github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove cmd respect for auth-path

Browse Source
This commit is contained in:
deads2k 2015-05-08 16:26:27 -04:00
parent 97004c87c1
commit 6498fc1fda
33 changed files with 49 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cmd/kubelet/app/server.go
View File

@ -193,6 +193,7 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
fs.IntVar(&s.MaxPerPodContainerCount, "maximum-dead-containers-per-container", s.MaxPerPodContainerCount, "Maximum number of old instances of a container to retain per container. Each container takes up some disk space. Default: 5.")
fs.IntVar(&s.MaxContainerCount, "maximum-dead-containers", s.MaxContainerCount, "Maximum number of old instances of a containers to retain globally. Each container takes up some disk space. Default: 100.")
fs.StringVar(&s.AuthPath, "auth-path", s.AuthPath, "Path to .kubernetes_auth file, specifying how to authenticate to API server.")
fs.MarkDeprecated("auth-path", "will be removed in a future version")
fs.UintVar(&s.CadvisorPort, "cadvisor-port", s.CadvisorPort, "The port of the localhost cAdvisor endpoint")
fs.IntVar(&s.HealthzPort, "healthz-port", s.HealthzPort, "The port of the localhost healthz endpoint")
fs.Var(&s.HealthzBindAddress, "healthz-bind-address", "The IP address for the healthz server to serve on, defaulting to 127.0.0.1 (set to 0.0.0.0 for all interfaces)")

34
docs/kubeconfig-file.md
View File

@ -49,36 +49,6 @@ users:
client-key: path/to/my/client/key
```
## .kubernetes_auth files
**WARNING**: merging auth from a mixture of kubernetes_auth file entries and kubeconfig user entries is hard to debug and should be avoided. kubernetes_auth file support exists mostly for tests and is being deprecated.
The kubernetes_auth file is a legacy config file that can contain a mix of server and client auth info. It is supported in kubeconfig via `auth-path` for a user:
```
users:
- name: black-user
user:
auth-path: path/to/my/existing/.kubernetes_auth_file
```
The entries in a file loaded via auth-path will be applied to both the user and cluster of the current context.
### Example .kubernetes_auth file
```
{
"User": "admin",
"Password": "secret",
"CertFile": "/path/to/my/client/cert",
"KeyFile": "/path/to/my/client/key",
"CAFile": "/path/to/my/server/cafile",
"BearerToken": "secrettoken",
"Insecure": false
}
```
All entries are optional. `User`, `Password`, `CertFile`, `KeyFile`, and `BearerToken` are applied to the kubectl user. `CAFile` and `Insecure` apply to the cluster. Note that it is invalid to set both `CAFile` and `Insecure`, or both `BearerToken` and `User,Password` (see loading and merging rules below).
If the contents of the kubernetes_auth file conflict with entries in kubeconfig, they are ignored. E.g, if the kubeconfig cluster specifies a `certificate-authority`, and the user specifies an `auth-path` to a kubernetes_file that contains a `CAFile` entry, the former will be used and the latter ignored.
## Loading and merging rules
The rules for loading and merging the kubeconfig files are straightforward, but there are a lot of them. The final config is built in this order:
1. Get the kubeconfig from disk. This is done with the following hierarchy and merge rules:
@ -108,8 +78,8 @@ The rules for loading and merging the kubeconfig files are straightforward, but
1. If cluster info is present and a value for the attribute is present, use it.
1. If you don't have a server location, error.
1. Determine the actual user info to use. User is built using the same rules as cluster info, EXCEPT that you can only have one authentication technique per user.
1. Load precedence is 1) command line flag, 2) user fields from kubeconfig, 3) kubernetes_auth file fields (if user has a `auth-path` or the `--auth-path` was provided)
1. The command line flags are: `auth-path`, `client-certificate`, `client-key`, `username`, `password`, and `token`.
1. Load precedence is 1) command line flag, 2) user fields from kubeconfig
1. The command line flags are: `client-certificate`, `client-key`, `username`, `password`, and `token`.
1. If there are two conflicting techniques, fail.
1. For any information still missing, use default values and potentially prompt for authentication information

3
docs/kubectl.md
View File

@ -18,7 +18,6 @@ kubectl
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -66,4 +65,4 @@ kubectl
* [kubectl update](kubectl_update.md) - Update a resource by filename or stdin.
* [kubectl version](kubectl_version.md) - Print the client and server version information.
###### Auto generated by spf13/cobra at 2015-05-01 20:16:42.546735249 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.494626806 +0000 UTC

3
docs/kubectl_api-versions.md
View File

@ -22,7 +22,6 @@ kubectl api-versions
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -50,4 +49,4 @@ kubectl api-versions
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.036328233 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.494346454 +0000 UTC

3
docs/kubectl_cluster-info.md
View File

@ -22,7 +22,6 @@ kubectl cluster-info
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -50,4 +49,4 @@ kubectl cluster-info
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.036176301 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.494226337 +0000 UTC

3
docs/kubectl_config.md
View File

@ -29,7 +29,6 @@ kubectl config SUBCOMMAND
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -63,4 +62,4 @@ kubectl config SUBCOMMAND
* [kubectl config use-context](kubectl_config_use-context.md) - Sets the current-context in a kubeconfig file
* [kubectl config view](kubectl_config_view.md) - displays Merged kubeconfig settings or a specified kubeconfig file.
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.036002047 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.494113712 +0000 UTC

3
docs/kubectl_config_set-cluster.md
View File

@ -40,7 +40,6 @@ $ kubectl config set-cluster e2e --insecure-skip-tls-verify=true
```
--alsologtostderr=false: log to standard error as well as files
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
--cluster="": The name of the kubeconfig cluster to use
@ -65,4 +64,4 @@ $ kubectl config set-cluster e2e --insecure-skip-tls-verify=true
### SEE ALSO
* [kubectl config](kubectl_config.md) - config modifies kubeconfig files
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.034991096 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.493372429 +0000 UTC

