refactor(kubernetes): force usage of Derived kubernetes

Prevents consumers of the kubernetes package the usage of
public methods on a non-derived config instance.

Author: manusa

pkg/kubernetes/configuration.go

@@ -21,7 +21,7 @@ var InClusterConfig = func() (*rest.Config, error) {
 }
 
 // resolveKubernetesConfigurations resolves the required kubernetes configurations and sets them in the Kubernetes struct
-func resolveKubernetesConfigurations(kubernetes *Kubernetes) error {
+func resolveKubernetesConfigurations(kubernetes *kubernetes) error {
 	// Always set clientCmdConfig
 	pathOptions := clientcmd.NewDefaultPathOptions()
 	if kubernetes.Kubeconfig != "" {
@@ -45,39 +45,39 @@ func resolveKubernetesConfigurations(kubernetes *Kubernetes) error {
 	return err
 }
 
-func (k *Kubernetes) IsInCluster() bool {
+func (k *kubernetes) IsInCluster() bool {
 	if k.Kubeconfig != "" {
 		return false
 	}
 	cfg, err := InClusterConfig()
 	return err == nil && cfg != nil
 }
 
-func (k *Kubernetes) configuredNamespace() string {
+func (k *kubernetes) configuredNamespace() string {
 	if ns, _, nsErr := k.clientCmdConfig.Namespace(); nsErr == nil {
 		return ns
 	}
 	return ""
 }
 
-func (k *Kubernetes) NamespaceOrDefault(namespace string) string {
+func (k *kubernetes) NamespaceOrDefault(namespace string) string {
 	if namespace == "" {
 		return k.configuredNamespace()
 	}
 	return namespace
 }
 
 // ToRESTConfig returns the rest.Config object (genericclioptions.RESTClientGetter)
-func (k *Kubernetes) ToRESTConfig() (*rest.Config, error) {
+func (k *kubernetes) ToRESTConfig() (*rest.Config, error) {
 	return k.cfg, nil
 }
 
 // ToRawKubeConfigLoader returns the clientcmd.ClientConfig object (genericclioptions.RESTClientGetter)
-func (k *Kubernetes) ToRawKubeConfigLoader() clientcmd.ClientConfig {
+func (k *kubernetes) ToRawKubeConfigLoader() clientcmd.ClientConfig {
 	return k.clientCmdConfig
 }
 
-func (k *Kubernetes) ConfigurationView(minify bool) (runtime.Object, error) {
+func (k *kubernetes) ConfigurationView(minify bool) (runtime.Object, error) {
 	var cfg clientcmdapi.Config
 	var err error
 	if k.IsInCluster() {

