Switch to using internal Kubeconfig instead of default kubeconfig to …

…store kubecontext for TAP SaaS Signed-off-by: Prem Kumar Kalle <prem.kalle@broadcom.com>
vmware-tanzu · Apr 30, 2024 · d909ef7 · d909ef7
1 parent 92c6b55
commit d909ef7
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 7 deletions.
diff --git a/pkg/auth/tanzu/kubeconfig.go b/pkg/auth/tanzu/kubeconfig.go
@@ -8,16 +8,26 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"os"
+	"path/filepath"
 	"strings"
 
 	"github.com/pkg/errors"
 	clientauthenticationv1 "k8s.io/client-go/pkg/apis/clientauthentication/v1"
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 
 	kubeutils "github.com/vmware-tanzu/tanzu-cli/pkg/auth/utils/kubeconfig"
+	"github.com/vmware-tanzu/tanzu-plugin-runtime/config"
 	configtypes "github.com/vmware-tanzu/tanzu-plugin-runtime/config/types"
 )
 
+const (
+	// tanzuLocalKubeDir is the local config directory
+	tanzuLocalKubeDir = "kube"
+
+	// tanzuKubeconfigFile is the name the of the kubeconfig file
+	tanzuKubeconfigFile = "config"
+)
+
 // GetTanzuKubeconfig constructs and returns the kubeconfig that points to Tanzu Org and
 func GetTanzuKubeconfig(c *configtypes.Context, endpoint, orgID, endpointCACertPath string, skipTLSVerify bool) (string, string, string, error) {
 	clusterAPIServerURL := strings.TrimSpace(endpoint)
@@ -39,7 +49,7 @@ func GetTanzuKubeconfig(c *configtypes.Context, endpoint, orgID, endpointCACertP
 	clusterName := kubeconfigClusterName(c.Name)
 	username := kubeconfigUserName(c.Name)
 	execConfig := getExecConfig(c)
-	config := &clientcmdapi.Config{
+	kcfg := &clientcmdapi.Config{
 		Kind:       "Config",
 		APIVersion: clientcmdapi.SchemeGroupVersion.Version,
 		Clusters: map[string]*clientcmdapi.Cluster{clusterName: {
@@ -52,11 +62,15 @@ func GetTanzuKubeconfig(c *configtypes.Context, endpoint, orgID, endpointCACertP
 		CurrentContext: contextName,
 	}
 
-	kubeconfigByes, err := json.Marshal(config)
+	kubeconfigByes, err := json.Marshal(kcfg)
 	if err != nil {
 		return "", "", "", errors.Wrap(err, "failed to marshal the tanzu kubeconfig")
 	}
-	kubeconfigPath := kubeutils.GetDefaultKubeConfigFile()
+
+	kubeconfigPath, err := tanzuLocalKubeConfigPath()
+	if err != nil {
+		return "", "", "", errors.Wrap(err, "unable to get the Tanzu local kubeconfig path")
+	}
 	err = kubeutils.MergeKubeConfigWithoutSwitchContext(kubeconfigByes, kubeconfigPath)
 	if err != nil {
 		return "", "", "", errors.Wrap(err, "failed to merge the tanzu kubeconfig")
@@ -89,3 +103,25 @@ func getExecConfig(c *configtypes.Context) *clientcmdapi.ExecConfig {
 	execConfig.Args = append([]string{"context", "get-token"}, c.Name)
 	return execConfig
 }
+
+// tanzuLocalKubeConfigPath returns the local tanzu kubeconfig path
+func tanzuLocalKubeConfigPath() (path string, err error) {
+	localDir, err := config.LocalDir()
+	if err != nil {
+		return path, errors.Wrap(err, "could not locate local tanzu dir")
+	}
+	path = filepath.Join(localDir, tanzuLocalKubeDir)
+	// create tanzu kubeconfig directory
+	if _, err := os.Stat(path); os.IsNotExist(err) {
+		err = os.MkdirAll(path, 0755)
+		if err != nil {
+			return "", err
+		}
+	} else if err != nil {
+		return "", err
+	}
+
+	configFilePath := filepath.Join(path, tanzuKubeconfigFile)
+
+	return configFilePath, nil
+}
diff --git a/pkg/auth/tanzu/kubeconfig_test.go b/pkg/auth/tanzu/kubeconfig_test.go
@@ -33,6 +33,8 @@ var _ = Describe("Unit tests for tanzu auth", func() {
 		err          error
 		endpoint     string
 		tanzuContext *configtypes.Context
+		oldHomeDir   string
+		tmpHomeDir   string
 	)
 
 	const (
@@ -55,13 +57,20 @@ var _ = Describe("Unit tests for tanzu auth", func() {
 					},
 				},
 			}
-			err = os.Setenv("KUBECONFIG", filepath.Join(testingDir, ".kube", "config"))
-			Expect(err).ToNot(HaveOccurred())
+
+			oldHomeDir = os.Getenv("HOME")
+			tmpHomeDir, err = os.MkdirTemp(os.TempDir(), "home")
+			Expect(err).To(BeNil(), "unable to create temporary home directory")
+			err = os.Setenv("HOME", tmpHomeDir)
+			Expect(err).To(BeNil())
 		})
 		AfterEach(func() {
 			deleteTempDirectory()
 			err = os.Unsetenv("KUBECONFIG")
 			Expect(err).ToNot(HaveOccurred())
+
+			err = os.Setenv("HOME", oldHomeDir)
+			Expect(err).To(BeNil())
 		})
 		Context("When the endpoint caCertPath file doesn't exist", func() {
 			BeforeEach(func() {
@@ -79,7 +88,7 @@ var _ = Describe("Unit tests for tanzu auth", func() {
 			})
 			It("should set the 'certificate-authority-data' in kubeconfig and 'insecure-skip-tls-verify' should be unset", func() {
 				Expect(err).ToNot(HaveOccurred())
-				Expect(kubeConfigPath).Should(Equal(filepath.Join(testingDir, ".kube", "config")))
+				Expect(kubeConfigPath).Should(Equal(filepath.Join(tmpHomeDir, ".config", "tanzu", "kube", "config")))
 				Expect(kubeContext).Should(Equal(kubeconfigContextName(tanzuContext.Name)))
 				config, err := clientcmd.LoadFromFile(kubeConfigPath)
 				Expect(err).ToNot(HaveOccurred())
@@ -101,7 +110,7 @@ var _ = Describe("Unit tests for tanzu auth", func() {
 			})
 			It("should not set the 'certificate-authority-data' in kubeconfig and 'insecure-skip-tls-verify' should be set", func() {
 				Expect(err).ToNot(HaveOccurred())
-				Expect(kubeConfigPath).Should(Equal(filepath.Join(testingDir, ".kube", "config")))
+				Expect(kubeConfigPath).Should(Equal(filepath.Join(tmpHomeDir, ".config", "tanzu", "kube", "config")))
 				Expect(kubeContext).Should(Equal("tanzu-cli-" + tanzuContext.Name))
 				config, err := clientcmd.LoadFromFile(kubeConfigPath)
 				Expect(err).ToNot(HaveOccurred())