Merge branch 'integration' of https://github.com/porter-dev/porter into integration

cli/cmd/connect/kubeconfig.go

@@ -62,7 +62,22 @@ func Kubeconfig(
 			for _, action := range saCandidate.Actions {
 				switch action.Name {
 				case models.ClusterCADataAction:
-					resolveAction, err := resolveClusterCAAction(action.Filename)
+					absKubeconfigPath, err := local.ResolveKubeconfigPath(kubeconfigPath)
+
+					if err != nil {
+						return err
+					}
+
+					filename, err := utils.GetFileReferenceFromKubeconfig(
+						action.Filename,
+						absKubeconfigPath,
+					)
+
+					if err != nil {
+						return err
+					}
+
+					resolveAction, err := resolveClusterCAAction(filename)
 
 					if err != nil {
 						return err
@@ -70,7 +85,22 @@ func Kubeconfig(
 
 					resolvers = append(resolvers, resolveAction)
 				case models.ClientCertDataAction:
-					resolveAction, err := resolveClientCertAction(action.Filename)
+					absKubeconfigPath, err := local.ResolveKubeconfigPath(kubeconfigPath)
+
+					if err != nil {
+						return err
+					}
+
+					filename, err := utils.GetFileReferenceFromKubeconfig(
+						action.Filename,
+						absKubeconfigPath,
+					)
+
+					if err != nil {
+						return err
+					}
+
+					resolveAction, err := resolveClientCertAction(filename)
 
 					if err != nil {
 						return err
@@ -78,7 +108,22 @@ func Kubeconfig(
 
 					resolvers = append(resolvers, resolveAction)
 				case models.ClientKeyDataAction:
-					resolveAction, err := resolveClientKeyAction(action.Filename)
+					absKubeconfigPath, err := local.ResolveKubeconfigPath(kubeconfigPath)
+
+					if err != nil {
+						return err
+					}
+
+					filename, err := utils.GetFileReferenceFromKubeconfig(
+						action.Filename,
+						absKubeconfigPath,
+					)
+
+					if err != nil {
+						return err
+					}
+
+					resolveAction, err := resolveClientKeyAction(filename)
 
 					if err != nil {
 						return err
@@ -86,7 +131,22 @@ func Kubeconfig(
 
 					resolvers = append(resolvers, resolveAction)
 				case models.OIDCIssuerDataAction:
-					resolveAction, err := resolveOIDCIssuerAction(action.Filename)
+					absKubeconfigPath, err := local.ResolveKubeconfigPath(kubeconfigPath)
+
+					if err != nil {
+						return err
+					}
+
+					filename, err := utils.GetFileReferenceFromKubeconfig(
+						action.Filename,
+						absKubeconfigPath,
+					)
+
+					if err != nil {
+						return err
+					}
+
+					resolveAction, err := resolveOIDCIssuerAction(filename)
 
 					if err != nil {
 						return err
@@ -94,7 +154,22 @@ func Kubeconfig(
 
 					resolvers = append(resolvers, resolveAction)
 				case models.TokenDataAction:
-					resolveAction, err := resolveTokenDataAction(action.Filename)
+					absKubeconfigPath, err := local.ResolveKubeconfigPath(kubeconfigPath)
+
+					if err != nil {
+						return err
+					}
+
+					filename, err := utils.GetFileReferenceFromKubeconfig(
+						action.Filename,
+						absKubeconfigPath,
+					)
+
+					if err != nil {
+						return err
+					}
+
+					resolveAction, err := resolveTokenDataAction(filename)
 
 					if err != nil {
 						return err

cli/cmd/utils/file.go

@@ -0,0 +1,33 @@
+package utils
+
+import (
+	"fmt"
+	"os"
+	"path/filepath"
+)
+
+func GetFileReferenceFromKubeconfig(
+	filename string,
+	kubeconfigPath string,
+) (string, error) {
+	if info, err := os.Stat(filename); os.IsNotExist(err) && !info.IsDir() {
+		// attempt to discover the filename relative to the kubeconfig location
+		absPath, err := filepath.Abs(kubeconfigPath)
+
+		if err != nil {
+			return "", err
+		}
+
+		fPath := filepath.Join(filepath.Dir(absPath), filename)
+
+		if info, err := os.Stat(fPath); !os.IsNotExist(err) && !info.IsDir() {
+			return fPath, nil
+		} else {
+			return "", fmt.Errorf("%s not found", filename)
+		}
+	} else if info.IsDir() {
+		return "", fmt.Errorf("%s is a directory", filename)
+	}
+
+	return filename, nil
+}

