forked from dmrub/kube-utils
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkube-get-bearer-token
executable file
·88 lines (79 loc) · 2.47 KB
/
kube-get-bearer-token
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
#!/bin/bash
# Copyright 2019 Dmitri Rubinstein
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -eo pipefail
export LC_ALL=C
unset CDPATH
THIS_DIR=$( (cd "$(dirname -- "${BASH_SOURCE[0]}")" && pwd -P))
# shellcheck source=kube-shlib.sh
source "$THIS_DIR/kube-shlib.sh"
define-kubectl-funcs
USER_NAME=admin-user
usage() {
echo "Get bearer token from user service account."
echo "Bearer token can be used to login into Kubernetes Dashboard"
echo ""
echo "$(basename "$0") [options]"
echo ""
echo "environment variables:"
echo " KUBECTL Name of the kubectl command to use"
echo " KUBECTL_BIN Full path to the kubectl binary. This variable has precedence over KUBECTL"
echo " KUBE_CONTEXT The name of the kubeconfig context to use"
echo " KUBECTL_OPTS Additional options for kubectl"
echo "options:"
echo " -u, --user Name of the user service account in namespace kube-system (default: $USER_NAME)"
echo " -c, --context The name of the kubeconfig context to use."
echo " --help Display this help and exit"
echo " -- End of options"
}
while [[ $# -gt 0 ]]; do
case "$1" in
-c | --context)
KUBE_CONTEXT="$2"
shift 2
;;
--context=*)
KUBE_CONTEXT="${1#*=}"
shift
;;
-u | --user)
USER_NAME="$2"
shift 2
;;
--user=*)
USER_NAME="${1#*=}"
shift
;;
--help)
usage
exit
;;
--)
shift
break
;;
-*)
fatal "Unknown option $1"
;;
*)
break
;;
esac
done
SECRETS=$(run-kubectl-ctx -n kube-system get secret -o template -o go-template='{{ range.items }}{{ .metadata.name }}{{"\n"}}{{end}}')
if SECRET=$(grep "$USER_NAME" <<<"$SECRETS"); then
run-kubectl-ctx -n kube-system describe secret "$SECRET"
else
exit 1
fi