3
docs/kubectl_config_set-context.md
View File

@ -33,7 +33,6 @@ $ kubectl config set-context gce --user=cluster-admin
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -58,4 +57,4 @@ $ kubectl config set-context gce --user=cluster-admin
### SEE ALSO
* [kubectl config](kubectl_config.md) - config modifies kubeconfig files
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.035371239 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.493620985 +0000 UTC

5
docs/kubectl_config_set-credentials.md
View File

@ -21,7 +21,7 @@ Specifying a name that already exists will merge new fields on top of existing v
```
kubectl config set-credentials NAME [--auth-path=/path/to/authfile] [--client-certificate=path/to/certfile] [--client-key=path/to/keyfile] [--token=bearer_token] [--username=basic_user] [--password=basic_password]
kubectl config set-credentials NAME [--client-certificate=path/to/certfile] [--client-key=path/to/keyfile] [--token=bearer_token] [--username=basic_user] [--password=basic_password]
```
### Examples
@ -41,7 +41,6 @@ $ kubectl set-credentials cluster-admin --client-certificate=~/.kube/admin.crt -
### Options
```
--auth-path=: auth-path for the user entry in kubeconfig
--client-certificate=: path to client-certificate for the user entry in kubeconfig
--client-key=: path to client-key for the user entry in kubeconfig
--embed-certs=false: embed client cert/key for the user entry in kubeconfig
@ -78,4 +77,4 @@ $ kubectl set-credentials cluster-admin --client-certificate=~/.kube/admin.crt -
### SEE ALSO
* [kubectl config](kubectl_config.md) - config modifies kubeconfig files
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.035167812 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.493498685 +0000 UTC

3
docs/kubectl_config_set.md
View File

@ -24,7 +24,6 @@ kubectl config set PROPERTY_NAME PROPERTY_VALUE
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -52,4 +51,4 @@ kubectl config set PROPERTY_NAME PROPERTY_VALUE
### SEE ALSO
* [kubectl config](kubectl_config.md) - config modifies kubeconfig files
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.035532103 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.49374188 +0000 UTC

3
docs/kubectl_config_unset.md
View File

@ -23,7 +23,6 @@ kubectl config unset PROPERTY_NAME
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -51,4 +50,4 @@ kubectl config unset PROPERTY_NAME
### SEE ALSO
* [kubectl config](kubectl_config.md) - config modifies kubeconfig files
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.035684858 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.493867298 +0000 UTC

3
docs/kubectl_config_use-context.md
View File

@ -22,7 +22,6 @@ kubectl config use-context CONTEXT_NAME
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -50,4 +49,4 @@ kubectl config use-context CONTEXT_NAME
### SEE ALSO
* [kubectl config](kubectl_config.md) - config modifies kubeconfig files
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.035835782 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.493987321 +0000 UTC

3
docs/kubectl_config_view.md
View File

@ -45,7 +45,6 @@ $ kubectl config view -o template --template='{{range .users}}{{ if eq .name "e2
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -73,4 +72,4 @@ $ kubectl config view -o template --template='{{range .users}}{{ if eq .name "e2
### SEE ALSO
* [kubectl config](kubectl_config.md) - config modifies kubeconfig files
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.034809963 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.493241636 +0000 UTC

3
docs/kubectl_create.md
View File

@ -35,7 +35,6 @@ $ cat pod.json | kubectl create -f -
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -63,4 +62,4 @@ $ cat pod.json | kubectl create -f -
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.030664101 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.491140012 +0000 UTC

3
docs/kubectl_delete.md
View File

@ -55,7 +55,6 @@ $ kubectl delete pods --all
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -83,4 +82,4 @@ $ kubectl delete pods --all
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-30 14:53:47.856200003 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.491421364 +0000 UTC

3
docs/kubectl_describe.md
View File

@ -35,7 +35,6 @@ $ kubectl describe pods/nginx
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -63,4 +62,4 @@ $ kubectl describe pods/nginx
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.030447061 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.490982332 +0000 UTC

3
docs/kubectl_exec.md
View File

@ -36,7 +36,6 @@ $ kubectl exec -p 123456-7890 -c ruby-container -i -t -- bash -il
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -64,4 +63,4 @@ $ kubectl exec -p 123456-7890 -c ruby-container -i -t -- bash -il
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.032352238 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.492105038 +0000 UTC

3
docs/kubectl_expose.md
View File

@ -54,7 +54,6 @@ $ kubectl expose rc streamer --port=4100 --protocol=udp --service-name=video-str
