feat: Kubernetes port-forward tunnel support#246
Merged
Conversation
Add K8s fields to ConnectionParams (k8s_enabled, k8s_connection_id, k8s_context, k8s_namespace, k8s_resource_type, k8s_resource_name, k8s_port) and create K8sConnection, K8sConnectionInput, K8sTestParams structs. Update ExportPayload with k8s_connections. Simplify existing test ConnectionParams literals with ..Default::default() spread.
New k8s_tunnel.rs with K8sTunnel struct, global tunnel map for reuse, lifecycle management (spawn, health-check, stop), discovery functions (get_k8s_contexts, get_k8s_namespaces, get_k8s_resources), test helper, and 12 unit tests covering tunnel key generation and output parsing.
Add K8s CRUD commands (get/save/update/delete_k8s_connection), discovery commands (get_k8s_contexts/namespaces/resources_cmd), test command, and expand_k8s_connection_params. Wire K8s into resolve_connection_params and test_connection with SSH mutual exclusion. Include K8s connections in export/import. Add 6 unit tests for K8s param validation.
New k8s.ts with K8sConnection interface, CRUD functions (load/save/ update/delete), discovery wrappers (contexts/namespaces/resources), testK8sConnection, formatK8sConnectionString, and validateK8sConnection. Add K8s fields to ConnectionParams type in connections.ts.
Add Kubernetes tab to NewConnectionModal with enable toggle, mode selector (saved/inline), cascading dropdowns for context→namespace→ resource type→resource name populated via kubectl discovery, container port input, and SSH/K8s mutual exclusion. Add K8sConnectionsModal for managing saved K8s connections with add/edit/delete/test.
Display blue K8s shield badge on ConnectionCard, ConnectionListItem, and OpenConnectionItem when k8s_enabled is true. Add k8sEnabled field to ConnectionStatus in connectionManager.
Add 24 tests covering validateK8sConnection (required fields, resource type, port), formatK8sConnectionString, testK8sConnection, discovery functions (contexts, namespaces, resources), and CRUD operations. Update connectionManager test to include k8sEnabled field.
![kilo-code-bot[bot]](https://avatars.githubusercontent.com/in/2193792?s=60&v=4){kind=small}
| } | ||
|
|
||
| /// Resolve K8s tunnel params synchronously (no saved-connection lookup; uses inline fields only). | ||
| fn resolve_k8s_params(params: &ConnectionParams) -> Result<ConnectionParams, String> { |
There was a problem hiding this comment.
CRITICAL: resolve_k8s_params only reads inline K8s fields and ignores k8s_connection_id
Since expand_k8s_connection_params (which resolves saved connection IDs) is only called in test_connection, all other database commands will fail with "Missing K8s context" when a saved K8s connection is used. Either resolve_k8s_params must also look up saved connections, or all database commands need to call expand_k8s_connection_params before resolve_connection_params_with_id, just like they already do for SSH.
| ); | ||
|
|
||
| let mut expanded_params = expand_ssh_connection_params(&app, &request.params).await?; | ||
| expanded_params = expand_k8s_connection_params(&app, &expanded_params).await?; |
There was a problem hiding this comment.
CRITICAL: expand_k8s_connection_params is only called in test_connection
Every other database command (get_schemas, get_tables, list_databases, query, etc.) already calls expand_ssh_connection_params but does NOT call expand_k8s_connection_params. This means connections using a saved K8s connection ID will work during the connection test but fail for all actual database operations.
Code Review SummaryStatus: 1 Issue Found | Recommendation: Address before merge Overview
Issue Details (click to expand)CRITICAL
RESOLVED
Files Reviewed (8 files)
Fix these issues in Kilo Cloud Reviewed by kimi-k2.6-20260420 · 1,203,671 tokens |
Add expand_k8s_connection_params call alongside every expand_ssh_connection_params call site (~34 locations). Without this, saved K8s connections (using k8s_connection_id) would fail with "Missing K8s context" for all operations except test_connection. Mirrors the existing SSH pattern exactly: async expand resolves saved connection ID into inline fields, then sync resolve creates the tunnel.
When editing a connection with inline K8s fields, the mode defaulted to "existing" because setK8sMode was never called — mirroring the existing setSshMode logic on the same path.
Add useEffect hooks that watch k8s_context, k8s_namespace, and k8s_resource_type to trigger cascading loads of namespaces and resources. Previously these only loaded inside onChange handlers, so editing a saved inline K8s connection showed empty dropdowns until the user manually re-selected the context. Remove the inline load calls from onChange handlers since the useEffects are now the single source of truth for cascading loads.
Collaborator
|
Hi @metalgrid |
Contributor
|
@debba i will review |
Contributor
|
but will review it tomorrow! (CET) |
Contributor
|
@metalgrid awesome contribution! @debba or @metalgrid could u polish the ui a bit? so it is alligned to the rest of the connection modal? |
Replace hardcoded strings with i18n keys across locales
Resolve conflicts in NewConnectionModal (combine k8s and appearance tabs) and mcp/mod.rs (drop duplicate schema resolution now handled by resolve_db_params, which already expands SSH and K8s params).
Collaborator
|
Hey @metalgrid, thanks for this work. I pushed a few things on top of your branch:
Everything builds locally (tsc + cargo check) and the branch is clean against main now. If you're happy with these changes I'll go ahead and merge. |
Contributor
Author
|
@debba , you beat me to it! :) Looks good to me, so if everyone is happy, feel free to merge this. |
Collaborator
|
@metalgrid That's great, thanks for this feature, feel free to open new PRs . |
debba
added a commit
that referenced
this pull request
May 29, 2026
The K8s tunnel feature (#246) added k8s_* fields to ConnectionParams in connections.ts but not to the inline params type on the SavedConnection interface, breaking tsc -b where conn.params.k8s_enabled is accessed in ConnectionCard, ConnectionListItem and connectionManager.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds built-in Kubernetes port-forward support as a first-class transport option (alongside SSH tunnels). Users can
connect to any database running inside a Kubernetes cluster by configuring a kubectl context, namespace, resource
(service/pod), and container port.
How it works
kubectl port-forwardas a managed child process, binding a local port that the database driver connects totransparently
~/.kube/configk8s_connections.json(same pattern as SSH)New files
src-tauri/src/k8s_tunnel.rssrc/utils/k8s.tssrc/components/modals/K8sConnectionsModal.tsxtests/utils/k8s.test.tsModified files
src-tauri/src/models.rs— K8s fields onConnectionParams, new structssrc-tauri/src/commands.rs— K8s commands, tunnel expansion, export/import, 6 testssrc-tauri/src/lib.rs— Module + command registrationsrc/components/modals/NewConnectionModal.tsx— Kubernetes tab with cascading dropdownssrc/components/connections/+sidebar/— Blue K8s badge on connectionssrc/utils/connectionManager.ts/connections.ts— K8s fields in types..Default::default()spreadTest coverage
Requirements
kubectlinstalled and in$PATH~/.kube/configor$KUBECONFIG)