/* Copyright 2014 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ package cmd import ( "fmt" "net/http" "os" "os/exec" "path/filepath" "runtime" "strings" "syscall" "github.com/spf13/cobra" "k8s.io/cli-runtime/pkg/genericiooptions" "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" cliflag "k8s.io/component-base/cli/flag" "k8s.io/klog/v2" "k8s.io/kubectl/pkg/cmd/annotate" "k8s.io/kubectl/pkg/cmd/apiresources" "k8s.io/kubectl/pkg/cmd/apply" "k8s.io/kubectl/pkg/cmd/attach" "k8s.io/kubectl/pkg/cmd/auth" "k8s.io/kubectl/pkg/cmd/autoscale" "k8s.io/kubectl/pkg/cmd/certificates" "k8s.io/kubectl/pkg/cmd/clusterinfo" "k8s.io/kubectl/pkg/cmd/completion" cmdconfig "k8s.io/kubectl/pkg/cmd/config" "k8s.io/kubectl/pkg/cmd/cp" "k8s.io/kubectl/pkg/cmd/create" "k8s.io/kubectl/pkg/cmd/debug" "k8s.io/kubectl/pkg/cmd/delete" "k8s.io/kubectl/pkg/cmd/describe" "k8s.io/kubectl/pkg/cmd/diff" "k8s.io/kubectl/pkg/cmd/drain" "k8s.io/kubectl/pkg/cmd/edit" "k8s.io/kubectl/pkg/cmd/events" cmdexec "k8s.io/kubectl/pkg/cmd/exec" "k8s.io/kubectl/pkg/cmd/explain" "k8s.io/kubectl/pkg/cmd/expose" "k8s.io/kubectl/pkg/cmd/get" "k8s.io/kubectl/pkg/cmd/label" "k8s.io/kubectl/pkg/cmd/logs" "k8s.io/kubectl/pkg/cmd/options" "k8s.io/kubectl/pkg/cmd/patch" "k8s.io/kubectl/pkg/cmd/plugin" "k8s.io/kubectl/pkg/cmd/portforward" "k8s.io/kubectl/pkg/cmd/proxy" "k8s.io/kubectl/pkg/cmd/replace" "k8s.io/kubectl/pkg/cmd/rollout" "k8s.io/kubectl/pkg/cmd/run" "k8s.io/kubectl/pkg/cmd/scale" "k8s.io/kubectl/pkg/cmd/set" "k8s.io/kubectl/pkg/cmd/taint" "k8s.io/kubectl/pkg/cmd/top" cmdutil "k8s.io/kubectl/pkg/cmd/util" "k8s.io/kubectl/pkg/cmd/version" "k8s.io/kubectl/pkg/cmd/wait" utilcomp "k8s.io/kubectl/pkg/util/completion" "k8s.io/kubectl/pkg/util/i18n" "k8s.io/kubectl/pkg/util/templates" "k8s.io/kubectl/pkg/util/term" "k8s.io/cli-runtime/pkg/genericclioptions" "k8s.io/kubectl/pkg/cmd/kustomize" ) const kubectlCmdHeaders = "KUBECTL_COMMAND_HEADERS" type KubectlOptions struct { PluginHandler PluginHandler Arguments []string ConfigFlags *genericclioptions.ConfigFlags genericiooptions.IOStreams } func defaultConfigFlags() *genericclioptions.ConfigFlags { return genericclioptions.NewConfigFlags(true).WithDeprecatedPasswordFlag().WithDiscoveryBurst(300).WithDiscoveryQPS(50.0) } // NewDefaultKubectlCommand creates the `kubectl` command with default arguments func NewDefaultKubectlCommand() *cobra.Command { ioStreams := genericiooptions.IOStreams{In: os.Stdin, Out: os.Stdout, ErrOut: os.Stderr} return NewDefaultKubectlCommandWithArgs(KubectlOptions{ PluginHandler: NewDefaultPluginHandler(plugin.ValidPluginFilenamePrefixes), Arguments: os.Args, ConfigFlags: defaultConfigFlags().WithWarningPrinter(ioStreams), IOStreams: ioStreams, }) } // NewDefaultKubectlCommandWithArgs creates the `kubectl` command with arguments func NewDefaultKubectlCommandWithArgs(o KubectlOptions) *cobra.Command { cmd := NewKubectlCommand(o) if o.PluginHandler == nil { return cmd } if len(o.Arguments) > 1 { cmdPathPieces := o.Arguments[1:] // only look for suitable extension executables if // the specified command does not already exist if foundCmd, foundArgs, err := cmd.Find(cmdPathPieces); err != nil { // Also check the commands that will be added by Cobra. // These commands are only added once rootCmd.Execute() is called, so we // need to check them explicitly here. var cmdName string // first "non-flag" arguments for _, arg := range cmdPathPieces { if !strings.HasPrefix(arg, "-") { cmdName = arg