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -82,4 +81,4 @@ $ kubectl expose rc streamer --port=4100 --protocol=udp --service-name=video-str
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-30 06:01:21.51286228 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.49295951 +0000 UTC

3
docs/kubectl_get.md
View File

@ -57,7 +57,6 @@ $ kubectl get rc/web service/frontend pods/web-pod-13je7
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -85,4 +84,4 @@ $ kubectl get rc/web service/frontend pods/web-pod-13je7
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.030165061 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.490776443 +0000 UTC

3
docs/kubectl_label.md
View File

@ -53,7 +53,6 @@ $ kubectl label pods foo bar-
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -81,4 +80,4 @@ $ kubectl label pods foo bar-
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.03459192 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.493103008 +0000 UTC

3
docs/kubectl_log.md
View File

@ -34,7 +34,6 @@ $ kubectl log -f 123456-7890 ruby-container
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -62,4 +61,4 @@ $ kubectl log -f 123456-7890 ruby-container
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.031591306 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.491667484 +0000 UTC

3
docs/kubectl_namespace.md
View File

@ -25,7 +25,6 @@ kubectl namespace [namespace]
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -53,4 +52,4 @@ kubectl namespace [namespace]
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.031378018 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.491542407 +0000 UTC

3
docs/kubectl_port-forward.md
View File

@ -40,7 +40,6 @@ $ kubectl port-forward -p mypod 0:5000
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -68,4 +67,4 @@ $ kubectl port-forward -p mypod 0:5000
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.032575511 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.492233845 +0000 UTC

3
docs/kubectl_proxy.md
View File

@ -37,7 +37,6 @@ $ kubectl proxy --api-prefix=k8s-api
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -65,4 +64,4 @@ $ kubectl proxy --api-prefix=k8s-api
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.032792489 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.492383202 +0000 UTC

3
docs/kubectl_resize.md
View File

@ -40,7 +40,6 @@ $ kubectl resize --current-replicas=2 --replicas=3 replicationcontrollers foo
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -68,4 +67,4 @@ $ kubectl resize --current-replicas=2 --replicas=3 replicationcontrollers foo
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.032100141 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.491965213 +0000 UTC

3
docs/kubectl_rolling-update.md
View File

@ -56,7 +56,6 @@ $ kubectl rolling-update frontend --image=image:v2
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -84,4 +83,4 @@ $ kubectl rolling-update frontend --image=image:v2
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-05-02 00:22:29.503205238 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.491832315 +0000 UTC

3
docs/kubectl_run-container.md
View File

@ -51,7 +51,6 @@ $ kubectl run-container nginx --image=nginx --overrides='{ "apiVersion": "v1beta
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -79,4 +78,4 @@ $ kubectl run-container nginx --image=nginx --overrides='{ "apiVersion": "v1beta
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 23:46:39.503475144 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.492617426 +0000 UTC

3
docs/kubectl_stop.md
View File

@ -45,7 +45,6 @@ $ kubectl stop -f path/to/resources
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -73,4 +72,4 @@ $ kubectl stop -f path/to/resources
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-30 14:53:47.85772498 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.492767531 +0000 UTC

3
docs/kubectl_update.md
View File

@ -39,7 +39,6 @@ $ kubectl update pods my-pod --patch='{ "apiVersion": "v1beta1", "desiredState":
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -67,4 +66,4 @@ $ kubectl update pods my-pod --patch='{ "apiVersion": "v1beta1", "desiredState":
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.030922954 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.491280734 +0000 UTC

3
docs/kubectl_version.md
View File

@ -23,7 +23,6 @@ kubectl version
```
--alsologtostderr=false: log to standard error as well as files
--api-version="": The API version to use when talking to the server
-a, --auth-path="": Path to the auth info file. If missing, prompt the user. Only used if using https.
--certificate-authority="": Path to a cert. file for the certificate authority.
--client-certificate="": Path to a client key file for TLS.
--client-key="": Path to a client key file for TLS.
@ -51,4 +50,4 @@ kubectl version
### SEE ALSO
* [kubectl](kubectl.md) - kubectl controls the Kubernetes cluster manager
###### Auto generated by spf13/cobra at 2015-04-29 15:25:11.036492866 +0000 UTC
###### Auto generated by spf13/cobra at 2015-05-08 20:26:40.49446172 +0000 UTC

