tool: add calicoctl wrapper
diff --git a/tools/BUILD b/tools/BUILD
index 165da43..d668721 100644
--- a/tools/BUILD
+++ b/tools/BUILD
@@ -40,7 +40,13 @@
)
copy_go_binary(
- name = "calicoctl",
+ name = "calicoctl.bin",
src = "@com_github_projectcalico_calicoctl//calicoctl:calicoctl",
visibility = ["//visibility:public"],
)
+
+sh_binary(
+ name = "calicoctl",
+ srcs = ["calicoctl.sh"],
+ data = [":calicoctl.bin"],
+)
diff --git a/tools/calicoctl.sh b/tools/calicoctl.sh
new file mode 100755
index 0000000..dc38998
--- /dev/null
+++ b/tools/calicoctl.sh
@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+# A wrapper around the real calicoctl to configure etcd access...
+
+if [ -z "$hscloud_root" ]; then
+ echo 2>&1 "Please source env.sh"
+ exit 1
+fi
+
+ETCD_ENDPOINTS="https://bc01n01.hswaw.net:2379,https://bc01n01.hswaw.net:2379,https://bc01n01.hswaw.net:2379"
+ETCD_KEY_FILE="$hscloud_root/cluster/secrets/plain/kube-calico.key"
+ETCD_CERT_FILE="$hscloud_root/cluster/certs/kube-calico.crt"
+ETCD_CA_CERT_FILE="$hscloud_root/cluster/certs/ca.crt"
+
+if [ ! -f "$ETCD_KEY_FILE" ] ; then
+ secretstore decrypt "$hscloud_root/cluster/secrets/cipher/kube-calico.key" > "$ETCD_KEY_FILE"
+fi
+
+export ETCD_ENDPOINTS
+export ETCD_KEY_FILE
+export ETCD_CERT_FILE
+export ETCD_CA_CERT_FILE
+calicoctl.bin "$@"
diff --git a/tools/install.sh b/tools/install.sh
index dedcfe6..82713a2 100755
--- a/tools/install.sh
+++ b/tools/install.sh
@@ -9,4 +9,4 @@
bazel build \
//tools:kubectl //tools:kubecfg //tools:clustercfg //tools:secretstore \
- //tools:pass //tools:calicoctl
+ //tools:pass //tools:calicoctl.bin