94SrSSKJr SSKJr SSKJr SSKrSSKrSSKrSSKJ r SSKJ r SSK J r SS K Jr SS KJr SS KJr SS KJr SS KJr SSKJr SSKJr SrSrSrSrSrSrSrS#SjrS#Sjr Sr!Sr"Sr#Sr$Sr%Sr&S$Sjr'S r(S!r)S"r*g)%z,Utilities for generating kubeconfig entries.)absolute_import)division)unicode_literalsN) kubeconfig)util)gateway)gwkubeconfig_util)errors)config)log) properties) platforms)semvera Fetch credentials for a running {cluster_type}. This command updates a kubeconfig file with appropriate credentials and endpoint information to point kubectl at a specific {cluster_type}. By default, credentials are written to ``HOME/.kube/config''. You can provide an alternate path by setting the ``KUBECONFIG'' environment variable. If ``KUBECONFIG'' contains multiple paths, the first one is used. This command enables switching to a specific cluster, when working with multiple clusters. It can also be used to access a previously created cluster from a new workstation. By default, the command will configure kubectl to automatically refresh its credentials using the same identity as the gcloud command-line tool. If you are running kubectl as part of an application, it is recommended to use [application default credentials](https://cloud.google.com/docs/authentication/production). To configure a kubeconfig file to use application default credentials, set the ``container/use_application_default_credentials'' [Google Cloud CLI property](https://cloud.google.com/sdk/docs/properties) to ``true'' before running the command. See [](https://cloud.google.com/kubernetes-engine/docs/kubectl) for kubectl documentation. z To get credentials of a cluster named ``my-cluster'' managed in location ``us-west1'', run: $ {command} my-cluster --location=us-west1 zyCluster {} is not RUNNING. The Kubernetes API may or may not be available. Check the cluster status for more information.zIs it still PROVISIONING?c&SnURXX#S9$)a?Generates a kubeconfig context for an Anthos Multi-Cloud cluster. Args: kind: str, kind of the cluster e.g. aws, azure. project_id: str, project ID accociated with the cluster. location: str, Google location of the cluster. cluster_id: str, ID of the cluster. Returns: The context for the kubeconfig entry. z/gke_{kind}_{project_id}_{location}_{cluster_id})kind project_idlocation cluster_idformat)rrrrtemplates Dlib/googlecloudsdk/command_lib/container/gkemulticloud/kubeconfig.pyGenerateContextrMs$?(    c&SnURXX#S9$)aUGenerates command arguments for kubeconfig's authorization provider. Args: kind: str, kind of the cluster e.g. aws, azure. cluster_id: str, ID of the cluster. location: str, Google location of the cluster. project: str, Google Cloud project of the cluster. Returns: The command arguments for kubeconfig's authorization provider. zcontainer {kind} clusters print-access-token {cluster_id} --project={project} --location={location} --format=json --exec-credential)rrrprojectr)rrrrrs rGenerateAuthProviderCmdArgsr_s)(    rcT[RR5n[R"X"U5URU'[ 5 [ X@XU5 URU5 UR5 [RRSRU55 g)a Generates a kubeconfig entry for an Anthos Multi-cloud attached cluster. Args: cluster: object, Anthos Multi-cloud cluster. cluster_id: str, the cluster ID. context: str, context for the kubeconfig entry. cmd_path: str, authentication provider command path. NA new kubeconfig entry "{}" has been generated and set as the current context.N) kubeconfig_util KubeconfigDefaultContextcontexts _CheckPreqs_ConnectGatewayKubeconfigSetCurrentContext SaveToFiler statusPrintr)clusterrcontextcmd_pathrs rGenerateAttachedKubeConfigr.us))113*!0!8!8 "*g-JhO w' **rc[RR5n[R"X"U5URU'[ X5nU(dU[ R"S5:a[SS9 [X`XX45 O[5 [X`XU5 URU5 UR5 [RRSR!U55 g)aGenerates a kubeconfig entry for an Anthos Multi-cloud cluster. Args: cluster: object, Anthos Multi-cloud cluster. cluster_id: str, the cluster ID. context: str, context for the kubeconfig entry. cmd_path: str, authentication provider command path. cmd_args: str, authentication provider command arguments. private_ep: bool, whether to use private VPC for authentication. Raises: Error: don't have the permission to open kubeconfig file. z1.21.0T)private_endpointrN)r r!r"r#r$ _GetSemverrSemVerr%_PrivateVPCKubeconfigr&r'r(r r)r*r)r+rr,r-cmd_args