fabric8io#65 first spike to lazily create the ServiceAccount if its n…

…ot specified and to try default to the same namespace as the RC by default

ansible/ansible.go

@@ -51,6 +51,9 @@ const (
 // EnvRC is the environment variable on a pod for the name of the ReplicationController
 	EnvRC = "KANSIBLE_RC"
 
+// EnvNamespace is the environment variable on a pod for the namespace to use
+	EnvNamespace = "KANSIBLE_NAMESPACE"
+
 // EnvExportEnvVars is the space separated list of environment variables exported to the remote process
 	EnvExportEnvVars = "KANSIBLE_EXPORT_ENV_VARS"
 
@@ -413,15 +416,24 @@ func UpdateKansibleRC(hostEntries []*HostEntry, hosts string, f *cmdutil.Factory
 		container.ImagePullPolicy = "IfNotPresent"
 	}
 	preStopCommands := []string{"kansible", "kill"}
+	if len(podSpec.ServiceAccountName) == 0 {
+		podSpec.ServiceAccountName = rcName
+	}
+	serviceAccountName := podSpec.ServiceAccountName
 	k8s.EnsureContainerHasPreStopCommand(container, preStopCommands)
 	k8s.EnsureContainerHasEnvVar(container, EnvHosts, hosts)
 	k8s.EnsureContainerHasEnvVar(container, EnvRC, rcName)
 	k8s.EnsureContainerHasEnvVar(container, EnvBash, "/usr/local/bin/bash")
+	k8s.EnsureContainerHasEnvVarFromField(container, EnvNamespace, "metadata.namespace")
 	command := k8s.GetContainerEnvVar(container, EnvCommand)
 	if len(command) == 0 {
 		return nil, fmt.Errorf("No environemnt variable value defined for %s in ReplicationController YAML file %s", EnvCommand, rcFile)
 	}
 
+	if len(serviceAccountName) > 0 {
+		k8s.EnsureServiceAccountExists(c, ns, serviceAccountName)
+	}
+
 	isUpdate := true
 	rc, err := c.ReplicationControllers(ns).Get(rcName)
 	if err != nil {

cmds/pod.go

@@ -39,10 +39,14 @@ func Pod(c *cli.Context) {
 	if err != nil || kubeclient == nil {
 		log.Die(MessageFailedToCreateKubernetesClient, err)
 	}
-	ns, _, _ := f.DefaultNamespace()
+	ns := os.Getenv(ansible.EnvNamespace)
 	if len(ns) == 0 {
-		ns = "default"
+		ns, _, _ = f.DefaultNamespace()
+		if len(ns) == 0 {
+			ns = "default"
+		}
 	}
+	log.Info("Using Kubernetes namespace %s", ns)
 
 	rcName, err := osExpandAndVerify(c, "rc")
 	if err != nil {

k8s/k8s.go

@@ -136,6 +136,29 @@ func EnsureContainerHasEnvVar(container *api.Container, name string, value strin
 	return false
 }
 
+// EnsureContainerHasEnvVarFromField if there is an existing EnvVar for the given name then lets update it
+// with the given fieldPath otherwise lets add a new entry.
+// Returns true if there was already an existing environment variable
+func EnsureContainerHasEnvVarFromField(container *api.Container, name string, fieldPath string) bool {
+	from := &api.EnvVarSource{
+		FieldRef: &api.ObjectFieldSelector{
+			FieldPath: fieldPath,
+		},
+	}
+	for _, env := range container.Env {
+		if env.Name == name {
+			env.ValueFrom = from
+			env.Value = ""
+			return true
+		}
+	}
+	container.Env = append(container.Env, api.EnvVar{
+		Name: name,
+		ValueFrom: from,
+	})
+	return false
+}
+
 
 // EnsureContainerHasPreStopCommand ensures that the given container has a `preStop` lifecycle hook
 // to invoke the given commands
@@ -216,6 +239,24 @@ func EnsurePodSpecHasSecretVolume(podSpec *api.PodSpec, name string, secretName
 }
 
 
+
+// EnsureServiceAccountExists ensures that there is a service account created for the given name
+func EnsureServiceAccountExists(c *client.Client, ns string, serviceAccountName string) error {
+	saClient := c.ServiceAccounts(ns)
+	sa, err := saClient.Get(serviceAccountName)
+	if err != nil || sa == nil {
+		// lets try create the SA
+		sa = &api.ServiceAccount{
+			ObjectMeta: api.ObjectMeta{
+				Name: serviceAccountName,
+			},
+		}
+		log.Info("Creating ServiceAccount %s", serviceAccountName)
+		_, err = saClient.Create(sa)
+	}
+	return nil
+}
+
 // ApplyResource applies the given data as a kubernetes resource
 func ApplyResource(f *cmdutil.Factory, c *client.Client, ns string, data []byte, name string) error {
 	schemaCacheDir := "/tmp/kubectl.schema"