Initial check-access work #11
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
This will make referencing RcdsConfig and the ChallengeConfig's much easier in other places in the code. Right now, this requires a call to validate_X() to initialize the OnceLock with the parsed value; I might change this to a LazyLock later when it is not experimental. Signed-off-by: Robert Detjens <[email protected]>
…ready Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
this ensures the config is good to use before other parts try to use it, and loads the parsed value into the static OnceLocks. Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
These do nothing and return hardcoded values for now. Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
If this is not given, use the default KUBECONFIG / ~/.kube/config as usual Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
We don't need to worry about all these unused variable warnings while things are still being implemented. I know it's unused, I'm gonna use it soon! Signed-off-by: Robert Detjens <[email protected]>
This checks K8S api access by asking whoami (a la `kubectl auth whoami`). Also adds Tokio as a dependency. The kube crate is all async, and so we need Tokio to deal with that. Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
detjensrobert
force-pushed
the
dr/check-access
branch
from
bac4502 to
caaed66
Compare
detjensrobert
commented
Jun 19, 2024
Comment on lines
+15
to
+27
| /// get config from global, or load from file if not parsed yet | ||
| pub fn get_config() -> Result<RcdsConfig> { | ||
| // return already parsed value | ||
| if let Some(existing) = CONFIG.get() { | ||
| return Ok(existing); | ||
| } | ||
|
|
||
| let config = config::parse(); | ||
|
|
||
| // if config parsed OK, set global and return that | ||
| // otherwise pass through the errors from parsing | ||
| config.map(|c| CONFIG.get_or_init(|| c)) | ||
| } |
There was a problem hiding this comment.
Also refactors how config parsing works to only parse once, and reuse that on other calls.
Currently, this is with an getter function that updates a static variable. This is redundant to have both exposed, and I'd prefer to only have the static variable lazily init'd, but std::Lazy isnt standardized yet and would need another crate for that (std::OnceCell is).
Thoughts on how this should be exposed? What's the idiomatic way to do this?
Parsing these and normalizing the structs into one struct for consumers is very non-ergonomic and users should be doing this anyway for security. We can add this back in later if the need arises and we know how/what components are using this. Signed-off-by: Robert Detjens <[email protected]>
This is using the docker_api crate, for now. This isnt the greatest to use and there are other libraries that might be better. Signed-off-by: Robert Detjens <[email protected]>
This is easier to use than docker_api Signed-off-by: Robert Detjens <[email protected]>
Signed-off-by: Robert Detjens <[email protected]>
|
merging without review to unblock other work items pending on this pr |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Only basic K8S for now, the others are stubbed out while I work on them.
Also refactors how config parsing works to only parse once, and reuse that on other calls.