Script to parse the Lokomotive cluster kubeconfig from in the assets directory and add it to your local global kubeconfig file

update_kubeconfig.sh

#!/bin/bash

# update_kubeconfig.sh takes the admin credentials of a Lokomotive cluster assets directory and adds it to your local
# kubeconfig file

set -e

if ! command -v yaml2json >/dev/null; then
  echo >&2 "Run 'go get -u github.com/bronze1man/yaml2json' to install yaml2json"
  exit 1
fi

if ! command -v jq >/dev/null; then
  echo >&2 "Make sure you have JQ installed, see https://stedolan.github.io/jq/ or brew install jq"
  exit 1
fi

if [ -z "$1" ]; then
  echo >&2 "You need to provide the location to the assets directory of the target cluster, for example ~/lokomotive/infrastructure/lokomotive-test/assets"
  exit 1
fi
AUTH_FILE="$1/cluster-assets/auth/kubeconfig"

# Parse original config file to JSON for easier parsing with JQ
TMPFILE=$(mktemp) || exit 1
yaml2json < "$AUTH_FILE" > "$TMPFILE"

# Configure the cluster object
CLUSTER_NAME="$(jq -r '.clusters[0].name' "$TMPFILE")"
SERVER="$(jq -r '.clusters[0].cluster.server' "$TMPFILE")"

TMP_CERT_AUTH_FILE=$(mktemp) || exit 1
jq -r '.clusters[0].cluster."certificate-authority-data"' "$TMPFILE" | base64 -D > "$TMP_CERT_AUTH_FILE"

kubectl config set-cluster "$CLUSTER_NAME" --server="$SERVER" --embed-certs --certificate-authority="$TMP_CERT_AUTH_FILE"

# Configure the user object
USER_NAME="$(jq -r '.users[0].name' "$TMPFILE")"

TMP_CLIENT_CERT_FILE=$(mktemp) || exit 1
jq -r '.users[0].user."client-certificate-data"' "$TMPFILE" | base64 -D > "$TMP_CLIENT_CERT_FILE"

TMP_CLIENT_KEY_FILE=$(mktemp) || exit 1
jq -r '.users[0].user."client-key-data"' "$TMPFILE" | base64 -D > "$TMP_CLIENT_KEY_FILE"

kubectl config set-credentials "$USER_NAME" --embed-certs --client-certificate="$TMP_CLIENT_CERT_FILE" --client-key="$TMP_CLIENT_KEY_FILE"

# Configure the context
CONTEXT_NAME="$(jq -r '.contexts[0].name' "$TMPFILE")"

kubectl config set-context "$CONTEXT_NAME" --cluster="$CLUSTER_NAME" --user="$USER_NAME"