Rename hept.io authenticator to aws authenticator

Author: rdrgmnzs

docs/authentication.md

@@ -32,14 +32,14 @@ spec:
     rbac: {}
 ```
 
-## Heptio Authenticator for AWS
+## AWS IAM Authenticator
 
-If you want to turn on Heptio Authenticator for AWS, you can add this block 
+If you want to turn on AWS IAM Authenticator, you can add this block 
 to your cluster:
 
 ```
 authentication:
-  heptio: {}
+  aws: {}
 ```
 
 For example:
@@ -51,14 +51,14 @@ metadata:
   name: cluster.example.com
 spec:
   authentication:
-    heptio: {}
+    aws: {}
   authorization:
     rbac: {}
 ```
 
-Once the cluster is up you will need to create the heptio authenticator
+Once the cluster is up you will need to create the AWS IAM authenticator
 config as a config map. (This can also be done when boostrapping a cluster using addons)
-For more details on heptio authenticator please visit (heptio/authenticator)[https://github.com/heptio/authenticator]
+For more details on AWS IAM authenticator please visit (kubernetes-sigs/aws-iam-authenticator)[https://github.com/kubernetes-sigs/aws-iam-authenticator]
 Example config:
 
 ```
@@ -67,9 +67,9 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: kube-system
-  name: heptio-authenticator-aws
+  name: aws-iam-authenticator
   labels:
-    k8s-app: heptio-authenticator-aws
+    k8s-app: aws-iam-authenticator
 data:
   config.yaml: |
     # a unique-per-cluster identifier to prevent replay attacks

nodeup/pkg/model/kube_apiserver.go

@@ -158,35 +158,35 @@ func (b *KubeAPIServerBuilder) writeAuthenticationConfig(c *fi.ModelBuilderConte
 		return nil
 	}
 
-	if b.Cluster.Spec.Authentication.Heptio != nil {
-		id := "heptio-authenticator-aws"
+	if b.Cluster.Spec.Authentication.Aws != nil {
+		id := "aws-iam-authenticator"
 		b.Cluster.Spec.KubeAPIServer.AuthenticationTokenWebhookConfigFile = fi.String(PathAuthnConfig)
 
 		{
 			caCertificate, err := b.NodeupModelContext.KeyStore.FindCert(fi.CertificateId_CA)
 			if err != nil {
-				return fmt.Errorf("error fetching Heptio Authentication CA certificate from keystore: %v", err)
+				return fmt.Errorf("error fetching AWS IAM Authentication CA certificate from keystore: %v", err)
 			}
 			if caCertificate == nil {
-				return fmt.Errorf("Heptio Authentication CA certificate %q not found", fi.CertificateId_CA)
+				return fmt.Errorf("AWS IAM  Authentication CA certificate %q not found", fi.CertificateId_CA)
 			}
 
 			cluster := kubeconfig.KubectlCluster{
 				Server: "https://127.0.0.1:21362/authenticate",
 			}
 			context := kubeconfig.KubectlContext{
-				Cluster: "heptio-authenticator-aws",
+				Cluster: "aws-iam-authenticator",
 				User:    "kube-apiserver",
 			}
 
 			cluster.CertificateAuthorityData, err = caCertificate.AsBytes()
 			if err != nil {
-				return fmt.Errorf("error encoding Heptio Authentication CA certificate: %v", err)
+				return fmt.Errorf("error encoding AWS IAM Authentication CA certificate: %v", err)
 			}
 
 			config := kubeconfig.KubectlConfig{}
 			config.Clusters = append(config.Clusters, &kubeconfig.KubectlClusterWithName{
-				Name:    "heptio-authenticator-aws",
+				Name:    "aws-iam-authenticator",
 				Cluster: cluster,
 			})
 			config.Users = append(config.Users, &kubeconfig.KubectlUserWithName{
@@ -427,7 +427,7 @@ func (b *KubeAPIServerBuilder) buildPod() (*v1.Pod, error) {
 	}
 
 	if b.Cluster.Spec.Authentication != nil {
-		if b.Cluster.Spec.Authentication.Kopeio != nil || b.Cluster.Spec.Authentication.Heptio != nil {
+		if b.Cluster.Spec.Authentication.Kopeio != nil || b.Cluster.Spec.Authentication.Aws != nil {
 			addHostPathMapping(pod, container, "authn-config", PathAuthnConfig)
 		}
 	}

pkg/apis/kops/cluster.go

@@ -230,17 +230,17 @@ type ExecContainerAction struct {
 
 type AuthenticationSpec struct {
 	Kopeio *KopeioAuthenticationSpec `json:"kopeio,omitempty"`
-	Heptio *HeptioAuthenticationSpec `json:"heptio,omitempty"`
+	Aws    *AwsAuthenticationSpec    `json:"aws,omitempty"`
 }
 
 func (s *AuthenticationSpec) IsEmpty() bool {
-	return s.Kopeio == nil && s.Heptio == nil
+	return s.Kopeio == nil && s.Aws == nil
 }
 
 type KopeioAuthenticationSpec struct {
 }
 
-type HeptioAuthenticationSpec struct {
+type AwsAuthenticationSpec struct {
 }
 
 type AuthorizationSpec struct {

pkg/apis/kops/v1alpha1/cluster.go

@@ -229,17 +229,17 @@ type ExecContainerAction struct {
 
 type AuthenticationSpec struct {
 	Kopeio *KopeioAuthenticationSpec `json:"kopeio,omitempty"`
-	Heptio *HeptioAuthenticationSpec `json:"heptio,omitempty"`
+	Aws    *AwsAuthenticationSpec    `json:"aws,omitempty"`
 }
 
 func (s *AuthenticationSpec) IsEmpty() bool {
