Merge pull request #280 from covexo/config-fix

FabianKramm · web-flow · commit 52e986b4d46a · 2018-10-09T12:21:54.000+02:00
Implement token handling for kubeconfig
diff --git a/pkg/devspace/clients/kubectl/client.go b/pkg/devspace/clients/kubectl/client.go
@@ -20,6 +20,7 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
+	"k8s.io/client-go/tools/clientcmd/api"
 	"k8s.io/client-go/tools/portforward"
 	"k8s.io/client-go/tools/remotecommand"
 	"k8s.io/client-go/transport/spdy"
@@ -78,14 +79,39 @@ func GetClientConfig() (*rest.Config, error) {
 		return clientcmd.BuildConfigFromFlags("", clientcmd.RecommendedHomeFile)
 	}
 
-	return &rest.Config{
-		Host: *config.Cluster.APIServer,
-		TLSClientConfig: rest.TLSClientConfig{
-			CAData:   []byte(*config.Cluster.CaCert),
-			CertData: []byte(*config.Cluster.User.ClientCert),
-			KeyData:  []byte(*config.Cluster.User.ClientKey),
-		},
-	}, nil
+	// We create a new config object here
+	kubeAuthInfo := api.NewAuthInfo()
+	if config.Cluster.User != nil {
+		if config.Cluster.User.ClientCert != nil {
+			kubeAuthInfo.ClientCertificateData = []byte(*config.Cluster.User.ClientCert)
+		}
+		if config.Cluster.User.ClientKey != nil {
+			kubeAuthInfo.ClientKeyData = []byte(*config.Cluster.User.ClientKey)
+		}
+		if config.Cluster.User.Token != nil {
+			kubeAuthInfo.Token = *config.Cluster.User.Token
+		}
+	}
+
+	kubeCluster := api.NewCluster()
+	if config.Cluster.APIServer != nil {
+		kubeCluster.Server = *config.Cluster.APIServer
+	}
+	if config.Cluster.CaCert != nil {
+		kubeCluster.CertificateAuthorityData = []byte(*config.Cluster.CaCert)
+	}
+
+	kubeContext := api.NewContext()
+	kubeContext.Cluster = "devspace"
+	kubeContext.AuthInfo = "devspace"
+
+	kubeConfig := api.NewConfig()
+	kubeConfig.AuthInfos["devspace"] = kubeAuthInfo
+	kubeConfig.Clusters["devspace"] = kubeCluster
+	kubeConfig.Contexts["devspace"] = kubeContext
+	kubeConfig.CurrentContext = "devspace"
+
+	return clientcmd.NewNonInteractiveClientConfig(*kubeConfig, "devspace", &clientcmd.ConfigOverrides{}, clientcmd.NewDefaultClientConfigLoadingRules()).ClientConfig()
 }
 
 // IsMinikube returns true if the Kubernetes cluster is a minikube
diff --git a/pkg/devspace/cloud/login.go b/pkg/devspace/cloud/login.go
@@ -141,7 +141,7 @@ func Update(providerConfig ProviderConfig, dsConfig *v1.Config, switchKubeContex
 			kubeContext = provider.KubeContext
 		}
 
-		err = UpdateKubeConfig(kubeContext, cluster, authInfo, switchKubeContext)
+		err = UpdateKubeConfig(kubeContext, namespace, cluster, authInfo, switchKubeContext)
 		if err != nil {
 			return err
 		}
@@ -154,14 +154,15 @@ func Update(providerConfig ProviderConfig, dsConfig *v1.Config, switchKubeContex
 		dsConfig.Cluster.User = &v1.ClusterUser{
 			ClientCert: configutil.String(string(authInfo.ClientCertificateData)),
 			ClientKey:  configutil.String(string(authInfo.ClientKeyData)),
+			Token:      configutil.String(string(authInfo.Token)),
 		}
 	}
 
 	return err
 }
 
 // UpdateKubeConfig adds the devspace-cloud context if necessary and switches the current context
-func UpdateKubeConfig(contextName string, cluster *api.Cluster, authInfo *api.AuthInfo, switchContext bool) error {
+func UpdateKubeConfig(contextName, namespace string, cluster *api.Cluster, authInfo *api.AuthInfo, switchContext bool) error {
 	config, err := kubeconfig.ReadKubeConfig(clientcmd.RecommendedHomeFile)
 	if err != nil {
 		return err
@@ -172,14 +173,18 @@ func UpdateKubeConfig(contextName string, cluster *api.Cluster, authInfo *api.Au
 		config.CurrentContext = contextName
 	}
 
