Merge pull request #60 from jetstack/cluster-info-cmd

Implement basic cluster info command
jetstack · Nov 11, 2022 · 24fb1f9 · 24fb1f9
2 parents bb9c924 + a3bec00
commit 24fb1f9
Show file tree

Hide file tree

Showing 91 changed files with 31,951 additions and 495 deletions.
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -12,17 +12,19 @@ jobs:
     env:
       GOPRIVATE: github.com/jetstack/*
     steps:
-    - name: Configure js-operator repo pull access
-      # js-operator is a private repo that this tool depends on to build,
+    - name: Configure private repo pull access
       # the following configuration will grant this action permissions to pull
-      # that contents of that repo during a go mod download step. The key in
-      # DEPLOY_KEY_READ_JS_OPERATOR is the private key of a deploy key on
-      # the js-operator repo granting read only access.
+      # that contents of that private repos using the deploy keys in the repo secrets
       run: |
         mkdir ~/.ssh
         chmod 700 ~/.ssh
 
         echo "${{ secrets.DEPLOY_KEY_READ_JS_OPERATOR }}" > ~/.ssh/js_operator_id
+        echo "${{ secrets.DEPLOY_KEY_READ_VENAFI_ENHANCED_ISSUER }}" > ~/.ssh/venafi_enhanced_issuer_id
+        echo "${{ secrets.DEPLOY_KEY_READ_EXTERNAL_ISSUER_LIB }}" > ~/.ssh/external_issuer_lib_id
+        
+        chmod 600 ~/.ssh/venafi_enhanced_issuer_id
+        chmod 600 ~/.ssh/external_issuer_lib_id
         chmod 600 ~/.ssh/js_operator_id
 
         cat <<EOT >> ~/.ssh/config
@@ -31,10 +33,28 @@ jobs:
         IdentityFile ~/.ssh/js_operator_id
         IdentitiesOnly yes
         EOT
+        
+        cat <<EOT >> ~/.ssh/config
+        Host venafi-enhanced-issuer.github.com
+        HostName github.com
+        IdentityFile ~/.ssh/venafi_enhanced_issuer_id
+        IdentitiesOnly yes
+        EOT
+        
+        cat <<EOT >> ~/.ssh/config
+        Host external-issuer-lib.github.com
+        HostName github.com
+        IdentityFile ~/.ssh/external_issuer_lib_id
+        IdentitiesOnly yes
+        EOT
 
         cat <<EOT >> ~/.gitconfig
         [url "[email protected]:jetstack/js-operator"]
           insteadOf = https://github.com/jetstack/js-operator
+        [url "[email protected]:jetstack/venafi-enhanced-issuer"]
+          insteadOf = https://github.com/jetstack/venafi-enhanced-issuer
+        [url "[email protected]:jetstack/external-issuer-lib"]
+          insteadOf = https://github.com/jetstack/external-issuer-lib
         EOT
 
     - name: Install Go

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -9,17 +9,19 @@ jobs:
     env:
       GOPRIVATE: github.com/jetstack/*
     steps:
-    - name: Configure js-operator repo pull access
-      # js-operator is a private repo that this tool depends on to build,
+    - name: Configure private repo pull access
       # the following configuration will grant this action permissions to pull
-      # that contents of that repo during a go mod download step. The key in
-      # DEPLOY_KEY_READ_JS_OPERATOR is the private key of a deploy key on
-      # the js-operator repo granting read only access.
+      # that contents of that private repos using the deploy keys in the repo secrets
       run: |
         mkdir ~/.ssh
         chmod 700 ~/.ssh
 
         echo "${{ secrets.DEPLOY_KEY_READ_JS_OPERATOR }}" > ~/.ssh/js_operator_id
+        echo "${{ secrets.DEPLOY_KEY_READ_VENAFI_ENHANCED_ISSUER }}" > ~/.ssh/venafi_enhanced_issuer_id
+        echo "${{ secrets.DEPLOY_KEY_READ_EXTERNAL_ISSUER_LIB }}" > ~/.ssh/external_issuer_lib_id
+        
+        chmod 600 ~/.ssh/venafi_enhanced_issuer_id
+        chmod 600 ~/.ssh/external_issuer_lib_id
         chmod 600 ~/.ssh/js_operator_id
 
         cat <<EOT >> ~/.ssh/config
@@ -28,10 +30,28 @@ jobs:
         IdentityFile ~/.ssh/js_operator_id
         IdentitiesOnly yes
         EOT
+        
+        cat <<EOT >> ~/.ssh/config
+        Host venafi-enhanced-issuer.github.com
+        HostName github.com
+        IdentityFile ~/.ssh/venafi_enhanced_issuer_id
+        IdentitiesOnly yes
+        EOT
+        
+        cat <<EOT >> ~/.ssh/config
+        Host external-issuer-lib.github.com
+        HostName github.com
+        IdentityFile ~/.ssh/external_issuer_lib_id
+        IdentitiesOnly yes
+        EOT
 
         cat <<EOT >> ~/.gitconfig
         [url "[email protected]:jetstack/js-operator"]
           insteadOf = https://github.com/jetstack/js-operator
+        [url "[email protected]:jetstack/venafi-enhanced-issuer"]
+          insteadOf = https://github.com/jetstack/venafi-enhanced-issuer
+        [url "[email protected]:jetstack/external-issuer-lib"]
+          insteadOf = https://github.com/jetstack/external-issuer-lib
         EOT
 
