Merge pull request #77848 from yagonobre/certificate-key-command

Add kubeadm alpha certs certificate-key command
2019-05-28 22:20:48 -07:00 · 2019-05-28 22:20:48 -07:00 · 6118b8aa73
parent 944a7e2be6 0a005e3dac
commit 6118b8aa73
2 changed files with 28 additions and 0 deletions
--- a/cmd/kubeadm/app/cmd/alpha/BUILD
+++ b/cmd/kubeadm/app/cmd/alpha/BUILD
@ -22,6 +22,7 @@ go_library(
        "//cmd/kubeadm/app/constants:go_default_library",
        "//cmd/kubeadm/app/features:go_default_library",
        "//cmd/kubeadm/app/phases/certs/renewal:go_default_library",
+        "//cmd/kubeadm/app/phases/copycerts:go_default_library",
        "//cmd/kubeadm/app/phases/kubeconfig:go_default_library",
        "//cmd/kubeadm/app/phases/kubelet:go_default_library",
        "//cmd/kubeadm/app/phases/selfhosting:go_default_library",
@ -33,6 +34,7 @@ go_library(
        "//pkg/util/normalizer:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/util/duration:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/util/version:go_default_library",
+        "//vendor/github.com/lithammer/dedent:go_default_library",
        "//vendor/github.com/pkg/errors:go_default_library",
        "//vendor/github.com/spf13/cobra:go_default_library",
        "//vendor/k8s.io/utils/exec:go_default_library",
--- a/cmd/kubeadm/app/cmd/alpha/certs.go
+++ b/cmd/kubeadm/app/cmd/alpha/certs.go
@ -21,6 +21,7 @@ import (
 	"io"
 	"text/tabwriter"

+	"github.com/lithammer/dedent"
 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"

@ -33,6 +34,7 @@ import (
 	"k8s.io/kubernetes/cmd/kubeadm/app/constants"
 	kubeadmconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants"
 	"k8s.io/kubernetes/cmd/kubeadm/app/phases/certs/renewal"
+	"k8s.io/kubernetes/cmd/kubeadm/app/phases/copycerts"
 	kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util"
 	configutil "k8s.io/kubernetes/cmd/kubeadm/app/util/config"
 	kubeconfigutil "k8s.io/kubernetes/cmd/kubeadm/app/util/kubeconfig"
@ -61,6 +63,14 @@ var (
 	expirationLongDesc = normalizer.LongDesc(`
 	Checks expiration for the certificates in the local PKI managed by kubeadm.
 `)
+
+	certificateKeyLongDesc = dedent.Dedent(`
+	This command will print out a secure randomly-generated certificate key that can be used with
+	the "init" command.
+
+	You can also use "kubeadm init --experimental-upload-certs" without specifying a certificate key and it will
+	generate and print one for you.
+`)
 )

 // newCmdCertsUtility returns main command for certs phase
@ -73,9 +83,25 @@ func newCmdCertsUtility(out io.Writer) *cobra.Command {

 	cmd.AddCommand(newCmdCertsRenewal())
 	cmd.AddCommand(newCmdCertsExpiration(out, kubeadmconstants.KubernetesDir))
+	cmd.AddCommand(NewCmdCertificateKey())
 	return cmd
 }

+// NewCmdCertificateKey returns cobra.Command for certificate key generate
+func NewCmdCertificateKey() *cobra.Command {
+	return &cobra.Command{
+		Use:   "certificate-key",
+		Short: "Generate certificate keys",
+		Long:  certificateKeyLongDesc,
+
+		Run: func(cmd *cobra.Command, args []string) {
+			key, err := copycerts.CreateCertificateKey()
+			kubeadmutil.CheckErr(err)
+			fmt.Println(key)
+		},
+	}
+}
+
 // newCmdCertsRenewal creates a new `cert renew` command.
 func newCmdCertsRenewal() *cobra.Command {
 	cmd := &cobra.Command{