@@ -45,7 +45,8 @@ TEMP_DIR=${USE_TEMP:-$(mktemp -d /tmp/openshift-cmd.XXXX)}

 ETCD_DATA_DIR="${TEMP_DIR}/etcd"

 VOLUME_DIR="${TEMP_DIR}/volumes"

 CERT_DIR="${TEMP_DIR}/certs"

-mkdir -p "${ETCD_DATA_DIR}" "${VOLUME_DIR}" "${CERT_DIR}"

+CONFIG_DIR="${TEMP_DIR}/configs"

+mkdir -p "${ETCD_DATA_DIR}" "${VOLUME_DIR}" "${CERT_DIR}" "${CONFIG_DIR}"

 # handle profiling defaults

 profile="${OPENSHIFT_PROFILE-}"

@@ -83,14 +84,6 @@ wait_for_url "http://${API_HOST}:${KUBELET_PORT}/healthz" "kubelet: " 0.25 80

 wait_for_url "${API_SCHEME}://${API_HOST}:${API_PORT}/healthz" "apiserver: " 0.25 80

 wait_for_url "${API_SCHEME}://${API_HOST}:${API_PORT}/api/v1beta1/minions/127.0.0.1" "apiserver(minions): " 0.25 80

-# Set KUBERNETES_MASTER for osc

-export KUBERNETES_MASTER="${API_SCHEME}://${API_HOST}:${API_PORT}"

-if [[ "${API_SCHEME}" == "https" ]]; then

-	# Make osc use ${CERT_DIR}/admin/.kubeconfig, and ignore anything in the running user's $HOME dir

-	export HOME="${CERT_DIR}/admin"

-	export KUBECONFIG="${CERT_DIR}/admin/.kubeconfig"

-fi

-

 # profile the cli commands

 export OPENSHIFT_PROFILE="${CLI_PROFILE-}"

@@ -98,6 +91,49 @@ export OPENSHIFT_PROFILE="${CLI_PROFILE-}"

 # Begin tests

 #

+# test client not configured

+[ "$(osc get services 2>&1 | grep 'no server found')" ]

+

+# Set KUBERNETES_MASTER for osc from now on

+export KUBERNETES_MASTER="${API_SCHEME}://${API_HOST}:${API_PORT}"

+

+# Set certificates for osc from now on

+if [[ "${API_SCHEME}" == "https" ]]; then

+    # test bad certificate

+    [ "$(osc get services 2>&1 | grep 'certificate signed by unknown authority')" ]

+

+    # ignore anything in the running user's $HOME dir

+    export HOME="${CERT_DIR}/admin"

+fi

+

+# test config files from the --config flag

+osc get services --config="${CERT_DIR}/admin/.kubeconfig"

+

+# test config files from env vars

+OPENSHIFTCONFIG="${CERT_DIR}/admin/.kubeconfig" osc get services

+KUBECONFIG="${CERT_DIR}/admin/.kubeconfig" osc get services

+

+# test config files in the current directory

+TEMP_PWD=`pwd` 

+pushd ${CONFIG_DIR} >/dev/null

+    cp ${CERT_DIR}/admin/.kubeconfig .openshiftconfig

+    ${TEMP_PWD}/${GO_OUT}/osc get services

+    mv .openshiftconfig .kubeconfig 

+    ${TEMP_PWD}/${GO_OUT}/osc get services

+popd 

+

+# test config files in the home directory

+mv ${CONFIG_DIR} ${HOME}/.kube

+osc get services

+mkdir -p ${HOME}/.config

+mv ${HOME}/.kube ${HOME}/.config/openshift

+mv ${HOME}/.config/openshift/.kubeconfig ${HOME}/.config/openshift/.config

+osc get services

+echo "config files: ok"

+export OPENSHIFTCONFIG="${HOME}/.config/openshift/.config"

+

+# from this point every command will use config from the OPENSHIFTCONFIG env var

+

 osc get templates

 osc create -f examples/sample-app/application-template-dockerbuild.json

 osc get templates

@@ -273,14 +309,14 @@ osc describe policybinding master -n recreated-project | grep anypassword:create

 echo "ex new-project: ok"

 [ ! "$(openshift ex router | grep 'does not exist')"]