     - name: Install Go

diff --git a/docs/developer/cluster_status.md b/docs/developer/cluster_status.md
@@ -0,0 +1,22 @@
+# `jsctl cluster status` command
+
+The cluster status command shows the status resource definitions and resources
+in the cluster. This command exists to aid in the installation and maintenance
+of Jetstack Secure.
+
+## A component is not being correctly identified
+
+If an item in this part of the output:
+
+```
+components:
+...
+```
+
+appears to be incorrect, then you will need to alter the component's matching
+code. These are found in the `internal/kubernetes/status/components/` directory.
+
+Updating the `Match` implementation will allow the component to be correctly
+identified, note, more information migth need to be supplied to the function
+to robustly identify the component. This will require updates to the 
+`installedComponent` interface.
diff --git a/go.mod b/go.mod
@@ -4,27 +4,34 @@ go 1.19
 
 require (
 	github.com/Masterminds/semver v1.5.0
-	github.com/cert-manager/cert-manager v1.9.1
-	github.com/gofrs/uuid v4.3.0+incompatible
+	github.com/Skyscanner/kms-issuer v1.0.1-0.20221007144244-feb19f32171b
+	github.com/cert-manager/aws-privateca-issuer v1.2.2
+	github.com/cert-manager/cert-manager v1.10.0
+	github.com/cloudflare/origin-ca-issuer v0.6.1
+	github.com/gofrs/uuid v4.3.1+incompatible
 	github.com/golang-jwt/jwt/v4 v4.4.2
-	github.com/jetstack/js-operator v0.0.1-alpha.17
+	github.com/jetstack/google-cas-issuer v0.6.0
+	github.com/jetstack/js-operator v0.0.1-alpha.18
+	github.com/jetstack/venafi-enhanced-issuer v0.1.6
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/spf13/cobra v1.5.0
+	github.com/smallstep/step-issuer v0.6.1
+	github.com/spf13/cobra v1.6.1
 	github.com/spf13/pflag v1.0.5
-	github.com/stretchr/testify v1.8.0
+	github.com/stretchr/testify v1.8.1
 	github.com/toqueteos/webbrowser v1.2.0
-	golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1
-	golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0
+	golang.org/x/oauth2 v0.2.0
+	golang.org/x/sync v0.1.0
 	gopkg.in/yaml.v2 v2.4.0
-	k8s.io/api v0.25.2
-	k8s.io/apiextensions-apiserver v0.25.2
-	k8s.io/apimachinery v0.25.2
-	k8s.io/client-go v0.25.2
+	k8s.io/api v0.25.3
+	k8s.io/apiextensions-apiserver v0.25.3
+	k8s.io/apimachinery v0.25.3
+	k8s.io/client-go v0.25.3
 	sigs.k8s.io/yaml v1.3.0
 )
 
 require (
-	cloud.google.com/go/compute v1.10.0 // indirect
+	cloud.google.com/go/compute v1.12.1 // indirect
+	cloud.google.com/go/compute/metadata v0.2.1 // indirect
 	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
 	github.com/Azure/go-autorest/autorest v0.11.28 // indirect
 	github.com/Azure/go-autorest/autorest/adal v0.9.21 // indirect
@@ -42,9 +49,11 @@ require (
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/gnostic v0.6.9 // indirect
+	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/imdario/mergo v0.3.13 // indirect
 	github.com/inconshreveable/mousetrap v1.0.1 // indirect
+	github.com/jetstack/external-issuer-lib v0.0.0-20221107151228-a68398a7931b // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
@@ -53,23 +62,21 @@ require (
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	golang.org/x/crypto v0.0.0-20221005025214-4161e89ecf1b // indirect
-	golang.org/x/net v0.0.0-20221004154528-8021a29435af // indirect
-	golang.org/x/sys v0.0.0-20221006211917-84dc82d7e875 // indirect
-	golang.org/x/term v0.0.0-20220919170432-7a66f970e087 // indirect
-	golang.org/x/text v0.3.7 // indirect
-	golang.org/x/time v0.0.0-20220922220347-f3bd1da661af // indirect
+	golang.org/x/crypto v0.2.0 // indirect
+	golang.org/x/net v0.2.0 // indirect
+	golang.org/x/sys v0.2.0 // indirect
+	golang.org/x/term v0.2.0 // indirect
+	golang.org/x/text v0.4.0 // indirect
+	golang.org/x/time v0.2.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/klog/v2 v2.80.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20220928191237-829ce0c27909 // indirect
-	k8s.io/utils v0.0.0-20220922133306-665eaaec4324 // indirect
-	sigs.k8s.io/gateway-api v0.5.0 // indirect
+	k8s.io/kube-openapi v0.0.0-20221106113015-f73e7dbcfe29 // indirect
+	k8s.io/utils v0.0.0-20221108210102-8e77b1f39fe2 // indirect
+	sigs.k8s.io/controller-runtime v0.13.1 // indirect
+	sigs.k8s.io/gateway-api v0.5.1 // indirect
 	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
 )
-
-// Remove this replace stanze once we depend on a version of cert-manager that has https://github.com/cert-manager/cert-manager/pull/5376
-replace sigs.k8s.io/gateway-api v0.5.0 => sigs.k8s.io/gateway-api v0.4.3