ServiceQuotas: Add ServiceQuotas command routing with aliases

ServiceQuotas: Query for specific QuotaCode

Account CLI: Have different output formats including default, json, env

Factory: use target credentials from assumed role

Author: drewandersonnz

.gitignore

@@ -17,6 +17,7 @@ bin/
 
 # IDE
 .idea
+.vscode
 
 # MacOS
 .DS_Store

cmd/account/cli.go

@@ -3,14 +3,12 @@ package account
 import (
 	"fmt"
 
-	"github.com/aws/aws-sdk-go/aws"
 	"github.com/spf13/cobra"
 
 	"k8s.io/cli-runtime/pkg/genericclioptions"
 	cmdutil "k8s.io/kubectl/pkg/cmd/util"
 
 	k8spkg "github.com/openshift/osd-utils-cli/pkg/k8s"
-	awsprovider "github.com/openshift/osd-utils-cli/pkg/provider/aws"
 )
 
 // newCmdCli implements the Cli command which generates temporary STS cli credentials for the specified account cr
@@ -29,6 +27,7 @@ func newCmdCli(streams genericclioptions.IOStreams, flags *genericclioptions.Con
 
 	ops.k8sclusterresourcefactory.AttachCobraCliFlags(cliCmd)
 
+	cliCmd.Flags().StringVarP(&ops.output, "out", "o", "default", "Output format [default | json | env]")
 	cliCmd.Flags().BoolVarP(&ops.verbose, "verbose", "v", false, "Verbose output")
 
 	return cliCmd
@@ -38,6 +37,7 @@ func newCmdCli(streams genericclioptions.IOStreams, flags *genericclioptions.Con
 type cliOptions struct {
 	k8sclusterresourcefactory k8spkg.ClusterResourceFactoryOptions
 
+	output  string
 	verbose bool
 
 	genericclioptions.IOStreams
@@ -71,20 +71,29 @@ func (o *cliOptions) complete(cmd *cobra.Command) error {
 }
 
 func (o *cliOptions) run() error {
-	awsClient, err := o.k8sclusterresourcefactory.GetCloudProvider(o.verbose)
+	_, err := o.k8sclusterresourcefactory.GetCloudProvider(o.verbose)
 	if err != nil {
 		return err
 	}
 
-	credentials, err := awsprovider.GetAssumeRoleCredentials(awsClient, &o.k8sclusterresourcefactory.Awscloudfactory.ConsoleDuration,
-		o.k8sclusterresourcefactory.Awscloudfactory.CallerIdentity.UserId,
-		aws.String(fmt.Sprintf("arn:aws:iam::%s:role/%s",
-			o.k8sclusterresourcefactory.AccountID,
-			o.k8sclusterresourcefactory.Awscloudfactory.RoleName)))
-	if err != nil {
-		return err
+	creds := o.k8sclusterresourcefactory.Awscloudfactory.Credentials
+
+	if o.output == "default" {
+		fmt.Fprintf(o.IOStreams.Out, "Temporary AWS Credentials:\n%s\n", creds)
+	}
+
+	if o.output == "json" {
+		fmt.Fprintf(o.IOStreams.Out, "%s\n", creds)
+	}
+
+	if o.output == "env" {
+		fmt.Fprintf(o.IOStreams.Out, "AWS_ACCESS_KEY_ID=%s AWS_SECRET_ACCESS_KEY=%s AWS_SESSION_TOKEN=%s AWS_DEFAULT_REGION=%s",
+			*creds.AccessKeyId,
+			*creds.SecretAccessKey,
+			*creds.SessionToken,
+			o.k8sclusterresourcefactory.Awscloudfactory.Region,
+		)
 	}
-	fmt.Fprintf(o.IOStreams.Out, "Temporary AWS Credentials:\n%s\n", credentials)
 
 	return nil
 }

cmd/account/cmd.go

@@ -6,6 +6,7 @@ import (
 
 	"github.com/openshift/osd-utils-cli/cmd/account/get"
 	"github.com/openshift/osd-utils-cli/cmd/account/list"
+	"github.com/openshift/osd-utils-cli/cmd/account/servicequotas"
 )
 
