Add support for SKE new credentials rotation flow (#186)

* SKE Credentials Rotation: start-rotation command (#179)

* initial start rotation command implementation

* update go mod, rename files, generate docs

* start-rotation update long description

* Improve start-rotation documentation

* SKE Credentials Rotation: complete-rotation command  (#181)

* initial complete rotation command

* complete rotation command: improve documentation

* improve documentation

* SKE Credentials Rotation: kubeconfig create command (#184)

* initial kubeconfig create command

* finish create command implementation, add testing

* fix linting, generate docs

* address PR comments

* extract funcs to utils, add testing

* improve function documentation

* fix linting

* address PR comments, minor improvements

* make utils testing work on all OSes

* SKE Credentials Rotation: fixes and improvements (#188)

* improve docs

* Improve documentation, address acceptance comments

* fix testing, finish renaming filepath flag

* SKE Credentials Rotation: deprecate old commands (#191)

* deprecate describe and rotate commands

* improve deprecation messages, add docs

* SKE Credentials Rotation: deprecate old commands improvements (#192)

* remove example cluster name from deprecation message

* address comments

Author: DiogoFerrao

docs/stackit_ske.md

@@ -33,5 +33,6 @@ stackit ske [flags]
 * [stackit ske describe](./stackit_ske_describe.md)	 - Shows overall details regarding SKE
 * [stackit ske disable](./stackit_ske_disable.md)	 - Disables SKE for a project
 * [stackit ske enable](./stackit_ske_enable.md)	 - Enables SKE for a project
+* [stackit ske kubeconfig](./stackit_ske_kubeconfig.md)	 - Provides functionality for SKE kubeconfig
 * [stackit ske options](./stackit_ske_options.md)	 - Lists SKE provider options
 

docs/stackit_ske_credentials.md

@@ -28,6 +28,6 @@ stackit ske credentials [flags]
 ### SEE ALSO
 
 * [stackit ske](./stackit_ske.md)	 - Provides functionality for SKE
-* [stackit ske credentials describe](./stackit_ske_credentials_describe.md)	 - Shows details of the credentials associated to a SKE cluster
-* [stackit ske credentials rotate](./stackit_ske_credentials_rotate.md)	 - Rotates credentials associated to a SKE cluster
+* [stackit ske credentials complete-rotation](./stackit_ske_credentials_complete-rotation.md)	 - Completes the rotation of the credentials associated to a SKE cluster
+* [stackit ske credentials start-rotation](./stackit_ske_credentials_start-rotation.md)	 - Starts the rotation of the credentials associated to a SKE cluster
 

docs/stackit_ske_credentials_complete-rotation.md

@@ -0,0 +1,53 @@
+## stackit ske credentials complete-rotation
+
+Completes the rotation of the credentials associated to a SKE cluster
+
+### Synopsis
+
+Completes the rotation of the credentials associated to a STACKIT Kubernetes Engine (SKE) cluster.
+
+This is step 2 of a 2-step process to rotate all SKE cluster credentials. Tasks accomplished in this phase include:
+  - The old certification authority will be dropped from the package.
+  - The old signing key for the service account will be dropped from the bundle.
+To ensure continued access to the Kubernetes cluster, please update your kubeconfig with the new credentials:
+  $ stackit ske kubeconfig create my-cluster
+
+If you haven't, please start the process by running:
+  $ stackit ske credentials start-rotation my-cluster
+For more information, visit: https://docs.stackit.cloud/stackit/en/how-to-rotate-ske-credentials-200016334.html
+
+```
+stackit ske credentials complete-rotation CLUSTER_NAME [flags]
+```
+
+### Examples
+
+```
+  Complete the rotation of the credentials associated to the SKE cluster with name "my-cluster"
+  $ stackit ske credentials complete-rotation my-cluster
+
+  Flow of the 2-step process to rotate all SKE cluster credentials, including generating a new kubeconfig file
+  $ stackit ske credentials start-rotation my-cluster
+  $ stackit ske kubeconfig create my-cluster
+  $ stackit ske credentials complete-rotation my-cluster
+```
+
+### Options
+
+```
+  -h, --help   Help for "stackit ske credentials complete-rotation"
+```
+
+### Options inherited from parent commands
+
+```
+  -y, --assume-yes             If set, skips all confirmation prompts
+      --async                  If set, runs the command asynchronously
+  -o, --output-format string   Output format, one of ["json" "pretty"]
+  -p, --project-id string      Project ID
+```
+
+### SEE ALSO
+
+* [stackit ske credentials](./stackit_ske_credentials.md)	 - Provides functionality for SKE credentials
+

