discovery support bundle specs from secrets matching label selector

cmd/troubleshoot/cli/root.go

@@ -47,6 +47,8 @@ from a server that can be used to assist when troubleshooting a Kubernetes clust
 	cmd.Flags().Bool("redact", true, "enable/disable default redactions")
 	cmd.Flags().Bool("interactive", true, "enable/disable interactive mode")
 	cmd.Flags().Bool("collect-without-permissions", true, "always generate a support bundle, even if it some require additional permissions")
+	cmd.Flags().StringSliceP("selector", "l", []string{"troubleshoot.io/kind=supportbundle-spec"}, "nathan")
+	cmd.Flags().Bool("load-specs-from-secrets", false, "nathan")
 	cmd.Flags().String("since-time", "", "force pod logs collectors to return logs after a specific date (RFC3339)")
 	cmd.Flags().String("since", "", "force pod logs collectors to return logs newer than a relative duration like 5s, 2m, or 3h.")
 	cmd.Flags().StringP("output", "o", "", "specify the output file path for the support bundle")

cmd/troubleshoot/cli/run.go

@@ -22,15 +22,20 @@ import (
 	"github.com/replicatedhq/troubleshoot/pkg/client/troubleshootclientset/scheme"
 	troubleshootclientsetscheme "github.com/replicatedhq/troubleshoot/pkg/client/troubleshootclientset/scheme"
 	"github.com/replicatedhq/troubleshoot/pkg/convert"
-	"github.com/replicatedhq/troubleshoot/pkg/docrewrite"
 	"github.com/replicatedhq/troubleshoot/pkg/httputil"
 	"github.com/replicatedhq/troubleshoot/pkg/k8sutil"
+	"github.com/replicatedhq/troubleshoot/pkg/specs"
 	"github.com/replicatedhq/troubleshoot/pkg/supportbundle"
 	"github.com/spf13/viper"
 	spin "github.com/tj/go-spin"
+	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/client-go/rest"
 )
 
+const (
+	SupportBundleSecretKey = "support-bundle-spec"
+)
+
 func runTroubleshoot(v *viper.Viper, arg []string) error {
 	interactive := v.GetBool("interactive") && isatty.IsTerminal(os.Stdout.Fd())
 
@@ -71,18 +76,17 @@ func runTroubleshoot(v *viper.Viper, arg []string) error {
 	var mainBundle *troubleshootv1beta2.SupportBundle
 
 	troubleshootclientsetscheme.AddToScheme(scheme.Scheme)
-	decode := scheme.Codecs.UniversalDeserializer().Decode
 	additionalRedactors := &troubleshootv1beta2.Redactor{}
 	for i, v := range arg {
 
 		collectorContent, err := supportbundle.LoadSupportBundleSpec(v)
 		if err != nil {
-			return errors.Wrap(err, "failed to load collector spec")
+			return errors.Wrap(err, "failed to load support bundle spec")
 		}
 		multidocs := strings.Split(string(collectorContent), "\n---\n")
 		supportBundle, err := supportbundle.ParseSupportBundleFromDoc([]byte(multidocs[0]))
 		if err != nil {
-			return errors.Wrap(err, "failed to parse collector")
+			return errors.Wrap(err, "failed to parse support bundle spec")
 		}
 
 		if i == 0 {
@@ -91,23 +95,47 @@ func runTroubleshoot(v *viper.Viper, arg []string) error {
 			mainBundle = supportbundle.ConcatSpec(mainBundle, supportBundle)
 		}
 