private_eprversions rGenerateKubeconfigr7s ))113*!0!8!8 "*g w +'7V]]844&Z(MZ( w' **rc[R"5 U(dR[RRR R 5n[R"U[55 gg)z9Checks the prerequisites to run get-credentials commands.N) rCheckKubectlInstalledr VALUEScorer GetOrFailrCheckGatewayApiEnablement_GetConnectGatewayEndpoint)r0rs rr%r%sM ""''//99;J %%.0 rcxURbURRc[R"US[5eSR [ 5URR5nSUS.n[R"U40UD6URU'[R"X55URU'g)ahGenerates the Connect Gateway kubeconfig entry. Args: kubeconfig: object, Kubeconfig object. cluster: object, Anthos Multi-cloud cluster. cluster_id: str, the cluster ID. context: str, context for the kubeconfig entry. cmd_path: str, authentication provider command path. Raises: errors.MissingClusterField: cluster is missing required fields. NzFleet membershipzhttps://{}/v1/{}gcp) auth_providerauth_provider_cmd_path) fleet membershipr MissingClusterFieldSTILL_PROVISIONING_MSGrr>r Userusersr Clusterclusters)rr+rr,r-server user_kwargss rr&r&s ]]gmm66>  $ $&(>   $ $ "GMM$<$< &#(8L+-227JkJ*7!2!:!:7!K*grc0n[XE5US'X6S.URU'0nURc[R"S5 O[ UR5US'UR c[R"US[5e[R"USRUR 540UD6URU'g)adGenerates the kubeconfig entry to connect using private VPC. Args: kubeconfig: object, Kubeconfig object. cluster: object, Anthos Multi-cloud cluster. cluster_id: str, the cluster ID. context: str, context for the kubeconfig entry. cmd_path: str, authentication provider command path. cmd_args: str, authentication provider command arguments. exec)nameuserNz.Cluster is missing certificate authority data.ca_dataendpointz https://{})_ExecAuthPluginrHclusterCaCertificater warning _GetCaDatarRr rErFr rIrrJ)rr+rr,r-r4rPcluster_kwargss rr3r3s $ 4$v,'.=*7. !!)KK@A *7+G+G HN9   $ $J 6 "1!8!8 |""7#3#34"8F"*grcz[X5nU[R"S5:a[R"S5eg)zValidates the cluster version. Args: cluster: object, Anthos Multi-cloud cluster. cluster_id: str, the cluster ID. Raises: UnsupportedClusterVersion: cluster version is not supported. MissingClusterField: expected cluster field is missing. z1.20.0zsThe command get-credentials is supported in cluster version 1.20 and newer. For older versions, use get-kubeconfig.N)r1rr2r UnsupportedClusterVersionr+rr6s rValidateClusterVersionr[s< w +' v}}X&&  * * = 'rcj[R"URS55RS5$)Nzutf-8)base64 b64encodeencodedecode)pems rrVrVs)   #**W- . 5 5g >>rcNURbURRc[R"US5eURRnUR S5(a)UR SSS5n[ R"U5$[ R"U5$)Nr6z-nextz.0) controlPlaner6r rEendswithreplacerr2)r+rr6vs rr1r1s !W%9%9%A%A%I  $ $Z ;;  ( (' gq)A ==  w rcZ[RRRR 5nUb,UR S5(dUR S5(agSU;agUR S5(dUR S5(ag[R"S 5e) zGets the corresponding Connect Gateway endpoint for Multicloud environment. http://g3doc/cloud/kubernetes/multicloud/g3doc/oneplatform/team/how-to/hub Returns: The Connect Gateway endpoint. Raises: Error: Unknown API override. zgkemulticloud.googleapis.com/z-preprod-gkemulticloud.sandbox.googleapis.com/zconnectgateway.googleapis.comzstaging-gkemulticloudz-staging-connectgateway.sandbox.googleapis.comzhttp://localhostz%gkemulticloud.sandbox.googleapis.com/z.autopush-connectgateway.sandbox.googleapis.com gkemulticloud) r r:api_endpoint_overridesriGetre startswithr UnknownApiEndpointOverrideError)rRs rr>r>#s   5 5 C C G G I(   : ; ;   J K K *( : +,,0A0A-11 <..??rcSSUUS.S.$)z-Generates a Kubernetes execCredential object.ExecCredentialclient.authentication.k8s.io/v1)expirationTimestamptoken)r apiVersionr))expiration_timestamp access_tokens rroroBs5!5 rc UcbSn[RR5(aSnUn[R"US/SS[R [R S9 UnUSSUR%S 5S S .n[&R(R*R,R/5nU(a9[&R(R*R,R15US ./US 'U$![ a [R"5RnUcH[R"[R5 [R"[R5e[R R#XC5n[R"US/SS[R [R S9 UnGNZ![ a) [R"[R5 GNf=ff=f)zGenerates and returns an exec auth plugin config. Args: cmd_path: str, exec command path. cmd_args: str, exec command arguments. Returns: dict, valid exec auth plugin config entry. gcloudz gcloud.cmdz --versionF)timeoutcheckstdoutstderrrpT Never)commandrsprovideClusterInfoargsinteractiveMode)rOvalueenv)rOperatingSystem IsWindows subprocessrunDEVNULL Exceptionr Paths sdk_bin_pathr criticalr SDK_BIN_PATH_NOT_FOUNDErrorospathjoinsplitr r:rjrirkEnvironmentName)r-r4bin_namerrsdk_path_bin_namecfgrRs rrSrSNsH  **,,hG =nn K #### h65 nnS!  #   5 5 C C G G I(     4 4 B B R R T CJ *S ==||~22   ,,== >%%o&L&LM M ggll<A  .. +.''''  '( = _;;<<=-=s*8C11 G7rorSrrrtrrrs3&' J1>HE&#*.+625$,6BG(VL6>&?  @> D N  +r