Fix #221. Append oci profile and auth to kubeconfig exec args

oracle · Feb 10, 2025 · 283facd · 283facd
1 parent 35de1fa
commit 283facd
Showing 1 changed file with 19 additions and 1 deletion.
diff --git a/services/container_engine/src/oci_cli_container_engine/containerengine_cli_extended.py b/services/container_engine/src/oci_cli_container_engine/containerengine_cli_extended.py
@@ -580,10 +580,12 @@ def update_node_pool(ctx, **kwargs):
 @cli_util.option('--kube-endpoint', type=custom_types.CliCaseInsensitiveChoice(["LEGACY_KUBERNETES", "PUBLIC_ENDPOINT", "PRIVATE_ENDPOINT", "VCN_HOSTNAME"]), help=u"""The endpoint to target. A cluster may have multiple endpoints exposed but the kubeconfig can only target one at a time. Supported values LEGACY_KUBERNETES, PUBLIC_ENDPOINT, PRIVATE_ENDPOINT, VCN_HOSTNAME""")
 @cli_util.option('--overwrite', is_flag=True, help="""Overwrites the contents of kubeconfig file specified using --file\
  option or kubeconfig file at default location if --file is not used.""")
+@cli_util.option('--with-context', default=False, is_flag=True, help="""Appends the current authentication context of the OCI CLI command\
+ to the kubeconfig user exec command required to generate the OKE endpoint token.""")
 @click.pass_context
 @json_skeleton_utils.json_skeleton_generation_handler(input_params_to_complex_types={})
 @cli_util.wrap_exceptions
-def create_kubeconfig(ctx, from_json, file, cluster_id, token_version, expiration, kube_endpoint, overwrite):
+def create_kubeconfig(ctx, from_json, file, cluster_id, token_version, expiration, kube_endpoint, overwrite, with_context):
     if isinstance(cluster_id, six.string_types) and len(cluster_id.strip()) == 0:
         raise click.UsageError('Parameter --cluster-id cannot be whitespace or empty string')
 
@@ -613,6 +615,22 @@ def create_kubeconfig(ctx, from_json, file, cluster_id, token_version, expiratio
     for chunk in result.data.raw.stream(cli_constants.MEBIBYTE, decode_content=True):
         new_kubeconfig = b''.join([new_kubeconfig, chunk])
 
+    # enrich kubeconfig auth command with oci cli auth and profile
+    auth = ctx.obj.get('auth', '')
+    profile = ctx.obj.get('profile', '')
+    try:
+        temp_kubeconfig = yaml.safe_load(new_kubeconfig)
+        if with_context and auth:
+            temp_kubeconfig['users'][0]['user']['exec']['args'].extend(['--auth', auth])
+        if with_context and profile:
+            temp_kubeconfig['users'][0]['user']['exec']['args'].extend(['--profile', profile])
+        new_kubeconfig = yaml.dump(temp_kubeconfig, encoding=('utf-8'))
+    except yaml.YAMLError as e:
+        click.echo('Error parsing configuration file {}'.format(e))
+        return
+    except (KeyError, IndexError):
+        pass        
+
     file = os.path.expandvars(os.path.expanduser(file))
     # If the user wants stdout; just print it after decoding in utf-8 format.
     if file == '-':