docs/stackit_ske_credentials_describe.md

@@ -0,0 +1,57 @@
+## stackit ske credentials start-rotation
+
+Starts the rotation of the credentials associated to a SKE cluster
+
+### Synopsis
+
+Starts the rotation of the credentials associated to a STACKIT Kubernetes Engine (SKE) cluster.
+
+This is step 1 of a 2-step process to rotate all SKE cluster credentials. Tasks accomplished in this phase include:
+  - Rolling recreation of all worker nodes
+  - A new Certificate Authority (CA) will be established and incorporated into the existing CA bundle.
+  - A new etcd encryption key is generated and added to the Certificate Authority (CA) bundle.
+  - A new signing key will be generated for the service account and added to the Certificate Authority (CA) bundle.
+  - The kube-apiserver will rewrite all secrets in the cluster, encrypting them with the new encryption key.
+The old CA, encryption key and signing key will be retained until the rotation is completed.
+
+After completing the rotation of credentials, you can generate a new kubeconfig file by running:
+  $ stackit ske kubeconfig create my-cluster
+Complete the rotation by running:
+  $ stackit ske credentials complete-rotation my-cluster
+For more information, visit: https://docs.stackit.cloud/stackit/en/how-to-rotate-ske-credentials-200016334.html
+
+```
+stackit ske credentials start-rotation CLUSTER_NAME [flags]
+```
+
+### Examples
+
+```
+  Start the rotation of the credentials associated to the SKE cluster with name "my-cluster"
+  $ stackit ske credentials start-rotation my-cluster
+
+  Flow of the 2-step process to rotate all SKE cluster credentials, including generating a new kubeconfig file
+  $ stackit ske credentials start-rotation my-cluster
+  $ stackit ske kubeconfig create my-cluster
+  $ stackit ske credentials complete-rotation my-cluster
+```
+
+### Options
+
+```
+  -h, --help   Help for "stackit ske credentials start-rotation"
+```
+
+### Options inherited from parent commands
+
+```
+  -y, --assume-yes             If set, skips all confirmation prompts
+      --async                  If set, runs the command asynchronously
+  -o, --output-format string   Output format, one of ["json" "pretty"]
+  -p, --project-id string      Project ID
+```
+
+### SEE ALSO
+
+* [stackit ske credentials](./stackit_ske_credentials.md)	 - Provides functionality for SKE credentials
+

docs/stackit_ske_credentials_rotate.md

@@ -0,0 +1,32 @@
+## stackit ske kubeconfig
+
+Provides functionality for SKE kubeconfig
+
+### Synopsis
+
+Provides functionality for STACKIT Kubernetes Engine (SKE) kubeconfig.
+
+```
+stackit ske kubeconfig [flags]
+```
+
+### Options
+
+```
+  -h, --help   Help for "stackit ske kubeconfig"
+```
+
+### Options inherited from parent commands
+
+```
+  -y, --assume-yes             If set, skips all confirmation prompts
+      --async                  If set, runs the command asynchronously
+  -o, --output-format string   Output format, one of ["json" "pretty"]
+  -p, --project-id string      Project ID
+```
+
+### SEE ALSO
+
+* [stackit ske](./stackit_ske.md)	 - Provides functionality for SKE
+* [stackit ske kubeconfig create](./stackit_ske_kubeconfig_create.md)	 - Creates a kubeconfig for an SKE cluster
+

docs/stackit_ske_credentials_start-rotation.md

@@ -0,0 +1,54 @@
+## stackit ske kubeconfig create
+
+Creates a kubeconfig for an SKE cluster
+
+### Synopsis
+
+Creates a kubeconfig for a STACKIT Kubernetes Engine (SKE) cluster.
+
+By default the kubeconfig is created in the .kube folder, in the user's home directory. The kubeconfig file will be overwritten if it already exists.
+You can override this behavior by specifying a custom filepath with the --filepath flag.
+An expiration time can be set for the kubeconfig. The expiration time is set in seconds(s), minutes(m), hours(h), days(d) or months(M). Default is 1h.
+Note that the format is <value><unit>, e.g. 30d for 30 days and you can't combine units.
+
+```
+stackit ske kubeconfig create CLUSTER_NAME [flags]
+```
+
+### Examples
+
+```
+  Create a kubeconfig for the SKE cluster with name "my-cluster"
+  $ stackit ske kubeconfig create my-cluster
+
+  Create a kubeconfig for the SKE cluster with name "my-cluster" and set the expiration time to 30 days
+  $ stackit ske kubeconfig create my-cluster --expiration 30d
+
+  Create a kubeconfig for the SKE cluster with name "my-cluster" and set the expiration time to 2 months
+  $ stackit ske kubeconfig create my-cluster --expiration 2M
+
+  Create a kubeconfig for the SKE cluster with name "my-cluster" in a custom filepath
+  $ stackit ske kubeconfig create my-cluster --filepath /path/to/config
+```
+
+### Options
+
+```
+  -e, --expiration string   Expiration time for the kubeconfig in seconds(s), minutes(m), hours(h), days(d) or months(M). Example: 30d. By default, expiration time is 1h
+      --filepath string     Path to create the kubeconfig file. By default, the kubeconfig is created as 'config' in the .kube folder, in the user's home directory.
+  -h, --help                Help for "stackit ske kubeconfig create"
+```
+
+### Options inherited from parent commands
+
+```
+  -y, --assume-yes             If set, skips all confirmation prompts
+      --async                  If set, runs the command asynchronously
+  -o, --output-format string   Output format, one of ["json" "pretty"]
+  -p, --project-id string      Project ID
+```
+
+### SEE ALSO
+
+* [stackit ske kubeconfig](./stackit_ske_kubeconfig.md)	 - Provides functionality for SKE kubeconfig
+