Merge pull request #67 from jetstack/sa-output

Add command to get a new cluster service account

Author: charlieegan3

docs/reference/jsctl_auth.md

@@ -20,6 +20,7 @@ Subcommands for authentication
 ### SEE ALSO
 
 * [jsctl](jsctl.md)	 - Command-line tool for the Jetstack Secure Control Plane
+* [jsctl auth clusters](jsctl_auth_clusters.md)	 - 
 * [jsctl auth login](jsctl_auth_login.md)	 - Performs the authentication flow to allow access to other commands
 * [jsctl auth logout](jsctl_auth_logout.md)	 - 
 * [jsctl auth status](jsctl_auth_status.md)	 - Print the logged in account and token location

docs/reference/jsctl_auth_clusters.md

@@ -0,0 +1,24 @@
+## jsctl auth clusters
+
+
+
+### Options
+
+```
+  -h, --help   help for clusters
+```
+
+### Options inherited from parent commands
+
+```
+      --api-url string      Base URL of the control-plane API (default "https://platform.jetstack.io")
+      --config string       Location of the user's jsctl config directory (default "HOME or USERPROFILE/.jsctl")
+      --kubeconfig string   Location of the user's kubeconfig file for applying directly to the cluster (default "~/.kube/config")
+      --stdout              If provided, manifests are written to stdout rather than applied to the current cluster
+```
+
+### SEE ALSO
+
+* [jsctl auth](jsctl_auth.md)	 - Subcommands for authentication
+* [jsctl auth clusters create-service-account](jsctl_auth_clusters_create-service-account.md)	 - Create a new Jetstack Secure service account for a cluster agent
+

docs/reference/jsctl_auth_clusters_create-service-account.md

@@ -0,0 +1,37 @@
+## jsctl auth clusters create-service-account
+
+Create a new Jetstack Secure service account for a cluster agent
+
+### Synopsis
+
+Generate a new service account for a Jetstack Secure cluster agent 
+This is only needed if you are not deploying the agent with jsctl.
+Output can be json formatted or as Kubernetes Secret.
+
+
+```
+jsctl auth clusters create-service-account name [flags]
+```
+
+### Options
+
+```
+      --format string             The desired output format, valid options: [jsonKeyData, secret] (default "jsonKeyData")
+  -h, --help                      help for create-service-account
+      --secret-name string        If using the 'secret' format, the name of the secret to create (default "agent-credentials")
+      --secret-namespace string   If using the 'secret' format, the namespace of the secret to create (default "jetstack-secure")
+```
+
+### Options inherited from parent commands
+
+```
+      --api-url string      Base URL of the control-plane API (default "https://platform.jetstack.io")
+      --config string       Location of the user's jsctl config directory (default "HOME or USERPROFILE/.jsctl")
+      --kubeconfig string   Location of the user's kubeconfig file for applying directly to the cluster (default "~/.kube/config")
+      --stdout              If provided, manifests are written to stdout rather than applied to the current cluster
+```
+
+### SEE ALSO
+
+* [jsctl auth clusters](jsctl_auth_clusters.md)	 - 
+

docs/reference/jsctl_clusters_connect.md

@@ -3,7 +3,7 @@
 Creates a new cluster in the control plane and deploys the agent in your current kubenetes context
 
 ```
-jsctl clusters connect [name] [flags]
+jsctl clusters connect name [flags]
 ```
 
 ### Options

docs/reference/jsctl_clusters_delete.md

@@ -3,7 +3,7 @@
 Deletes a cluster from the organization
 
 ```
-jsctl clusters delete [name] [flags]
+jsctl clusters delete name [flags]
 ```
 
 ### Options

docs/reference/jsctl_clusters_view.md

@@ -3,7 +3,7 @@
 Opens a browser window to the cluster's dashboard
 
 ```
-jsctl clusters view [name] [flags]
+jsctl clusters view name [flags]
 ```
 
 ### Options

docs/reference/jsctl_configuration_set_organization.md

@@ -3,7 +3,7 @@
 Set your current organization
 
 ```
-jsctl configuration set organization [value] [flags]
+jsctl configuration set organization name [flags]
 ```
 
 ### Options

docs/reference/jsctl_users_add.md

@@ -3,7 +3,7 @@
 Add a user to the current organization
 
 ```
-jsctl users add [email] [flags]
+jsctl users add email [flags]
 ```
 
 ### Options

docs/reference/jsctl_users_remove.md

@@ -3,7 +3,7 @@
 Remove a user from the current organization
 
 ```
-jsctl users remove [email] [flags]
+jsctl users remove email [flags]
 ```
 
 ### Options

internal/cluster/cluster.go

@@ -15,6 +15,9 @@ import (
 	"text/template"
 	"time"
 
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
 	"github.com/jetstack/jsctl/internal/client"
 )
 
@@ -158,3 +161,24 @@ func marshalBase64(in interface{}) ([]byte, error) {
 
 	return buffer.Bytes(), nil
 }
+
+// AgentServiceAccount secret takes a service account json and formats it as a
+// k8s secret.
+func AgentServiceAccountSecret(keyData []byte, name, namespace string) *corev1.Secret {
+	secret := &corev1.Secret{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: corev1.SchemeGroupVersion.String(),
+			Kind:       "Secret",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      name,
+			Namespace: namespace,
+		},
+		Type: corev1.SecretTypeOpaque,
+		Data: map[string][]byte{
+			"credentials.json": keyData,
+		},
+	}
+
+	return secret
+}