bpd1069/helm_tls_wrapper.sh

## helm_tls_wrapper.sh
#!/usr/bin/env bash
#
# this script is a helpful wrapper for Helm CLI, when using TLS enabled Tiller
# See https://github.com/helm/helm/blob/master/docs/tiller_ssl.md
#
# Copyright (C) 2019 Anastas Dancha (aka @anapsix)
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.
#
#
# save this somewhere in your PATH (e.g. /usr/local/bin/)
# as helm_tls_wrapper.sh
# and add shell alias (so that shell-completion works without any additional changes)
# alias helm=helm_tls_wrapper.sh
#
# save your TLS certificates in ${HELM_HOME}/tls/${K8S_CONTEXT}/
# as ca.pem, cert.pem, and key.pem

: ${HELM_HOME:=~/.helm}
: ${KUBECONFIG:=${HOME}/.kube/config}
: ${HELM_VERSION:="unset"}


if [[ "${HELM_VERSION}" == "unset" ]]; then
  HELM_BIN="helm"
else
  echo >&2 "HELM Version: ${HELM_VERSION}"
  HELM_BIN="helm_${HELM_VERSION}"
fi


[[ "$(uname)" == "Darwin" ]] && grep="ggrep" || grep="grep"

K8S_CONTEXT_ARG="$(echo "$@" | $grep -Po '(?<=--kube-context=)\S+')"

if [[ -z "${K8S_CONTEXT_ARG}" ]]; then
  K8S_CONTEXT="$($grep -Po '(?<=^current-context: ).*$' ${KUBECONFIG})"
else
  K8S_CONTEXT="${K8S_CONTEXT_ARG}"
fi
echo >&2 "K8S_CONTEXT: ${K8S_CONTEXT}"

for arg in $@; do
  if [[ "$arg" == "--tls" ]]; then
    export HELM_TLS_CA_CERT="${HELM_HOME}/tls/${K8S_CONTEXT}/ca.pem"
    export HELM_TLS_CERT="${HELM_HOME}/tls/${K8S_CONTEXT}/cert.pem"
    export HELM_TLS_KEY="${HELM_HOME}/tls/${K8S_CONTEXT}/key.pem"
    export HELM_TLS_ENABLE="true"
    # export HELM_TLS_VERIFY="true"

    if [[ "$DEBUG" == "1" ]]; then
      echo export HELM_TLS_CA_CERT=\"${HELM_HOME}/tls/${K8S_CONTEXT}/ca.pem\"
      echo export HELM_TLS_CERT=\"${HELM_HOME}/tls/${K8S_CONTEXT}/cert.pem\"
      echo export HELM_TLS_KEY=\"${HELM_HOME}/tls/${K8S_CONTEXT}/key.pem\"
      echo export HELM_TLS_ENABLE=\"true\"
    fi
    break
  fi
done

[[ "$DEBUG" == "1" ]] && echo ${HELM_BIN} $@ || ${HELM_BIN} $@
	#!/usr/bin/env bash
	#
	# this script is a helpful wrapper for Helm CLI, when using TLS enabled Tiller
	# See https://github.com/helm/helm/blob/master/docs/tiller_ssl.md
	#
	# Copyright (C) 2019 Anastas Dancha (aka @anapsix)
	# This program is free software: you can redistribute it and/or modify
	# it under the terms of the GNU General Public License as published by
	# the Free Software Foundation, either version 3 of the License, or
	# any later version.
	#
	# This program is distributed in the hope that it will be useful,
	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	# GNU General Public License for more details.
	#
	# You should have received a copy of the GNU General Public License
	# along with this program. If not, see <https://www.gnu.org/licenses/>.
	#
	#
	# save this somewhere in your PATH (e.g. /usr/local/bin/)
	# as helm_tls_wrapper.sh
	# and add shell alias (so that shell-completion works without any additional changes)
	# alias helm=helm_tls_wrapper.sh
	#
	# save your TLS certificates in ${HELM_HOME}/tls/${K8S_CONTEXT}/
	# as ca.pem, cert.pem, and key.pem

	: ${HELM_HOME:=~/.helm}
	: ${KUBECONFIG:=${HOME}/.kube/config}
	: ${HELM_VERSION:="unset"}


	if [[ "${HELM_VERSION}" == "unset" ]]; then
	HELM_BIN="helm"
	else
	echo >&2 "HELM Version: ${HELM_VERSION}"
	HELM_BIN="helm_${HELM_VERSION}"
	fi



	[[ "$(uname)" == "Darwin" ]] && grep="ggrep" \|\| grep="grep"

	K8S_CONTEXT_ARG="$(echo "$@" \| $grep -Po '(?<=--kube-context=)\S+')"

	if [[ -z "${K8S_CONTEXT_ARG}" ]]; then
	K8S_CONTEXT="$($grep -Po '(?<=^current-context: ).*$' ${KUBECONFIG})"
	else
	K8S_CONTEXT="${K8S_CONTEXT_ARG}"
	fi
	echo >&2 "K8S_CONTEXT: ${K8S_CONTEXT}"

	for arg in $@; do
	if [[ "$arg" == "--tls" ]]; then
	export HELM_TLS_CA_CERT="${HELM_HOME}/tls/${K8S_CONTEXT}/ca.pem"
	export HELM_TLS_CERT="${HELM_HOME}/tls/${K8S_CONTEXT}/cert.pem"
	export HELM_TLS_KEY="${HELM_HOME}/tls/${K8S_CONTEXT}/key.pem"
	export HELM_TLS_ENABLE="true"
	# export HELM_TLS_VERIFY="true"

	if [[ "$DEBUG" == "1" ]]; then
	echo export HELM_TLS_CA_CERT=\"${HELM_HOME}/tls/${K8S_CONTEXT}/ca.pem\"
	echo export HELM_TLS_CERT=\"${HELM_HOME}/tls/${K8S_CONTEXT}/cert.pem\"
	echo export HELM_TLS_KEY=\"${HELM_HOME}/tls/${K8S_CONTEXT}/key.pem\"
	echo export HELM_TLS_ENABLE=\"true\"
	fi
	break
	fi
	done

	[[ "$DEBUG" == "1" ]] && echo ${HELM_BIN} $@ \|\| ${HELM_BIN} $@