celestiaorg · mojtaba-esk · Jan 7, 2025 · Jan 7, 2025
diff --git a/e2e/basic/suite_setup_test.go b/e2e/basic/suite_setup_test.go
@@ -35,7 +35,7 @@ func (s *Suite) SetupSuite() {
 		logger = logrus.New()
 	)
 
-	k8sClient, err := k8s.NewClient(ctx, knuu.DefaultScope(), logger)
+	k8sClient, err := k8s.NewClient(ctx, knuu.DefaultScope(), logger, s.K8sDefaultOptions()...)
 	s.Require().NoError(err)
 
 	minioClient, err := minio.New(ctx, k8sClient, logger)
@@ -46,6 +46,7 @@ func (s *Suite) SetupSuite() {
 		K8sClient:    k8sClient,
 		MinioClient:  minioClient,
 		Timeout:      testTimeout,
+		Logger:       logger,
 	})
 	s.Require().NoError(err)
 

diff --git a/e2e/netshaper/suite_setup_test.go b/e2e/netshaper/suite_setup_test.go
@@ -4,9 +4,11 @@ import (
 	"context"
 	"testing"
 
+	"github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/suite"
 
 	"github.com/celestiaorg/knuu/e2e"
+	"github.com/celestiaorg/knuu/pkg/k8s"
 	"github.com/celestiaorg/knuu/pkg/knuu"
 )
 
@@ -19,11 +21,18 @@ func TestRunSuite(t *testing.T) {
 }
 
 func (s *Suite) SetupSuite() {
-	ctx := context.Background()
+	var (
+		ctx    = context.Background()
+		logger = logrus.New()
+	)
+
+	k8sClient, err := k8s.NewClient(ctx, knuu.DefaultScope(), logger, s.K8sDefaultOptions()...)
+	s.Require().NoError(err)
 
-	var err error
 	s.Knuu, err = knuu.New(ctx, knuu.Options{
 		ProxyEnabled: true,
+		K8sClient:    k8sClient,
+		Logger:       logger,
 	})
 	s.Require().NoError(err)
 	s.T().Logf("Scope: %s", s.Knuu.Scope)

diff --git a/e2e/sidecars/suite_setup_test.go b/e2e/sidecars/suite_setup_test.go
@@ -10,6 +10,7 @@ import (
 
 	"github.com/celestiaorg/knuu/e2e"
 	"github.com/celestiaorg/knuu/pkg/instance"
+	"github.com/celestiaorg/knuu/pkg/k8s"
 	"github.com/celestiaorg/knuu/pkg/knuu"
 )
 
@@ -33,9 +34,13 @@ func (s *Suite) SetupSuite() {
 		err    error
 	)
 
+	k8sClient, err := k8s.NewClient(ctx, knuu.DefaultScope(), logger, s.K8sDefaultOptions()...)
+	s.Require().NoError(err)
+
 	s.Knuu, err = knuu.New(ctx, knuu.Options{
-		Timeout: testTimeout,
-		Logger:  logger,
+		K8sClient: k8sClient,
+		Timeout:   testTimeout,
+		Logger:    logger,
 	})
 	s.Require().NoError(err)
 

diff --git a/e2e/suite.go b/e2e/suite.go
@@ -3,6 +3,7 @@ package e2e
 import (
 	"context"
 	"fmt"
+	"os"
 	"sync"
 	"sync/atomic"
 	"time"
@@ -11,6 +12,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 
 	"github.com/celestiaorg/knuu/pkg/instance"
+	"github.com/celestiaorg/knuu/pkg/k8s"
 	"github.com/celestiaorg/knuu/pkg/knuu"
 )
 
@@ -21,6 +23,10 @@ const (
 
 	nginxImage       = "docker.io/nginx:latest"
 	nginxVolumeOwner = 0
+
+	envK8sHost      = "K8S_HOST"
+	envK8sCACert    = "K8S_CA_CERT"
+	envK8sAuthToken = "K8S_AUTH_TOKEN"
 )
 
 type Suite struct {
@@ -93,3 +99,18 @@ func (s *Suite) RetryOperation(operation func() error, maxRetries int) error {
 	}
 	return fmt.Errorf("operation failed after %d retries: %w", maxRetries, err)
 }
+
+func (s *Suite) K8sDefaultOptions() []k8s.Option {
+	if os.Getenv(envK8sAuthToken) == "" || os.Getenv(envK8sCACert) == "" || os.Getenv(envK8sHost) == "" {
+		s.T().Logf("%s, %s and/or %s are not set, using default cluster config from ~/.kube/config", envK8sAuthToken, envK8sCACert, envK8sHost)
+		return nil
+	}
+
+	return []k8s.Option{
+		k8s.WithAuthToken(
+			os.Getenv(envK8sHost),
+			os.Getenv(envK8sCACert),
+			os.Getenv(envK8sAuthToken),
+		),
+	}
+}
diff --git a/e2e/system/suite_setup_test.go b/e2e/system/suite_setup_test.go
@@ -36,7 +36,7 @@ func (s *Suite) SetupSuite() {
 		logger = logrus.New()
 	)
 