pkg/kubernetes/configuration_test.go

@@ -12,7 +12,7 @@ import (
 
 func TestKubernetes_IsInCluster(t *testing.T) {
 	t.Run("with explicit kubeconfig", func(t *testing.T) {
-		k := Kubernetes{
+		k := kubernetes{
 			Kubeconfig: "kubeconfig",
 		}
 		if k.IsInCluster() {
@@ -27,7 +27,7 @@ func TestKubernetes_IsInCluster(t *testing.T) {
 		defer func() {
 			InClusterConfig = originalFunction
 		}()
-		k := Kubernetes{
+		k := kubernetes{
 			Kubeconfig: "",
 		}
 		if !k.IsInCluster() {
@@ -42,7 +42,7 @@ func TestKubernetes_IsInCluster(t *testing.T) {
 		defer func() {
 			InClusterConfig = originalFunction
 		}()
-		k := Kubernetes{
+		k := kubernetes{
 			Kubeconfig: "",
 		}
 		if k.IsInCluster() {
@@ -57,7 +57,7 @@ func TestKubernetes_IsInCluster(t *testing.T) {
 		defer func() {
 			InClusterConfig = originalFunction
 		}()
-		k := Kubernetes{
+		k := kubernetes{
 			Kubeconfig: "",
 		}
 		if k.IsInCluster() {
@@ -72,7 +72,7 @@ func TestKubernetes_ResolveKubernetesConfigurations_Explicit(t *testing.T) {
 			t.Skip("Skipping test on non-linux platforms")
 		}
 		tempDir := t.TempDir()
-		k := Kubernetes{Kubeconfig: path.Join(tempDir, "config")}
+		k := kubernetes{Kubeconfig: path.Join(tempDir, "config")}
 		err := resolveKubernetesConfigurations(&k)
 		if err == nil {
 			t.Errorf("expected error, got nil")
@@ -90,7 +90,7 @@ func TestKubernetes_ResolveKubernetesConfigurations_Explicit(t *testing.T) {
 		if err := os.WriteFile(kubeconfigPath, []byte(""), 0644); err != nil {
 			t.Fatalf("failed to create kubeconfig file: %v", err)
 		}
-		k := Kubernetes{Kubeconfig: kubeconfigPath}
+		k := kubernetes{Kubeconfig: kubeconfigPath}
 		err := resolveKubernetesConfigurations(&k)
 		if err == nil {
 			t.Errorf("expected error, got nil")
@@ -123,7 +123,7 @@ users:
 		if err := os.WriteFile(kubeconfigPath, []byte(kubeconfigContent), 0644); err != nil {
 			t.Fatalf("failed to create kubeconfig file: %v", err)
 		}
-		k := Kubernetes{Kubeconfig: kubeconfigPath}
+		k := kubernetes{Kubeconfig: kubeconfigPath}
 		err := resolveKubernetesConfigurations(&k)
 		if err != nil {
 			t.Fatalf("expected no error, got %v", err)

pkg/kubernetes/events.go

@@ -9,7 +9,7 @@ import (
 	"strings"
 )
 
-func (k *Kubernetes) EventsList(ctx context.Context, namespace string) ([]map[string]any, error) {
+func (k *kubernetes) EventsList(ctx context.Context, namespace string) ([]map[string]any, error) {
 	var eventMap []map[string]any
 	raw, err := k.ResourcesList(ctx, &schema.GroupVersionKind{
 		Group: "", Version: "v1", Kind: "Event",

pkg/kubernetes/kubernetes.go

@@ -6,17 +6,20 @@ import (
 	"github.com/manusa/kubernetes-mcp-server/pkg/helm"
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/discovery"
 	"k8s.io/client-go/discovery/cached/memory"
 	"k8s.io/client-go/dynamic"
-	"k8s.io/client-go/kubernetes"
+	clientgokubernetes "k8s.io/client-go/kubernetes"
 	_ "k8s.io/client-go/plugin/pkg/client/auth/oidc"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/restmapper"
 	"k8s.io/client-go/tools/clientcmd"
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 	"k8s.io/klog/v2"
+	"k8s.io/metrics/pkg/apis/metrics"
 	"strings"
 )
 
