-
Notifications
You must be signed in to change notification settings - Fork 153
/
config_getter.go
52 lines (42 loc) · 1.46 KB
/
config_getter.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package kube
import (
"context"
"github.com/weaveworks/weave-gitops/pkg/server/auth"
"k8s.io/client-go/rest"
)
// ConfigGetter implementations should extract the details from a context and
// create a *rest.Config for use in clients.
type ConfigGetter interface {
Config(ctx context.Context) *rest.Config
}
var _ ConfigGetter = &ImpersonatingConfigGetter{}
// ImpersonatingConfigGetter is an implementation of the ConfigGetter interface
// that returns configs based on a base one. It inspects the context for a
// principal and if it finds one, it configures the *rest.Config to impersonate
// that principal. Otherwise it returns a copy of the base config.
type ImpersonatingConfigGetter struct {
insecure bool
cfg *rest.Config
}
// NewImpersonatingConfigGetter creates and returns a ConfigGetter with a known
// config.
func NewImpersonatingConfigGetter(cfg *rest.Config, insecure bool) *ImpersonatingConfigGetter {
return &ImpersonatingConfigGetter{cfg: cfg, insecure: insecure}
}
// Config returns a *rest.Config configured to impersonate a user or
// use the default service account credentials.
func (r *ImpersonatingConfigGetter) Config(ctx context.Context) *rest.Config {
shallowCopy := *r.cfg
if p := auth.Principal(ctx); p != nil {
shallowCopy.Impersonate = rest.ImpersonationConfig{
UserName: p.ID,
Groups: p.Groups,
}
}
if r.insecure {
shallowCopy.TLSClientConfig = rest.TLSClientConfig{
Insecure: r.insecure,
}
}
return &shallowCopy
}