Merge pull request #287 from tjcain/add-cache-path-option

add optional path to cache kubectl token

cmd/kubectl_token.go

@@ -17,6 +17,7 @@ import (
 	url2 "net/url"
 	"os"
 	"os/signal"
+	"path"
 	"path/filepath"
 	"strings"
 	"time"
@@ -109,6 +110,11 @@ func CredentialCommand() cli.Command {
 				Name:  "skip-verify",
 				Usage: "Skip verification of the CACerts presented by the Server",
 			},
+			cli.StringFlag{
+				Name:   "cache-dir",
+				Usage:  "The absolute path for the kubectl-token .cache directory",
+				EnvVar: "RANCHER_CACHE_DIR",
+			},
 		},
 		Subcommands: []cli.Command{
 			cli.Command{
@@ -141,8 +147,13 @@ func runCredential(ctx *cli.Context) error {
 	}
 	clusterID := ctx.String("cluster")
 
+	dir, err := getCacheDir(ctx)
+	if err != nil {
+		return err
+	}
+
 	cachedCredName := fmt.Sprintf("%s_%s", userID, clusterID)
-	cachedCred, err := loadCachedCredential(cachedCredName)
+	cachedCred, err := loadCachedCredential(cachedCredName, dir)
 	if err != nil {
 		customPrint(fmt.Errorf("LoadToken: %v", err))
 	}
@@ -164,7 +175,7 @@ func runCredential(ctx *cli.Context) error {
 		return err
 	}
 
-	if err := cacheCredential(newCred, fmt.Sprintf("%s_%s", userID, clusterID)); err != nil {
+	if err := cacheCredential(newCred, fmt.Sprintf("%s_%s", userID, clusterID), dir); err != nil {
 		customPrint(fmt.Errorf("CacheToken: %v", err))
 	}
 
@@ -175,7 +186,7 @@ func deleteCachedCredential(ctx *cli.Context) error {
 	if len(ctx.Args()) == 0 {
 		return cli.ShowSubcommandHelp(ctx)
 	}
-	dir, err := os.Getwd()
+	dir, err := getCacheDir(ctx)
 	if err != nil {
 		return err
 	}
@@ -195,11 +206,7 @@ func deleteCachedCredential(ctx *cli.Context) error {
 	return nil
 }
 
-func loadCachedCredential(key string) (*ExecCredential, error) {
-	dir, err := os.Getwd()
-	if err != nil {
-		return nil, err
-	}
+func loadCachedCredential(key, dir string) (*ExecCredential, error) {
 	cachePath := filepath.Join(dir, kubeConfigCache, fmt.Sprintf("%s%s", key, cachedFileExt))
 	f, err := os.Open(cachePath)
 	if err != nil {
@@ -222,15 +229,12 @@ func loadCachedCredential(key string) (*ExecCredential, error) {
 	return execCredential, nil
 }
 
-func cacheCredential(cred *ExecCredential, id string) error {
+func cacheCredential(cred *ExecCredential, id, dir string) error {
 	// cache only if valid
 	if cred.Status.Token == "" {
 		return nil
 	}
-	dir, err := os.Getwd()
-	if err != nil {
-		return err
-	}
+
 	cachePathDir := filepath.Join(dir, kubeConfigCache)
 	if err := os.MkdirAll(cachePathDir, os.FileMode(0700)); err != nil {
 		return err
@@ -521,6 +525,19 @@ func generateKey() (string, error) {
 	return string(token), nil
 }
 
+func getCacheDir(ctx *cli.Context) (string, error) {
+	p := ctx.String("cache-path")
+	if p == "" {
+		return os.Getwd()
+	}
+
+	if !path.IsAbs(p) {
+		return "", fmt.Errorf("cache dir requires an absolute path")
+	}
+
+	return p, nil
+}
+
 func getTLSConfig(input *LoginInput) (*tls.Config, error) {
 	config := &tls.Config{}
 	if input.skipVerify || input.caCerts == "" {

main_test.go

@@ -27,6 +27,7 @@ func (m *MainTestSuite) TestParseArgs(c *check.C) {
 		{"rancher", "run", "--debug", "-f=b"},
 		{"rancher", "run", "--debug", "-=b"},
 		{"rancher", "run", "--debug", "-"},
+		{"rancher", "token", "--cache-dir=/path/to/cache"},
 	}
 	r0, err := parseArgs(input[0])
 	if err != nil {
@@ -61,4 +62,10 @@ func (m *MainTestSuite) TestParseArgs(c *check.C) {
 		c.Fatal(err)
 	}
 	c.Assert(r5, check.DeepEquals, []string{"rancher", "run", "--debug", "-"})
+
+	r6, err := parseArgs(input[6])
+	if err != nil {
+		c.Fatal(err)
+	}
+	c.Assert(r6, check.DeepEquals, []string{"rancher", "token", "--cache-dir=/path/to/cache"})
 }