Skip to content

ataylor05/KSAM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
src
src
 
 
templates
templates
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
azure-pipelines.yml
azure-pipelines.yml
 
 
k8s.yaml
k8s.yaml
 
 
setup.cfg
setup.cfg
 
 
setup.py
setup.py
 
 

Repository files navigation

KSAM

Kubernetes Service Account Manager. This project creates Kuberentes service account and stores the kube config file in an Azure KeyVault. Afterward an Azure Devops Service Connection is made with the kube config file.

Using kube configs

API calls

Health check

This API call is for the Kubernetes deployment resource health check.
VERB: get
URL: https://localhost/HealthCheck

Example Response:

works



Create Service Account

Creates a Kubernetes service account with RBAC.yaml template in the namespace provided. Namespace will be created if it does not exist. A kube config file is generated from the service account and stored in an Azure Key Vault. After storing the secret, an Azure Devops service connection is made with the kube config file.

VERB: post
URL: https://localhost/createServiceAccount
Headers: Content-Type: application/json
Parameters:

{
    "org":"allan05",
    "pat":"abcdefghigklmnopqrstuvwxyz", 
    "project":"Kubernetes",
    "namespace":"example-project"
}

Example Command:

curl --location --request POST 'https://localhost:5000/createServiceAccount' \
--header 'Content-Type: application/json' \
--data-raw '{
    "org":"allan05",
    "pat":"abcdefghigklmnopqrstuvwxyz", 
    "project":"Kubernetes",
    "namespace":"dynatrace"
}'



Example Response:

{
  "data": {
    "authorizationType": "Kubeconfig",
    "acceptUntrustedCerts": "true"
  },
  "id": "3ef3fe8b-5efc-42b7-a2b6-eeefc0f3b8b3",
  "name": "docker-desktop-dynatrace-k8s-service-account",
  "type": "kubernetes",
  "url": "https://kubernetes.docker.internal:6443",
  "createdBy": {
    "url": "https://spsprodcus3.vssps.visualstudio.com/A6e4de358-5d5f-4cdb-acf6-8780ecd413f4/_apis/Identities/a89514c1-9a8e-4dfe-a522-24d0e0eb8289",
    "_links": {
      "avatar": {
        "href": "https://dev.azure.com/allan05/_apis/GraphProfile/MemberAvatars/msa.YmRjNWIxYzQtMGMzZS03NzZiLWE4MTktNTJjY2VkN2M4N2Q3"
      }
    },
    "id": "a89514c1-9a8e-4dfe-a522-24d0e0eb8289",
    "imageUrl": "https://dev.azure.com/allan05/_apis/GraphProfile/MemberAvatars/msa.YmRjNWIxYzQtMGMzZS03NzZiLWE4MTktNTJjY2VkN2M4N2Q3",
    "descriptor": "msa.YmRjNWIxYzQtMGMzZS03NzZiLWE4MTktNTJjY2VkN2M4N2Q3"
  },
  "authorization": {
    "parameters": {
      "kubeConfig": null
    },
    "scheme": "Kubernetes"
  },
  "isShared": true,
  "isReady": true,
  "owner": "library",
  "serviceEndpointProjectReferences": [
    {
      "projectReference": {
        "id": "51f340e1-4fc5-4dd0-8a43-3ce695c1e9cb",
        "name": "Kubernetes"
      },
      "name": "docker-desktop-dynatrace-k8s-service-account"
    }
  ]
}



Delete Service Account

Delete a Kubernetes service account and Azure Devops service connection. This will not delete the target namespace, it will only delete the service account and RBAC resources. The kube config file is also deleted from the Azure Key Vault.

VERB: post
URL: https://localhost/deleteServiceAccount
Headers: Content-Type: application/json
Parameters:

{
    "org":"allan05",
    "pat":"abcdefghigklmnopqrstuvwxyz", 
    "project":"Kubernetes",
    "namespace":"example-project"
}

Example Command:

curl --location --request POST 'https://localhost:5000/deleteServiceAccount' \
--header 'Content-Type: application/json' \
--data-raw '{
    "org":"allan05",
    "pat":"abcdefghigklmnopqrstuvwxyz", 
    "project":"Kubernetes",
    "namespace":"dynatrace"
}'



Example Response:

{
  "count": 1,
  "value": [
    {
      "data": {
        "authorizationType": "Kubeconfig",
        "acceptUntrustedCerts": "true"
      },
      "id": "a52c2153-498a-480b-923f-381795c2284a",
      "name": "docker-desktop-dynatrace-k8s-service-account",
      "type": "kubernetes",
      "url": "https://kubernetes.docker.internal:6443",
      "createdBy": {
        "url": "https://spsprodcus3.vssps.visualstudio.com/A6e4de358-5d5f-4cdb-acf6-8780ecd413f4/_apis/Identities/a89514c1-9a8e-4dfe-a522-24d0e0eb8289",
        "_links": {
          "avatar": {
            "href": "https://dev.azure.com/allan05/_apis/GraphProfile/MemberAvatars/msa.YmRjNWIxYzQtMGMzZS03NzZiLWE4MTktNTJjY2VkN2M4N2Q3"
          }
        },
        "id": "a89514c1-9a8e-4dfe-a522-24d0e0eb8289",
        "imageUrl": "https://dev.azure.com/allan05/_apis/GraphProfile/MemberAvatars/msa.YmRjNWIxYzQtMGMzZS03NzZiLWE4MTktNTJjY2VkN2M4N2Q3",
        "descriptor": "msa.YmRjNWIxYzQtMGMzZS03NzZiLWE4MTktNTJjY2VkN2M4N2Q3"
      },
      "description": "",
      "authorization": {
        "scheme": "Kubernetes"
      },
      "isShared": false,
      "isReady": true,
      "owner": "Library",
      "serviceEndpointProjectReferences": [
        {
          "projectReference": {
            "id": "51f340e1-4fc5-4dd0-8a43-3ce695c1e9cb",
            "name": "Kubernetes"
          },
          "name": "docker-desktop-dynatrace-k8s-service-account"
        }
      ]
    }
  ]
}

About

Kubernetes Service Account Manager

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Languages