@@ -26,23 +29,51 @@ const (
 
 type CloseWatchKubeConfig func() error
 
-type Kubernetes struct {
+type Kubernetes interface {
+	WatchKubeConfig(onKubeConfigChange func() error)
+	Close()
+	Derived(ctx context.Context) DerivedKubernetes
+	ConfigurationView(minify bool) (runtime.Object, error)
+	IsOpenShift(ctx context.Context) bool
+}
+
+type DerivedKubernetes interface {
+	IsOpenShift(ctx context.Context) bool
+	CacheInvalidate()
+	NewHelm() *helm.Helm
+	EventsList(ctx context.Context, namespace string) ([]map[string]any, error)
+	NamespacesList(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error)
+	PodsListInAllNamespaces(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error)
+	PodsListInNamespace(ctx context.Context, namespace string, options ResourceListOptions) (runtime.Unstructured, error)
+	PodsGet(ctx context.Context, namespace, name string) (*unstructured.Unstructured, error)
+	PodsDelete(ctx context.Context, namespace, name string) (string, error)
+	PodsLog(ctx context.Context, namespace, name, container string) (string, error)
+	PodsRun(ctx context.Context, namespace, name, image string, port int32) ([]*unstructured.Unstructured, error)
+	PodsTop(ctx context.Context, options PodsTopOptions) (*metrics.PodMetricsList, error)
+	PodsExec(ctx context.Context, namespace, name, container string, command []string) (string, error)
+	ProjectsList(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error)
+	ResourcesList(ctx context.Context, gvk *schema.GroupVersionKind, namespace string, options ResourceListOptions) (runtime.Unstructured, error)
+	ResourcesGet(ctx context.Context, gvk *schema.GroupVersionKind, namespace, name string) (*unstructured.Unstructured, error)
+	ResourcesCreateOrUpdate(ctx context.Context, resource string) ([]*unstructured.Unstructured, error)
+	ResourcesDelete(ctx context.Context, gvk *schema.GroupVersionKind, namespace, name string) error
+}
+
+type kubernetes struct {
 	// Kubeconfig path override
 	Kubeconfig                  string
 	cfg                         *rest.Config
 	clientCmdConfig             clientcmd.ClientConfig
 	CloseWatchKubeConfig        CloseWatchKubeConfig
 	scheme                      *runtime.Scheme
 	parameterCodec              runtime.ParameterCodec
-	clientSet                   kubernetes.Interface
+	clientSet                   clientgokubernetes.Interface
 	discoveryClient             discovery.CachedDiscoveryInterface
 	deferredDiscoveryRESTMapper *restmapper.DeferredDiscoveryRESTMapper
 	dynamicClient               *dynamic.DynamicClient
-	Helm                        *helm.Helm
 }
 
-func NewKubernetes(kubeconfig string) (*Kubernetes, error) {
-	k8s := &Kubernetes{
+func NewKubernetes(kubeconfig string) (Kubernetes, error) {
+	k8s := &kubernetes{
 		Kubeconfig: kubeconfig,
 	}
 	if err := resolveKubernetesConfigurations(k8s); err != nil {
@@ -53,7 +84,7 @@ func NewKubernetes(kubeconfig string) (*Kubernetes, error) {
 	//	return &impersonateRoundTripper{original}
 	//})
 	var err error
-	k8s.clientSet, err = kubernetes.NewForConfig(k8s.cfg)
+	k8s.clientSet, err = clientgokubernetes.NewForConfig(k8s.cfg)
 	if err != nil {
 		return nil, err
 	}
@@ -68,11 +99,10 @@ func NewKubernetes(kubeconfig string) (*Kubernetes, error) {
 		return nil, err
 	}
 	k8s.parameterCodec = runtime.NewParameterCodec(k8s.scheme)
-	k8s.Helm = helm.NewHelm(k8s)
 	return k8s, nil
 }
 
-func (k *Kubernetes) WatchKubeConfig(onKubeConfigChange func() error) {
+func (k *kubernetes) WatchKubeConfig(onKubeConfigChange func() error) {
 	if k.clientCmdConfig == nil {
 		return
 	}
@@ -108,21 +138,21 @@ func (k *Kubernetes) WatchKubeConfig(onKubeConfigChange func() error) {
 	k.CloseWatchKubeConfig = watcher.Close
 }
 
-func (k *Kubernetes) Close() {
+func (k *kubernetes) Close() {
 	if k.CloseWatchKubeConfig != nil {
 		_ = k.CloseWatchKubeConfig()
 	}
 }
 
-func (k *Kubernetes) ToDiscoveryClient() (discovery.CachedDiscoveryInterface, error) {
+func (k *kubernetes) ToDiscoveryClient() (discovery.CachedDiscoveryInterface, error) {
 	return k.discoveryClient, nil
 }
 
-func (k *Kubernetes) ToRESTMapper() (meta.RESTMapper, error) {
+func (k *kubernetes) ToRESTMapper() (meta.RESTMapper, error) {
 	return k.deferredDiscoveryRESTMapper, nil
 }
 
