diff options
author | pandada8 | 2023-06-13 18:42:25 +0800 |
---|---|---|
committer | pandada8 | 2023-06-13 18:43:16 +0800 |
commit | 84737b12038218cfa24ed7b1f27407bf87b795b1 (patch) | |
tree | 7478c0240b3461a238860caf001b0858f0c635d9 | |
download | aur-84737b12038218cfa24ed7b1f27407bf87b795b1.tar.gz |
init
-rw-r--r-- | .SRCINFO | 15 | ||||
-rw-r--r-- | .gitignore | 4 | ||||
-rw-r--r-- | PKGBUILD | 45 | ||||
-rw-r--r-- | no_mask.patch | 79 |
4 files changed, 143 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 000000000000..376cd7c2e1b1 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,15 @@ +pkgbase = kubectl-no-mask + pkgdesc = kubectl patched to skip secret mask + pkgver = 1.27.2 + pkgrel = 1 + url = https://kubernetes.io/ + arch = x86_64 + license = Apache + makedepends = git + makedepends = go + source = https://github.com/kubernetes/kubernetes/archive/v1.27.2/kubernetes-1.27.2.tar.gz + source = no_mask.patch + sha512sums = c7a4f6f3e3e6ce66295e9c09b5214ed3b9fa3b674b0b7e200672da5873fbc75533d1e6a5d9e04edba09c81db35e3309dbe6ff6a4a9dffc6687c66a6e5e566b1d + sha512sums = dd3c47a1871cc48fa6c6aa29955156d334ce38e9feb7beafc98cc8d71fb1a6a567fe5c8458698755b7bf14050f29473f571dbef85d0f7a8dcfe19b2273b4479b + +pkgname = kubectl-no-mask diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000000..69907adb6d07 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +pkg/ +src/ +*.tar.gz +*.tar.zst
\ No newline at end of file diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 000000000000..17e80bd9b97a --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,45 @@ +# Maintainer: David Runge <dvzrv@archlinux.org> +# Maintainer: Morten Linderud <foxboron@archlinux.org> +# Maintainer: pandada8 <pandada8@gmail.com> + +pkgname=kubectl-no-mask +pkgver=1.27.2 +pkgrel=1 +pkgdesc="kubectl patched to skip secret mask and some minor diff fix" +arch=(x86_64) +url="https://kubernetes.io/" +license=(Apache) +makedepends=( + git + go +) +source=( + https://github.com/kubernetes/kubernetes/archive/v$pkgver/kubernetes-$pkgver.tar.gz + no_mask.patch +) +sha512sums=('c7a4f6f3e3e6ce66295e9c09b5214ed3b9fa3b674b0b7e200672da5873fbc75533d1e6a5d9e04edba09c81db35e3309dbe6ff6a4a9dffc6687c66a6e5e566b1d' + 'dd3c47a1871cc48fa6c6aa29955156d334ce38e9feb7beafc98cc8d71fb1a6a567fe5c8458698755b7bf14050f29473f571dbef85d0f7a8dcfe19b2273b4479b') + +prepare() { + # set static builds CGO_ENABLED=1 for full RELRO + patch -Np1 -d kubernetes-$pkgver -i ../no_mask.patch +} + +build() { + export CGO_CPPFLAGS="$CPPFLAGS" + export CGO_CFLAGS="$CFLAGS" + export CGO_CXXFLAGS="$CXXFLAGS" + export CGO_LDFLAGS="$LDFLAGS" + # NOTE: -mod=readonly in GOFLAGS breaks the build + export GOFLAGS="-buildmode=pie -ldflags=-linkmode=external -ldflags=-compressdwarf=false -modcacherw" + # NOTE: this also ensures the binaries have full RELRO + export GOLDFLAGS="-linkmode=external -compressdwarf=false" + + export GOPATH="$srcdir" + + make kubectl DBG=1 KUBE_VERBOSE=5 -C kubernetes-$pkgver +} + +package() { + install -vDm 755 