-		for i, additionalDoc := range multidocs {
-			if i == 0 {
-				continue
+		parsedRedactors, err := supportbundle.ParseRedactorsFromSpec(multidocs)
+		if err != nil {
+			return errors.Wrap(err, "failed to parse redactors from doc")
+		}
+		additionalRedactors.Spec.Redactors = append(additionalRedactors.Spec.Redactors, parsedRedactors...)
+	}
+
+	if v.GetBool("load-specs-from-secrets") {
+		labelSelector := strings.Join(v.GetStringSlice("selector"), ",")
+
+		parsedSelector, err := labels.Parse(labelSelector)
+		if err != nil {
+			return errors.Wrap(err, "unable to parse selector")
+		}
+
+		namespace := ""
+		if v.GetString("namespace") != "" {
+			namespace = v.GetString("namespace")
+		}
+
+		bundlesFromSecrets, err := specs.LoadFromSecretMatchingLabel(parsedSelector.String(), namespace, SupportBundleSecretKey)
+		if err != nil {
+			return errors.Wrap(err, "failed to load support bundle spec from secrets")
+		}
+
+		if bundlesFromSecrets != nil {
+			for _, bundle := range bundlesFromSecrets {
+				multidocs := strings.Split(string(bundle), "\n---\n")
+				parsedBundlesFromSecrets, err := supportbundle.ParseSupportBundleFromDoc([]byte(multidocs[0]))
+				if err != nil {
+					return errors.Wrap(err, "failed to parse support bundle spec")
+				}
+
+				mainBundle = supportbundle.ConcatSpec(mainBundle, parsedBundlesFromSecrets)
+
+				parsedRedactors, err := supportbundle.ParseRedactorsFromSpec(multidocs)
+				if err != nil {
+					return errors.Wrap(err, "failed to parse redactors from doc")
+				}
+				additionalRedactors.Spec.Redactors = append(additionalRedactors.Spec.Redactors, parsedRedactors...)
 			}
-			additionalDoc, err := docrewrite.ConvertToV1Beta2([]byte(additionalDoc))
-			if err != nil {
-				return errors.Wrap(err, "failed to convert to v1beta2")
-			}
-			obj, _, err := decode(additionalDoc, nil, nil)
-			if err != nil {
-				return errors.Wrapf(err, "failed to parse additional doc %d", i)
-			}
-			multidocRedactors, ok := obj.(*troubleshootv1beta2.Redactor)
-			if !ok {
-				continue
-			}
-			additionalRedactors.Spec.Redactors = append(additionalRedactors.Spec.Redactors, multidocRedactors.Spec.Redactors...)
 		}
 	}
 

pkg/specs/secrets.go

@@ -32,3 +32,33 @@ func LoadFromSecret(namespace string, secretName string, key string) ([]byte, er
 
 	return spec, nil
 }
+
+func LoadFromSecretMatchingLabel(labelSelector string, namespace string, key string) ([]string, error) {
+	var allSecrets []string
+
+	config, err := k8sutil.GetRESTConfig()
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to convert kube flags to rest config")
+	}
+
+	client, err := kubernetes.NewForConfig(config)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to convert create k8s client")
+	}
+
+	daSecrets, err := client.CoreV1().Secrets(namespace).List(context.TODO(), metav1.ListOptions{LabelSelector: labelSelector})
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to get secret")
+	}
+
+	for _, secret := range daSecrets.Items {
+		spec, ok := secret.Data[key]
+		if !ok {
+			return nil, errors.Errorf("support bundle spec not found in secret with matching label %s", secret.Name)
+		}
+		//multidocs := strings.Split(string(spec), "\n---\n")
+		allSecrets = append(allSecrets, string(spec))
+	}
+
+	return allSecrets, nil
+}

pkg/supportbundle/collect.go

@@ -75,8 +75,8 @@ func runCollectors(collectors []*troubleshootv1beta2.Collect, additionalRedactor
 
 	collectSpecs := make([]*troubleshootv1beta2.Collect, 0)
 	collectSpecs = append(collectSpecs, collectors...)
-	collectSpecs = ensureCollectorInList(collectSpecs, troubleshootv1beta2.Collect{ClusterInfo: &troubleshootv1beta2.ClusterInfo{}})
-	collectSpecs = ensureCollectorInList(collectSpecs, troubleshootv1beta2.Collect{ClusterResources: &troubleshootv1beta2.ClusterResources{}})
+	/*collectSpecs = ensureCollectorInList(collectSpecs, troubleshootv1beta2.Collect{ClusterInfo: &troubleshootv1beta2.ClusterInfo{}})
+	collectSpecs = ensureCollectorInList(collectSpecs, troubleshootv1beta2.Collect{ClusterResources: &troubleshootv1beta2.ClusterResources{}})*/
 
 	var cleanedCollectors collect.Collectors
 	for _, desiredCollector := range collectSpecs {

pkg/supportbundle/load.go

@@ -219,3 +219,30 @@ func loadSpecFromURL(arg string) ([]byte, error) {
 		return body, nil
 	}
 }
+
+func ParseRedactorsFromSpec(docs []string) ([]*troubleshootv1beta2.Redact, error) {
+	var redactors []*troubleshootv1beta2.Redact
+
+	decode := scheme.Codecs.UniversalDeserializer().Decode
+
+	for i, additionalDoc := range docs {
+		if i == 0 {
+			continue
+		}
+		additionalDoc, err := docrewrite.ConvertToV1Beta2([]byte(additionalDoc))
+		if err != nil {
+			return nil, errors.Wrap(err, "failed to convert to v1beta2")
+		}
+		obj, _, err := decode(additionalDoc, nil, nil)
+		if err != nil {
+			return nil, errors.Wrapf(err, "failed to parse additional doc %d", i)
+		}
+		multidocRedactors, ok := obj.(*troubleshootv1beta2.Redactor)
+		if !ok {
+			continue
+		}
+		redactors = append(redactors, multidocRedactors.Spec.Redactors...)
+	}
+
+	return redactors, nil
+}