-func (k *Kubernetes) Derived(ctx context.Context) *Kubernetes {
+func (k *kubernetes) Derived(ctx context.Context) DerivedKubernetes {
 	authorization, ok := ctx.Value(AuthorizationHeader).(string)
 	if !ok || !strings.HasPrefix(authorization, "Bearer ") {
 		return k
@@ -142,14 +172,14 @@ func (k *Kubernetes) Derived(ctx context.Context) *Kubernetes {
 		return k
 	}
 	clientCmdApiConfig.AuthInfos = make(map[string]*clientcmdapi.AuthInfo)
-	derived := &Kubernetes{
+	derived := &kubernetes{
 		Kubeconfig:      k.Kubeconfig,
 		clientCmdConfig: clientcmd.NewDefaultClientConfig(clientCmdApiConfig, nil),
 		cfg:             derivedCfg,
 		scheme:          k.scheme,
 		parameterCodec:  k.parameterCodec,
 	}
-	derived.clientSet, err = kubernetes.NewForConfig(derived.cfg)
+	derived.clientSet, err = clientgokubernetes.NewForConfig(derived.cfg)
 	if err != nil {
 		return k
 	}
@@ -159,6 +189,19 @@ func (k *Kubernetes) Derived(ctx context.Context) *Kubernetes {
 	if err != nil {
 		return k
 	}
-	derived.Helm = helm.NewHelm(derived)
 	return derived
 }
+
+func (k *kubernetes) CacheInvalidate() {
+	if k.discoveryClient != nil {
+		k.discoveryClient.Invalidate()
+	}
+	if k.deferredDiscoveryRESTMapper != nil {
+		k.deferredDiscoveryRESTMapper.Reset()
+	}
+}
+
+func (k *kubernetes) NewHelm() *helm.Helm {
+	// This is a derived Kubernetes, so it already has the Helm initialized
+	return helm.NewHelm(k)
+}

pkg/kubernetes/namespaces.go

@@ -6,13 +6,13 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
 
-func (k *Kubernetes) NamespacesList(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error) {
+func (k *kubernetes) NamespacesList(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error) {
 	return k.ResourcesList(ctx, &schema.GroupVersionKind{
 		Group: "", Version: "v1", Kind: "Namespace",
 	}, "", options)
 }
 
-func (k *Kubernetes) ProjectsList(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error) {
+func (k *kubernetes) ProjectsList(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error) {
 	return k.ResourcesList(ctx, &schema.GroupVersionKind{
 		Group: "project.openshift.io", Version: "v1", Kind: "Project",
 	}, "", options)

pkg/kubernetes/openshift.go

@@ -6,7 +6,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
 
-func (k *Kubernetes) IsOpenShift(ctx context.Context) bool {
+func (k *kubernetes) IsOpenShift(ctx context.Context) bool {
 	// This method should be fast and not block (it's called at startup)
 	timeoutSeconds := int64(5)
 	if _, err := k.dynamicClient.Resource(schema.GroupVersionResource{

pkg/kubernetes/pods.go

@@ -29,25 +29,25 @@ type PodsTopOptions struct {
 	Name          string
 }
 
-func (k *Kubernetes) PodsListInAllNamespaces(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error) {
+func (k *kubernetes) PodsListInAllNamespaces(ctx context.Context, options ResourceListOptions) (runtime.Unstructured, error) {
 	return k.ResourcesList(ctx, &schema.GroupVersionKind{
 		Group: "", Version: "v1", Kind: "Pod",
 	}, "", options)
 }
 
-func (k *Kubernetes) PodsListInNamespace(ctx context.Context, namespace string, options ResourceListOptions) (runtime.Unstructured, error) {
+func (k *kubernetes) PodsListInNamespace(ctx context.Context, namespace string, options ResourceListOptions) (runtime.Unstructured, error) {
 	return k.ResourcesList(ctx, &schema.GroupVersionKind{
 		Group: "", Version: "v1", Kind: "Pod",
 	}, namespace, options)
 }
 
-func (k *Kubernetes) PodsGet(ctx context.Context, namespace, name string) (*unstructured.Unstructured, error) {
+func (k *kubernetes) PodsGet(ctx context.Context, namespace, name string) (*unstructured.Unstructured, error) {
 	return k.ResourcesGet(ctx, &schema.GroupVersionKind{
 		Group: "", Version: "v1", Kind: "Pod",
 	}, k.NamespaceOrDefault(namespace), name)
 }
 
