jayjay
/
k9s
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix lost allnamespace

mine
derailed 2019-06-04 10:54:18 -06:00
parent f83689c53a
commit fe49fccf91
3 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
change_logs/release_0.7.5.md
View File

@ -12,7 +12,7 @@ Also if you dig this tool, please make some noise on social! [@kitesurfer](https
## Change Logs
Rats, looks like 0.7.4 is a dud! Sorry my fault, feeling burned out...
Rats, looks like 0.7.4 is a dud! Sorry my fault, feeling burned out ;(
Please ugrade to 0.7.5. Thank you for your patience and support!
---

2
internal/k8s/api.go
View File

@ -120,7 +120,7 @@ func (a *APIClient) CanIAccess(ns, name, resURL string, verbs []string) (bool, e
log.Warn().Err(err).Msgf("CanIAccess")
return false, err
}
log.Debug().Msgf("CHECKING ACCESS res:%s-%q for NS: %q Verb: %s -> %t, %s", resURL, name, ns, v, resp.Status.Allowed, resp.Status.Reason)
log.Debug().Msgf("CHECKING ACCESS group:%q|resource:%q|namespace:%q|name:%q, verb:%s access:%t -- %s", gr.Group, gr.Resource, ns, name, v, resp.Status.Allowed, resp.Status.Reason)
if !resp.Status.Allowed {
return false, err
}

16
internal/watch/informer.go
View File

@ -62,9 +62,13 @@ func NewInformer(client k8s.Connection, ns string) *Informer {
log.Debug().Msgf(">> Starting Informer")
i := Informer{client: client, informers: map[string]StoreInformer{}}
_, err := client.CanIAccess("", "", "namespaces", []string{"list", "watch"})
if err != nil && ns == AllNamespaces {
log.Panic().Msg("Unauthorized: All namespaces. Missing verbs ['list', 'watch']. Please specify a namespace or correct RBAC")
nsAccess, err := client.CanIAccess("", "", "namespaces", []string{"list", "watch"})
if ns == AllNamespaces && (err != nil || !nsAccess) {
user, _ := client.Config().CurrentUserName()
if err != nil {
log.Panic().Err(err).Msgf("Unauthorized: All namespaces. No access for user `%s", user)
}
log.Panic().Msgf("Unauthorized: All namespaces for user `%s. Missing verbs ['list', 'watch']. Please specify a namespace or correct RBAC", user)
}
// Namespace is locked in. check if user has auth for this ns access.
@ -93,7 +97,7 @@ func (i *Informer) init(ns string) {
ContainerIndex: NewContainer(po),
}
if acc, err := i.client.CanIAccess("", "", "nodes", []string{"list", "watch"}); acc && err != nil {
if acc, err := i.client.CanIAccess("", "", "nodes", []string{"list", "watch"}); acc && err == nil {
i.informers[NodeIndex] = NewNode(i.client)
}
@ -101,8 +105,10 @@ func (i *Informer) init(ns string) {
return
}
if acc, err := i.client.CanIAccess("", ns, "metrics.k8s.io", []string{"list", "watch"}); acc && err != nil {
if acc, err := i.client.CanIAccess(ns, "", "nodes.metrics.k8s.io", []string{"list", "watch"}); acc && err == nil {
i.informers[NodeMXIndex] = NewNodeMetrics(i.client)
}
if acc, err := i.client.CanIAccess(ns, "", "pods.metrics.k8s.io", []string{"list", "watch"}); acc && err == nil {
i.informers[PodMXIndex] = NewPodMetrics(i.client, ns)
}
})