Fix regression with OKTETO_TOKEN and improve DevX for invalid token

[andreafalzetti]

Proposed changes

Fixes: DEV-344

This PR mainly includes a fix for a regression introduced in 2.27.1 causing the Okteto CLI to attempt calling the sunsetted Okteto Cloud when setting OKTETO_TOKEN without specifying the context. Additionally, the change also aims to improve the DevX of other scenario or misconfiguration of credentials when using the environment variable OKTETO_TOKEN.

In a previous PR we changed the order in which credentials are checked, causing the unsedired behavior because of left over logic from Okteto Cloud.

I've listed below the tested scenarios. A is the actual regression. From B onwards, are improvements, mainly making sure that for invalid token the error message is meaningful.

Note: all the tests below are okteto deploy tests, but this regression also applies to destroy and other commands. I've tested some of them, there are a lot of permutations, but I've tested the main ones.

How to validate

Scenario A (Regression)

Description: Context file configured correctly with an Okteto context + setting a valid OKTETO_TOKEN ✅
Command: OKTETO_TOKEN=$VALID_TOKEN okteto deploy (export VALID_TOKEN with a valid token)

2.26.0	2.27.1	NEW

Scenario B

Description: Context file configured correctly with an Okteto context + setting an invalid OKTETO_TOKEN ❌
Command: OKTETO_TOKEN=123 okteto deploy

2.26.0	2.27.1	NEW

Scenario C

Description: Empty context file + invalid OKTETO_TOKEN ❌
Command: OKTETO_HOME=$(mktemp -d) OKTETO_TOKEN=123 okteto-2.26.0 deploy

2.26.0	2.27.1	NEW

Scenario D

Description: Empty context file + valid OKTETO_TOKEN ✅
Command: OKTETO_HOME=$(mktemp -d) OKTETO_TOKEN=$VALID_TOKEN okteto-2.26.0 deploy (export VALID_TOKEN with a valid token)

2.26.0	2.27.1	NEW

Scenario E

Description: context file without current context + invalid OKTETO_TOKEN ❌
Command:

cd $(mktemp -d)
export OKTETO_HOME=$(pwd)
okteto context use <CTX> # open browser and login successfully

# delete the property `current-context` from the config.json
vim .okteto/context/config.json

OKTETO_TOKEN=123 okteto deploy`

2.26.0	2.27.1	NEW

Scenario F

Description: context file without current context + valid OKTETO_TOKEN ✅
Command:

cd $(mktemp -d)
export OKTETO_HOME=$(pwd)
okteto context use <CTX> # open browser and login successfully

# delete the property `current-context` from the config.json
vim .okteto/context/config.json

OKTETO_TOKEN=$VALID_TOKEN okteto deploy` (export `VALID_TOKEN` with a valid token)

2.26.0	2.27.1	NEW

CLI Quality Reminders

For both authors and reviewers:

• Scrutinize for potential regressions
• Ensure key automated tests are in place
• Build the CLI and test using the validation steps
• Assess Developer Experience impact (log messages, performances, etc)
• If too broad, consider breaking into smaller PRs
• Adhere to our code style and code review guidelines

[andreafalzetti]

removing this fixes the regression

[codecov]

Codecov Report

Attention: Patch coverage is 22.22222% with 14 lines in your changes are missing coverage. Please review.

Project coverage is 43.19%. Comparing base (1c72192) to head (b039f9b).
Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4297      +/-   ##
==========================================
- Coverage   43.21%   43.19%   -0.03%     
==========================================
  Files         371      371              
  Lines       30006    30015       +9     
==========================================
- Hits        12967    12964       -3     
- Misses      15916    15926      +10     
- Partials     1123     1125       +2     

[ifbyol]

There is a variant of scenario B is not covered and it returns an Internal Server Error.

Instead of setting an invalid value, try to set a token from another instance and you would get the internal server error. Could we also cover that case?

[ifbyol]

We should probably create a specific error and being able to use error.Is() instead of comparing string values of the error. For example, not sure if we could have some problem with a trailing slash (/) at the end of the context name at some point.

Not needed to do as part of this PR, but it should be the way to go

[andreafalzetti]

@ifbyol I agree, that is what I've attempted to begin with, then realized that ErrNotLogged is being used like this all over, so it's tech debt that we need to adress. I didn't want to extend the scope of this change too much, but we should look into improve it!

[maroshii]

All scenarios with the "NEW" changes work as expected. Deferring approval to @jLopezbarb or @ifbyol that have more context