Skip to content

feat: add feature to prevent nested kubeconfig contexts #6555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
agoose77 merged 5 commits into from
Aug 15, 2025
Merged

feat: add feature to prevent nested kubeconfig contexts #6555

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
e2bf95b
feat: add feature to prevent nested kubeconfig contexts
agoose77 Aug 13, 2025
ec77474
refactor: split out deployer command
agoose77 Aug 13, 2025
6021af8
feat: also test for .kube/config
agoose77 Aug 15, 2025
1dc7575
feat: allow KUBECONFIG to be set but empty (more permissive)
agoose77 Aug 15, 2025
e01f81a
Merge branch 'main' into agoose77/feat-prohibit-nested-kubeconfig
agoose77 Aug 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/workflows/deploy-hubs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ on:
- deployer/**
- '!deployer/README.md'
- '!deployer/health_check_tests/**'
- '!deployer/commands/develop/**'
- '!deployer/commands/generate/billing/**'
- '!deployer/commands/generate/dedicated_cluster/**'
- '!deployer/commands/generate/hub_asset/**'
Expand Down
1 change: 1 addition & 0 deletions deployer/__main__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
import deployer.commands.config.get_clusters # noqa: F401
import deployer.commands.debug # noqa: F401
import deployer.commands.deployer # noqa: F401
import deployer.commands.develop.use_cluster_credentials # noqa: F401
import deployer.commands.exec.aws.aws_app # noqa: F401
import deployer.commands.exec.infra_components # noqa: F401
import deployer.commands.exec.promql # noqa: F401
Expand Down
4 changes: 4 additions & 0 deletions deployer/commands/deployer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@ def use_cluster_credentials(
"""
Pop a new shell or execute a command after authenticating to the given cluster using the deployer's credentials
"""
if "DEPLOYER_NO_NESTED_KUBECONFIG" in os.environ and "KUBECONFIG" in os.environ:
Comment thread
agoose77 marked this conversation as resolved.
raise RuntimeError(
"Attempting to create a nested KUBECONFIG context, which has been explicitly forbidden by the presence of the DEPLOYER_NO_NESTED_KUBECONFIG environment variable."
)
# This function is to be used with the `use-cluster-credentials` CLI
# command only - it is not used by the rest of the deployer codebase.
validate_cluster_config(cluster_name)
Expand Down
71 changes: 71 additions & 0 deletions deployer/commands/develop/use_cluster_credentials.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
"""
Actions available provisioning credentials to deploy against Kubernetes clusters
"""

import os
import subprocess
from pathlib import Path

import typer
from ruamel.yaml import YAML

from deployer.cli_app import app
from deployer.commands.validate.config import cluster_config as validate_cluster_config
from deployer.infra_components.cluster import Cluster

# Without `pure=True`, I get an exception about str / byte issues
yaml = YAML(typ="safe", pure=True)


def ensure_single_kubeconfig_context():
kubeconfig_path = Path.home() / ".kube" / "config"

if (
# Do not allow non-empty KUBECONFIG
os.environ.get("KUBECONFIG")
or (
# Do not allow non-empty kubectl config file
kubeconfig_path.exists()
and kubeconfig_path.stat().st_size > 0
)
):
raise RuntimeError(
"Attempting to create a nested KUBECONFIG context, which has been explicitly forbidden by the presence of the DEPLOYER_NO_NESTED_KUBECONFIG environment variable."
)


@app.command()
def use_cluster_credentials(
cluster_name: str = typer.Argument(..., help="Name of cluster to operate on"),
commandline: str = typer.Argument(
"",
help="Optional shell command line to run after authenticating to this cluster",
),
):
"""
Pop a new shell or execute a command after authenticating to the given cluster using the deployer's credentials
"""
if "DEPLOYER_NO_NESTED_KUBECONFIG" in os.environ:
ensure_single_kubeconfig_context()

# This function is to be used with the `use-cluster-credentials` CLI
# command only - it is not used by the rest of the deployer codebase.
validate_cluster_config(cluster_name)

cluster = Cluster.from_name(cluster_name)

# Cluster.auth() method has the context manager decorator so cannot call
# it like a normal function
with cluster.auth():
# This command will spawn a new shell with all the env vars (including
# KUBECONFIG) inherited, and once you quit that shell the python program
# will resume as usual.
# TODO: Figure out how to change the PS1 env var of the spawned shell
# to change the prompt to f"cluster-{cluster.spec['name']}". This will
# make it visually clear that the user is now operating in a different
# shell.
args = [os.environ["SHELL"], "-l"]
# If a command to execute is specified, just execute that and exit.
if commandline:
args += ["-c", commandline]
subprocess.check_call(args)
Loading