diff options
author | Chris Werner Rau | 2023-09-07 12:23:48 +0200 |
---|---|---|
committer | Chris Werner Rau | 2023-09-07 12:23:48 +0200 |
commit | 134472a0c1f7b42b1657d442d8d121e1c512ae20 (patch) | |
tree | 903cee3483e4377d908e6318542fb070edf2a334 | |
parent | 8b20bda7bd5ee0fbb7cf44afb9a6f0bd29c41297 (diff) | |
download | aur-134472a0c1f7b42b1657d442d8d121e1c512ae20.tar.gz |
fix: unset KUBECONFIG and OS_AUTH_URL if config not found in cluster
this should prevent accidentally accessing the management cluster in those cases
-rw-r--r-- | .SRCINFO | 4 | ||||
-rw-r--r-- | PKGBUILD | 4 | ||||
-rwxr-xr-x | capo-shell | 2 |
3 files changed, 6 insertions, 4 deletions
@@ -1,12 +1,12 @@ pkgbase = capo-shell pkgdesc = Wrapper to start a tool or shell with KUBECONFIG and OS_ environment variables to interact with cluster-api-provider-openstack clusters - pkgver = 1.0.0 + pkgver = 1.0.1 pkgrel = 1 arch = x86_64 license = APACHE depends = kubectl depends = yq source = capo-shell - sha512sums = 485c93e3a25f2b216ecc37141c3c766a3f905c98dae730d1afa8a8fae639d8d5532fbb7ef1955d96809a61dcea38930f95599b82bbcf24405cbcc3a6254d4760 + sha512sums = 6a95e39ce48707ca6b678cf0a4daba0402db897db7922064ecf07a85d49249eb207716fa2c6c5cdadb1acd6462f2e0d6aeddaa9450c15550705007fd8c3b3360 pkgname = capo-shell @@ -1,14 +1,14 @@ # Maintainer Chris Werner Rau <aur@cwrau.io> pkgname=capo-shell -pkgver=1.0.0 +pkgver=1.0.1 pkgrel=1 pkgdesc="Wrapper to start a tool or shell with KUBECONFIG and OS_ environment variables to interact with cluster-api-provider-openstack clusters" license=('APACHE') arch=('x86_64') depends=('kubectl' 'yq') source=("$pkgname") -sha512sums=('485c93e3a25f2b216ecc37141c3c766a3f905c98dae730d1afa8a8fae639d8d5532fbb7ef1955d96809a61dcea38930f95599b82bbcf24405cbcc3a6254d4760') +sha512sums=('6a95e39ce48707ca6b678cf0a4daba0402db897db7922064ecf07a85d49249eb207716fa2c6c5cdadb1acd6462f2e0d6aeddaa9450c15550705007fd8c3b3360') package() { install -D -m 0755 -t $pkgdir/usr/bin/ $srcdir/$pkgname diff --git a/capo-shell b/capo-shell index f93f7107672c..b8cadc6acfcb 100755 --- a/capo-shell +++ b/capo-shell @@ -16,6 +16,7 @@ if kubectl -n "$namespace" get secrets "${name}-kubeconfig" -o jsonpath='{.data. envs+=(KUBECONFIG="$NEW_KUBECONFIG") else hasKubeconfig=false + envs+=(KUBECONFIG="") fi if secretName="$(kubectl -n "$namespace" get openstackcluster -l cluster.x-k8s.io/cluster-name="$name" -o yaml 2>/dev/null | yq -r '.items[0].spec.identityRef.name')"; then hasOSConfig=true @@ -23,6 +24,7 @@ if secretName="$(kubectl -n "$namespace" get openstackcluster -l cluster.x-k8s.i envs+=(OS_SHELL=true "${osEnvs[@]}") else hasOSConfig=false + envs+=(OS_AUTH_URL="") fi if [[ "$hasOSConfig" == false ]] && [[ "$hasKubeconfig" == false ]]; then echo "All secrets are missing!" >/dev/stderr |