36a302fce1
to manage authentication information for clusters. Includes username/password, certificate and token options. Change-Id: If95e5bbf5c3ddc4732465e81de407d5ad416e8f2
90 lines
2.6 KiB
Go
90 lines
2.6 KiB
Go
/*
|
|
Copyright 2014 The Kubernetes Authors.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package config
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"io/ioutil"
|
|
)
|
|
|
|
// Validate that the arguments are correct
|
|
func (o *ClusterOptions) Validate() error {
|
|
if len(o.Name) == 0 {
|
|
return errors.New("you must specify a non-empty cluster name")
|
|
}
|
|
err := ValidClusterType(o.ClusterType)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if o.InsecureSkipTLSVerify && o.CertificateAuthority != "" {
|
|
return fmt.Errorf("you cannot specify a %s and %s mode at the same time", FlagCAFile, FlagInsecure)
|
|
}
|
|
|
|
if !o.EmbedCAData {
|
|
return nil
|
|
}
|
|
caPath := o.CertificateAuthority
|
|
if caPath == "" {
|
|
return fmt.Errorf("you must specify a --%s to embed", FlagCAFile)
|
|
}
|
|
if _, err := ioutil.ReadFile(caPath); err != nil {
|
|
return fmt.Errorf("could not read %s data from %s: %v", FlagCAFile, caPath, err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (o *ContextOptions) Validate() error {
|
|
if len(o.Name) == 0 {
|
|
return errors.New("you must specify a non-empty context name")
|
|
}
|
|
// Expect ClusterType only when this is not setting currentContext
|
|
if o.ClusterType != "" {
|
|
err := ValidClusterType(o.ClusterType)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
// TODO Manifest, Cluster could be validated against the existing config maps
|
|
return nil
|
|
}
|
|
|
|
func (o *AuthInfoOptions) Validate() error {
|
|
if len(o.Token) > 0 && (len(o.Username) > 0 || len(o.Password) > 0) {
|
|
return fmt.Errorf("you cannot specify more than one authentication method at the same time: --%v or --%v/--%v",
|
|
FlagBearerToken, FlagUsername, FlagPassword)
|
|
}
|
|
if !o.EmbedCertData {
|
|
return nil
|
|
}
|
|
certPath := o.ClientCertificate
|
|
if certPath == "" {
|
|
return fmt.Errorf("you must specify a --%s to embed", FlagCertFile)
|
|
}
|
|
if _, err := ioutil.ReadFile(certPath); err != nil {
|
|
return fmt.Errorf("error reading %s data from %s: %v", FlagCertFile, certPath, err)
|
|
}
|
|
keyPath := o.ClientKey
|
|
if keyPath == "" {
|
|
return fmt.Errorf("you must specify a --%s to embed", FlagKeyFile)
|
|
}
|
|
if _, err := ioutil.ReadFile(keyPath); err != nil {
|
|
return fmt.Errorf("error reading %s data from %s: %v", FlagKeyFile, keyPath, err)
|
|
}
|
|
return nil
|
|
}
|