-	return s.Kopeio == nil && s.Heptio == nil
+	return s.Kopeio == nil && s.Aws == nil
 }
 
 type KopeioAuthenticationSpec struct {
 }
 
-type HeptioAuthenticationSpec struct {
+type AwsAuthenticationSpec struct {
 }
 
 type AuthorizationSpec struct {

pkg/apis/kops/v1alpha1/zz_generated.conversion.go

@@ -230,17 +230,17 @@ type ExecContainerAction struct {
 
 type AuthenticationSpec struct {
 	Kopeio *KopeioAuthenticationSpec `json:"kopeio,omitempty"`
-	Heptio *HeptioAuthenticationSpec `json:"heptio,omitempty"`
+	Aws    *AwsAuthenticationSpec    `json:"aws,omitempty"`
 }
 
 func (s *AuthenticationSpec) IsEmpty() bool {
-	return s.Kopeio == nil && s.Heptio == nil
+	return s.Kopeio == nil && s.Aws == nil
 }
 
 type KopeioAuthenticationSpec struct {
 }
 
-type HeptioAuthenticationSpec struct {
+type AwsAuthenticationSpec struct {
 }
 
 type AuthorizationSpec struct {

pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go

@@ -264,15 +264,15 @@ func (b *PKIModelBuilder) Build(c *fi.ModelBuilderContext) error {
 	}
 
 	if b.Cluster.Spec.Authentication != nil {
-		if b.KopsModelContext.Cluster.Spec.Authentication.Heptio != nil {
+		if b.KopsModelContext.Cluster.Spec.Authentication.Aws != nil {
 			alternateNames := []string{
 				"localhost",
 				"127.0.0.1",
 			}
 
 			t := &fitasks.Keypair{
-				Name:           fi.String("heptio-authenticator-aws"),
-				Subject:        "cn=heptio-authenticator-aws",
+				Name:           fi.String("aws-iam-authenticator"),
+				Subject:        "cn=aws-iam-authenticator",
 				Type:           "server",
 				AlternateNames: alternateNames,
 				Signer:         defaultCA,

pkg/apis/kops/v1alpha2/cluster.go

@@ -3,9 +3,9 @@ apiVersion: extensions/v1beta1
 kind: DaemonSet
 metadata:
   namespace: kube-system
-  name: heptio-authenticator-aws
+  name: aws-iam-authenticator
   labels:
-    k8s-app: heptio-authenticator-aws
+    k8s-app: aws-iam-authenticator
 spec:
   updateStrategy:
     type: RollingUpdate
@@ -14,7 +14,7 @@ spec:
       annotations:
         scheduler.alpha.kubernetes.io/critical-pod: ""
       labels:
-        k8s-app: heptio-authenticator-aws
+        k8s-app: aws-iam-authenticator
     spec:
       # run on the host network (don't depend on CNI)
       hostNetwork: true
@@ -28,17 +28,17 @@ spec:
       - key: CriticalAddonsOnly
         operator: Exists
 
-      # run `heptio-authenticator-aws server` with three volumes
-      # - config (mounted from the ConfigMap at /etc/heptio-authenticator-aws/config.yaml)
+      # run `aws-iam-authenticator server` with three volumes
+      # - config (mounted from the ConfigMap at /etc/aws-iam-authenticator/config.yaml)
       # - state (persisted TLS certificate and keys, mounted from the host)
       # - output (output kubeconfig to plug into your apiserver configuration, mounted from the host)
       containers:
-      - name: heptio-authenticator-aws
+      - name: aws-iam-authenticator
         image: gcr.io/heptio-images/authenticator:v0.3.0
         args:
         - server
-        - --config=/etc/heptio-authenticator-aws/config.yaml
-        - --state-dir=/var/heptio-authenticator-aws
+        - --config=/etc/aws-iam-authenticator/config.yaml
+        - --state-dir=/var/aws-iam-authenticator
         - --kubeconfig-pregenerated=true
 
         resources:
@@ -51,19 +51,19 @@ spec:
 
         volumeMounts:
         - name: config
-          mountPath: /etc/heptio-authenticator-aws/
+          mountPath: /etc/aws-iam-authenticator/
         - name: state
-          mountPath: /var/heptio-authenticator-aws/
+          mountPath: /var/aws-iam-authenticator/
         - name: output
-          mountPath: /etc/kubernetes/heptio-authenticator-aws/
+          mountPath: /etc/kubernetes/aws-iam-authenticator/
 
       volumes:
       - name: config
         configMap:
-          name: heptio-authenticator-aws
+          name: aws-iam-authenticator
       - name: output
         hostPath:
-          path: /srv/kubernetes/heptio-authenticator-aws/
+          path: /srv/kubernetes/aws-iam-authenticator/
       - name: state
         hostPath:
-          path: /srv/kubernetes/heptio-authenticator-aws/
+          path: /srv/kubernetes/aws-iam-authenticator/

pkg/apis/kops/v1alpha2/zz_generated.conversion.go

@@ -759,8 +759,8 @@ func (b *BootstrapChannelBuilder) buildManifest() (*channelsapi.Addons, map[stri
 				manifests[key+"-"+id] = "addons/" + location
 			}
 		}
-		if b.cluster.Spec.Authentication.Heptio != nil {
-			key := "authentication.hept.io"
+		if b.cluster.Spec.Authentication.Aws != nil {
+			key := "authentication.aws"
 			version := "0.3.0"
 
 			{