes/src/kubernetes.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import path = require('path');

import ClusterConnection from "./clusterconnection";
import * as kubectl from "./kubernetescommand";
import * as kubectlRegistrySecret from "./kubernetesregistrysecret";
import * as kubectlSecret from "./kubernetessecret";

import AuthenticationTokenProvider from "docker-common/registryauthenticationprovider/authenticationtokenprovider"
import ACRAuthenticationTokenProvider from "docker-common/registryauthenticationprovider/acrauthenticationtokenprovider"
Expand Down Expand Up @@ -42,7 +42,7 @@ function run(clusterConnection: ClusterConnection, registryAuthenticationToken:
var secretName = tl.getInput("secretName", false);

if(secretName) {
kubectlRegistrySecret.run(clusterConnection, registryAuthenticationToken, secretName).fin(function cleanup(){
kubectlSecret.run(clusterConnection, registryAuthenticationToken, secretName).fin(function cleanup(){
clusterConnection.close();
}).then(function success() {
executeKubectlCommand(clusterConnection);
Expand Down
48 changes: 46 additions & 2 deletions ...ubernetes/src/kubernetesregistrysecret.ts → Tasks/Kubernetes/src/kubernetessecret.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,19 +8,32 @@ import ClusterConnection from "./clusterconnection";
import AuthenticationToken from "docker-common/registryauthenticationprovider/registryauthenticationtoken"

export function run(connection: ClusterConnection, authenticationToken: AuthenticationToken, secret: string): any {

if(tl.getBoolInput("forceUpdate") == true) {
return deleteSecret(connection, secret).fin(() =>{
return createSecret(connection, authenticationToken, secret);
});
} else {
return createSecret(connection, authenticationToken, secret);
}
}

function createSecret(connection: ClusterConnection, authenticationToken: AuthenticationToken, secret: string): any {
var typeOfSecret = tl.getInput("secretType", true);
if (typeOfSecret === "dockerRegistry")
{
return createDockerRegistrySecret(connection, authenticationToken, secret);
}
else if (typeOfSecret === "generic")
{
return createGenericSecret(connection, secret);
}
}

function deleteSecret(connection: ClusterConnection, secret: string): any {
tl.debug(tl.loc('DeleteSecret', secret));
var command = connection.createCommand();
command.arg(getNameSpace());
command.arg("delete");
command.arg("secret");
command.arg(secret);
Expand All @@ -33,12 +46,13 @@ function deleteSecret(connection: ClusterConnection, secret: string): any {
return connection.execCommand(command, executionOption);
}

function createSecret(connection: ClusterConnection, authenticationToken: AuthenticationToken, secret: string): any {
function createDockerRegistrySecret(connection: ClusterConnection, authenticationToken: AuthenticationToken, secret: string): any {

if(authenticationToken)
{
tl.debug(tl.loc('CreatingSecret', secret));
var command = connection.createCommand();
command.arg(getNameSpace());
command.arg("create")
command.arg("secret");
command.arg("docker-registry");
Expand All @@ -47,6 +61,7 @@ function createSecret(connection: ClusterConnection, authenticationToken: Authen
command.arg("--docker-username="+ authenticationToken.getUsername());
command.arg("--docker-password="+ authenticationToken.getPassword());
command.arg("--docker-email="+ authenticationToken.getEmail());

return connection.execCommand(command);
}
else
Expand All @@ -55,4 +70,33 @@ function createSecret(connection: ClusterConnection, authenticationToken: Authen
throw new Error(tl.loc("DockerRegistryConnectionNotSpecified"));
}

}

function createGenericSecret(connection: ClusterConnection, secret: string): any {

tl.debug(tl.loc('CreatingSecret', secret));
var command = connection.createCommand();
command.arg(getNameSpace());
command.arg("create")
command.arg("secret");
command.arg("generic");
command.arg(secret);
var secretArguments = tl.getInput("secretArguments", false);
if (secretArguments)
{
command.line(secretArguments);
}

return connection.execCommand(command);
}

function getNameSpace(): string[] {
var args: string[] =[];
var namespace = tl.getInput("namespace", false);
if(namespace) {
args[0] = "-n";
args[1] = namespace;
}

