apiVersion: v1
kind: ServiceAccount
metadata:
name: vflow-kubectl
namespace: $NAMESPACE
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: vflow-kubectl-role
namespace: $NAMESPACE
rules:
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- list
- watch
- describe
- apiGroups:
- metrics.k8s.io
resources:
- pods
verbs:
- get
- apiGroups:
- ""
resources:
- pods/log
verbs:
- get
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: vflow-kubectl
namespace: $NAMESPACE
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: vflow-kubectl-role
subjects:
- kind: ServiceAccount
name: vflow-kubectl
namespace: $NAMESPACE
kubectl create -f vflow-kubectl-sa.yaml
kubectl create -f vflow-kubectl-role.yaml
kubectl create -f vflow-kubectl-rolebinding.yaml
kubectl describe serviceaccount vflow-kubectl -n $NAMESPACE | grep "Mountable secrets" | cut -d":" -f2 | xargs kubectl describe secret -n $NAMESPACE | grep "token:" | cut -d":" -f2 | tr -d " "
kubectl config view --flatten --minify | grep certificate-authority-data | cut -d":" -f2 | tr -d " "
kubectl config view --flatten --minify | grep server | tr -d " " | cut -c 8-
apiVersion: v1
kind: Config
users:
- name: vflow-kubectl
user:
token: <service account token>
clusters:
- cluster:
certificate-authority-data: <certificate authority data>
server: <api master server hostname>
name: vflow-kubectl
contexts:
- context:
cluster: vflow-kubectl
user: vflow-kubectl
name: vflow-kubectl
current-context: vflow-kubectl
# Import the python os module for connecting to the underlying operating system.
import os
# Download the latest Kubernetes client (kubectl), make it executable and prepare the .kube directory.
os.system("curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl && chmod +x kubectl && mkdir $HOME/.kube")
# Retrieve the token bearer using the DI vflow user's environment variables VSYSTEM_APP_ID and VSYSTEM_SECRET to read the config file for the kubectl and store it in the folder .kube.
# There has to be the config file in the user's workspace (path /files), otherwise the kubectl won't work!
os.system("TOKENB=$(curl -s --user $VSYSTEM_APP_ID:$VSYSTEM_SECRET -X GET http://vsystem-internal:8796/token/v2 | python -m json.tool | grep access_token | cut -d'\"' -f4) && curl -X GET -H \"Authorization:$TOKENB\" http://vsystem-internal:8796/repository/v2/files/user/files/config?op=read > $HOME/.kube/config")
os.system("./kubectl get pods -n $NAMESPACE > allpods.txt")
api.send("output", "echo && cat allpods.txt")
{
"description": "Get All Pods",
"processes": {
"py3datagenerator1": {
"component": "com.sap.util.datageneratorpy3",
"metadata": {
"label": "Py3 Data Generator",
"x": 12,
"y": 42,
"height": 80,
"width": 120,
"extensible": true,
"config": {
"script": "# Import the python os module for connecting to the underlying operating system.\nimport os\n\n# Download the latest Kubernetes client (kubectl), make it executable and prepare the .kube directory.\nos.system(\"curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl && chmod +x kubectl && mkdir $HOME/.kube\")\n\n# Retrieve the token bearer using the DI vflow user's environment variables VSYSTEM_APP_ID and VSYSTEM_SECRET to read the config file for the kubectl and store it in the folder .kube.\n# There has to be the config file in the user's workspace (path /files), otherwise the kubectl won't work!\nos.system(\"TOKENB=$(curl -s --user $VSYSTEM_APP_ID:$VSYSTEM_SECRET -X GET http://vsystem-internal:8796/token/v2 | python -m json.tool | grep access_token | cut -d'\\\"' -f4) && curl -X GET -H \\\"Authorization:$TOKENB\\\" http://vsystem-internal:8796/repository/v2/files/user/files/config?op=read > $HOME/.kube/config\")\n\nos.system(\"./kubectl get pods -n $NAMESPACE > allpods.txt\")\napi.send(\"output\", \"echo && cat allpods.txt\")"
}
}
},
"commandexecutor1": {
"component": "com.sap.system.commandExecutor",
"metadata": {
"label": "Command Executor",
"x": 280,
"y": 42,
"height": 80,
"width": 120,
"config": {
"cmdLine": "/bin/sh"
}
}
},
"toblobconverter1": {
"component": "com.sap.util.toBlobConverter",
"metadata": {
"label": "ToBlob Converter",
"x": 181,
"y": 57,
"height": 50,
"width": 50,
"config": {}
}
},
"terminal1": {
"component": "com.sap.util.terminal",
"metadata": {
"label": "Terminal",
"x": 579.9999980926514,
"y": 42,
"height": 80,
"width": 120,
"ui": "dynpath",
"config": {
"maxSize": 100000
}
}
},
"tostringconverter1": {
"component": "com.sap.util.toStringConverter",
"metadata": {
"label": "ToString Converter",
"x": 464.9999990463257,
"y": 12,
"height": 50,
"width": 50,
"config": {}
}
},
"tostringconverter2": {
"component": "com.sap.util.toStringConverter",
"metadata": {
"label": "ToString Converter",
"x": 464.9999990463257,
"y": 102,
"height": 50,
"width": 50,
"config": {}
}
}
},
"groups": [],
"connections": [
{
"metadata": {
"points": "136,82 176,82"
},
"src": {
"port": "output",
"process": "py3datagenerator1"
},
"tgt": {
"port": "ininterface",
"process": "toblobconverter1"
}
},
{
"metadata": {
"points": "235,82 275,82"
},
"src": {
"port": "outbytearray",
"process": "toblobconverter1"
},
"tgt": {
"port": "stdin",
"process": "commandexecutor1"
}
},
{
"metadata": {
"points": "518.9999990463257,37 546.9999985694885,37 546.9999985694885,82 574.9999980926514,82"
},
"src": {
"port": "outstring",
"process": "tostringconverter1"
},
"tgt": {
"port": "in1",
"process": "terminal1"
}
},
{
"metadata": {
"points": "518.9999990463257,127 546.9999985694885,127 546.9999985694885,82 574.9999980926514,82"
},
"src": {
"port": "outstring",
"process": "tostringconverter2"
},
"tgt": {
"port": "in1",
"process": "terminal1"
}
},
{
"metadata": {
"points": "404,73 432,73 432,28 459.9999990463257,28"
},
"src": {
"port": "stdout",
"process": "commandexecutor1"
},
"tgt": {
"port": "ininterface",
"process": "tostringconverter1"
}
},
{
"metadata": {
"points": "404,91 432,91 432,118 459.9999990463257,118"
},
"src": {
"port": "stderr",
"process": "commandexecutor1"
},
"tgt": {
"port": "ininterface",
"process": "tostringconverter2"
}
}
],
"inports": {},
"outports": {},
"properties": {}
}
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
25 | |
18 | |
17 | |
12 | |
10 | |
9 | |
8 | |
8 | |
7 | |
7 |