10
pkg/client/clientcmd/overrides.go
View File

@ -135,12 +135,20 @@ func RecommendedContextOverrideFlags(prefix string) ContextOverrideFlags {
// BindAuthInfoFlags is a convenience method to bind the specified flags to their associated variables
func BindAuthInfoFlags(authInfo *clientcmdapi.AuthInfo, flags *pflag.FlagSet, flagNames AuthOverrideFlags) {
bindStringFlag(flags, &authInfo.AuthPath, flagNames.AuthPath)
deadString := ""
bindStringFlag(flags, &deadString, flagNames.AuthPath)
bindStringFlag(flags, &authInfo.ClientCertificate, flagNames.ClientCertificate)
bindStringFlag(flags, &authInfo.ClientKey, flagNames.ClientKey)
bindStringFlag(flags, &authInfo.Token, flagNames.Token)
bindStringFlag(flags, &authInfo.Username, flagNames.Username)
bindStringFlag(flags, &authInfo.Password, flagNames.Password)
if len(flagNames.AuthPath.LongName) > 0 {
flags.MarkDeprecated(flagNames.AuthPath.LongName, flagNames.AuthPath.LongName+" has been removed and is no longer respected")
}
if len(flagNames.AuthPath.ShortName) > 0 {
flags.MarkDeprecated(flagNames.AuthPath.ShortName, flagNames.AuthPath.ShortName+" has been removed and is no longer respected")
}
}
// BindClusterFlags is a convenience method to bind the specified flags to their associated variables

