import os
import re
import uuid
+import base64
+from binascii import hexlify
from kubernetes import config, client, stream
# Default values for readiness probe
return service
+def create_secret_with_password(namespace, secret_prefix, password_length):
+ """
+ Creates K8s secret object with a generated password.
+ Returns: secret name and data key.
+
+ Example usage:
+ create_secret_with_password('onap', 'dcae-keystore-password-', 128)
+ """
+ password = _generate_password(password_length)
+ password_base64 = _encode_base64(password)
+
+ metadata = {'generateName': secret_prefix, 'namespace': namespace}
+ key = 'data'
+ data = {key: password_base64}
+
+ response = _create_k8s_secret(namespace, metadata, data, 'Opaque')
+ secret_name = response.metadata.name
+ return secret_name, key
+
+
+def _generate_password(length):
+ rand = os.urandom(length)
+ password = hexlify(rand)
+ return password.decode("ascii");
+
+
+def _encode_base64(value):
+ value_bytes = value.encode("ascii")
+ base64_encoded_bytes = base64.b64encode(value_bytes)
+ encoded_value = base64_encoded_bytes.decode("ascii")
+ return encoded_value
+
+
+def _create_k8s_secret(namespace, metadata, data, secret_type):
+ api_version = 'v1'
+ kind = 'Secret'
+ body = client.V1Secret(api_version, data, kind, metadata, type=secret_type)
+
+ response = client.CoreV1Api().create_namespaced_secret(namespace, body)
+ return response
+
+
def parse_ports(port_list):
"""
Parse the port list into a list of container ports (needed to create the container)
# Execute command in the running pods
return [_execute_command_in_pod(location, namespace, pod_name, command)
for pod_name in pod_names]
+
+
+
+