only handle attempts with KUBE_CONFIG defined

Rackspace-DOT · Aug 24, 2023 · bbf9ccb · bbf9ccb
1 parent b383eea
commit bbf9ccb
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 95 deletions.
diff --git a/README.md b/README.md
@@ -9,32 +9,9 @@ To use kubectl put this step into your workflow:
 
 ### Authorization with config file
 ```yaml
-- uses: actions-hub/kubectl@master
+- uses: andrrax/kubectl@only_kubeconfig
   env:
-    KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
-  with:
-    args: get pods
-```
-
-### Authorization with credentials
-```yaml
-- uses: actions-hub/kubectl@master
-  env:
-    KUBE_HOST: ${{ secrets.KUBE_HOST }}
-    KUBE_CERTIFICATE: ${{ secrets.KUBE_CERTIFICATE }}
-    KUBE_USERNAME: ${{ secrets.KUBE_USERNAME }}
-    KUBE_PASSWORD: ${{ secrets.KUBE_PASSWORD }}
-  with:
-    args: get pods
-```
-
-### Authorization with a bearer token
-```yaml
-- uses: actions-hub/kubectl@master
-  env:
-    KUBE_HOST: ${{ secrets.KUBE_HOST }}
-    KUBE_CERTIFICATE: ${{ secrets.KUBE_CERTIFICATE }}
-    KUBE_TOKEN: ${{ secrets.KUBE_TOKEN }}
+    KUBE_CONFIG: ${{ secrets.KUBECONFIG }}
   with:
     args: get pods
 ```
@@ -46,7 +23,7 @@ I recommend using secrets for this.
 ### KUBECONFIG file
 First options its to use [kubeconfig file](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/).  
 
-For this method `KUBE_CONFIG` required.  
+For this method `KUBECONFIG` required.  
 You can find it: `cat $HOME/.kube/config | base64 `.
 
 Optionally you can switch the [context](https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/) (the cluster) if you have few in kubeconfig file. Passing specific context to `KUBE_CONTEXT`. To see the list of available contexts do: `kubectl config get-contexts`.
@@ -56,21 +33,6 @@ Optionally you can switch the [context](https://kubernetes.io/docs/tasks/access-
 | KUBE_CONFIG | string (base64) |
 | KUBE_CONTEXT | string |
 
-### KUBECONFIG file
-Another way to authenticate in the cluster is [HTTP basic auth](https://kubernetes.io/docs/reference/access-authn-authz/authentication/).
-
-For this you need to pass:
-- host (IP only, without protocol)
-- username
-- password
-- cluster CA certificate
-
-| Variable | Type |
-| --- | --- |
-| KUBE_HOST | string |
-| KUBE_USERNAME | string |
-| KUBE_PASSWORD | string |
-| KUBE_CERTIFICATE | string |
 
 ## Example
 ```yaml
@@ -84,9 +46,9 @@ jobs:
 
     steps:
       - uses: actions/checkout@v1
-      - uses: actions-hub/kubectl@master
+      - uses: andrrax/kubectl@only_kubeconfig
         env:
-          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
+          KUBE_CONFIG: ${{ secrets.KUBECONFIG }}
         with:
           args: get pods
 ```
@@ -102,11 +64,11 @@ jobs:
 
     steps:
       - uses: actions/checkout@v1
-      - uses: actions-hub/kubectl@master
+      - uses: andrrax/kubectl@only_kubeconfig
         env:
-          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
+          KUBE_CONFIG: ${{ secrets.KUBECONFIG }}
 
-      - uses: actions-hub/kubectl@master
+      - uses: andrrax/kubectl@only_kubeconfig
         with:
           args: get pods
 ```
@@ -119,7 +81,7 @@ To use a specific version of kubectl use:
 ```yaml
 - uses: actions-hub/[email protected]
   env:
-    KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
+    KUBE_CONFIG: ${{ secrets.KUBECONFIG }}
   with:
     args: get pods
 ```

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -8,58 +8,19 @@ if [ ! -d "$HOME/.kube" ]; then
     mkdir -p $HOME/.kube
 fi
 
+if [ ! -z "${KUBE_CONFIG}" ]; then
+    echo "Writing provided config to ${HOME}/.kube/config"
+    echo "$KUBE_CONFIG" | base64 -d > $HOME/.kube/config
 
-config=$(echo "$KUBE_CONFIG" | base64 -d)
-echo "KUBE_CONFIG: ${config}"
-echo "KUBE_CONTEXT: ${KUBE_CONTEXT}"
-echo "KUBE_CERTIFICATE: ${KUBE_CERTIFICATE}"
-echo "KUBE_HOST: ${KUBE_HOST}"
-
-# version=$(kubectl version)
-# echo "kubectl version: ${version}"
-
-echo "Using config file: ${HOME}/.kube/config"
-
-config=$(cat ${HOME}/.kube/config)
-echo "Using the following config: ${config}"
-
-echo "Checking for existing config file ..."
-if [ ! -f "$HOME/.kube/config" ]; then
-    echo "Existing config not found."
-    if [ ! -z "${KUBE_CONFIG}" ]; then
-        echo "Writing provided config to ${HOME}/.kube/config"
-        echo "$KUBE_CONFIG" | base64 -d > $HOME/.kube/config
-
-        if [ ! -z "${KUBE_CONTEXT}" ]; then
-            echo "Switching context to ${KUBE_CONTEXT}."
-            kubectl config use-context $KUBE_CONTEXT
-        fi
-    elif [ ! -z "${KUBE_HOST}" ]; then
-        echo "Config file not provided, building our own ..."
-        echo "$KUBE_CERTIFICATE" | base64 -d > $HOME/.kube/certificate
-        kubectl config set-cluster default --server=https://$KUBE_HOST --certificate-authority=$HOME/.kube/certificate > /dev/null
-
-        if [ ! -z "${KUBE_PASSWORD}" ]; then
-            kubectl config set-credentials cluster-admin --username=$KUBE_USERNAME --password=$KUBE_PASSWORD > /dev/null
-        elif [ ! -z "${KUBE_TOKEN}" ]; then
-            kubectl config set-credentials cluster-admin --token="${KUBE_TOKEN}" > /dev/null
-        else
-            echo "No credentials found. Please provide KUBE_TOKEN, or KUBE_USERNAME and KUBE_PASSWORD. Exiting..."
-            exit 1
-        fi
-
-        kubectl config set-context default --cluster=default --namespace=default --user=cluster-admin > /dev/null
-        kubectl config use-context default > /dev/null
-    elif [[ $* == "kustomize" ]]; then :;
-    else
-        echo "No authorization data found. Please provide KUBE_CONFIG or KUBE_HOST variables. Exiting..."
-        exit 1
+    if [ ! -z "${KUBE_CONTEXT}" ]; then
+        echo "Using context ${KUBE_CONTEXT}."
+        kubectl config use-context $KUBE_CONTEXT
     fi
+else
+    echo "KUBE_CONFIG was not defined. Please provide a KUBE_CONFIG variable. Exiting..."
+    exit 1
 fi
 
-config=$(cat ${HOME}/.kube/config)
-echo "Using the following config: ${config}"
-
 echo "Running kubectl ..."
 if [ -z "$dest" ]; then
     kubectl $*