-[ "$(openshift ex router -o yaml --credentials="${KUBECONFIG}" | grep 'openshift/origin-haproxy-')" ]

-openshift ex router --create --credentials="${KUBECONFIG}"

+[ "$(openshift ex router -o yaml --credentials="${OPENSHIFTCONFIG}" | grep 'openshift/origin-haproxy-')" ]

+openshift ex router --create --credentials="${OPENSHIFTCONFIG}"

 [ "$(openshift ex router | grep 'service exists')" ]

 echo "ex router: ok"

 [ ! "$(openshift ex registry | grep 'does not exist')"]

-[ "$(openshift ex registry -o yaml --credentials="${KUBECONFIG}" | grep 'openshift/origin-docker-registry')" ]

-openshift ex registry --create --credentials="${KUBECONFIG}"

+[ "$(openshift ex registry -o yaml --credentials="${OPENSHIFTCONFIG}" | grep 'openshift/origin-docker-registry')" ]

+openshift ex registry --create --credentials="${OPENSHIFTCONFIG}"

 [ "$(openshift ex registry | grep 'service exists')" ]

 echo "ex registry: ok"

@@ -56,11 +56,13 @@ func NewCommandCLI(name, fullName string) *cobra.Command {

 	}

 	f := clientcmd.New(cmds.PersistentFlags())

+	in := os.Stdin

 	out := os.Stdout

 	cmds.SetUsageTemplate(templates.CliUsageTemplate())

 	cmds.SetHelpTemplate(templates.CliHelpTemplate())

+	cmds.AddCommand(cmd.NewCmdLogin(f, in, out))

 	cmds.AddCommand(cmd.NewCmdNewApplication(fullName, f, out))

 	cmds.AddCommand(cmd.NewCmdStartBuild(fullName, f, out))

 	cmds.AddCommand(cmd.NewCmdCancelBuild(fullName, f, out))

@@ -76,6 +78,7 @@ func NewCommandCLI(name, fullName string) *cobra.Command {

 	cmds.AddCommand(cmd.NewCmdLog(fullName, f, out))

 	cmds.AddCommand(f.NewCmdProxy(out))

 	cmds.AddCommand(kubecmd.NewCmdNamespace(out))

+	cmds.AddCommand(cmd.NewCmdProject(f, out))

 	cmds.AddCommand(cmd.NewCmdOptions(f, out))

 	cmds.AddCommand(version.NewVersionCommand(fullName))

new file mode 100644

@@ -0,0 +1,56 @@

+package cmd

+

+import (

+	"fmt"

+	"io"

+

+	"github.com/spf13/cobra"

+

+	cmdutil "github.com/GoogleCloudPlatform/kubernetes/pkg/kubectl/cmd/util"

+	"github.com/openshift/origin/pkg/cmd/cli/config"

+	osclientcmd "github.com/openshift/origin/pkg/cmd/util/clientcmd"

+)

+

+const longDescription = `Logs in to the OpenShift server and save the session

+information to a config file that will be used by every subsequent command.

+

+First-time users of the OpenShift client must run this command to configure the server,

+establish a session against it and save it to a configuration file, usually in the

+user's home directory.

+

+The information required to login, like username and password or a session token, and 

+the server details, can be provided through flags. If not provided, the command will

+prompt for user input if needed.

+`

+

+func NewCmdLogin(f *osclientcmd.Factory, reader io.Reader, out io.Writer) *cobra.Command {

+	options := &LoginOptions{}

+

+	cmds := &cobra.Command{

+		Use:   "login [--username=<username>] [--password=<password>] [--server=<server>] [--context=<context>] [--certificate-authority=<path>]",

+		Short: "Logs in and save the configuration",

+		Long:  longDescription,

+		Run: func(cmd *cobra.Command, args []string) {

+			options.Reader = reader

+			options.ClientConfig = f.OpenShiftClientConfig

+

+			checkErr(options.GatherInfo())

+

+			forcePath := cmdutil.GetFlagString(cmd, config.OpenShiftConfigFlagName)

+			options.PathToSaveConfig = forcePath

+

+			newFileCreated, err := options.SaveConfig()

+			checkErr(err)

+

+			if newFileCreated {

+				fmt.Println("Welcome to OpenShift v3! Use 'osc --help' for a list of commands available.")

