-
Notifications
You must be signed in to change notification settings - Fork 1
/
action.yml
173 lines (161 loc) · 6.24 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
---
# https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions
name: KUBECONFIG for Service Account (SA)
author: '@vbem'
description: Generates Kubernetes kubeconfig file for service account
branding:
icon: log-in
color: green
inputs:
server:
description: 'K8s cluster API server URL'
required: true
ca-base64:
description: 'K8s cluster Certificate Authority data base64'
required: true
cluster:
description: 'K8s cluster name in kubeconfig file'
required: false
default: ''
token:
description: 'Service Account bearer token'
required: true
sa:
description: 'Service Account name in kubeconfig file'
required: false
default: sa
context:
description: 'Context name in kubeconfig file'
required: false
default: ''
namespace:
description: 'Context namespace in kubeconfig file'
required: false
default: ''
current:
description: 'Set as current-context in kubeconfig file'
required: false
default: true
kubeconfig:
description: 'Path of kubeconfig file'
required: false
default: ''
export:
description: 'Set the KUBECONFIG environment variable available to subsequent steps'
required: false
default: true
version:
description: 'Show client and server version information for the current context'
required: false
default: true
# https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#outputs-for-composite-actions
outputs:
context:
description: Context name in kubeconfig file
value: ${{ steps.main.outputs.context }}
kubeconfig:
description: Path of kubeconfig file
value: ${{ steps.main.outputs.kubeconfig }}
# https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-composite-actions
runs:
using: composite
steps:
- id: main
shell: bash
run: |
# implementation details
# Group stdin to stderr with title
# https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#grouping-log-lines
# $1: group title
# stdin: logs
# stderr: grouped logs
# $?: 0 if successful and non-zero otherwise
function kit::wf::group {
echo "::group::$1" >&2
echo "$(< /dev/stdin)" >&2
echo '::endgroup::' >&2
}
# Set stdin as value to output of current step with given name
# https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#setting-an-output-parameter
# https://renehernandez.io/snippets/multiline-strings-as-a-job-output-in-github-actions/
# $1: output name
# $2: masked value in logs
# stdin: output value
# stderr: grouped logs
# $?: 0 if successful and non-zero otherwise
function kit::wf::output {
local val
val="$(< /dev/stdin)"
{ # https://www.gnu.org/software/bash/manual/bash.html#Command-Grouping
echo "$1<<__GITHUB_OUTPUT__"
echo "$val"
echo '__GITHUB_OUTPUT__'
} >> "$GITHUB_OUTPUT"
kit::wf::group "🖨️ step output '$1' has been set" <<< "${2:-$val}"
}
# Set stdin as value to environment with given name
# https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#setting-an-environment-variable
# $1: environment variable name
# $2: masked value in logs
# stdin: environment variable value
# $?: 0 if successful and non-zero otherwise
function kit::wf::env {
local val
val="$(< /dev/stdin)"
{ # https://www.gnu.org/software/bash/manual/bash.html#Command-Grouping
echo "$1<<__GITHUB_ENV__"
echo "$val"
echo '__GITHUB_ENV__'
} >> "$GITHUB_ENV"
kit::wf::group "💲 environment variable '$1' has been set in \$GITHUB_ENV" <<< "${2:-$val}"
}
# Extract host from an URL
# $1: URL
# stdout: host
# $?: 0 if successful and non-zero otherwise
function kit::str::extractHost {
local url="$1" # for Parameter Expansion & Pattern Matching
url="${url/#*:\/\/}"
url="${url/%:*}"
echo -n "${url/%\/*}"
}
SERVER='${{ inputs.server }}'
CA_BASE64='${{ inputs.ca-base64 }}'
CLUSTER='${{ inputs.cluster }}'; CLUSTER="${CLUSTER:-$(kit::str::extractHost "$SERVER")}"
TOKEN='${{ inputs.token }}'
SA='${{ inputs.sa }}'
CONTEXT='${{ inputs.context }}'; CONTEXT="${CONTEXT:-$SA@$CLUSTER}"
NAMESPACE='${{ inputs.namespace }}'
CURRENT='${{ inputs.current }}'
KUBECONFIG='${{ inputs.kubeconfig }}'; KUBECONFIG="${KUBECONFIG:-${{ runner.temp }}/$CONTEXT.kubeconfig}"
EXPORT='${{ inputs.export }}'
VERSION='${{ inputs.version }}'
kit::wf::group '📩 action inputs' << __HEREDOC__
server: $SERVER
cluster: $CLUSTER
sa: $SA
context: $CONTEXT
namespace: $NAMESPACE
current: $CURRENT
kubeconfig: $KUBECONFIG
export: $EXPORT
version: $VERSION
__HEREDOC__
declare -rx KUBECONFIG
{
kubectl config set-cluster "$CLUSTER" --server="$SERVER" >&1
kubectl config set "clusters.$CLUSTER.certificate-authority-data" "$CA_BASE64" >&1
kubectl config set-credentials "$SA" --token="$TOKEN" >&1
kubectl config set-context "$CONTEXT" --cluster="$CLUSTER" --user="$SA" --namespace="$NAMESPACE" >&1
if [[ "$CURRENT" == 'true' ]]; then
kubectl config use-context "$CONTEXT" >&1
fi
} | kit::wf::group '🚢 kubectl config set'
kubectl config view --raw=false | yq -Ce | kit::wf::group '🚢 kubectl config view'
[[ "$EXPORT" == 'true' ]] && kit::wf::env 'KUBECONFIG' <<< "$KUBECONFIG"
kit::wf::output 'context' <<< "$CONTEXT"
kit::wf::output 'kubeconfig' <<< "$KUBECONFIG"
if [[ "$VERSION" == 'true' ]]; then
kubectl version -o yaml | yq -Ce | kit::wf::group '🚢 kubectl version'
fi
...