From 9408a8ec24229c2486ff8e9277d92f0e78883e6b Mon Sep 17 00:00:00 2001 From: Rafa Castelblanque Date: Tue, 25 Oct 2022 15:30:43 +0200 Subject: [PATCH 1/4] Add explicit token for Kubeapps cluster reference Signed-off-by: Rafa Castelblanque --- .../core/plugins/v1alpha1/plugins.go | 5 ++-- .../plugins/helm/packages/v1alpha1/server.go | 18 +++++------ pkg/kube/cluster_config.go | 30 ++++++++++++++++--- pkg/kube/cluster_config_test.go | 6 ++-- 4 files changed, 39 insertions(+), 20 deletions(-) diff --git a/cmd/kubeapps-apis/core/plugins/v1alpha1/plugins.go b/cmd/kubeapps-apis/core/plugins/v1alpha1/plugins.go index afe5d76de17..050aa829e61 100644 --- a/cmd/kubeapps-apis/core/plugins/v1alpha1/plugins.go +++ b/cmd/kubeapps-apis/core/plugins/v1alpha1/plugins.go @@ -323,9 +323,8 @@ func createConfigGetterWithParams(inClusterConfig *rest.Config, serveOpts core.S var config *rest.Config // Enable existing plugins to pass an empty cluster name to get the - // kubeapps cluster for now, until we support (or otherwise decide) - // multicluster configuration of all plugins. - if cluster == "" { + // kubeapps cluster + if kube.IsKubeappsClusterRef(cluster) { cluster = clustersConfig.KubeappsClusterName } diff --git a/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go b/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go index da03183e89a..cbc7a7ab4c3 100644 --- a/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go +++ b/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go @@ -23,6 +23,7 @@ import ( "github.com/vmware-tanzu/kubeapps/pkg/chart/models" "github.com/vmware-tanzu/kubeapps/pkg/dbutils" httpclient "github.com/vmware-tanzu/kubeapps/pkg/http-client" + "github.com/vmware-tanzu/kubeapps/pkg/kube" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" "google.golang.org/protobuf/types/known/anypb" @@ -150,7 +151,7 @@ func NewServer(configGetter core.KubernetesConfigGetter, globalPackagingCluster cluster := pkgContext.GetCluster() // Don't force clients to send a cluster unless we are sure all use-cases // of kubeapps-api are multicluster. - if cluster == "" { + if kube.IsKubeappsClusterRef(cluster) { cluster = globalPackagingCluster } fn := helm.NewHelmActionConfigGetter(configGetter, cluster) @@ -1026,24 +1027,21 @@ func (s *Server) GetInstalledPackageResourceRefs(ctx context.Context, request *c } func (s *Server) AddPackageRepository(ctx context.Context, request *corev1.AddPackageRepositoryRequest) (*corev1.AddPackageRepositoryResponse, error) { - repoName := request.GetName() - repoUrl := request.GetUrl() - log.Infof("+helm AddPackageRepository '%s' pointing to '%s'", repoName, repoUrl) if request == nil { return nil, status.Errorf(codes.InvalidArgument, "no request provided") } - if request.Context == nil { - return nil, status.Errorf(codes.InvalidArgument, "no request Context provided") + if request.Name == "" { + return nil, status.Errorf(codes.InvalidArgument, "no package repository Name provided") } + + log.Infof("+helm AddPackageRepository '%s' pointing to '%s'", request.GetName(), request.GetUrl()) + cluster := request.GetContext().GetCluster() if cluster == "" { - return nil, status.Errorf(codes.InvalidArgument, "no cluster specified: request.Context.Cluster: [%v]", request.Context.Cluster) + cluster = s.globalPackagingCluster } - if request.Name == "" { - return nil, status.Errorf(codes.InvalidArgument, "no package repository Name provided") - } namespace := request.GetContext().GetNamespace() if namespace == "" { namespace = s.GetGlobalPackagingNamespace() diff --git a/pkg/kube/cluster_config.go b/pkg/kube/cluster_config.go index ce66eec1e38..8db604d769e 100644 --- a/pkg/kube/cluster_config.go +++ b/pkg/kube/cluster_config.go @@ -13,6 +13,16 @@ import ( "path/filepath" ) +const ( + // KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN + // Kubeapps can be configured such that users cannot target the cluster + // on which Kubeapps is itself installed (ie. it's not listed in the + // clusters config). In this specific case, there is no way to refer + // to a configured name for the global packaging cluster, so we define + // one to be used that does not clash with user-configurable names. + KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN = "-" +) + // ClusterConfig contains required info to talk to additional clusters. type ClusterConfig struct { Name string `json:"name"` @@ -82,10 +92,11 @@ func NewClusterConfig(inClusterConfig *rest.Config, userToken string, cluster st config.BearerToken = userToken config.BearerTokenFile = "" - // If the cluster is empty, we assume the rest of the inClusterConfig is correct. This can be the case when - // the cluster on which Kubeapps is installed is not one presented in the UI as a target (hence not in the - // `clusters` configuration). - if cluster == "" { + // If the cluster name is the Kubeapps global packaging cluster then the + // inClusterConfig is already correct. This can be the case when the cluster + // on which Kubeapps is installed is not one presented in the UI as a target + // (hence not in the `clusters` configuration). + if IsKubeappsClusterRef(cluster) { return config, nil } @@ -195,5 +206,16 @@ func ParseClusterConfig(configPath, caFilesPrefix string, pinnipedProxyURL, Pinn } configs.Clusters[c.Name] = c } + // If the cluster on which Kubeapps is installed was not present in + // the clusters config, we explicitly use a token to identify this + // cluster when needed (such as for global available packages). + if configs.KubeappsClusterName == "" { + configs.KubeappsClusterName = KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN + } return configs, deferFn, nil } + +// IsKubeappsClusterRef checks if the provided cluster name references the global packaging Kubeapps cluster +func IsKubeappsClusterRef(cluster string) bool { + return cluster == "" || cluster == KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN +} diff --git a/pkg/kube/cluster_config_test.go b/pkg/kube/cluster_config_test.go index 0f3e1cbc06a..7306e09b2bb 100644 --- a/pkg/kube/cluster_config_test.go +++ b/pkg/kube/cluster_config_test.go @@ -45,9 +45,9 @@ func TestNewClusterConfig(t *testing.T) { }, }, { - name: "returns an in-cluster config when no cluster is specified", + name: "returns an in-cluster config when the global packaging cluster token is specified", userToken: "token-1", - cluster: "", + cluster: KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN, clustersConfig: ClustersConfig{ KubeappsClusterName: "", Clusters: map[string]ClusterConfig{ @@ -339,7 +339,7 @@ func TestParseClusterConfig(t *testing.T) { {"name": "cluster-3", "apiServiceURL": "https://example.com/cluster-3", "certificateAuthorityData": "Y2EtY2VydC1kYXRhLWFkZGl0aW9uYWwK"} ]`, expectedConfig: ClustersConfig{ - KubeappsClusterName: "", + KubeappsClusterName: KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN, Clusters: map[string]ClusterConfig{ "cluster-2": { Name: "cluster-2", From 68fff90c8c68c8dab9b26b36f6e5891f592a6c9a Mon Sep 17 00:00:00 2001 From: Rafa Castelblanque Date: Tue, 25 Oct 2022 16:52:31 +0200 Subject: [PATCH 2/4] Keeping linter happy Signed-off-by: Rafa Castelblanque --- cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go b/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go index cbc7a7ab4c3..50f6d2eed3b 100644 --- a/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go +++ b/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go @@ -1035,7 +1035,9 @@ func (s *Server) AddPackageRepository(ctx context.Context, request *corev1.AddPa return nil, status.Errorf(codes.InvalidArgument, "no package repository Name provided") } - log.Infof("+helm AddPackageRepository '%s' pointing to '%s'", request.GetName(), request.GetUrl()) + name := request.GetName() + url := request.GetUrl() + log.Infof("+helm AddPackageRepository '%s' pointing to '%s'", name, url) cluster := request.GetContext().GetCluster() if cluster == "" { From 852fa2106c14bea353d6b0d187a91f145b032a26 Mon Sep 17 00:00:00 2001 From: Rafa Castelblanque Date: Tue, 25 Oct 2022 16:56:00 +0200 Subject: [PATCH 3/4] Fix repeated variable Signed-off-by: Rafa Castelblanque --- .../plugins/helm/packages/v1alpha1/server.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go b/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go index 50f6d2eed3b..bf498638bac 100644 --- a/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go +++ b/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go @@ -1035,9 +1035,9 @@ func (s *Server) AddPackageRepository(ctx context.Context, request *corev1.AddPa return nil, status.Errorf(codes.InvalidArgument, "no package repository Name provided") } - name := request.GetName() - url := request.GetUrl() - log.Infof("+helm AddPackageRepository '%s' pointing to '%s'", name, url) + repoName := request.GetName() + repoUrl := request.GetUrl() + log.Infof("+helm AddPackageRepository '%s' pointing to '%s'", repoName, repoUrl) cluster := request.GetContext().GetCluster() if cluster == "" { @@ -1052,7 +1052,7 @@ func (s *Server) AddPackageRepository(ctx context.Context, request *corev1.AddPa return nil, status.Errorf(codes.InvalidArgument, "Namespace Scope is inconsistent with the provided Namespace") } name := types.NamespacedName{ - Name: request.Name, + Name: repoName, Namespace: namespace, } From 68bf9dcd72dc1bfbd12282a950030024b13e5082 Mon Sep 17 00:00:00 2001 From: Rafa Castelblanque Date: Wed, 26 Oct 2022 09:51:52 +0200 Subject: [PATCH 4/4] Trying to workaround the failed linter Signed-off-by: Rafa Castelblanque --- cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go b/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go index bf498638bac..309107bcdcb 100644 --- a/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go +++ b/cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go @@ -1035,9 +1035,8 @@ func (s *Server) AddPackageRepository(ctx context.Context, request *corev1.AddPa return nil, status.Errorf(codes.InvalidArgument, "no package repository Name provided") } - repoName := request.GetName() - repoUrl := request.GetUrl() - log.Infof("+helm AddPackageRepository '%s' pointing to '%s'", repoName, repoUrl) + repoName := request.Name + log.Infof("+helm AddPackageRepository '%s'", repoName) cluster := request.GetContext().GetCluster() if cluster == "" {