+			}

+		},

+	}

+

+	// TODO flags below should be DE-REGISTERED from the persistent flags and kept only here.

+	// Login is the only command that can negotiate a session token against the auth server.

+	cmds.Flags().StringVarP(&options.Username, "username", "u", "", "Username, will prompt if not provided")

+	cmds.Flags().StringVarP(&options.Password, "password", "p", "", "Password, will prompt if not provided")

+	return cmds

+}

new file mode 100644

@@ -0,0 +1,334 @@

+package cmd

+

+import (

+	"fmt"

+	"io"

+	"os"

+	"sort"

+	"strings"

+

+	kerrors "github.com/GoogleCloudPlatform/kubernetes/pkg/api/errors"

+	kclient "github.com/GoogleCloudPlatform/kubernetes/pkg/client"

+	kclientcmd "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd"

+	clientcmdapi "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd/api"

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/labels"

+

+	"github.com/openshift/origin/pkg/client"

+	"github.com/openshift/origin/pkg/cmd/cli/config"

+	"github.com/openshift/origin/pkg/cmd/util"

+	"github.com/openshift/origin/pkg/cmd/util/clientcmd"

+	"github.com/openshift/origin/pkg/cmd/util/tokencmd"

+	"github.com/openshift/origin/pkg/user/api"

+)

+

+const defaultClusterURL = "https://localhost:8443"

+

+// Helper for the login and setup process, gathers all information required for a

+// successful login and eventual update of config files.

+// Depending on the Reader present it can be interactive, asking for terminal input in

+// case of any missing information.

+// Notice that some methods mutate this object so it should not be reused. The Config

+// provided as a pointer will also mutate (handle new auth tokens, etc).

+type LoginOptions struct {

+	// flags and printing helpers

+	Username string

+	Password string

+	Project  string

+

+	// infra

+	ClientConfig kclientcmd.ClientConfig

+	Config       *kclient.Config

+	Reader       io.Reader

+

+	// flow controllers

+	gatherServerInfo  bool

+	gatherAuthInfo    bool

+	gatherProjectInfo bool

+

+	// Optional, if provided will only try to save in it

+	PathToSaveConfig string

+}

+

+// Gather all required information in a comprehensive order.

+func (o *LoginOptions) GatherInfo() error {

+	if err := o.GatherServerInfo(); err != nil {

+		return err

+	}

+	if err := o.GatherAuthInfo(); err != nil {

+		return err

+	}

+	if err := o.GatherProjectInfo(); err != nil {

+		return err

+	}

+	return nil

+}

+

+// Makes sure it has all the needed information about the server we are connecting to,

+// particularly the host address and certificate information. For every information not

+// present ask for interactive user input. Will also ping the server to make sure we can

+// connect to it, and if any problem is found (e.g. certificate issues), ask the user about

+// connecting insecurely.

+func (o *LoginOptions) GatherServerInfo() error {

+	// we need to have a server to talk to

+

+	if util.IsTerminal(o.Reader) {

+		for !o.serverProvided() {

+			defaultServer := defaultClusterURL

+			promptMsg := fmt.Sprintf("Please provide the server URL or just <enter> to use '%v': ", defaultServer)

+

+			server := util.PromptForStringWithDefault(o.Reader, defaultServer, promptMsg)

+			kclientcmd.DefaultCluster = clientcmdapi.Cluster{Server: server}

+		}

+	}

+

+	// we know the server we are expected to use

+

+	clientCfg, err := o.ClientConfig.ClientConfig()

+	if err != nil {

+		return err

+	}

+

+	// ping to check if server is reachable

+

+	osClient, err := client.New(clientCfg)

+	if err != nil {

+		return err

+	}

+

+	result := osClient.Get().AbsPath("/osapi").Do()

+	if result.Error() != nil {

+		// certificate issue, prompt user for insecure connection

+

+		if clientcmd.IsCertificateAuthorityUnknown(result.Error()) {

+			fmt.Println("The server uses a certificate signed by unknown authority. You can bypass the certificate check but it will make all connections insecure.")