kubernetes-$pkgver/_output/local/bin/linux/*/kubectl "$pkgdir/usr/bin/kubectl-no-mask" +} diff --git a/no_mask.patch b/no_mask.patch new file mode 100644 index 000000000000..cde5fc7a89f6 --- /dev/null +++ b/no_mask.patch @@ -0,0 +1,79 @@ +diff --git a/staging/src/k8s.io/kubectl/pkg/cmd/diff/diff.go b/staging/src/k8s.io/kubectl/pkg/cmd/diff/diff.go +index 72d16b716da..37bb247f5bd 100644 +--- a/staging/src/k8s.io/kubectl/pkg/cmd/diff/diff.go ++++ b/staging/src/k8s.io/kubectl/pkg/cmd/diff/diff.go +@@ -17,6 +17,7 @@ limitations under the License. + package diff + + import ( ++ "encoding/base64" + "fmt" + "io" + "os" +@@ -556,6 +557,29 @@ func NewDiffer(from, to string) (*Differ, error) { + return &differ, nil + } + ++func fixSecret(src runtime.Object) runtime.Object { ++ u, ok := src.(*unstructured.Unstructured) ++ if !ok { ++ return src ++ } ++ data, found, err := unstructured.NestedMap(u.UnstructuredContent(), "data") ++ if err != nil || !found { ++ return src ++ } ++ for k, v := range data { ++ if s, ok := v.(string); ok { ++ decoded, _ := base64.StdEncoding.DecodeString(s) ++ data[k] = string(decoded) ++ } ++ } ++ if err := unstructured.SetNestedMap(u.UnstructuredContent(), data, "stringData"); err != nil { ++ return src ++ } ++ ++ unstructured.SetNestedMap(u.UnstructuredContent(), nil, "data") ++ return u ++} ++ + // Diff diffs to versions of a specific object, and print both versions to directories. + func (d *Differ) Diff(obj Object, printer Printer, showManagedFields bool) error { + from, err := d.From.getObject(obj) +@@ -572,13 +596,9 @@ func (d *Differ) Diff(obj Object, printer Printer, showManagedFields bool) error + to = omitManagedFields(to) + } + +- // Mask secret values if object is V1Secret + if gvk := to.GetObjectKind().GroupVersionKind(); gvk.Version == "v1" && gvk.Kind == "Secret" { +- m, err := NewMasker(from, to) +- if err != nil { +- return err +- } +- from, to = m.From(), m.To() ++ from = fixSecret(from) ++ to = fixSecret(to) + } + + if err := d.From.Print(obj.Name(), from, printer); err != nil { +diff --git a/vendor/gopkg.in/yaml.v2/emitterc.go b/vendor/gopkg.in/yaml.v2/emitterc.go +index a1c2cc52627..466957fd32c 100644 +--- a/vendor/gopkg.in/yaml.v2/emitterc.go ++++ b/vendor/gopkg.in/yaml.v2/emitterc.go +@@ -830,11 +830,11 @@ func yaml_emitter_select_scalar_style(emitter *yaml_emitter_t, event *yaml_event + style = yaml_DOUBLE_QUOTED_SCALAR_STYLE + } + } +- if style == yaml_LITERAL_SCALAR_STYLE || style == yaml_FOLDED_SCALAR_STYLE { +- if !emitter.scalar_data.block_allowed || emitter.flow_level > 0 || emitter.simple_key_context { +- style = yaml_DOUBLE_QUOTED_SCALAR_STYLE +- } +- } ++ // if style == yaml_LITERAL_SCALAR_STYLE || style == yaml_FOLDED_SCALAR_STYLE { ++ // if !emitter.scalar_data.block_allowed || emitter.flow_level > 0 || emitter.simple_key_context { ++ // style = yaml_DOUBLE_QUOTED_SCALAR_STYLE ++ // } ++ // } + + if no_tag && !event.quoted_implicit && style != yaml_PLAIN_SCALAR_STYLE { + emitter.tag_data.handle = []byte{'!'} |