-	k8sClient, err := k8s.NewClient(ctx, knuu.DefaultScope(), logger)
+	k8sClient, err := k8s.NewClient(ctx, knuu.DefaultScope(), logger, s.K8sDefaultOptions()...)
 	s.Require().NoError(err, "Error creating k8s client")
 
 	minioClient, err := minio.New(ctx, k8sClient, logger)
@@ -47,6 +47,7 @@ func (s *Suite) SetupSuite() {
 		K8sClient:    k8sClient,
 		MinioClient:  minioClient, // needed for build from git tests
 		Timeout:      testTimeout,
+		Logger:       logger,
 	})
 	s.Require().NoError(err)
 

diff --git a/e2e/tshark/tshark_test.go b/e2e/tshark/tshark_test.go
@@ -13,6 +13,7 @@ import (
 	"github.com/stretchr/testify/require"
 	"k8s.io/apimachinery/pkg/api/resource"
 
+	"github.com/celestiaorg/knuu/e2e"
 	"github.com/celestiaorg/knuu/pkg/k8s"
 	"github.com/celestiaorg/knuu/pkg/knuu"
 	"github.com/celestiaorg/knuu/pkg/minio"
@@ -32,10 +33,13 @@ func TestTshark(t *testing.T) {
 	t.Parallel()
 	// Setup
 
-	ctx := context.Background()
+	var (
+		ctx    = context.Background()
+		logger = logrus.New()
+		s      = e2e.Suite{}
+	)
 
-	logger := logrus.New()
-	k8sClient, err := k8s.NewClient(ctx, knuu.DefaultScope(), logger)
+	k8sClient, err := k8s.NewClient(ctx, knuu.DefaultScope(), logger, s.K8sDefaultOptions()...)
 	require.NoError(t, err, "error creating k8s client")
 
 	minioClient, err := minio.New(ctx, k8sClient, logger)

diff --git a/pkg/k8s/clinet_options.go b/pkg/k8s/clinet_options.go
@@ -0,0 +1,43 @@
+package k8s
+
+import "k8s.io/client-go/rest"
+
+type ClientOptions struct {
+	clusterDomain string
+	clusterHost   string
+	authToken     string
+	cert          string
+	clusterConfig *rest.Config
+}
+
+type Option func(*ClientOptions)
+
+func WithClusterDomain(clusterDomain string) Option {
+	return func(o *ClientOptions) {
+		o.clusterDomain = clusterDomain
+	}
+}
+
+func WithAuthToken(host, cert, authToken string) Option {
+	return func(o *ClientOptions) {
+		o.clusterHost = host
+		o.authToken = authToken
+		o.cert = cert
+	}
+}
+
+func WithClusterConfig(clusterConfig *rest.Config) Option {
+	return func(o *ClientOptions) {
+		o.clusterConfig = clusterConfig
+	}
+}
+
+func getAppliedOptions(options ...Option) *ClientOptions {
+	opts := &ClientOptions{
+		clusterDomain: defaultClusterDomain,
+	}
+	for _, opt := range options {
+		opt(opts)
+	}
+	return opts
+}
diff --git a/pkg/k8s/errors.go b/pkg/k8s/errors.go
@@ -147,4 +147,6 @@ var (
 	ErrNoPortsFoundForService             = errors.New("NoPortsFoundForService", "no ports found for service %s")
 	ErrNoValidNodeIPFound                 = errors.New("NoValidNodeIPFound", "no valid node IP found for service %s")
 	ErrInvalidClusterDomain               = errors.New("InvalidClusterDomain", "invalid cluster domain `%s`")
+	ErrEmptyClusterHostOrAuthTokenOrCert  = errors.New("EmptyClusterHostOrAuthTokenOrCert", "cluster host, auth token or cert is not set")
+	ErrClusterConfigNotSet                = errors.New("ClusterConfigNotSet", "cluster config is not set")
 )
diff --git a/pkg/k8s/k8s.go b/pkg/k8s/k8s.go
@@ -9,6 +9,7 @@ import (
 	"k8s.io/client-go/discovery"
 	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
 )
 
 const (
@@ -40,6 +41,7 @@ const (
 type Client struct {
 	clientset       kubernetes.Interface
 	discoveryClient discovery.DiscoveryInterface
+	clusterConfig   *rest.Config
 	dynamicClient   dynamic.Interface
 	namespace       string
 	clusterDomain   string
@@ -49,22 +51,10 @@ type Client struct {
 	maxPendingDuration time.Duration
 }
 
-type ClientOptions struct {
-	clusterDomain string
-}
-
-type Option func(*ClientOptions)
-
-func WithClusterDomain(clusterDomain string) Option {
-	return func(o *ClientOptions) {
-		o.clusterDomain = clusterDomain
-	}
-}
-
 var _ KubeManager = &Client{}
 
 func NewClient(ctx context.Context, namespace string, logger *logrus.Logger, options ...Option) (*Client, error) {
-	config, err := getClusterConfig()
+	config, err := getClusterConfig(getAppliedOptions(options...))
 	if err != nil {
 		return nil, ErrRetrievingKubernetesConfig.Wrap(err)
 	}
@@ -88,7 +78,8 @@ func NewClient(ctx context.Context, namespace string, logger *logrus.Logger, opt
 		return nil, ErrCreatingDynamicClient.Wrap(err)
 	}
 