+

+			clientCfg.Insecure = util.PromptForBool(os.Stdin, "Use insecure connections (strongly discouraged)? [y/N] ")

+			if !clientCfg.Insecure {

+				return fmt.Errorf(clientcmd.GetPrettyMessageFor(result.Error()))

+			}

+		}

+	}

+

+	// we have all info we need, now we can have a proper Config

+

+	o.Config = clientCfg

+

+	o.gatherServerInfo = true

+	return nil

+}

+

+// Negotiate a bearer token with the auth server, or try to reuse one based on the

+// information already present. In case of any missing information, ask for user input

+// (usually username and password, interactive depending on the Reader).

+func (o *LoginOptions) GatherAuthInfo() error {

+	if err := o.assertGatheredServerInfo(); err != nil {

+		return err

+	}

+

+	if me, err := o.Whoami(); err == nil && (!o.usernameProvided() || (o.usernameProvided() && o.Username == usernameFromUser(me))) {

+		o.Username = usernameFromUser(me)

+		fmt.Printf("Already logged into '%v' as '%v'.\n", o.Config.Host, o.Username)

+

+	} else {

+		// if not, we need to log in again

+

+		o.Config.BearerToken = ""

+		token, err := tokencmd.RequestToken(o.Config, o.Reader, o.Username, o.Password)

+		if err != nil {

+			return err

+		}

+		o.Config.BearerToken = token

+

+		me, err := o.Whoami()

+		if err != nil {

+			return err

+		}

+		o.Username = usernameFromUser(me)

+		fmt.Printf("Logged into '%v' as '%v'.\n", o.Config.Host, o.Username)

+	}

+

+	// TODO investigate about the safety and intent of the proposal below

+	// if trying to log in an user that's not the currently logged in, try to reuse an existing token

+

+	// if o.usernameProvided() {

+	// 	glog.V(5).Infof("Checking existing authentication info for '%v'...\n", o.Username)

+

+	// 	for _, ctx := range rawCfg.Contexts {

+	// 		authInfo := rawCfg.AuthInfos[ctx.AuthInfo]

+	// 		clusterInfo := rawCfg.Clusters[ctx.Cluster]

+

+	// 		if ctx.AuthInfo == o.Username && clusterInfo.Server == o.Server && len(authInfo.Token) > 0 { // only token for now

+	// 			glog.V(5).Infof("Authentication exists for '%v' on '%v', trying to use it...\n", o.Server, o.Username)

+

+	// 			o.Config.BearerToken = authInfo.Token

+

+	// 			if me, err := whoami(o.Config); err == nil && usernameFromUser(me) == o.Username {

+	// 				o.Username = usernameFromUser(me)

+	// 				return nil

+	// 			}

+

+	// 			glog.V(5).Infof("Token %v no longer valid for '%v', can't use it\n", authInfo.Token, o.Username)

+	// 		}

+	// 	}

+	// }

+

+	o.gatherAuthInfo = true

+	return nil

+}

+

+// Discover the projects available for the stabilished session and take one to use. It

+// fails in case of no existing projects, and print out useful information in case of

+// multiple projects.

+func (o *LoginOptions) GatherProjectInfo() error {

+	if err := o.assertGatheredAuthInfo(); err != nil {

+		return err

+	}

+

+	oClient, err := client.New(o.Config)

+	if err != nil {

+		return err

+	}

+

+	projects, err := oClient.Projects().List(labels.Everything(), labels.Everything())

+	if err != nil {

+		return err

+	}

+

+	projectsItems := projects.Items

+

+	switch len(projectsItems) {

+	case 0:

+		if me, err := o.Whoami(); err == nil {

+			// TODO most users will not be allowed to run the suggested commands below, so we should check it and/or

+			// have a server endpoint that allows an admin to describe to users how to request projects

+			return fmt.Errorf(`You don't have any project.

+To create a new project, run 'openshift ex new-project <projectname> --admin=%s'.

