Untitled

avatar
unknown
plain_text
a year ago
2.6 kB
8
Indexable
// Add this function to kube_client_factory.go

func (f *KubeClientFactory) setupOIDCAuth(config *rest.Config) error {
    // Get token from environment variable first
    token := os.Getenv("KUBE_TOKEN")
    if token != "" {
        config.BearerToken = token
        return nil
    }

    // Try to get token from kubeconfig
    kubeconfig, err := clientcmd.LoadFromFile(filepath.Join(f.kubeconfigBasePath, "kubeconfig"))
    if err != nil {
        return fmt.Errorf("failed to load kubeconfig: %w", err)
    }

    currentContext := kubeconfig.CurrentContext
    context := kubeconfig.Contexts[currentContext]
    if context == nil {
        return fmt.Errorf("current context not found: %s", currentContext)
    }

    authInfo := kubeconfig.AuthInfos[context.AuthInfo]
    if authInfo == nil {
        return fmt.Errorf("auth info not found for user: %s", context.AuthInfo)
    }

    // If token is provided directly in kubeconfig
    if authInfo.Token != "" {
        config.BearerToken = authInfo.Token
        return nil
    }

    // If token file is provided
    if authInfo.TokenFile != "" {
        tokenBytes, err := os.ReadFile(authInfo.TokenFile)
        if err != nil {
            return fmt.Errorf("failed to read token file: %w", err)
        }
        config.BearerToken = string(tokenBytes)
        return nil
    }

    return nil
}

func (f *KubeClientFactory) GetClient(config ClientConfig) (KubeClient, error) {
    var kubeconfigPath string

    // For testing environment
    if config.ClusterID == "default" {
        kubeconfigPath = filepath.Join(f.kubeconfigBasePath, "kubeconfig")
    } else {
        // Production path construction
        kubeconfigPath = filepath.Join(f.kubeconfigBasePath, config.TenantID, config.ClusterID, "kubeconfig")
    }

    // Load kubeconfig
    restConfig, err := clientcmd.BuildConfigFromFlags("", kubeconfigPath)
    if err != nil {
        return nil, fmt.Errorf("failed to load kubeconfig: %w", err)
    }

    // Setup OIDC auth if needed
    if err := f.setupOIDCAuth(restConfig); err != nil {
        return nil, fmt.Errorf("failed to setup auth: %w", err)
    }

    // Create clientset
    clientset, err := kubernetes.NewForConfig(restConfig)
    if err != nil {
        return nil, fmt.Errorf("failed to create clientset: %w", err)
    }

    // Create dynamic client
    dynamicClient, err := dynamic.NewForConfig(restConfig)
    if err != nil {
        return nil, fmt.Errorf("failed to create dynamic client: %w", err)
    }

    return NewKubeClientImpl(clientset, dynamicClient, &config), nil
}
Editor is loading...
Leave a Comment