break } } switch cmdName { case "help", cobra.ShellCompRequestCmd, cobra.ShellCompNoDescRequestCmd: // Don't search for a plugin default: if err := HandlePluginCommand(o.PluginHandler, cmdPathPieces, false); err != nil { fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err) os.Exit(1) } } } else if err == nil { if !cmdutil.CmdPluginAsSubcommand.IsDisabled() { // Command exists(e.g. kubectl create), but it is not certain that // subcommand also exists (e.g. kubectl create networkpolicy) // we also have to eliminate kubectl create -f if IsSubcommandPluginAllowed(foundCmd.Name()) && len(foundArgs) >= 1 && !strings.HasPrefix(foundArgs[0], "-") { subcommand := foundArgs[0] builtinSubcmdExist := false for _, subcmd := range foundCmd.Commands() { if subcmd.Name() == subcommand { builtinSubcmdExist = true break } } if !builtinSubcmdExist { if err := HandlePluginCommand(o.PluginHandler, cmdPathPieces, true); err != nil { fmt.Fprintf(o.IOStreams.ErrOut, "Error: %v\n", err) os.Exit(1) } } } } } } return cmd } // IsSubcommandPluginAllowed returns the given command is allowed // to use plugin as subcommand if the subcommand does not exist as builtin. func IsSubcommandPluginAllowed(foundCmd string) bool { allowedCmds := map[string]struct{}{"create": {}} _, ok := allowedCmds[foundCmd] return ok } // PluginHandler is capable of parsing command line arguments // and performing executable filename lookups to search // for valid plugin files, and execute found plugins. type PluginHandler interface { // exists at the given filename, or a boolean false. // Lookup will iterate over a list of given prefixes // in order to recognize valid plugin filenames. // The first filepath to match a prefix is returned. Lookup(filename string) (string, bool) // Execute receives an executable's filepath, a slice // of arguments, and a slice of environment variables // to relay to the executable. Execute(executablePath string, cmdArgs, environment []string) error } // DefaultPluginHandler implements PluginHandler type DefaultPluginHandler struct { ValidPrefixes []string } // NewDefaultPluginHandler instantiates the DefaultPluginHandler with a list of // given filename prefixes used to identify valid plugin filenames. func NewDefaultPluginHandler(validPrefixes []string) *DefaultPluginHandler { return &DefaultPluginHandler{ ValidPrefixes: validPrefixes, } } // Lookup implements PluginHandler func (h *DefaultPluginHandler) Lookup(filename string) (string, bool) { for _, prefix := range h.ValidPrefixes { path, err := exec.LookPath(fmt.Sprintf("%s-%s", prefix, filename)) if shouldSkipOnLookPathErr(err) || len(path) == 0 { continue } return path, true } return "", false } func Command(name string, arg ...string) *exec.Cmd { cmd := &exec.Cmd{ Path: name, Args: append([]string{name}, arg...), } if filepath.Base(name) == name { lp, err := exec.LookPath(name) if lp != "" && !shouldSkipOnLookPathErr(err) { // Update cmd.Path even if err is non-nil. // If err is ErrDot (especially on Windows), lp may include a resolved // extension (like .exe or .bat) that should be preserved. cmd.Path = lp } } return cmd } // Execute implements PluginHandler func (h *DefaultPluginHandler) Execute(executablePath string, cmdArgs, environment []string) error { // Windows does not support exec syscall. if runtime.GOOS == "windows" { cmd := Command(executablePath, cmdArgs...) