make kube2msb use pod secret

Issue-ID: OOM-811

Change-Id: I039b6bcc9a301751ba976b77c0f2cc3b904b8e9c
Signed-off-by: Frank A. Zdarsky <fzdarsky@redhat.com>

diff --git a/build/docker/Dockerfile b/build/docker/Dockerfile
index 849b07e..f25e592 100644 (file)
--- a/build/docker/Dockerfile
+++ b/build/docker/Dockerfile
@@ -1,4 +1,4 @@
 FROM alpine:3.3\r
 COPY kube2msb /bin/\r
 \r
-ENTRYPOINT /bin/kube2msb  --kube_master_url=${KUBE_MASTER_URL} --msb_url=${MSB_URL}
\ No newline at end of file
+ENTRYPOINT /bin/kube2msb --kube_master_url=${KUBE_MASTER_URL} --auth_token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) --msb_url=${MSB_URL}\r

diff --git a/src/kube2msb/kube2msb.go b/src/kube2msb/kube2msb.go
index 2d39b77..4dac06d 100644 (file)
--- a/src/kube2msb/kube2msb.go
+++ b/src/kube2msb/kube2msb.go
@@ -36,6 +36,7 @@ import (
 var (
        argMSBUrl        = flag.String("msb_url", "", "URL to MSB backend")
        argKubeMasterUrl = flag.String("kube_master_url", "", "Url to reach kubernetes master. Env variables in this flag will be expanded.")
+       argAuthToken     = flag.String("auth_token", "", "Auth token for accessing Kube master.")
        addMap           = make(map[string]*kapi.Pod)
        deleteMap        = make(map[string]*kapi.Pod)
        nodeSelector     = klabels.Everything()
@@ -92,7 +93,10 @@ func newKubeClient() (*kclient.Client, error) {
        overrides := &kclientcmd.ConfigOverrides{}
        overrides.ClusterInfo.Server = masterUrl
 
-       if token, present := os.LookupEnv("AUTH_TOKEN"); present {
+       if *argAuthToken != "" {
+               overrides.AuthInfo.Token = *argAuthToken
+               overrides.ClusterInfo.InsecureSkipTLSVerify = true
+       } else if token, present := os.LookupEnv("AUTH_TOKEN"); present {
                overrides.AuthInfo.Token = token
                overrides.ClusterInfo.InsecureSkipTLSVerify = true
        }