From ea02b579d663ffac30ef673e8a4d1d183d602709 Mon Sep 17 00:00:00 2001
From: Sam Alba <sam.alba@gmail.com>
Date: Thu, 18 Mar 2021 15:51:56 -0700
Subject: [PATCH] stdlib: implemented aws/eks

Signed-off-by: Sam Alba <sam.alba@gmail.com>
---
 stdlib/aws/eks/code.cue | 26 ++++++++++++++++++
 stdlib/aws/eks/eks.cue  | 59 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)
 create mode 100644 stdlib/aws/eks/code.cue
 create mode 100644 stdlib/aws/eks/eks.cue

diff --git a/stdlib/aws/eks/code.cue b/stdlib/aws/eks/code.cue
new file mode 100644
index 00000000..9a172275
--- /dev/null
+++ b/stdlib/aws/eks/code.cue
@@ -0,0 +1,26 @@
+package eks
+
+#Code: #"""
+    [ -e /cache/bin/kubectl ] || {
+        curl -sfL https://dl.k8s.io/v1.19.9/bin/linux/amd64/kubectl -o /cache/bin/kubectl && chmod +x /cache/bin/kubectl
+    }
+
+    export KUBECONFIG=/kubeconfig
+    export PATH="$PATH:/cache/bin"
+
+    # Generate a kube configuration
+    aws eks update-kubeconfig --name "$EKS_CLUSTER"
+
+    # Figure out the kubernetes username
+    CONTEXT="$(kubectl config current-context)"
+    USER="$(kubectl config view -o json | \
+        jq -r ".contexts[] | select(.name==\"$CONTEXT\") | .context.user")"
+
+    # Grab a kubernetes access token
+    ACCESS_TOKEN="$(aws eks get-token --cluster-name "$EKS_CLUSTER" | \
+        jq -r .status.token)"
+
+    # Remove the user config and replace it with the token
+    kubectl config unset "users.${USER}"
+    kubectl config set-credentials "$USER" --token "$ACCESS_TOKEN"
+    """#
diff --git a/stdlib/aws/eks/eks.cue b/stdlib/aws/eks/eks.cue
new file mode 100644
index 00000000..02635030
--- /dev/null
+++ b/stdlib/aws/eks/eks.cue
@@ -0,0 +1,59 @@
+package eks
+
+import (
+	"dagger.io/llb"
+	"dagger.io/aws"
+)
+
+// KubeConfig config outputs a valid kube-auth-config for kubectl client
+#KubeConfig: {
+	// AWS Config
+	config: aws.#Config
+
+	// EKS cluster name
+	clusterName: string
+
+	// kubeconfig is the generated kube configuration file
+	kubeconfig: {
+		string
+
+		#compute: [
+			llb.#Load & {
+				from: aws.#CLI
+			},
+			llb.#WriteFile & {
+				dest:    "/entrypoint.sh"
+				content: #Code
+			},
+			llb.#Exec & {
+				always: true
+				args: [
+					"/bin/bash",
+					"--noprofile",
+					"--norc",
+					"-eo",
+					"pipefail",
+					"/entrypoint.sh",
+				]
+				env: {
+					AWS_CONFIG_FILE:       "/cache/aws/config"
+					AWS_ACCESS_KEY_ID:     config.accessKey
+					AWS_SECRET_ACCESS_KEY: config.secretKey
+					AWS_DEFAULT_REGION:    config.region
+					AWS_REGION:            config.region
+					AWS_DEFAULT_OUTPUT:    "json"
+					AWS_PAGER:             ""
+					EKS_CLUSTER:           clusterName
+				}
+				mount: {
+					"/cache/aws": "cache"
+					"/cache/bin": "cache"
+				}
+			},
+			llb.#Export & {
+				source: "/kubeconfig"
+				format: "string"
+			},
+		]
+	}
+}