Added aws-iam-authenticator to docker and a launch script (#73)

* Add aws-iam-authenticator to docker and a launch script * Move sloop-to-eks.sh to provider specific dir
2019-11-21 18:34:27 -08:00 · 2019-11-21 18:34:27 -08:00 · f9832284e1
--- a/5
+++ b/5
@ -7,9 +7,14 @@ RUN go mod download

 COPY pkg ./pkg

+RUN curl -o /sloop/aws-iam-authenticator https://amazon-eks.s3-us-west-2.amazonaws.com/1.14.6/2019-08-22/bin/linux/amd64/aws-iam-authenticator \
+  && wait \
+  && chmod +x /sloop/aws-iam-authenticator
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags "-s" -installsuffix cgo -o sloop ./pkg/sloop

 FROM gcr.io/distroless/base
 COPY --from=build /sloop/sloop /sloop
 COPY --from=build /sloop/pkg/sloop/webfiles /pkg/sloop/webfiles
+COPY --from=build /sloop/aws-iam-authenticator /aws-iam-authenticator
+ENV PATH="/:${PATH}"
 CMD ["/sloop"]
--- a/README.md
+++ b/README.md
@ -77,6 +77,18 @@ docker run --rm -it -p 8080:8080 -v ~/.kube/:/kube/ -e KUBECONFIG=/kube/config s

 In this mode, data is written to a memory-backed volume and is discarded after each run. To preserve the data, you can host-mount /data with something like `-v /data/:/some_path_on_host/`

+### Local Docker Run and connecting to EKS
+
+This is very similar to above but abstracts running docker with AWS credentials for connecting to EKS
+
+```shell script
+make docker
+export AWS_ACCESS_KEY_ID=<access_key_id> AWS_SECRET_ACCESS_KEY=<secret_access_key> AWS_SESSION_TOKEN=<session_token>
+./providers/aws/sloop_to_eks.sh <cluster name>
+```
+
+Data retention policy stated above still applies in this case.
+
 ## Backup & Restore

 > This is an advanced feature. Use with caution.
--- a/providers/aws/sloop-to-eks.sh
+++ b/providers/aws/sloop-to-eks.sh
@ -0,0 +1,18 @@
+#!/bin/bash
+
+USAGE="Usage: ./sloop_to_eks.sh <cluster_name> [<region>]
+
+<cluster_name>: Provide EKS cluster to connect to.
+      <region>: defaults to us-west-2.
+"
+
+if [ $# -lt 1 ] || [ "$1" == "help" ]; then
+    echo "$USAGE"
+    exit 0
+fi
+REGION="us-west-2"
+if [ "$2" != "" ]; then
+    REGION=$2
+fi
+aws eks --region $REGION update-kubeconfig --name $1
+docker run --rm -it -p 8080:8080 -v ~/.kube/:/kube/ -e KUBECONFIG=/kube/config -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN sloop