+To be added as an admin to an existing project, run 'openshift ex policy add-user admin %s -n <projectname>'.`, me.Name, me.Name)

+		}

+		return err

+

+	case 1:

+		o.Project = projectsItems[0].Name

+

+	default:

+		projects := []string{}

+

+		for _, project := range projectsItems {

+			projects = append(projects, project.Name)

+		}

+

+		namespace, err := o.ClientConfig.Namespace()

+		if err != nil {

+			return err

+		}

+

+		if current, err := oClient.Projects().Get(namespace); err != nil {

+			if kerrors.IsNotFound(err) || kerrors.IsForbidden(err) {

+				o.Project = projects[0]

+			} else {

+				return err

+			}

+		} else {

+			o.Project = current.Name

+		}

+

+		if n := len(projects); n > 10 {

+			projects = projects[:10]

+			fmt.Printf("You have %d projects, displaying only the first 10. To view all your projects run 'osc get projects'.\n", n)

+		}

+		var sortedProjects sort.StringSlice = projects

+		sortedProjects.Sort()

+		fmt.Printf("Your projects are: %v. You can switch between them at any time using 'osc project <project-name>'.\n", strings.Join(projects, ", "))

+	}

+

+	fmt.Printf("Using project '%v'.\n", o.Project)

+

+	o.gatherProjectInfo = true

+	return nil

+}

+

+// Save all the information present in this helper to a config file. An explicit config

+// file path can be provided, if not use the established conventions about config

+// loading rules. Will create a new config file if one can't be found at all. Will only

+// succeed if all required info is present.

+func (o *LoginOptions) SaveConfig() (created bool, err error) {

+	if len(o.Project) == 0 || len(o.Username) == 0 {

+		return false, fmt.Errorf("Insufficient data to merge configuration.")

+	}

+

+	var configStore *config.ConfigStore

+

+	if len(o.PathToSaveConfig) > 0 {

+		configStore, err = config.LoadFrom(o.PathToSaveConfig)

+		if err != nil {

+			return created, err

+		}

+	} else {

+		configStore, err = config.LoadWithLoadingRules()

+		if err != nil {

+			configStore, err = config.CreateEmpty()

+			if err != nil {

+				return created, err

+			}

+			created = true

+		}

+	}

+

+	rawCfg, err := o.ClientConfig.RawConfig()

+	if err != nil {

+		return created, err

+	}

+	return created, configStore.SaveToFile(o.Username, o.Project, o.Config, rawCfg)

+}

+

+func (o *LoginOptions) Whoami() (*api.User, error) {

+	oClient, err := client.New(o.Config)

+	if err != nil {

+		return nil, err

+	}

+

+	me, err := oClient.Users().Get("~")

+	if err != nil {

+		return nil, err

+	}

+

+	return me, nil

+}

+

+func (o *LoginOptions) assertGatheredServerInfo() error {

+	if !o.gatherServerInfo {

+		return fmt.Errorf("Must gather server info first.")

+	}

+	return nil

+}

+

+func (o *LoginOptions) assertGatheredAuthInfo() error {

+	if !o.gatherAuthInfo {

+		return fmt.Errorf("Must gather auth info first.")

+	}

+	return nil

+}

+

+func (o *LoginOptions) assertGatheredProjectInfo() error {

+	if !o.gatherProjectInfo {

+		return fmt.Errorf("Must gather project info first.")

+	}

+	return nil

+}

+

+func (o *LoginOptions) usernameProvided() bool {

+	return len(o.Username) > 0

+}

+

+func (o *LoginOptions) passwordProvided() bool {

+	return len(o.Password) > 0

+}

+

+func (o *LoginOptions) serverProvided() bool {

+	_, err := o.ClientConfig.ClientConfig()

+	return err == nil || !clientcmd.IsNoServerFound(err)

+}

+

+func usernameFromUser(user *api.User) string {

+	return strings.Split(user.Name, ":")[1]

+}

@@ -64,7 +64,12 @@ func NewCmdProject(f *clientcmd.Factory, out io.Writer) *cobra.Command {

 			}

 			pathFromFlag := cmdutil.GetFlagString(cmd, config.OpenShiftConfigFlagName)

-			configStore, err := config.Load(clientCfg, pathFromFlag)

+

+			configStore, err := config.LoadFrom(pathFromFlag)

+			if err != nil {

+				configStore, err = config.LoadWithLoadingRules()

+				checkErr(err)

+			}

 			checkErr(err)

 			config := configStore.Config

new file mode 100644

@@ -0,0 +1,54 @@

+package config

+

+import (

+	"os"

+	"path"

+

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd"

+)

+

+const (

+	OpenShiftConfigPathEnvVar      = "OPENSHIFTCONFIG"

+	OpenShiftConfigFlagName        = "config"

+	OpenShiftConfigFileName        = ".openshiftconfig"

+	OpenShiftConfigHomeDir         = ".config/openshift"

+	OpenShiftConfigHomeFileName    = ".config"

+	OpenShiftConfigHomeDirFileName = OpenShiftConfigHomeDir + "/" + OpenShiftConfigHomeFileName

+

+	KubeConfigPathEnvVar = clientcmd.RecommendedConfigPathEnvVar

+	KubeConfigFileName   = ".kubeconfig"

+	KubeConfigHomeDir    = ".kube"

+)

+

+// Set up the rules and priorities for loading config files.

