K0SrSSKJr SSKJr SSKJr SSKJr SSKJ r SSKJ r SSK J r SS K J r S rS rS rS rS rSrSrSrSrSrSr\S-\-S-\-rSrSrSSjrSSjrSrSrg)zUtils for GKE Hub commands.)api_util) kube_util)util) exceptions)log) propertiesencoding)fileszgke-connect-agentzgke-connect-agent-installerz creds-gcpzconnect-image-pull-secretzhub.gke.io/projectz gke-connectaManifest saved to [{0}]. Please apply the manifest to your cluster with `kubectl apply -f {0}`. You must have `cluster-admin` privilege in order to deploy the manifest. **This file contains sensitive data; please treat it with the same discretion as your service account key file.**zapiVersion: v1 kind: Secret metadata: name: {gcp_sa_key_secret_name} namespace: {namespace} data: {gcp_sa_key_secret_name}.json: "{gcp_sa_key}" zrapiVersion: v1 kind: Namespace metadata: name: {namespace} labels: {connect_resource_label}: {project_id} a#apiVersion: v1 kind: ConfigMap metadata: name: user-config namespace: {namespace} data: project_id: "{project_id}" project_number: "{project_number}" membership_name: "{membership_name}" proxy: "{proxy}" image: "{image}" --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {project_id}-gke-connect-agent-role-binding labels: {connect_resource_label}: {project_id} subjects: - kind: ServiceAccount name: default namespace: {namespace} roleRef: kind: ClusterRole name: cluster-admin apiGroup: rbac.authorization.k8s.io --- apiVersion: apps/v1 kind: Deployment metadata: name: {agent_install_deployment_name} namespace: {namespace} labels: app: {agent_install_app_label} spec: selector: matchLabels: app: {agent_install_app_label} template: metadata: labels: app: {agent_install_app_label} spec: containers: - name: connect-agent-installer image: {image} command: - gkeconnect_bin/bin/gkeconnect_agent - --install - --sleep-after-install - --config - user-config imagePullPolicy: Always env: - name: MY_POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace --- zapiVersion: v1 kind: Secret metadata: name: {name} namespace: {namespace} labels: {connect_resource_label}: {project_id} data: .dockerconfigjson: {image_pull_secret} type: kubernetes.io/dockerconfigjsonc[R"U5nUR[R U[ UUSSSS[ [[S9 5nU(a,SU;a%[R"SR U55egg)a Purge the Alpha installation resources if exists. Args: kube_client: Kubernetes client to operate on the cluster. namespace: the namespace of Alpha installation. project_id: the GCP project ID. Raises: exceptions.Error: if Alpha resources deletion failed. ) namespaceconnect_resource_label project_idproject_numbermembership_nameproxyimage gcp_sa_keygcp_sa_key_secret_nameagent_install_deployment_nameagent_install_app_labelNotFoundz'failed to delete Alpha installation: {}N) p_utilGetProjectNumberDeleteINSTALL_ALPHA_TEMPLATEformatCONNECT_RESOURCE_LABELGCP_SA_KEY_SECRET_NAMEAGENT_INSTALL_DEPLOYMENT_NAMEAGENT_INSTALL_APP_LABELrError) kube_clientrrrerrs #D$<$:$)$2 C- M    d77 8 JJ+2243L3LMN #K<*_q    ::@& ,,;. //m)**H vd""I.0 K3{z:   ] +&!   188= ??**E vd""I.07 ;;M   AHHK LLMs34HI%H??Ic[U[RRRR 55n[ U5S:a1[R"SRURU55 gUSnSRU5n[R"X5 g![Ra [R"U5 gf=f)aDelete the namespace in the cluster that contains the connect agent. Args: kube_client: A Kubernetes Client for the cluster to be registered. args: an argparse namespace. All arguments that were provided to this command invocation. Raises: calliope_exceptions.MinimumArgumentException: if a kubeconfig file cannot be deduced from the command line flags or environment rCzgcloud will not remove any namespaces containing the Connect Agent since it was found running in multiple namespaces on cluster: [{}]. Please delete these namespaces [{}] maually in your clusterNrz6Please delete namespace [{}] manually in your cluster.)rNrrDrErFrGrOrwarningrrPrrQrr$)r%r7rTr cleanup_msgs r'DeleteConnectNamespacerZ9s$K$.$5$5$:$:$B$B$L$L$NP* _qKK G $$j 1 3  m)HOO+ k5   KK sB++*CCcpSR[U5nURU5nU(d[/$U$)aReturns the namespaces into which to install or update the connect agent. Connect namespaces are identified by the presence of the hub.gke.io/project label. If there are existing namespaces with this label in the cluster, then a list of all those namespaces is returned; otherwise, a list with the default connect namespace is returned. Args: kube_client: a KubernetesClient. project_id: A GCP project identifier. Returns: List of namespaces with hub.gke.io/project label. z{}={})rr NamespacesWithLabelSelectorr2)r%rselectorrTs r'rNrN[s7^^2J ?(66x@*    r))N) __doc__*googlecloudsdk.command_lib.container.fleetrr#googlecloudsdk.command_lib.projectsrrgooglecloudsdk.corerrrgooglecloudsdk.core.utilr r %RUNTIME_CONNECT_AGENT_DEPLOYMENT_NAMEr#r"r!IMAGE_PULL_SECRET_NAMEr r2rMr5NAMESPACE_TEMPLATErINSTALL_MANIFEST_TEMPLATEIMAGE_PULL_SECRET_TEMPLATEr(r@rVrZrNr)r'ris"@@>*#*-*)<%8!> %5-!';H/2 !$  (@>B+b6:D0NDr)