go:generate go run github.com/maxbrunsfeld/counterfeiter/v6 net/http.RoundTripper
(config command.Config, k8sConfigGetter v7action.KubernetesConfigGetter, roundTripper http.RoundTripper)
| 27 | //go:generate go run github.com/maxbrunsfeld/counterfeiter/v6 net/http.RoundTripper |
| 28 | |
| 29 | func WrapForCFOnK8sAuth(config command.Config, k8sConfigGetter v7action.KubernetesConfigGetter, roundTripper http.RoundTripper) (http.RoundTripper, error) { |
| 30 | username, err := config.CurrentUserName() |
| 31 | if err != nil { |
| 32 | return nil, err |
| 33 | } |
| 34 | if username == "" { |
| 35 | return nil, errors.New("current user not set") |
| 36 | } |
| 37 | |
| 38 | k8sConfig, err := k8sConfigGetter.Get() |
| 39 | if err != nil { |
| 40 | return nil, err |
| 41 | } |
| 42 | |
| 43 | restConfig, err := clientcmd.NewDefaultClientConfig( |
| 44 | *k8sConfig, |
| 45 | &clientcmd.ConfigOverrides{ |
| 46 | Context: api.Context{AuthInfo: username}, |
| 47 | }, |
| 48 | ).ClientConfig() |
| 49 | if err != nil { |
| 50 | return nil, err |
| 51 | } |
| 52 | |
| 53 | // Special case for certs, since we don't want mtls |
| 54 | cert, err := getCert(restConfig) |
| 55 | if err != nil { |
| 56 | return nil, err |
| 57 | } |
| 58 | |
| 59 | transportConfig, err := restConfig.TransportConfig() |
| 60 | if err != nil { |
| 61 | return nil, fmt.Errorf("failed to get transport config: %w", err) |
| 62 | } |
| 63 | |
| 64 | if cert != nil { |
| 65 | return certRoundTripper{ |
| 66 | cert: cert, |
| 67 | roundTripper: roundTripper, |
| 68 | }, nil |
| 69 | } |
| 70 | |
| 71 | if transportConfig.WrapTransport == nil { |
| 72 | // i.e. not auth-provider or exec plugin |
| 73 | return transport.HTTPWrappersForConfig(transportConfig, roundTripper) |
| 74 | } |
| 75 | |
| 76 | // using auth provider to generate token |
| 77 | return transportConfig.WrapTransport(roundTripper), nil |
| 78 | } |
| 79 | |
| 80 | func getCert(restConfig *rest.Config) (*tls.Certificate, error) { |
| 81 | tlsConfig, err := rest.TLSConfigFor(restConfig) |
no test coverage detected