+func NewOpenShiftClientConfigLoadingRules() *clientcmd.ClientConfigLoadingRules {

+	return clientcmd.NewClientConfigLoadingRules(FullClientConfigFilePriority())

+}

+

+// File priority loading rules for OpenShift.

+// 1. OPENSHIFTCONFIG env var

+// 2. .openshiftconfig file in current directory

+// 3. ~/.config/openshift/.config file

+func OpenShiftClientConfigFilePriority() []string {

+	return []string{

+		os.Getenv(OpenShiftConfigPathEnvVar),

+		OpenShiftConfigFileName,

+		path.Join(os.Getenv("HOME"), OpenShiftConfigHomeDirFileName),

+	}

+}

+

+// File priority loading rules for Kube.

+// 1. KUBECONFIG env var

+// 2. .kubeconfig file in current directory

+// 3. ~/.kube/.kubeconfig file

+func KubeClientConfigFilePriority() []string {

+	return []string{

+		os.Getenv(KubeConfigPathEnvVar),

+		KubeConfigFileName,

+		path.Join(os.Getenv("HOME"), KubeConfigHomeDir, KubeConfigFileName),

+	}

+}

+

+func FullClientConfigFilePriority() []string {

+	return append(OpenShiftClientConfigFilePriority(), KubeClientConfigFilePriority()...)

+}

new file mode 100644

@@ -0,0 +1,157 @@

+package config

+

+import (

+	"fmt"

+	"reflect"

+

+	clientcmdapi "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd/api"

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/util"

+)

+

+// MergeConfig takes a haystack to look for existing stanzas in (probably the merged config), a config object to modify (probably

+// either the local or envvar config), and the new additions to merge in.  It tries to find equivalents for the addition inside of the

+// haystack and uses the mapping to avoid creating additional stanzas with duplicate information.  It either locates or original

+// stanzas or creates new ones for clusters and users.  Then it uses the mapped names to build the correct contexts

+func MergeConfig(haystack, toModify, addition clientcmdapi.Config) (*clientcmdapi.Config, error) {

+	ret := toModify

+

+	requestedClusterNamesToActualClusterNames := map[string]string{}

+	existingClusterNames, err := getMapKeys(reflect.ValueOf(haystack.Clusters))

+	if err != nil {

+		return nil, err

+	}

+	for requestedKey, needle := range addition.Clusters {

+		if existingName := FindExistingClusterName(haystack, needle); len(existingName) > 0 {

+			requestedClusterNamesToActualClusterNames[requestedKey] = existingName

+			continue

+		}

+

+		uniqueName := getUniqueName(requestedKey, existingClusterNames)

+		requestedClusterNamesToActualClusterNames[requestedKey] = uniqueName

+		ret.Clusters[uniqueName] = needle

+	}

+

+	requestedAuthInfoNamesToActualAuthInfoNames := map[string]string{}

+	existingAuthInfoNames, err := getMapKeys(reflect.ValueOf(haystack.AuthInfos))

+	if err != nil {

+		return nil, err

+	}

+	for requestedKey, needle := range addition.AuthInfos {

+		if existingName := FindExistingAuthInfoName(haystack, needle); len(existingName) > 0 {

+			requestedAuthInfoNamesToActualAuthInfoNames[requestedKey] = existingName

+			continue

+		}

+

+		uniqueName := getUniqueName(requestedKey, existingAuthInfoNames)

+		requestedAuthInfoNamesToActualAuthInfoNames[requestedKey] = uniqueName

+		ret.AuthInfos[uniqueName] = needle

+	}

+

+	requestedContextNamesToActualContextNames := map[string]string{}

+	existingContextNames, err := getMapKeys(reflect.ValueOf(haystack.Contexts))