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr cmd.Stdin = os.Stdin cmd.Env = environment err := cmd.Run() if err == nil { os.Exit(0) } return err } // invoke cmd binary relaying the environment and args given // append executablePath to cmdArgs, as execve will make first argument the "binary name". return syscall.Exec(executablePath, append([]string{executablePath}, cmdArgs...), environment) } // HandlePluginCommand receives a pluginHandler and command-line arguments and attempts to find // a plugin executable on the PATH that satisfies the given arguments. func HandlePluginCommand(pluginHandler PluginHandler, cmdArgs []string, exactMatch bool) error { var remainingArgs []string // all "non-flag" arguments for _, arg := range cmdArgs { if strings.HasPrefix(arg, "-") { break } remainingArgs = append(remainingArgs, strings.Replace(arg, "-", "_", -1)) } if len(remainingArgs) == 0 { // the length of cmdArgs is at least 1 return fmt.Errorf("flags cannot be placed before plugin name: %s", cmdArgs[0]) } foundBinaryPath := "" // attempt to find binary, starting at longest possible name with given cmdArgs for len(remainingArgs) > 0 { path, found := pluginHandler.Lookup(strings.Join(remainingArgs, "-")) if !found { if exactMatch { // if exactMatch is true, we shouldn't continue searching with shorter names. // this is especially for not searching kubectl-create plugin // when kubectl-create-foo plugin is not found. break } remainingArgs = remainingArgs[:len(remainingArgs)-1] continue } foundBinaryPath = path break } if len(foundBinaryPath) == 0 { return nil } // invoke cmd binary relaying the current environment and args given if err := pluginHandler.Execute(foundBinaryPath, cmdArgs[len(remainingArgs):], os.Environ()); err != nil { return err } return nil } // NewKubectlCommand creates the `kubectl` command and its nested children. func NewKubectlCommand(o KubectlOptions) *cobra.Command { warningHandler := rest.NewWarningWriter(o.IOStreams.ErrOut, rest.WarningWriterOptions{Deduplicate: true, Color: term.AllowsColorOutput(o.IOStreams.ErrOut)}) warningsAsErrors := false // Parent command to which all subcommands are added. cmds := &cobra.Command{ Use: "kubectl", Short: i18n.T("kubectl controls the Kubernetes cluster manager"), Long: templates.LongDesc(` kubectl controls the Kubernetes cluster manager. Find more information at: https://kubernetes.io/docs/reference/kubectl/`), Run: runHelp, // Hook before and after Run initialize and write profiles to disk, // respectively. PersistentPreRunE: func(cmd *cobra.Command, args []string) error { rest.SetDefaultWarningHandler(warningHandler) if cmd.Name() == cobra.ShellCompRequestCmd { // This is the __complete or __completeNoDesc command which // indicates shell completion has been requested. plugin.SetupPluginCompletion(cmd, args) } return initProfiling() }, PersistentPostRunE: func(*cobra.Command, []string) error { if err := flushProfiling(); err != nil { return err } if warningsAsErrors { count := warningHandler.WarningCount() switch count { case 0: // no warnings case 1: return fmt.Errorf("%d warning received", count) default: return fmt.Errorf("%d warnings received", count) } } return nil }, } // From this point and forward we get warnings on flags that contain "_" separators // when adding them with hyphen instead of the original name. cmds.SetGlobalNormalizationFunc(cliflag.WarnWordSepNormalizeFunc) flags := cmds.PersistentFlags() addProfilingFlags(flags) flags.BoolVar(&warningsAsErrors, "warnings-as-errors", warningsAsErrors, "Treat warnings received from the server as errors