-func (k *Kubernetes) PodsDelete(ctx context.Context, namespace, name string) (string, error) {
+func (k *kubernetes) PodsDelete(ctx context.Context, namespace, name string) (string, error) {
 	namespace = k.NamespaceOrDefault(namespace)
 	pod, err := k.clientSet.CoreV1().Pods(namespace).Get(ctx, name, metav1.GetOptions{})
 	if err != nil {
@@ -89,7 +89,7 @@ func (k *Kubernetes) PodsDelete(ctx context.Context, namespace, name string) (st
 		k.clientSet.CoreV1().Pods(namespace).Delete(ctx, name, metav1.DeleteOptions{})
 }
 
-func (k *Kubernetes) PodsLog(ctx context.Context, namespace, name, container string) (string, error) {
+func (k *kubernetes) PodsLog(ctx context.Context, namespace, name, container string) (string, error) {
 	tailLines := int64(256)
 	req := k.clientSet.CoreV1().Pods(k.NamespaceOrDefault(namespace)).GetLogs(name, &v1.PodLogOptions{
 		TailLines: &tailLines,
@@ -106,7 +106,7 @@ func (k *Kubernetes) PodsLog(ctx context.Context, namespace, name, container str
 	return string(rawData), nil
 }
 
-func (k *Kubernetes) PodsRun(ctx context.Context, namespace, name, image string, port int32) ([]*unstructured.Unstructured, error) {
+func (k *kubernetes) PodsRun(ctx context.Context, namespace, name, image string, port int32) ([]*unstructured.Unstructured, error) {
 	if name == "" {
 		name = version.BinaryName + "-run-" + rand.String(5)
 	}
@@ -186,7 +186,7 @@ func (k *Kubernetes) PodsRun(ctx context.Context, namespace, name, image string,
 	return k.resourcesCreateOrUpdate(ctx, toCreate)
 }
 
-func (k *Kubernetes) PodsTop(ctx context.Context, options PodsTopOptions) (*metrics.PodMetricsList, error) {
+func (k *kubernetes) PodsTop(ctx context.Context, options PodsTopOptions) (*metrics.PodMetricsList, error) {
 	// TODO, maybe move to mcp Tools setup and omit in case metrics aren't available in the target cluster
 	if !k.supportsGroupVersion(metrics.GroupName + "/" + metricsv1beta1api.SchemeGroupVersion.Version) {
 		return nil, errors.New("metrics API is not available")
@@ -218,7 +218,7 @@ func (k *Kubernetes) PodsTop(ctx context.Context, options PodsTopOptions) (*metr
 	return convertedMetrics, metricsv1beta1api.Convert_v1beta1_PodMetricsList_To_metrics_PodMetricsList(versionedMetrics, convertedMetrics, nil)
 }
 
-func (k *Kubernetes) PodsExec(ctx context.Context, namespace, name, container string, command []string) (string, error) {
+func (k *kubernetes) PodsExec(ctx context.Context, namespace, name, container string, command []string) (string, error) {
 	namespace = k.NamespaceOrDefault(namespace)
 	pod, err := k.clientSet.CoreV1().Pods(namespace).Get(ctx, name, metav1.GetOptions{})
 	if err != nil {
@@ -257,7 +257,7 @@ func (k *Kubernetes) PodsExec(ctx context.Context, namespace, name, container st
 	return "", nil
 }
 
-func (k *Kubernetes) createExecutor(namespace, name string, podExecOptions *v1.PodExecOptions) (remotecommand.Executor, error) {
+func (k *kubernetes) createExecutor(namespace, name string, podExecOptions *v1.PodExecOptions) (remotecommand.Executor, error) {
 	// Compute URL
 	// https://github.com/kubernetes/kubectl/blob/5366de04e168bcbc11f5e340d131a9ca8b7d0df4/pkg/cmd/exec/exec.go#L382-L397
 	req := k.clientSet.CoreV1().RESTClient().