Enable to switch context in kubeconfig

[shu-mutou]

When user is logging in with kubeconfig that have multiple contexts, add buttons for the contexts into user menu and enable to switch contexts.

This solution assumes that dashboard-metrics-scraper is deployed on each cluster.
To get metrics from dashboard-metrics-scraper in each cluster, add sidecarHost: [endpoint URL for scraper] into cluster in kubeconfig like follow:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: xxxxxxxxxxxxx
    server: http://192.168.100.13:8001
    sidecar-host: http://192.168.100.13:30080
  name: minikube
- cluster:
    certificate-authority-data: xxxxxxxxxxxxx
    server: http://192.168.100.14:8001
    sidecar-host: http://192.168.100.14:30080
  name: minikube2
contexts:
- context:
    cluster: minikube2
    user: minikube2-admin
  name: minikube2-admin@minikube2
- context:
    cluster: minikube
    user: minikube-admin
  name: minikube-admin@minikube
current-context: minikube-admin@minikube
kind: Config
preferences: {}
users:
- name: minikube-admin
  user:
    client-certificate-data: xxxxxxxxxxxxx
    client-key-data: xxxxxxxxxxxxx
    token: xxxxxxxxxxxxx
- name: minikube2-admin
  user:
    client-certificate-data: xxxxxxxxxxxxx
    client-key-data: xxxxxxxxxxxxx
    token: xxxxxxxxxxxxx

Endpoints for server and sidecarHost would be passed as cookies and clients for them would be created dynamically in server side.

As first step, this implements basic architecture. Config editor and etc. would be implemented in future PR.

Note: To test this with npm run start*, enlarge maximum http header size with export NODE_OPTIONS=--max-http-header-size=102400.

Partial implements #4522

[codecov]

Codecov Report

Merging #4534 into master will decrease coverage by 0.49%.
The diff coverage is 28.18%.

@@            Coverage Diff             @@
##           master    #4534      +/-   ##
==========================================
- Coverage   45.45%   44.96%   -0.50%     
==========================================
  Files         214      216       +2     
  Lines       10208    10449     +241     
  Branches      108      131      +23     
==========================================
+ Hits         4640     4698      +58     
- Misses       5293     5471     +178     
- Partials      275      280       +5     

Impacted Files	Coverage Δ
src/app/backend/auth/api/types.go	33.33% <ø> (ø)
src/app/backend/auth/basic.go	0.00% <0.00%> (ø)
src/app/backend/auth/handler.go	35.21% <0.00%> (-7.90%)	⬇️
src/app/backend/handler/apihandler.go	27.74% <0.00%> (ø)
src/app/frontend/index.config.ts	100.00% <ø> (ø)
.../frontend/common/services/global/authentication.ts	32.94% <8.00%> (-5.95%)	⬇️
.../app/frontend/common/services/global/kubeconfig.ts	19.52% <19.52%> (ø)
src/app/backend/integration/metric/manager.go	44.44% <20.00%> (-5.56%)	⬇️
src/app/backend/client/manager.go	54.68% <40.00%> (-1.33%)	⬇️
src/app/frontend/login/component.ts	82.14% <66.66%> (+0.89%)	⬆️
... and 6 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a83047e...5987cd4. Read the comment docs.

[maciaszczykm]

We will go back to this after the release, please ping if I will forget.

[maciaszczykm]

Please use !_.isEmpty() to check for clusters list emptiness. This is lodash utility function that can be imported with following line import * as _ from 'lodash';.

[maciaszczykm]

As before, on known types please use dot to access object params.

[maciaszczykm]

There is no need to escape it. Can we change it to camelCase?

[shu-mutou]

I found that js-yaml can not convert keys to camelcase. Instead I found a library camelcase-keys but it need to use require in import. Do you know better library or is it acceptable, i.e. using require?

[maciaszczykm]

You can use require.

[maciaszczykm]

@floreks What do you think about the usability and approach here? I have done initial code review so far but we should also consider if that will not impact our current setup.

[floreks]

Those are backend api types. Move it to the backendapi.ts.

[floreks]

We can't store token here as it is already part of our login mechanism and is stored in an encrypted cookie. This would be extremely insecure. Also, we do not support client-certificate-data as a way of logging in anyway, so this is obsolete.

[shu-mutou]

If we store all the tokens contained in kubeconfig in cookies, I'm worried that all HTTP requests will get too big and impact performance.
I'm considering to encrypt tokens in jwe and store them into cookie before login sequence. But do you have any other ideas?

[maciaszczykm]

I have tested it locally using npm run start:prod command and the context are visible after logging with kubeconfig. However, after I try to switch context I see an error in the console (POST https://localhost:8080/api/v1/login 500) and I am redirected to the login view.

[shu-mutou]

Thank you very much for your reviews! I will continue considering pointed things, check and modify this next week.

[shu-mutou]

I have tested it locally using npm run start:prod command and the context are visible after logging with kubeconfig. However, after I try to switch context I see an error in the console (POST https://localhost:8080/api/v1/login 500) and I am redirected to the login view.

I checked npm run start:prod and it works in my environment. Could you check your kubeconfig?

[maciaszczykm]

I will try to verify again tomorrow but it seemed okay as I was able to login with it. Is some additional info required?

[shu-mutou]

@maciaszczykm I improved my codes, but I'm considering about encrypting tokens with jwe and store them into cookie yet. But I'm happy if you try this UX.

[shu-mutou]

/hold
need more investigations.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: shu-mutou

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [shu-mutou]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[shu-mutou]

/hold cancel
All tokens are stored in cookie as jweTokens now.
Instead, please note that set env NODE_OPTIONS=--max-http-header-size=1024000 when run npm run start*.

[floreks]

The solution that requires us to raise limits for HTTP header size is not really acceptable. We should try to limit data passed between browser and server as much as possible. Most proxies set their limits to 8KB and many people are using that. This change would break many configurations.

Processing all tokens at all times is also not good. Only one should be used at the time and others should naturally expire over time.

Another issue is encrypting all auth information to all servers with a single encryption key that is stored in the main cluster. We should not do that. It decreases security and makes all servers vulnerable in case of a single cluster breach.

There are a couple of more issues, but I think the general approach should be reconsidered. First, we should have some architectural concepts prepared. Possibly something like that should be handled in the user settings and we should have an option to add additional servers that we want to access. We could store some data in secrets/config maps and use multiple encryption tokens for actual auth info.

[shu-mutou]

As I expected, the HTTP header size exceeded the limit.
Let's redesign token handling.
If we store sensitive informations into secrets, do you have any idea how to clear expired secrets?

[k8s-ci-robot]

@shu-mutou: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[floreks]

Closing as stale. New PR can be opened as it requires major changes.