 // NewCmdAccount implements the base account command
@@ -20,6 +21,7 @@ func NewCmdAccount(streams genericclioptions.IOStreams, flags *genericclioptions
 
 	accountCmd.AddCommand(get.NewCmdGet(streams, flags))
 	accountCmd.AddCommand(list.NewCmdList(streams, flags))
+	accountCmd.AddCommand(servicequotas.NewCmdServiceQuotas(streams, flags))
 	accountCmd.AddCommand(newCmdReset(streams, flags))
 	accountCmd.AddCommand(newCmdSet(streams, flags))
 	accountCmd.AddCommand(newCmdConsole(streams, flags))

cmd/account/servicequotas/cmd.go

@@ -0,0 +1,26 @@
+package servicequotas
+
+import (
+	"github.com/spf13/cobra"
+	"k8s.io/cli-runtime/pkg/genericclioptions"
+)
+
+// NewCmdServiceQuotas implements commands related to AWS service-quotas
+func NewCmdServiceQuotas(streams genericclioptions.IOStreams, flags *genericclioptions.ConfigFlags) *cobra.Command {
+	baseCmd := &cobra.Command{
+		Use:               "servicequotas",
+		Short:             "Interact with AWS service-quotas",
+		Args:              cobra.NoArgs,
+		DisableAutoGenTag: true,
+		Run:               help,
+		Aliases:           []string{"service-quotas", "service-quota"},
+	}
+
+	baseCmd.AddCommand(newCmdDescribe(streams, flags))
+
+	return baseCmd
+}
+
+func help(cmd *cobra.Command, _ []string) {
+	cmd.Help()
+}

cmd/account/servicequotas/describe.go

@@ -0,0 +1,127 @@
+package servicequotas
+
+import (
+	"errors"
+	"fmt"
+
+	//"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/servicequotas"
+
+	"github.com/spf13/cobra"
+
+	"k8s.io/cli-runtime/pkg/genericclioptions"
+	cmdutil "k8s.io/kubectl/pkg/cmd/util"
+
+	k8spkg "github.com/openshift/osd-utils-cli/pkg/k8s"
+	awsprovider "github.com/openshift/osd-utils-cli/pkg/provider/aws"
+)
+
+// newCmdDescribe implements servicequotas describe
+func newCmdDescribe(streams genericclioptions.IOStreams, flags *genericclioptions.ConfigFlags) *cobra.Command {
+	ops := newDescribeOptions(streams, flags)
+	describeCmd := &cobra.Command{
+		Use:               "describe",
+		Short:             "Describe AWS service-quotas",
+		Args:              cobra.NoArgs,
+		DisableAutoGenTag: true,
+		Run: func(cmd *cobra.Command, args []string) {
+			cmdutil.CheckErr(ops.complete(cmd))
+			cmdutil.CheckErr(ops.run())
+		},
+	}
+
+	ops.k8sclusterresourcefactory.AttachCobraCliFlags(describeCmd)
+
+	describeCmd.Flags().StringVarP(&ops.queryServiceCode, "service-code", "", "ec2", "Query for ServiceCode (default: ec2)")
+	describeCmd.Flags().StringVarP(&ops.queryQuotaCode, "quota-code", "q", "", "Query for QuotaCode")
+
+	describeCmd.Flags().BoolVarP(&ops.verbose, "verbose", "v", false, "Verbose output")
+
+	return describeCmd
+}
+
+// describeOptions defines the struct for running list account command
+type describeOptions struct {
+	k8sclusterresourcefactory k8spkg.ClusterResourceFactoryOptions
+
+	queryServiceCode string
+	queryQuotaCode   string
+
+	verbose bool
+
+	genericclioptions.IOStreams
+}
+
+func newDescribeOptions(streams genericclioptions.IOStreams, flags *genericclioptions.ConfigFlags) *describeOptions {
+	return &describeOptions{
+		k8sclusterresourcefactory: k8spkg.ClusterResourceFactoryOptions{
+			Flags: flags,
+		},
+		IOStreams: streams,
+	}
+}
+
+func (o *describeOptions) complete(cmd *cobra.Command) error {
+	k8svalid, err := o.k8sclusterresourcefactory.ValidateIdentifiers()
+	if !k8svalid {
+		if err != nil {
+			return err
+		}
+	}
+
+	awsvalid, err := o.k8sclusterresourcefactory.Awscloudfactory.ValidateIdentifiers()
+	if !awsvalid {
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (o *describeOptions) run() error {
+	awsClient, err := o.k8sclusterresourcefactory.GetCloudProvider(o.verbose)
+	if err != nil {
+		return err
+	}
+
+	var foundServiceQuotas []*servicequotas.ServiceQuota
+
+	searchQuery := &servicequotas.ListServiceQuotasInput{
+		ServiceCode: &o.queryServiceCode,
+	}
+
+	for {
+		servicequotas, err := awsprovider.Client.ListServiceQuotas(awsClient, searchQuery)
+		if err != nil {
+			return err
+		}
+
+		for _, foundQuota := range servicequotas.Quotas {
+			foundServiceQuotas = append(foundServiceQuotas, foundQuota)
+		}
+
+		// for pagination
+		searchQuery.NextToken = servicequotas.NextToken
+		if servicequotas.NextToken == nil {
+			break
+		}
+	}
+
+	found := false
+	if o.queryQuotaCode == "" {
+		fmt.Println(foundServiceQuotas)
+	} else {
+		for _, quota := range foundServiceQuotas {
+			if *quota.QuotaCode == o.queryQuotaCode {
+				fmt.Println(quota)
+				found = true
+			}
+		}
+	}
+	if !found {
+		return errors.New("Cannot find ServiceQuota (service:" + o.queryServiceCode + " quota:" + o.queryQuotaCode + ")")
+	}
+
+	return nil
+}

