diff --git a/src/main/__test__/kube-auth-proxy.test.ts b/src/main/__test__/kube-auth-proxy.test.ts index 00fe3698f7..8ef1f058e7 100644 --- a/src/main/__test__/kube-auth-proxy.test.ts +++ b/src/main/__test__/kube-auth-proxy.test.ts @@ -58,6 +58,7 @@ describe("kube auth proxy tests", () => { let port: number let mockedCP: MockProxy let listeners: Record void> + let proxy: KubeAuthProxy beforeEach(async () => { port = await getFreePort() @@ -85,43 +86,41 @@ describe("kube auth proxy tests", () => { return mockedCP }) mockWaitUntilUsed.mockReturnValueOnce(Promise.resolve()) + const cluster = new Cluster({ id: "foobar", kubeConfigPath: "fake-path.yml" }) + jest.spyOn(cluster, "apiUrl", "get").mockReturnValue("https://fake.k8s.internal") + proxy = new KubeAuthProxy(cluster, port, {}) }) it("should call spawn and broadcast errors", async () => { - const kap = new KubeAuthProxy(new Cluster({ id: "foobar", kubeConfigPath: "fake-path.yml" }), port, {}) - await kap.run() + await proxy.run() listeners["error"]({ message: "foobarbat" }) expect(mockBroadcastIpc).toBeCalledWith("kube-auth:foobar", { data: "foobarbat", error: true }) }) it("should call spawn and broadcast exit", async () => { - const kap = new KubeAuthProxy(new Cluster({ id: "foobar", kubeConfigPath: "fake-path.yml" }), port, {}) - await kap.run() + await proxy.run() listeners["exit"](0) expect(mockBroadcastIpc).toBeCalledWith("kube-auth:foobar", { data: "proxy exited with code: 0", error: false }) }) it("should call spawn and broadcast errors from stderr", async () => { - const kap = new KubeAuthProxy(new Cluster({ id: "foobar", kubeConfigPath: "fake-path.yml" }), port, {}) - await kap.run() + await proxy.run() listeners["stderr/data"]("an error") expect(mockBroadcastIpc).toBeCalledWith("kube-auth:foobar", { data: "an error", error: true }) }) it("should call spawn and broadcast stdout serving info", async () => { - const kap = new KubeAuthProxy(new Cluster({ id: "foobar", kubeConfigPath: "fake-path.yml" }), port, {}) - await kap.run() + await proxy.run() listeners["stdout/data"]("Starting to serve on") expect(mockBroadcastIpc).toBeCalledWith("kube-auth:foobar", { data: "Authentication proxy started\n" }) }) it("should call spawn and broadcast stdout other info", async () => { - const kap = new KubeAuthProxy(new Cluster({ id: "foobar", kubeConfigPath: "fake-path.yml" }), port, {}) - await kap.run() + await proxy.run() listeners["stdout/data"]("some info") expect(mockBroadcastIpc).toBeCalledWith("kube-auth:foobar", { data: "some info" }) diff --git a/src/main/cluster.ts b/src/main/cluster.ts index 411647809c..da203b5788 100644 --- a/src/main/cluster.ts +++ b/src/main/cluster.ts @@ -2,7 +2,7 @@ import type { ClusterId, ClusterMetadata, ClusterModel, ClusterPreferences } fro import type { WorkspaceId } from "../common/workspace-store"; import { action, computed, observable, toJS, when } from "mobx"; import { broadcastMessage } from "../common/ipc"; -import { KubeConfig } from "@kubernetes/client-node" +import { KubeConfig } from "@kubernetes/client-node"; import { Kubectl } from "./kubectl"; import { loadConfig } from "../common/kube-helpers" import logger from "./logger"; @@ -15,8 +15,6 @@ export enum ClusterMetadataKey { LAST_SEEN = "lastSeen" } - - export interface ClusterState { initialized: boolean; apiUrl: string; @@ -151,6 +149,4 @@ export class Cluster implements ClusterModel, ClusterState { disconnected: this.disconnected, } } - - } diff --git a/src/main/kube-auth-proxy.ts b/src/main/kube-auth-proxy.ts index 4d64e77495..5377ecb829 100644 --- a/src/main/kube-auth-proxy.ts +++ b/src/main/kube-auth-proxy.ts @@ -4,6 +4,7 @@ import { broadcastMessage } from "../common/ipc"; import type { Cluster } from "./cluster" import { Kubectl } from "./kubectl" import logger from "./logger" +import * as url from "url" export interface KubeAuthProxyLog { data: string; @@ -26,17 +27,22 @@ export class KubeAuthProxy { this.kubectl = Kubectl.bundled() } + get acceptHosts() { + return url.parse(this.cluster.apiUrl).hostname; + } + public async run(): Promise { if (this.proxyProcess) { return; } + const proxyBin = await this.kubectl.getPath() const args = [ "proxy", "-p", `${this.port}`, "--kubeconfig", `${this.cluster.kubeConfigPath}`, "--context", `${this.cluster.contextName}`, - "--accept-hosts", ".*", + "--accept-hosts", this.acceptHosts, "--reject-paths", "^[^/]" ] if (process.env.DEBUG_PROXY === "true") {