mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

fix: remove kubeconfig (#3802)

Browse source 
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Co-authored-by: Sambhav Kothari <sambhavs.email@gmail.com>
This commit is contained in:
Charles-Edouard Brétéché 2022-05-05 12:12:43 +02:00 committed by GitHub
parent c79dc82eaa
commit 4d08354498
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 25 additions and 69 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
cmd/initContainer/main.go
View file

@ -26,13 +26,13 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/labels"
"k8s.io/client-go/kubernetes" "k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
"k8s.io/klog/v2" "k8s.io/klog/v2"
"k8s.io/klog/v2/klogr" "k8s.io/klog/v2/klogr"
"sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/log"
) )
var ( var (
kubeconfig string
setupLog = log.Log.WithName("setup") setupLog = log.Log.WithName("setup")
clientRateLimitQPS float64 clientRateLimitQPS float64
clientRateLimitBurst int clientRateLimitBurst int
@ -72,10 +72,13 @@ func main() {
// os signal handler // os signal handler
stopCh := signal.SetupSignalHandler() stopCh := signal.SetupSignalHandler()
// create client config // create client config
kubeconfig = "" clientConfig, err := rest.InClusterConfig()
clientConfig, err := config.CreateClientConfig(kubeconfig, clientRateLimitQPS, clientRateLimitBurst)
if err != nil { if err != nil {
setupLog.Error(err, "Failed to build kubeconfig") setupLog.Error(err, "Failed to create clientConfig")
os.Exit(1)
}
if err := config.ConfigureClientConfig(clientConfig, clientRateLimitQPS, clientRateLimitBurst); err != nil {
setupLog.Error(err, "Failed to create clientConfig")
os.Exit(1) os.Exit(1)
} }

11
cmd/kyverno/main.go
View file

@ -41,6 +41,7 @@ import (
"github.com/prometheus/client_golang/prometheus/promhttp" "github.com/prometheus/client_golang/prometheus/promhttp"
kubeinformers "k8s.io/client-go/informers" kubeinformers "k8s.io/client-go/informers"
"k8s.io/client-go/kubernetes" "k8s.io/client-go/kubernetes"
"k8s.io/client-go/rest"
"k8s.io/klog/v2" "k8s.io/klog/v2"
"k8s.io/klog/v2/klogr" "k8s.io/klog/v2/klogr"
"sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/log"
@ -51,7 +52,6 @@ const resyncPeriod = 15 * time.Minute
var ( var (
//TODO: this has been added to backward support command line arguments //TODO: this has been added to backward support command line arguments
// will be removed in future and the configuration will be set only via configmaps // will be removed in future and the configuration will be set only via configmaps
kubeconfig string
serverIP string serverIP string
profilePort string profilePort string
metricsPort string metricsPort string
@ -97,13 +97,16 @@ func main() {
cleanUp := make(chan struct{}) cleanUp := make(chan struct{})
stopCh := signal.SetupSignalHandler() stopCh := signal.SetupSignalHandler()
kubeconfig = ""
debug := serverIP != "" debug := serverIP != ""
// clients // clients
clientConfig, err := config.CreateClientConfig(kubeconfig, clientRateLimitQPS, clientRateLimitBurst) clientConfig, err := rest.InClusterConfig()
if err != nil { if err != nil {
setupLog.Error(err, "Failed to build kubeconfig") setupLog.Error(err, "Failed to create clientConfig")
os.Exit(1)
}
if err := config.ConfigureClientConfig(clientConfig, clientRateLimitQPS, clientRateLimitBurst); err != nil {
setupLog.Error(err, "Failed to create clientConfig")
os.Exit(1) os.Exit(1)
} }
kyvernoClient, err := kyvernoclient.NewForConfig(clientConfig) kyvernoClient, err := kyvernoclient.NewForConfig(clientConfig)