docs/command/osdctl_account.md

@@ -38,6 +38,7 @@ osdctl account [flags]
 * [osdctl account list](osdctl_account_list.md)	 - List resources
 * [osdctl account reset](osdctl_account_reset.md)	 - Reset AWS Account CR
 * [osdctl account rotate-secret](osdctl_account_rotate-secret.md)	 - Rotate IAM credentials secret
+* [osdctl account servicequotas](osdctl_account_servicequotas.md)	 - Interact with AWS service-quotas
 * [osdctl account set](osdctl_account_set.md)	 - Set AWS Account CR status
 * [osdctl account verify-secrets](osdctl_account_verify-secrets.md)	 - Verify AWS Account CR IAM User credentials
 

docs/command/osdctl_account_cli.md

@@ -22,6 +22,7 @@ osdctl account cli [flags]
   -C, --cluster-id string          The Internal Cluster ID from Hive to create AWS console URL for
   -d, --duration int               The duration of the console session. Default value is 3600 seconds(1 hour) (default 3600)
   -h, --help                       help for cli
+  -o, --out string                 Output format [default | json | env] (default "default")
   -v, --verbose                    Verbose output
 ```
 

docs/command/osdctl_account_servicequotas.md

@@ -0,0 +1,34 @@
+## osdctl account servicequotas
+
+Interact with AWS service-quotas
+
+### Synopsis
+
+Interact with AWS service-quotas
+
+```
+osdctl account servicequotas [flags]
+```
+
+### Options
+
+```
+  -h, --help   help for servicequotas
+```
+
+### Options inherited from parent commands
+
+```
+      --cluster string             The name of the kubeconfig cluster to use
+      --context string             The name of the kubeconfig context to use
+      --insecure-skip-tls-verify   If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+      --kubeconfig string          Path to the kubeconfig file to use for CLI requests.
+      --request-timeout string     The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+  -s, --server string              The address and port of the Kubernetes API server
+```
+
+### SEE ALSO
+
+* [osdctl account](osdctl_account.md)	 - AWS Account related utilities
+* [osdctl account servicequotas describe](osdctl_account_servicequotas_describe.md)	 - Describe AWS service-quotas
+

docs/command/osdctl_account_servicequotas_describe.md

@@ -0,0 +1,44 @@
+## osdctl account servicequotas describe
+
+Describe AWS service-quotas
+
+### Synopsis
+
+Describe AWS service-quotas
+
+```
+osdctl account servicequotas describe [flags]
+```
+
+### Options
+
+```
+  -i, --account-id string          The AWS account ID we need to create AWS credentials for -- This argument will not work for CCS accounts
+  -a, --account-name string        The AWS account CR we need to create a temporary AWS console URL for
+      --account-namespace string   The namespace to keep AWS accounts. The default value is aws-account-operator. (default "aws-account-operator")
+  -c, --aws-config string          specify AWS config file path
+  -p, --aws-profile string         specify AWS profile
+  -r, --aws-region string          specify AWS region (default "us-east-1")
+  -C, --cluster-id string          The Internal Cluster ID from Hive to create AWS console URL for
+  -d, --duration int               The duration of the console session. Default value is 3600 seconds(1 hour) (default 3600)
+  -h, --help                       help for describe
+  -q, --quota-code string          Query for QuotaCode
+      --service-code string        Query for ServiceCode (default: ec2) (default "ec2")
+  -v, --verbose                    Verbose output
+```
+
+### Options inherited from parent commands
+
+```
+      --cluster string             The name of the kubeconfig cluster to use
+      --context string             The name of the kubeconfig context to use
+      --insecure-skip-tls-verify   If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
+      --kubeconfig string          Path to the kubeconfig file to use for CLI requests.
+      --request-timeout string     The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0")
+  -s, --server string              The address and port of the Kubernetes API server
+```
+
+### SEE ALSO
+
+* [osdctl account servicequotas](osdctl_account_servicequotas.md)	 - Interact with AWS service-quotas
+