feat: add support for updating the authentication information #82
Conversation
| } | ||
| a.mu.Lock() | ||
| defer a.mu.Unlock() | ||
| // check again if there is now a token |
There was a problem hiding this comment.
I'm not following the reason for this check-lock-check-again behavior? Is this intended or leftover from some refactor?
There was a problem hiding this comment.
It's intended. If two callers to fetchToken come in at the same time, the first would get the lock, create the token, and release the lock, the second would then get the lock, create a new token, and release the lock. This prevents the second caller from recreating the token when the first caller already succeeded.
In the current configuration this could be replaced by a sync.Once to prevent this, but tokens don't last forever and I'm unsure when a new one will need to be fetched. So the token itself isn't immutable.
| restartedAtValue := restartedAt.Format(time.RFC3339) | ||
|
|
||
| // similar to how kubectl rollout restart works, patch in a restartedAt annotation. | ||
| rawPatch := map[string]any{ |
internal/cmd/local/k8s/client.go
Outdated
| } | ||
|
|
||
| // check every 10 seconds for up to 5 minutes to see if the pods have been restarted successfully | ||
| err = wait.PollUntilContextTimeout(ctx, 5*time.Second, block, true, deploymentPods) |
There was a problem hiding this comment.
Comment does not match the invocation (interval is 5 not 10). Also (nit): there may be a clearer than for this arg than block
| if err != nil { | ||
| return err | ||
| } | ||
|
|
||
| pterm.Success.Println(fmt.Sprintf("Getting your credentials: %s", secret.Name)) | ||
| pterm.Info.Println(fmt.Sprintf("{\n \"password\": \"%s\",\n \"client-id\": \"%s\",\n \"client-secret\": \"%s\"\n}", secret.Data["instance-admin-password"], secret.Data["instance-admin-client-id"], secret.Data["instance-admin-client-secret"])) | ||
| clientId := string(secret.Data[secretClientID]) |
There was a problem hiding this comment.
NIT (iirc): I believe secret has a .StringData property that would mean you don't need the cast.
There was a problem hiding this comment.
From the docs
// stringData allows specifying non-binary secret data in string form.
// It is provided as a write-only input field for convenience.
// All keys and values are merged into the data field on write, overwriting any existing values.
// The stringData field is never output when reading from the API.
I don't think it is actually returned from the get/read call.
There was a problem hiding this comment.
Ah, makes sense I think the context where I used it was in some tests so I may have actually written to it myself
emailtoabctl local credentialsresponseabctl local credentials --passwordto allow changing the default, auto-generated passwordabctl local credentials --emailto allow for changing the email address for authenticationk8s.Clientto be unit-testablek8s.Clientlocal credentialstelemetry data to no longer be tracked as an install