23
pkg/config/client.go
View file

@ -5,29 +5,14 @@ import (
"math" "math"
rest "k8s.io/client-go/rest" rest "k8s.io/client-go/rest"
clientcmd "k8s.io/client-go/tools/clientcmd"
) )
// CreateClientConfig creates client config and applies rate limit QPS and burst // ConfigureClientConfig creates client config and applies rate limit QPS and burst
func CreateClientConfig(kubeconfig string, qps float64, burst int) (*rest.Config, error) { func ConfigureClientConfig(clientConfig *rest.Config, qps float64, burst int) error {
clientConfig, err := createClientConfig(kubeconfig)
if err != nil {
return nil, err
}
if qps > math.MaxFloat32 { if qps > math.MaxFloat32 {
return nil, fmt.Errorf("client rate limit QPS must not be higher than %e", math.MaxFloat32) return fmt.Errorf("client rate limit QPS must not be higher than %e", math.MaxFloat32)
} }
clientConfig.Burst = burst clientConfig.Burst = burst
clientConfig.QPS = float32(qps) clientConfig.QPS = float32(qps)
return clientConfig, nil return nil
}
// createClientConfig creates client config
func createClientConfig(kubeconfig string) (*rest.Config, error) {
if kubeconfig == "" {
logger.Info("Using in-cluster configuration")
return rest.InClusterConfig()
}
logger.V(4).Info("Using specified kubeconfig", "kubeconfig", kubeconfig)
return clientcmd.BuildConfigFromFlags("", kubeconfig)
} }

49
pkg/config/config_test.go
View file

@ -2,21 +2,17 @@ package config_test
import ( import (
"math" "math"
"os"
"testing" "testing"
"gotest.tools/assert" "gotest.tools/assert"
"k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/rest"
clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
clientcmdlatest "k8s.io/client-go/tools/clientcmd/api/latest"
"github.com/kyverno/kyverno/pkg/config" "github.com/kyverno/kyverno/pkg/config"
) )
func Test_CreateClientConfig_WithKubeConfig(t *testing.T) { func Test_CreateClientConfig_WithKubeConfig(t *testing.T) {
cf := createMinimalKubeconfig(t) c := &rest.Config{}
defer os.Remove(cf) err := config.ConfigureClientConfig(c, 0, 0)
_, err := config.CreateClientConfig(cf, 0, 0)
assert.NilError(t, err) assert.NilError(t, err)
} }
@ -25,10 +21,8 @@ func Test_CreateClientConfig_SetBurstQPS(t *testing.T) {
qps = 55 qps = 55
burst = 99 burst = 99
) )
c := &rest.Config{}
cf := createMinimalKubeconfig(t) err := config.ConfigureClientConfig(c, qps, burst)
defer os.Remove(cf)
c, err := config.CreateClientConfig(cf, qps, burst)
assert.NilError(t, err) assert.NilError(t, err)
assert.Equal(t, float32(qps), c.QPS) assert.Equal(t, float32(qps), c.QPS)
assert.Equal(t, burst, c.Burst) assert.Equal(t, burst, c.Burst)
@ -36,36 +30,7 @@ func Test_CreateClientConfig_SetBurstQPS(t *testing.T) {
func Test_CreateClientConfig_LimitQPStoFloat32(t *testing.T) { func Test_CreateClientConfig_LimitQPStoFloat32(t *testing.T) {
qps := float64(math.MaxFloat32) * 2 qps := float64(math.MaxFloat32) * 2
c := &rest.Config{}
cf := createMinimalKubeconfig(t) err := config.ConfigureClientConfig(c, qps, 0)
defer os.Remove(cf)
_, err := config.CreateClientConfig(cf, qps, 0)
assert.ErrorContains(t, err, "QPS") assert.ErrorContains(t, err, "QPS")
} }
func createMinimalKubeconfig(t *testing.T) string {
t.Helper()
minimalConfig := clientcmdapi.Config{
Clusters: map[string]*clientcmdapi.Cluster{
"test": {Server: "http://localhost:7777"},
},
AuthInfos: map[string]*clientcmdapi.AuthInfo{
"test": {},
},
Contexts: map[string]*clientcmdapi.Context{
"test": {AuthInfo: "test", Cluster: "test"},
},
CurrentContext: "test",
}
f, err := os.CreateTemp("", "")
assert.NilError(t, err)
enc, err := runtime.Encode(clientcmdlatest.Codec, &minimalConfig)
assert.NilError(t, err)
_, err = f.Write(enc)
assert.NilError(t, err)
assert.NilError(t, f.Close())
return f.Name()
}