+	// We generate a unique auth info name for each devspace
+	authInfoName := contextName + "-" + namespace
+
 	config.Clusters[contextName] = cluster
-	config.AuthInfos[contextName] = authInfo
+	config.AuthInfos[authInfoName] = authInfo
 
 	// Check if we need to add the context
 	if _, ok := config.Contexts[contextName]; !ok {
 		context := api.NewContext()
 		context.Cluster = contextName
-		context.AuthInfo = contextName
+		context.AuthInfo = authInfoName
+		context.Namespace = namespace
 
 		config.Contexts[contextName] = context
 	}
diff --git a/pkg/devspace/config/v1/cluster.go b/pkg/devspace/config/v1/cluster.go
@@ -14,4 +14,5 @@ type Cluster struct {
 type ClusterUser struct {
 	ClientCert *string `yaml:"clientCert,omitempty"`
 	ClientKey  *string `yaml:"clientKey,omitempty"`
+	Token      *string `yaml:"token,omitempty"`
 }

Original file line number	Diff line number	Diff line change
`@@ -141,7 +141,7 @@ func Update(providerConfig ProviderConfig, dsConfig *v1.Config, switchKubeContex`
`141`	`141`	`kubeContext = provider.KubeContext`
`142`	`142`	`}`
`143`	`143`
`144`		`- err = UpdateKubeConfig(kubeContext, cluster, authInfo, switchKubeContext)`
	`144`	`+ err = UpdateKubeConfig(kubeContext, namespace, cluster, authInfo, switchKubeContext)`
`145`	`145`	`if err != nil {`
`146`	`146`	`return err`
`147`	`147`	`}`
`@@ -154,14 +154,15 @@ func Update(providerConfig ProviderConfig, dsConfig *v1.Config, switchKubeContex`
`154`	`154`	`dsConfig.Cluster.User = &v1.ClusterUser{`
`155`	`155`	`ClientCert: configutil.String(string(authInfo.ClientCertificateData)),`
`156`	`156`	`ClientKey: configutil.String(string(authInfo.ClientKeyData)),`
	`157`	`+ Token: configutil.String(string(authInfo.Token)),`
`157`	`158`	`}`
`158`	`159`	`}`
`159`	`160`
`160`	`161`	`return err`
`161`	`162`	`}`
`162`	`163`
`163`	`164`	`// UpdateKubeConfig adds the devspace-cloud context if necessary and switches the current context`
`164`		`-func UpdateKubeConfig(contextName string, cluster api.Cluster, authInfo api.AuthInfo, switchContext bool) error {`
	`165`	`+func UpdateKubeConfig(contextName, namespace string, cluster api.Cluster, authInfo api.AuthInfo, switchContext bool) error {`
`165`	`166`	`config, err := kubeconfig.ReadKubeConfig(clientcmd.RecommendedHomeFile)`
`166`	`167`	`if err != nil {`
`167`	`168`	`return err`
`@@ -172,14 +173,18 @@ func UpdateKubeConfig(contextName string, cluster api.Cluster, authInfo api.Au`
`172`	`173`	`config.CurrentContext = contextName`
`173`	`174`	`}`
`174`	`175`
	`176`	`+ // We generate a unique auth info name for each devspace`
	`177`	`+ authInfoName := contextName + "-" + namespace`
	`178`	`+`
`175`	`179`	`config.Clusters[contextName] = cluster`
`176`		`- config.AuthInfos[contextName] = authInfo`
	`180`	`+ config.AuthInfos[authInfoName] = authInfo`
`177`	`181`
`178`	`182`	`// Check if we need to add the context`
`179`	`183`	`if _, ok := config.Contexts[contextName]; !ok {`
`180`	`184`	`context := api.NewContext()`
`181`	`185`	`context.Cluster = contextName`
`182`		`- context.AuthInfo = contextName`
	`186`	`+ context.AuthInfo = authInfoName`
	`187`	`+ context.Namespace = namespace`
`183`	`188`
`184`	`189`	`config.Contexts[contextName] = context`
`185`	`190`	`}`
Original file line number	Diff line number	Diff line change
`@@ -14,4 +14,5 @@ type Cluster struct {`
`14`	`14`	`type ClusterUser struct {`
`15`	`15`	ClientCert *string `yaml:"clientCert,omitempty"`
`16`	`16`	ClientKey *string `yaml:"clientKey,omitempty"`
	`17`	+ Token *string `yaml:"token,omitempty"`
`17`	`18`	`}`