go.sum

@@ -1850,6 +1850,8 @@ k8s.io/cli-runtime v0.18.8/go.mod h1:7EzWiDbS9PFd0hamHHVoCY4GrokSTPSL32MA4rzIu0M
 k8s.io/client-go v0.16.8/go.mod h1:WmPuN0yJTKHXoklExKxzo3jSXmr3EnN+65uaTb5VuNs=
 k8s.io/client-go v0.18.8 h1:SdbLpIxk5j5YbFr1b7fq8S7mDgDjYmUxSbszyoesoDM=
 k8s.io/client-go v0.18.8/go.mod h1:HqFqMllQ5NnQJNwjro9k5zMyfhZlOwpuTLVrxjkYSxU=
+k8s.io/client-go v1.5.1 h1:XaX/lo2/u3/pmFau8HN+sB5C/b4dc4Dmm2eXjBH4p1E=
+k8s.io/client-go v11.0.0+incompatible h1:LBbX2+lOwY9flffWlJM7f1Ct8V2SRNiMRDFeiwnJo9o=
 k8s.io/cloud-provider v0.18.8/go.mod h1:cn9AlzMPVIXA4HHLVbgGUigaQlZyHSZ7WAwDEFNrQSs=
 k8s.io/cluster-bootstrap v0.18.8/go.mod h1:guq0Uc+QwazHgpS1yAw5Z7yUlBCtGppbgWQkbN3lxIY=
 k8s.io/code-generator v0.16.8/go.mod h1:wFdrXdVi/UC+xIfLi+4l9elsTT/uEF61IfcN2wOLULQ=

internal/kubernetes/config.go

@@ -18,6 +18,9 @@ import (
 	"k8s.io/client-go/restmapper"
 	"k8s.io/client-go/tools/clientcmd"
 	"k8s.io/client-go/util/homedir"
+
+	// add oidc provider here
+	_ "k8s.io/client-go/plugin/pkg/client/auth/oidc"
 )
 
 // GetAgentOutOfClusterConfig creates a new Agent using the OutOfClusterConfig
@@ -79,22 +82,6 @@ func (conf *OutOfClusterConfig) ToRESTConfig() (*rest.Config, error) {
 		return nil, err
 	}
 
-	// if conf.ServiceAccount.AuthMechanism == models.GCP {
-	// 	creds, err := google.CredentialsFromJSON(
-	// 		context.Background(),
-	// 		conf.ServiceAccount.KeyData,
-	// 		"https://www.googleapis.com/auth/cloud-platform",
-	// 	)
-
-	// 	if err != nil {
-	// 		return nil, err
-	// 	}
-
-	// 	restConf.Transport = &oauth2.Transport{
-	// 		Source: creds.TokenSource,
-	// 	}
-	// }
-
 	rest.SetKubernetesDefaults(restConf)
 	return restConf, nil
 }

internal/kubernetes/kubeconfig.go

@@ -3,7 +3,6 @@ package kubernetes
 import (
 	"context"
 	"errors"
-	"fmt"
 	"strings"
 
 	"github.com/porter-dev/porter/internal/models"
@@ -336,7 +335,6 @@ func createRawConfigFromServiceAccount(
 		authInfoMap[authInfoName].Username = sa.Username
 		authInfoMap[authInfoName].Password = sa.Password
 	case models.Bearer:
-		fmt.Println("AUTH MECHANISM IS BEARER WITH TOKEN", sa.Token)
 		authInfoMap[authInfoName].Token = sa.Token
 	case models.OIDC:
 		authInfoMap[authInfoName].AuthProvider = &api.AuthProviderConfig{

internal/kubernetes/local/kubeconfig.go

@@ -19,19 +19,10 @@ import (
 // options set on the host, or an explicit kubeconfig path. It then strips the kubeconfig
 // of contexts not specified in the contexts array, and returns generate kubeconfig.
 func GetKubeconfigFromHost(kubeconfigPath string, contexts []string) ([]byte, error) {
-	envVarName := clientcmd.RecommendedConfigPathEnvVar
-
-	if kubeconfigPath != "" {
-		if _, err := os.Stat(kubeconfigPath); os.IsNotExist(err) {
-			// the specified kubeconfig does not exist so fallback to other options
-			kubeconfigPath = ""
-		}
-	}
+	kubeconfigPath, err := ResolveKubeconfigPath(kubeconfigPath)
 
-	if kubeconfigPath == "" && os.Getenv(envVarName) == "" {
-		if home := homedir.HomeDir(); home != "" {
-			kubeconfigPath = filepath.Join(home, ".kube", "config")
-		}
+	if err != nil {
+		return nil, err
 	}
 
 	loadingRules := clientcmd.NewDefaultClientConfigLoadingRules()
@@ -67,6 +58,31 @@ func GetKubeconfigFromHost(kubeconfigPath string, contexts []string) ([]byte, er
 	return clientcmd.Write(strippedRawConf)
 }
 
+// ResolveKubeconfigPath finds the path to a kubeconfig, first searching for the
+// passed string, then in the home directory, then as an env variable.
+func ResolveKubeconfigPath(kubeconfigPath string) (string, error) {
+	envVarName := clientcmd.RecommendedConfigPathEnvVar
+
+	if kubeconfigPath != "" {
+		if _, err := os.Stat(kubeconfigPath); os.IsNotExist(err) {
+			// the specified kubeconfig does not exist, throw error
+			return "", fmt.Errorf("kubeconfig not found: %s does not exist", kubeconfigPath)
+		}
+	}
+
+	if kubeconfigPath == "" {
+		if os.Getenv(envVarName) == "" {
+			if home := homedir.HomeDir(); home != "" {
+				kubeconfigPath = filepath.Join(home, ".kube", "config")
+			}
+		} else {
+			kubeconfigPath = os.Getenv(envVarName)
+		}
+	}
+
+	return kubeconfigPath, nil
+}
+
 // GetConfigFromHostWithCertData gets the kubeconfig using default options set on the host:
 // the kubeconfig can either be retrieved from a specified path or an environment variable.
 // This function only outputs a clientcmd that uses the allowedContexts.