-	return NewClientCustom(ctx, cs, dc, dC, namespace, logger, options...)
+	return NewClientCustom(ctx, cs, dc, dC, namespace, logger,
+		append(options, WithClusterConfig(config))...)
 }
 
 func NewClientCustom(
@@ -100,13 +91,7 @@ func NewClientCustom(
 	logger *logrus.Logger,
 	options ...Option,
 ) (*Client, error) {
-	opts := &ClientOptions{
-		clusterDomain: defaultClusterDomain,
-	}
-	for _, opt := range options {
-		opt(opts)
-	}
-
+	opts := getAppliedOptions(options...)
 	if err := validateDNS1123Subdomain(
 		opts.clusterDomain,
 		ErrInvalidClusterDomain.WithParams(opts.clusterDomain),
@@ -122,6 +107,7 @@ func NewClientCustom(
 		logger:             logger,
 		terminated:         false,
 		maxPendingDuration: defaultMaxPendingDuration,
+		clusterConfig:      opts.clusterConfig,
 	}
 	kc.namespace = SanitizeName(namespace)
 	if err := kc.CreateNamespace(ctx, kc.namespace); err != nil {

diff --git a/pkg/k8s/namespace.go b/pkg/k8s/namespace.go
@@ -25,7 +25,7 @@ func (c *Client) CreateNamespace(ctx context.Context, name string) error {
 	_, err := c.clientset.CoreV1().Namespaces().Create(ctx, namespace, metav1.CreateOptions{})
 	if err != nil {
 		if !apierrs.IsAlreadyExists(err) {
-			return ErrCreatingNamespace.WithParams(name).Wrap(err)
+			return err
 		}
 		c.logger.WithField("name", name).Debug("namespace already exists, continuing")
 		return nil

diff --git a/pkg/k8s/pod.go b/pkg/k8s/pod.go
@@ -210,11 +210,10 @@ func (c *Client) RunCommandInPod(
 		}, scheme.ParameterCodec)
 
 	// Create an executor for the command execution
-	k8sConfig, err := getClusterConfig()
-	if err != nil {
-		return "", ErrGettingK8sConfig.Wrap(err)
+	if c.clusterConfig == nil {
+		return "", ErrClusterConfigNotSet
 	}
-	exec, err := remotecommand.NewSPDYExecutor(k8sConfig, http.MethodPost, req.URL())
+	exec, err := remotecommand.NewSPDYExecutor(c.clusterConfig, http.MethodPost, req.URL())
 	if err != nil {
 		return "", ErrCreatingExecutor.Wrap(err)
 	}
@@ -283,9 +282,8 @@ func (c *Client) PortForwardPod(
 		return ErrGettingPod.WithParams(podName).Wrap(err)
 	}
 
-	restConfig, err := getClusterConfig()
-	if err != nil {
-		return ErrGettingClusterConfig.Wrap(err)
+	if c.clusterConfig == nil {
+		return ErrClusterConfigNotSet
 	}
 
 	url := c.clientset.CoreV1().RESTClient().Post().
@@ -295,7 +293,7 @@ func (c *Client) PortForwardPod(
 		SubResource("portforward").
 		URL()
 
-	transport, upgrader, err := spdy.RoundTripperFor(restConfig)
+	transport, upgrader, err := spdy.RoundTripperFor(c.clusterConfig)
 	if err != nil {
 		return ErrCreatingRoundTripper.Wrap(err)
 	}

diff --git a/pkg/k8s/utils.go b/pkg/k8s/utils.go
@@ -24,13 +24,35 @@ func fileExists(path string) bool {
 }
 
 // getClusterConfig returns the appropriate Kubernetes cluster configuration.
-func getClusterConfig() (*rest.Config, error) {
+func getClusterConfig(opts *ClientOptions) (*rest.Config, error) {
+	if opts.clusterConfig != nil {
+		return opts.clusterConfig, nil
+	}
+
 	if isClusterEnvironment() {
 		return rest.InClusterConfig()
 	}
+
+	if opts.authToken != "" {
+		return getClusterConfigWithToken(opts)
+	}
 	return clientcmd.BuildConfigFromFlags("", kubeconfig)
 }
 
+func getClusterConfigWithToken(opts *ClientOptions) (*rest.Config, error) {
+	if opts.clusterHost == "" || opts.authToken == "" || opts.cert == "" {
+		return nil, ErrEmptyClusterHostOrAuthTokenOrCert
+	}
+
+	return &rest.Config{
+		Host:        opts.clusterHost,
+		BearerToken: opts.authToken,
+		TLSClientConfig: rest.TLSClientConfig{
+			CAData: []byte(opts.cert),
+		},
+	}, nil
+}
+
 // precompile the regular expression to avoid recompiling it on every function call
 var invalidCharsRegexp = regexp.MustCompile(`[^a-z0-9-]+`)