The tools/kops utility currently relies on executing external CLI commands (gcloud and gsutil) for various GCP operations in pkg/kops/gcp.go. This approach introduces external dependencies, makes error handling brittle, and is less efficient than direct API calls.
We should refactor these methods to use the GCP go client libraries.
Current Usage (pkg/kops/gcp.go)
- Account Discovery:
saCmd := exec.Command("gcloud", "config", "list", "--format", "value(core.account)")
- SSH Configuration:
cmd := exec.Command("gcloud", "compute", "--project="+c.GCPProject, "config-ssh", "--ssh-key-file="+c.SSHPrivateKey)
- GCS Bucket Management (
gsutil):
gsutil ls to check if the bucket exists.gsutil mb to create the bucket.gsutil ubla set off to disable uniform bucket-level access.gsutil iam ch to set IAM permissions.
Proposed Changes
Refactor pkg/kops/gcp.go to use the client libraries.
- Replace
gcloud config list:
- Use
cloud.google.com/go/compute/metadata.
- Replace
gcloud compute config-ssh:
- Use
cloud.google.com/go/compute/apiv1.
- Replace
gsutil:
- Use
cloud.google.com/go/storage.
The
tools/kopsutility currently relies on executing external CLI commands (gcloudandgsutil) for various GCP operations inpkg/kops/gcp.go. This approach introduces external dependencies, makes error handling brittle, and is less efficient than direct API calls.We should refactor these methods to use the GCP go client libraries.
Current Usage (
pkg/kops/gcp.go)gsutil):gsutil lsto check if the bucket exists.gsutil mbto create the bucket.gsutil ubla set offto disable uniform bucket-level access.gsutil iam chto set IAM permissions.Proposed Changes
Refactor
pkg/kops/gcp.goto use the client libraries.gcloud config list:cloud.google.com/go/compute/metadata.gcloud compute config-ssh:cloud.google.com/go/compute/apiv1.gsutil:cloud.google.com/go/storage.