+	if err != nil {

+		return nil, err

+	}

+	for requestedKey, needle := range addition.Contexts {

+		exists := false

+

+		actualContext := clientcmdapi.NewContext()

+		actualContext.AuthInfo, exists = requestedAuthInfoNamesToActualAuthInfoNames[needle.AuthInfo]

+		if !exists {

+			actualContext.AuthInfo = needle.AuthInfo

+		}

+		actualContext.Cluster, exists = requestedClusterNamesToActualClusterNames[needle.Cluster]

+		if !exists {

+			actualContext.Cluster = needle.Cluster

+		}

+		actualContext.Namespace = needle.Namespace

+		actualContext.Extensions = needle.Extensions

+

+		if existingName := FindExistingContextName(haystack, *actualContext); len(existingName) > 0 {

+			// if this already exists, just move to the next, our job is done

+			requestedContextNamesToActualContextNames[requestedKey] = existingName

+			continue

+		}

+

+		uniqueName := getUniqueName(actualContext.Cluster+"-"+actualContext.AuthInfo, existingContextNames)

+		requestedContextNamesToActualContextNames[requestedKey] = uniqueName

+		ret.Contexts[uniqueName] = *actualContext

+	}

+

+	if len(addition.CurrentContext) > 0 {

+		if newCurrentContext, exists := requestedContextNamesToActualContextNames[addition.CurrentContext]; exists {

+			ret.CurrentContext = newCurrentContext

+		} else {

+			ret.CurrentContext = addition.CurrentContext

+		}

+	}

+

+	return &ret, nil

+}

+

+// FindExistingClusterName finds the nickname for the passed cluster config

+func FindExistingClusterName(haystack clientcmdapi.Config, needle clientcmdapi.Cluster) string {

+	for key, cluster := range haystack.Clusters {

+		if reflect.DeepEqual(cluster, needle) {

+			return key

+		}

+	}

+

+	return ""

+}

+

+// FindExistingAuthInfoName finds the nickname for the passed auth info

+func FindExistingAuthInfoName(haystack clientcmdapi.Config, needle clientcmdapi.AuthInfo) string {

+	for key, authInfo := range haystack.AuthInfos {

+		if reflect.DeepEqual(authInfo, needle) {

+			return key

+		}

+	}

+

+	return ""

+}

+

+// FindExistingContextName finds the nickname for the passed context

+func FindExistingContextName(haystack clientcmdapi.Config, needle clientcmdapi.Context) string {

+	for key, context := range haystack.Contexts {

+		if reflect.DeepEqual(context, needle) {

+			return key

+		}

+	}

+

+	return ""

+}

+

+func getMapKeys(theMap reflect.Value) (*util.StringSet, error) {

+	if theMap.Kind() != reflect.Map {

+		return nil, fmt.Errorf("theMap must be of type %v, not %v", reflect.Map, theMap.Kind())

+	}

+

+	ret := &util.StringSet{}

+

+	switch theMap.Kind() {

+	case reflect.Map:

+		for _, keyValue := range theMap.MapKeys() {

+			ret.Insert(keyValue.String())

+		}

+

+	}

+

+	return ret, nil

+

+}

+

+func getUniqueName(basename string, existingNames *util.StringSet) string {

+	if !existingNames.Has(basename) {

+		return basename

+	}

+

+	for i := 0; i < 100; i++ {

+		trialName := fmt.Sprintf("%v-%d", basename, i)

+		if !existingNames.Has(trialName) {

+			return trialName

+		}

+	}

+

+	return string(util.NewUUID())

+}

new file mode 100644

@@ -0,0 +1,159 @@

+package config

+

+import (

+	"fmt"

+	"io/ioutil"

+	"os"

+

+	"github.com/golang/glog"

+

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/client"

+	"github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd"

+	clientcmdapi "github.com/GoogleCloudPlatform/kubernetes/pkg/client/clientcmd/api"

+

+	"github.com/openshift/origin/pkg/cmd/flagtypes"

+)

+

+const (

+	fromKube      = "fromkube"

+	fromOpenShift = "fromopenshift"

+)

+

+// A ConfigStore is the representation of a config from one individual config file. Can be used

+// to persist configs by being explicit about the file to save.

