Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add explicit token for Kubeapps cluster reference #5566

Merged
merged 4 commits into from
Oct 26, 2022
Merged

Add explicit token for Kubeapps cluster reference #5566

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
9408a8e
Add explicit token for Kubeapps cluster reference
Oct 25, 2022
68fff90
Keeping linter happy
Oct 25, 2022
852fa21
Fix repeated variable
Oct 25, 2022
68bf9dc
Trying to workaround the failed linter
Oct 26, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 2 additions & 3 deletions cmd/kubeapps-apis/core/plugins/v1alpha1/plugins.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -323,9 +323,8 @@ func createConfigGetterWithParams(inClusterConfig *rest.Config, serveOpts core.S
var config *rest.Config

// Enable existing plugins to pass an empty cluster name to get the
// kubeapps cluster for now, until we support (or otherwise decide)
// multicluster configuration of all plugins.
if cluster == "" {
// kubeapps cluster
if kube.IsKubeappsClusterRef(cluster) {
cluster = clustersConfig.KubeappsClusterName
}

Expand Down
21 changes: 10 additions & 11 deletions cmd/kubeapps-apis/plugins/helm/packages/v1alpha1/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import (
"github.com/vmware-tanzu/kubeapps/pkg/chart/models"
"github.com/vmware-tanzu/kubeapps/pkg/dbutils"
httpclient "github.com/vmware-tanzu/kubeapps/pkg/http-client"
"github.com/vmware-tanzu/kubeapps/pkg/kube"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/types/known/anypb"
Expand Down Expand Up @@ -150,7 +151,7 @@ func NewServer(configGetter core.KubernetesConfigGetter, globalPackagingCluster
cluster := pkgContext.GetCluster()
// Don't force clients to send a cluster unless we are sure all use-cases
// of kubeapps-api are multicluster.
if cluster == "" {
if kube.IsKubeappsClusterRef(cluster) {
cluster = globalPackagingCluster
}
fn := helm.NewHelmActionConfigGetter(configGetter, cluster)
Expand Down Expand Up @@ -1026,24 +1027,22 @@ func (s *Server) GetInstalledPackageResourceRefs(ctx context.Context, request *c
}

func (s *Server) AddPackageRepository(ctx context.Context, request *corev1.AddPackageRepositoryRequest) (*corev1.AddPackageRepositoryResponse, error) {
repoName := request.GetName()
repoUrl := request.GetUrl()
log.Infof("+helm AddPackageRepository '%s' pointing to '%s'", repoName, repoUrl)

if request == nil {
return nil, status.Errorf(codes.InvalidArgument, "no request provided")
}
if request.Context == nil {
return nil, status.Errorf(codes.InvalidArgument, "no request Context provided")
if request.Name == "" {
return nil, status.Errorf(codes.InvalidArgument, "no package repository Name provided")
}

repoName := request.Name
log.Infof("+helm AddPackageRepository '%s'", repoName)

cluster := request.GetContext().GetCluster()
if cluster == "" {
return nil, status.Errorf(codes.InvalidArgument, "no cluster specified: request.Context.Cluster: [%v]", request.Context.Cluster)
cluster = s.globalPackagingCluster
}

if request.Name == "" {
return nil, status.Errorf(codes.InvalidArgument, "no package repository Name provided")
}
namespace := request.GetContext().GetNamespace()
if namespace == "" {
namespace = s.GetGlobalPackagingNamespace()
Expand All @@ -1052,7 +1051,7 @@ func (s *Server) AddPackageRepository(ctx context.Context, request *corev1.AddPa
return nil, status.Errorf(codes.InvalidArgument, "Namespace Scope is inconsistent with the provided Namespace")
}
name := types.NamespacedName{
Name: request.Name,
Name: repoName,
Namespace: namespace,
}

Expand Down
30 changes: 26 additions & 4 deletions pkg/kube/cluster_config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,16 @@ import (
"path/filepath"
)

const (
// KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN
// Kubeapps can be configured such that users cannot target the cluster
// on which Kubeapps is itself installed (ie. it's not listed in the
// clusters config). In this specific case, there is no way to refer
// to a configured name for the global packaging cluster, so we define
// one to be used that does not clash with user-configurable names.
KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN = "-"
)

// ClusterConfig contains required info to talk to additional clusters.
type ClusterConfig struct {
Name string `json:"name"`
Expand Down Expand Up @@ -82,10 +92,11 @@ func NewClusterConfig(inClusterConfig *rest.Config, userToken string, cluster st
config.BearerToken = userToken
config.BearerTokenFile = ""

// If the cluster is empty, we assume the rest of the inClusterConfig is correct. This can be the case when
// the cluster on which Kubeapps is installed is not one presented in the UI as a target (hence not in the
// `clusters` configuration).
if cluster == "" {
// If the cluster name is the Kubeapps global packaging cluster then the
// inClusterConfig is already correct. This can be the case when the cluster
// on which Kubeapps is installed is not one presented in the UI as a target
// (hence not in the `clusters` configuration).
if IsKubeappsClusterRef(cluster) {
return config, nil
}

Expand Down Expand Up @@ -195,5 +206,16 @@ func ParseClusterConfig(configPath, caFilesPrefix string, pinnipedProxyURL, Pinn
}
configs.Clusters[c.Name] = c
}
// If the cluster on which Kubeapps is installed was not present in
// the clusters config, we explicitly use a token to identify this
// cluster when needed (such as for global available packages).
if configs.KubeappsClusterName == "" {
configs.KubeappsClusterName = KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN
}
return configs, deferFn, nil
}

// IsKubeappsClusterRef checks if the provided cluster name references the global packaging Kubeapps cluster
func IsKubeappsClusterRef(cluster string) bool {
return cluster == "" || cluster == KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN
}
6 changes: 3 additions & 3 deletions pkg/kube/cluster_config_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,9 @@ func TestNewClusterConfig(t *testing.T) {
},
},
{
name: "returns an in-cluster config when no cluster is specified",
name: "returns an in-cluster config when the global packaging cluster token is specified",
userToken: "token-1",
cluster: "",
cluster: KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN,
clustersConfig: ClustersConfig{
KubeappsClusterName: "",
Clusters: map[string]ClusterConfig{
Expand Down Expand Up @@ -339,7 +339,7 @@ func TestParseClusterConfig(t *testing.T) {
{"name": "cluster-3", "apiServiceURL": "https://example.com/cluster-3", "certificateAuthorityData": "Y2EtY2VydC1kYXRhLWFkZGl0aW9uYWwK"}
]`,
expectedConfig: ClustersConfig{
KubeappsClusterName: "",
KubeappsClusterName: KUBEAPPS_GLOBAL_PACKAGING_CLUSTER_TOKEN,
Clusters: map[string]ClusterConfig{
"cluster-2": {
Name: "cluster-2",
Expand Down