From 4537d83d805e063bccf49a213774ef6e141a0daf Mon Sep 17 00:00:00 2001 From: Peter Sutter Date: Fri, 15 Mar 2024 15:59:04 +0100 Subject: [PATCH] filter non-kube-apiserver advertisedAddresses --- internal/client/garden/client_test.go | 8 ++++++-- internal/client/garden/shoot_client.go | 16 +++++++++++++++- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/internal/client/garden/client_test.go b/internal/client/garden/client_test.go index b97c84c0..77e9547e 100644 --- a/internal/client/garden/client_test.go +++ b/internal/client/garden/client_test.go @@ -169,13 +169,17 @@ var _ = Describe("Client", func() { Status: gardencorev1beta1.ShootStatus{ AdvertisedAddresses: []gardencorev1beta1.ShootAdvertisedAddress{ { - Name: "shoot-address1", + Name: "external", URL: "https://api." + domain, }, { - Name: "shoot-address2", + Name: "internal", URL: "https://api2." + domain, }, + { + Name: "service-account-issuer", + URL: "https://foo.bar/projects/prod1/shoots/test-shoot1/issuer", + }, }, }, } diff --git a/internal/client/garden/shoot_client.go b/internal/client/garden/shoot_client.go index 0c4d1682..584f6e60 100644 --- a/internal/client/garden/shoot_client.go +++ b/internal/client/garden/shoot_client.go @@ -40,6 +40,13 @@ const ( ShootProjectSecretSuffixCACluster = "ca-cluster" // DataKeyCertificateCA is the key in a secret or config map data holding the CA certificate. DataKeyCertificateCA = "ca.crt" + + // AdvertisedAddressExternal is a constant that represents the name of the external kube-apiserver address. + AdvertisedAddressExternal = "external" + // AdvertisedAddressInternal is a constant that represents the name of the internal kube-apiserver address. + AdvertisedAddressInternal = "internal" + // AdvertisedAddressUnmanaged is a constant that represents the name of the unmanaged kube-apiserver address. + AdvertisedAddressUnmanaged = "unmanaged" ) // shootKubeconfigRequest is a struct which holds information about a Kubeconfig to be generated. @@ -56,7 +63,7 @@ type shootKubeconfigRequest struct { // cluster holds the data to describe and connect to a kubernetes cluster. type cluster struct { - // name is the name of the shoot advertised address, usually "external", "internal" or "unmanaged" + // name is the name of the shoot advertised address. Either "external", "internal" or "unmanaged" name string // apiServerHost is the host of the kube-apiserver apiServerHost string @@ -258,6 +265,13 @@ func (g *clientImpl) GetShootClientConfig(ctx context.Context, namespace, name s } for _, address := range shoot.Status.AdvertisedAddresses { + isKubeApiserverAddress := address.Name == AdvertisedAddressExternal || + address.Name == AdvertisedAddressInternal || + address.Name == AdvertisedAddressUnmanaged + if !isKubeApiserverAddress { + continue + } + u, err := url.Parse(address.URL) if err != nil { return nil, fmt.Errorf("could not parse shoot server url: %w", err)