return args;
}
79 changes: 53 additions & 26 deletions Tasks/Kubernetes/task.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
"version": {
"Major": 0,
"Minor": 1,
"Patch": 14
"Patch": 16
},
"demands": [],
"preview": "false",
Expand All @@ -24,10 +24,10 @@
"isExpanded": true
},
{
"name": "registry",
"displayName": "Container Registry Details",
"name": "secrets",
"displayName": "Secrets",
"isExpanded": false
},
},
{
"name": "advanced",
"displayName": "Advanced",
Expand All @@ -47,6 +47,14 @@
"label": "Kubernetes Service Connection",
"helpMarkDown": "Select a Kubernetes service connection."
},
{
"name": "namespace",
"type": "string",
"label": "Namespace",
"required": false,
"defaultValue": "",
"helpMarkDown": "Name of the namespace to run the command in."
},
{
"name": "command",
"type": "pickList",
Expand Down Expand Up @@ -101,6 +109,33 @@
"helpMarkDown": "Command arguments.",
"groupName": "commands"
},
{
"name": "secretType",
"type": "pickList",
"label": "Type of secret",
"defaultValue": "dockerRegistry",
"required": true,
"options": {
"dockerRegistry": "dockerRegistry",
"generic": "generic"
},
"helpMarkDown": "Select a type of secret",
"groupName": "secrets"
},
{
"name": "secretArguments",
"type": "multiLine",
"properties": {
"resizable": "true",
"rows": "2",
"editorExtension": "ms.vss-services-azure.kubernetes-parameters-grid"
},
"label": "Arguments",
"defaultValue":"",
"helpMarkDown": "Secret arguments.",
"visibleRule": "secretType = generic",
"groupName": "secrets"
},
{
"name": "containerRegistryType",
"type": "pickList",
Expand All @@ -112,52 +147,53 @@
"Container Registry": "Container Registry"
},
"helpMarkDown": "Select a Container registry type.",
"groupName": "registry"
"visibleRule": "secretType = dockerRegistry",
"groupName": "secrets"
},
{
"name": "dockerRegistryEndpoint",
"aliases": ["dockerRegistryConnection"],
"type": "connectedService:dockerregistry",
"label": "Docker Registry Connection",
"helpMarkDown": "Select a Docker registry connection. Required for commands that need to authenticate with a registry.",
"visibleRule": "containerRegistryType = Container Registry",
"groupName": "registry"
"visibleRule": "secretType = dockerRegistry && containerRegistryType = Container Registry",
"groupName": "secrets"
},
{
"name": "azureSubscriptionEndpoint",
"aliases": ["azureSubscription"],
"type": "connectedService:AzureRM",
"label": "Azure subscription",
"helpMarkDown": "Select an Azure subscription, which has your Azure Container Registry.",
"visibleRule": "containerRegistryType = Azure Container Registry",
"visibleRule": "secretType = dockerRegistry && containerRegistryType = Azure Container Registry",
"defaultValue": "",
"groupName": "registry"
"groupName": "secrets"
},
{
"name": "azureContainerRegistry",
"label": "Azure Container Registry",
"type": "pickList",
"helpMarkDown": "Select an Azure Container Registry. Required for commands that need to authenticate with a registry.",
"visibleRule": "containerRegistryType = Azure Container Registry",
"visibleRule": "secretType = dockerRegistry && containerRegistryType = Azure Container Registry",
"defaultValue": "",
"groupName": "registry"
"groupName": "secrets"
},
{
"name": "secretName",
"type": "string",
"label": "Secret name",
"required": false,
"defaultValue": "",
"helpMarkDown": "Name of the docker-registry secret. You can use this secret name in the Kubernetes YAML configuration file.",
"groupName": "registry"
"helpMarkDown": "Name of the secret. You can use this secret name in the Kubernetes YAML configuration file.",
"groupName": "secrets"
},
{
"name": "forceUpdate",
"type": "boolean",
"label": "Force update secret",
"defaultValue": "true",
"helpMarkDown": "Delete the docker-registry secret if it exists and create a new one with updated values.",
"groupName": "registry"
"helpMarkDown": "Delete the secret if it exists and create a new one with updated values.",
"groupName": "secrets"
},
{
"name": "versionOrLocation",
Expand Down Expand Up @@ -200,15 +236,6 @@
"groupName": "advanced",
"visibleRule": "versionOrLocation = location"
},
{
"name": "namespace",
"type": "string",
"label": "Namespace",
"required": false,
"defaultValue": "",
"helpMarkDown": "Name of the namespace to run the command in.",
"groupName": "commands"
},
{
"name": "cwd",
"aliases": ["workingDirectory"],
Expand Down Expand Up @@ -260,8 +287,8 @@
},
"messages": {
"DownloadingClient": "Downloading kubernetes client.",
"CreatingSecret": "Executing create docker-registry %s secret.",
"DeleteSecret": "Executing delete docker-registry %s secret",
"CreatingSecret": "Executing create %s secret.",
"DeleteSecret": "Executing delete %s secret",
"DockerRegistryConnectionNotSpecified": "Docker Registry connection details not specified",
"FileNotFoundException": "Can not find file at location: %s",
"DownloadingKubeCtlFromUrl": "Downloading Kubectl from Url: %s",
Expand Down
Loading

0 comments on commit f4874d2

Please sign in to comment.