11
pkg/kubectl/cmd/config/config_test.go
View File

@ -97,10 +97,10 @@ func TestSetIntoExistingStruct(t *testing.T) {
expectedConfig := newRedFederalCowHammerConfig()
a := expectedConfig.AuthInfos["red-user"]
authInfo := &a
authInfo.AuthPath = "new-path-value"
authInfo.Password = "new-path-value"
expectedConfig.AuthInfos["red-user"] = *authInfo
test := configCommandTest{
args: []string{"set", "users.red-user.auth-path", "new-path-value"},
args: []string{"set", "users.red-user.password", "new-path-value"},
startingConfig: newRedFederalCowHammerConfig(),
expectedConfig: expectedConfig,
}
@ -189,11 +189,10 @@ func TestNewEmptyAuth(t *testing.T) {
func TestAdditionalAuth(t *testing.T) {
expectedConfig := newRedFederalCowHammerConfig()
authInfo := clientcmdapi.NewAuthInfo()
authInfo.AuthPath = "auth-path"
authInfo.Token = "token"
expectedConfig.AuthInfos["another-user"] = *authInfo
test := configCommandTest{
args: []string{"set-credentials", "another-user", "--" + clientcmd.FlagAuthPath + "=auth-path", "--" + clientcmd.FlagBearerToken + "=token"},
args: []string{"set-credentials", "another-user", "--" + clientcmd.FlagBearerToken + "=token"},
startingConfig: newRedFederalCowHammerConfig(),
expectedConfig: expectedConfig,
}
@ -512,10 +511,10 @@ func TestCAAndInsecureDisallowed(t *testing.T) {
func TestMergeExistingAuth(t *testing.T) {
expectedConfig := newRedFederalCowHammerConfig()
authInfo := expectedConfig.AuthInfos["red-user"]
authInfo.AuthPath = "auth-path"
authInfo.ClientKey = "key"
expectedConfig.AuthInfos["red-user"] = authInfo
test := configCommandTest{
args: []string{"set-credentials", "red-user", "--" + clientcmd.FlagAuthPath + "=auth-path"},
args: []string{"set-credentials", "red-user", "--" + clientcmd.FlagKeyFile + "=key"},
startingConfig: newRedFederalCowHammerConfig(),
expectedConfig: expectedConfig,
}

5
pkg/kubectl/cmd/config/create_authinfo.go
View File

@ -71,7 +71,7 @@ func NewCmdConfigSetAuthInfo(out io.Writer, configAccess ConfigAccess) *cobra.Co
options := &createAuthInfoOptions{configAccess: configAccess}
cmd := &cobra.Command{
Use: fmt.Sprintf("set-credentials NAME [--%v=/path/to/authfile] [--%v=path/to/certfile] [--%v=path/to/keyfile] [--%v=bearer_token] [--%v=basic_user] [--%v=basic_password]", clientcmd.FlagAuthPath, clientcmd.FlagCertFile, clientcmd.FlagKeyFile, clientcmd.FlagBearerToken, clientcmd.FlagUsername, clientcmd.FlagPassword),
Use: fmt.Sprintf("set-credentials NAME [--%v=path/to/certfile] [--%v=path/to/keyfile] [--%v=bearer_token] [--%v=basic_user] [--%v=basic_password]", clientcmd.FlagCertFile, clientcmd.FlagKeyFile, clientcmd.FlagBearerToken, clientcmd.FlagUsername, clientcmd.FlagPassword),
Short: "Sets a user entry in kubeconfig",
Long: create_authinfo_long,
Example: create_authinfo_example,
@ -87,7 +87,6 @@ func NewCmdConfigSetAuthInfo(out io.Writer, configAccess ConfigAccess) *cobra.Co
},
}
cmd.Flags().Var(&options.authPath, clientcmd.FlagAuthPath, clientcmd.FlagAuthPath+" for the user entry in kubeconfig")
cmd.Flags().Var(&options.clientCertificate, clientcmd.FlagCertFile, "path to "+clientcmd.FlagCertFile+" for the user entry in kubeconfig")
cmd.Flags().Var(&options.clientKey, clientcmd.FlagKeyFile, "path to "+clientcmd.FlagKeyFile+" for the user entry in kubeconfig")
cmd.Flags().Var(&options.token, clientcmd.FlagBearerToken, clientcmd.FlagBearerToken+" for the user entry in kubeconfig")
@ -95,6 +94,8 @@ func NewCmdConfigSetAuthInfo(out io.Writer, configAccess ConfigAccess) *cobra.Co
cmd.Flags().Var(&options.password, clientcmd.FlagPassword, clientcmd.FlagPassword+" for the user entry in kubeconfig")
cmd.Flags().Var(&options.embedCertData, clientcmd.FlagEmbedCerts, "embed client cert/key for the user entry in kubeconfig")
cmd.Flags().String(clientcmd.FlagAuthPath, "", clientcmd.FlagAuthPath+" for the user entry in kubeconfig")
cmd.Flags().MarkDeprecated(clientcmd.FlagAuthPath, clientcmd.FlagAuthPath+" has been removed and is no longer respected")
return cmd
}