+type ConfigStore struct {

+	Config         *clientcmdapi.Config

+	Path           string

+	providerEngine string

+}

+

+func (c *ConfigStore) FromOpenShift() bool {

+	return c.providerEngine == fromOpenShift

+}

+

+func (c *ConfigStore) FromKube() bool {

+	return c.providerEngine == fromKube

+}

+

+// Load a ConfigStore from the explicit path to a config file provided as argument

+// Error if not found.

+func LoadFrom(path string) (*ConfigStore, error) {

+	data, err := ioutil.ReadFile(path)

+	if err == nil {

+		config, err := clientcmd.Load(data)

+		if err != nil {

+			return nil, err

+		}

+		return &ConfigStore{config, path, fromOpenShift}, nil

+	}

+

+	return nil, fmt.Errorf("Unable to load config file from '%v': %v", path, err.Error())

+}

+

+// Load a ConfigStore using the priority conventions declared by the ClientConfigLoadingRules.

+// Error if none can be found.

+func LoadWithLoadingRules() (store *ConfigStore, err error) {

+	loadingRules := map[string][]string{

+		fromOpenShift: OpenShiftClientConfigFilePriority(),

+		fromKube:      KubeClientConfigFilePriority(),

+	}

+

+	for source, priorities := range loadingRules {

+		for _, path := range priorities {

+			data, err := ioutil.ReadFile(path)

+			if err != nil && !os.IsNotExist(err) {

+				return nil, fmt.Errorf("Unable to load config file from %v: %v", path, err.Error())

+			}

+			if err == nil {

+				config, err := clientcmd.Load(data)

+				if err != nil {

+					return store, err

+				}

+				return &ConfigStore{config, path, source}, nil

+			}

+		}

+	}

+

+	return nil, fmt.Errorf("Unable to load a config file from any of the expected locations.")

+}

+

+// Create a new file to store configs and returns the ConfigStore that represents it.

+func CreateEmpty() (*ConfigStore, error) {

+	configPathToCreateIfNotFound := fmt.Sprintf("%v/%v", os.Getenv("HOME"), OpenShiftConfigHomeDirFileName)

+

+	glog.V(3).Infof("A new config will be created at: %v ", configPathToCreateIfNotFound)

+

+	newConfig := clientcmdapi.NewConfig()

+

+	if err := os.MkdirAll(fmt.Sprintf("%v/%v", os.Getenv("HOME"), OpenShiftConfigHomeDir), 0755); err != nil {

+		return nil, fmt.Errorf("Tried to create a new config file but failed while creating directory %v: %v", OpenShiftConfigHomeDirFileName, err)

+	}

+	glog.V(5).Infof("Created directory %v", "~/"+OpenShiftConfigHomeDir)

+

+	if err := clientcmd.WriteToFile(*newConfig, configPathToCreateIfNotFound); err != nil {

+		return nil, fmt.Errorf("Tried to create a new config file but failed with: %v", err)

+	}

+	glog.V(5).Infof("Created file %v", configPathToCreateIfNotFound)

+

+	data, err := ioutil.ReadFile(configPathToCreateIfNotFound)

+	if err != nil {

+		return nil, err

+	}

+

+	config, err := clientcmd.Load(data)

+	if err != nil {

+		return nil, err

+	}

+

+	return &ConfigStore{config, configPathToCreateIfNotFound, fromOpenShift}, nil

+}

+

+// Save the provided config attributes to this ConfigStore.

+func (c *ConfigStore) SaveToFile(credentialsName string, namespace string, clientCfg *client.Config, rawCfg clientcmdapi.Config) error {

+	glog.V(4).Infof("Trying to merge and update %v config to '%v'...", c.providerEngine, c.Path)

+

+	config := clientcmdapi.NewConfig()

+

+	credentials := clientcmdapi.NewAuthInfo()

+	credentials.Token = clientCfg.BearerToken

+	credentials.ClientCertificate = clientCfg.TLSClientConfig.CertFile

+	credentials.ClientCertificateData = clientCfg.TLSClientConfig.CertData

+	credentials.ClientKey = clientCfg.TLSClientConfig.KeyFile

+	credentials.ClientKeyData = clientCfg.TLSClientConfig.KeyData

+	if len(credentialsName) == 0 {

+		credentialsName = "osc-login"

+	}

+	config.AuthInfos[credentialsName] = *credentials

+