and exit with a non-zero exit code") kubeConfigFlags := o.ConfigFlags if kubeConfigFlags == nil { kubeConfigFlags = defaultConfigFlags().WithWarningPrinter(o.IOStreams) } kubeConfigFlags.AddFlags(flags) matchVersionKubeConfigFlags := cmdutil.NewMatchVersionFlags(kubeConfigFlags) matchVersionKubeConfigFlags.AddFlags(flags) // Updates hooks to add kubectl command headers: SIG CLI KEP 859. addCmdHeaderHooks(cmds, kubeConfigFlags) f := cmdutil.NewFactory(matchVersionKubeConfigFlags) // Proxy command is incompatible with CommandHeaderRoundTripper, so // clear the WrapConfigFn before running proxy command. proxyCmd := proxy.NewCmdProxy(f, o.IOStreams) proxyCmd.PreRun = func(cmd *cobra.Command, args []string) { kubeConfigFlags.WrapConfigFn = nil } // Avoid import cycle by setting ValidArgsFunction here instead of in NewCmdGet() getCmd := get.NewCmdGet("kubectl", f, o.IOStreams) getCmd.ValidArgsFunction = utilcomp.ResourceTypeAndNameCompletionFunc(f) groups := templates.CommandGroups{ { Message: "Basic Commands (Beginner):", Commands: []*cobra.Command{ create.NewCmdCreate(f, o.IOStreams), expose.NewCmdExposeService(f, o.IOStreams), run.NewCmdRun(f, o.IOStreams), set.NewCmdSet(f, o.IOStreams), }, }, { Message: "Basic Commands (Intermediate):", Commands: []*cobra.Command{ explain.NewCmdExplain("kubectl", f, o.IOStreams), getCmd, edit.NewCmdEdit(f, o.IOStreams), delete.NewCmdDelete(f, o.IOStreams), }, }, { Message: "Deploy Commands:", Commands: []*cobra.Command{ rollout.NewCmdRollout(f, o.IOStreams), scale.NewCmdScale(f, o.IOStreams), autoscale.NewCmdAutoscale(f, o.IOStreams), }, }, { Message: "Cluster Management Commands:", Commands: []*cobra.Command{ certificates.NewCmdCertificate(f, o.IOStreams), clusterinfo.NewCmdClusterInfo(f, o.IOStreams), top.NewCmdTop(f, o.IOStreams), drain.NewCmdCordon(f, o.IOStreams), drain.NewCmdUncordon(f, o.IOStreams), drain.NewCmdDrain(f, o.IOStreams), taint.NewCmdTaint(f, o.IOStreams), }, }, { Message: "Troubleshooting and Debugging Commands:", Commands: []*cobra.Command{ describe.NewCmdDescribe("kubectl", f, o.IOStreams), logs.NewCmdLogs(f, o.IOStreams), attach.NewCmdAttach(f, o.IOStreams), cmdexec.NewCmdExec(f, o.IOStreams), portforward.NewCmdPortForward(f, o.IOStreams), proxyCmd, cp.NewCmdCp(f, o.IOStreams), auth.NewCmdAuth(f, o.IOStreams), debug.NewCmdDebug(f, o.IOStreams), events.NewCmdEvents(f, o.IOStreams), }, }, { Message: "Advanced Commands:", Commands: []*cobra.Command{ diff.NewCmdDiff(f, o.IOStreams), apply.NewCmdApply("kubectl", f, o.IOStreams), patch.NewCmdPatch(f, o.IOStreams), replace.NewCmdReplace(f, o.IOStreams), wait.NewCmdWait(f, o.IOStreams), kustomize.NewCmdKustomize(o.IOStreams), }, }, { Message: "Settings Commands:", Commands: []*cobra.Command{ label.NewCmdLabel(f, o.IOStreams), annotate.NewCmdAnnotate("kubectl", f, o.IOStreams), completion.NewCmdCompletion(o.IOStreams.Out, ""), }, }, } groups.Add(cmds) filters := []string{"options"} // Hide the "alpha" subcommand if there are no alpha commands in this build. alpha := NewCmdAlpha(f, o.IOStreams) if !alpha.HasSubCommands() { filters = append(filters, alpha.Name()) } // Add plugin command group to the list of command groups. // The commands are only injected for the scope of showing help and completion, they are not // invoked directly. pluginCommandGroup := plugin.GetPluginCommandGroup(cmds) groups = append(groups, pluginCommandGroup) templates.ActsAsRootCommand(cmds, filters, groups...) utilcomp.SetFactoryForCompletion(f) registerCompletionFuncForGlobalFlags(cmds, f) cmds.AddCommand(alpha) cmds.AddCommand(cmdconfig.NewCmdConfig(clientcmd.NewDefaultPathOptions(), o.IOStreams)) cmds.AddCommand(plugin.NewCmdPlugin(o.IOStreams)) cmds.AddCommand(version.NewCmdVersion(f, o.IOStreams)) cmds.AddCommand(apiresources.NewCmdAPIVersions(f, o.IOStreams)) cmds.AddCommand(apiresources.NewCmdAPIResources(f, o.IOStreams)) cmds.AddCommand(options.NewCmdOptions(o.IOStreams.Out)) // Stop warning about normalization of flags. That makes it possible to // add the klog flags later. cmds.SetGlobalNormalizationFunc(cliflag.WordSepNormalizeFunc) return cmds } // addCmdHeaderHooks performs updates on two hooks: // 1. Modifies the passed "cmds" persistent pre-run function to parse command headers. // These headers will be subsequently added as X-headers to every // REST call. // 2. Adds CommandHeaderRoundTripper as a wrapper around the standard // RoundTripper. CommandHeaderRoundTripper adds X-Headers then delegates // to standard RoundTripper. // // For beta, these hooks are updated unless the KUBECTL_COMMAND_HEADERS environment variable // is set, and the value of the env var is false (or zero). // See SIG CLI KEP 859 for more information: // // https://github.com/kubernetes/enhancements/tree/master/keps/sig-cli/859-kubectl-headers func addCmdHeaderHooks(cmds *cobra.Command, kubeConfigFlags *genericclioptions.ConfigFlags) { // If the feature gate env var is set to "false", then do no add kubectl command headers. if value, exists := os.LookupEnv(kubectlCmdHeaders); exists { if value == "false" || value == "0" { klog.V(5).Infoln("kubectl command headers turned off") return } } klog.V(5).Infoln("kubectl command headers turned on") crt := &genericclioptions.CommandHeaderRoundTripper{} existingPreRunE := cmds.PersistentPreRunE // Add command parsing to the existing persistent pre-run function. cmds.PersistentPreRunE = func(cmd *cobra.Command, args []string) error { crt.ParseCommandHeaders(cmd, args) return existingPreRunE(cmd, args) } wrapConfigFn := kubeConfigFlags.WrapConfigFn // Wraps CommandHeaderRoundTripper around standard RoundTripper. kubeConfigFlags.WrapConfigFn = func(c *rest.Config) *rest.Config { if wrapConfigFn != nil { c = wrapConfigFn(c) } c.Wrap(func(rt http.RoundTripper) http.RoundTripper { // Must be separate RoundTripper; not "crt" closure. // Fixes: https://github.com/kubernetes/kubectl/issues/1098 return &genericclioptions.CommandHeaderRoundTripper{ Delegate: rt, Headers: crt.Headers, } }) return c } } func runHelp(cmd *cobra.Command, args []string) { cmd.Help() } func registerCompletionFuncForGlobalFlags(cmd *cobra.Command, f cmdutil.Factory) { cmdutil.CheckErr(cmd.RegisterFlagCompletionFunc( "namespace", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return utilcomp.CompGetResource(f, "namespace", toComplete), cobra.ShellCompDirectiveNoFileComp })) cmdutil.CheckErr(cmd.RegisterFlagCompletionFunc( "context", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return utilcomp.ListContextsInConfig(toComplete), cobra.ShellCompDirectiveNoFileComp })) cmdutil.CheckErr(cmd.RegisterFlagCompletionFunc( "cluster", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return utilcomp.ListClustersInConfig(toComplete), cobra.ShellCompDirectiveNoFileComp })) cmdutil.CheckErr(cmd.RegisterFlagCompletionFunc( "user", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { return utilcomp.ListUsersInConfig(toComplete), cobra.ShellCompDirectiveNoFileComp })) }