refactor(kubernetes): force usage of Derived kubernetes (125)

refactor(kubernetes): force usage of Derived kubernetes

Prevents consumers of the kubernetes package the usage of
public methods on a non-derived config instance.
---
review(kubernetes): force usage of Derived kubernetes

Addresses comment by ardaguclu

Author: manusa

pkg/kubernetes/configuration.go

@@ -21,7 +21,7 @@ var InClusterConfig = func() (*rest.Config, error) {
 }
 
 // resolveKubernetesConfigurations resolves the required kubernetes configurations and sets them in the Kubernetes struct
-func resolveKubernetesConfigurations(kubernetes *Kubernetes) error {
+func resolveKubernetesConfigurations(kubernetes *Manager) error {
 	// Always set clientCmdConfig
 	pathOptions := clientcmd.NewDefaultPathOptions()
 	if kubernetes.Kubeconfig != "" {
@@ -45,56 +45,60 @@ func resolveKubernetesConfigurations(kubernetes *Kubernetes) error {
 	return err
 }
 
-func (k *Kubernetes) IsInCluster() bool {
-	if k.Kubeconfig != "" {
+func (m *Manager) IsInCluster() bool {
+	if m.Kubeconfig != "" {
 		return false
 	}
 	cfg, err := InClusterConfig()
 	return err == nil && cfg != nil
 }
 
-func (k *Kubernetes) configuredNamespace() string {
-	if ns, _, nsErr := k.clientCmdConfig.Namespace(); nsErr == nil {
+func (m *Manager) configuredNamespace() string {
+	if ns, _, nsErr := m.clientCmdConfig.Namespace(); nsErr == nil {
 		return ns
 	}
 	return ""
 }
 
-func (k *Kubernetes) NamespaceOrDefault(namespace string) string {
+func (m *Manager) NamespaceOrDefault(namespace string) string {
 	if namespace == "" {
-		return k.configuredNamespace()
+		return m.configuredNamespace()
 	}
 	return namespace
 }
 
+func (k *Kubernetes) NamespaceOrDefault(namespace string) string {
+	return k.manager.NamespaceOrDefault(namespace)
+}
+
 // ToRESTConfig returns the rest.Config object (genericclioptions.RESTClientGetter)
-func (k *Kubernetes) ToRESTConfig() (*rest.Config, error) {
-	return k.cfg, nil
+func (m *Manager) ToRESTConfig() (*rest.Config, error) {
+	return m.cfg, nil
 }
 
 // ToRawKubeConfigLoader returns the clientcmd.ClientConfig object (genericclioptions.RESTClientGetter)
-func (k *Kubernetes) ToRawKubeConfigLoader() clientcmd.ClientConfig {
-	return k.clientCmdConfig
+func (m *Manager) ToRawKubeConfigLoader() clientcmd.ClientConfig {
+	return m.clientCmdConfig
 }
 
-func (k *Kubernetes) ConfigurationView(minify bool) (runtime.Object, error) {
+func (m *Manager) ConfigurationView(minify bool) (runtime.Object, error) {
 	var cfg clientcmdapi.Config
 	var err error
-	if k.IsInCluster() {
+	if m.IsInCluster() {
 		cfg = *clientcmdapi.NewConfig()
 		cfg.Clusters["cluster"] = &clientcmdapi.Cluster{
-			Server:                k.cfg.Host,
-			InsecureSkipTLSVerify: k.cfg.Insecure,
+			Server:                m.cfg.Host,
+			InsecureSkipTLSVerify: m.cfg.Insecure,
 		}
 		cfg.AuthInfos["user"] = &clientcmdapi.AuthInfo{
-			Token: k.cfg.BearerToken,
+			Token: m.cfg.BearerToken,
 		}
 		cfg.Contexts["context"] = &clientcmdapi.Context{
 			Cluster:  "cluster",
 			AuthInfo: "user",
 		}
 		cfg.CurrentContext = "context"
-	} else if cfg, err = k.clientCmdConfig.RawConfig(); err != nil {
+	} else if cfg, err = m.clientCmdConfig.RawConfig(); err != nil {
 		return nil, err
 	}
 	if minify {

pkg/kubernetes/configuration_test.go

@@ -12,10 +12,10 @@ import (
 
 func TestKubernetes_IsInCluster(t *testing.T) {
 	t.Run("with explicit kubeconfig", func(t *testing.T) {
-		k := Kubernetes{
+		m := Manager{
 			Kubeconfig: "kubeconfig",
 		}
-		if k.IsInCluster() {
+		if m.IsInCluster() {
 			t.Errorf("expected not in cluster, got in cluster")
 		}
 	})
@@ -27,10 +27,10 @@ func TestKubernetes_IsInCluster(t *testing.T) {
 		defer func() {
 			InClusterConfig = originalFunction
 		}()
-		k := Kubernetes{
+		m := Manager{
 			Kubeconfig: "",
 		}
-		if !k.IsInCluster() {
+		if !m.IsInCluster() {
 			t.Errorf("expected in cluster, got not in cluster")
 		}
 	})
@@ -42,10 +42,10 @@ func TestKubernetes_IsInCluster(t *testing.T) {
 		defer func() {
 			InClusterConfig = originalFunction
 		}()
-		k := Kubernetes{
+		m := Manager{
 			Kubeconfig: "",
 		}
-		if k.IsInCluster() {
+		if m.IsInCluster() {
 			t.Errorf("expected not in cluster, got in cluster")
 		}
 	})
@@ -57,10 +57,10 @@ func TestKubernetes_IsInCluster(t *testing.T) {
 		defer func() {
 			InClusterConfig = originalFunction
 		}()
-		k := Kubernetes{
+		m := Manager{
 			Kubeconfig: "",
 		}
-		if k.IsInCluster() {
+		if m.IsInCluster() {
 			t.Errorf("expected not in cluster, got in cluster")
 		}
 	})
@@ -72,8 +72,8 @@ func TestKubernetes_ResolveKubernetesConfigurations_Explicit(t *testing.T) {
 			t.Skip("Skipping test on non-linux platforms")
 		}
 		tempDir := t.TempDir()
-		k := Kubernetes{Kubeconfig: path.Join(tempDir, "config")}
-		err := resolveKubernetesConfigurations(&k)
+		m := Manager{Kubeconfig: path.Join(tempDir, "config")}
+		err := resolveKubernetesConfigurations(&m)
 		if err == nil {
 			t.Errorf("expected error, got nil")
 		}
@@ -90,8 +90,8 @@ func TestKubernetes_ResolveKubernetesConfigurations_Explicit(t *testing.T) {
 		if err := os.WriteFile(kubeconfigPath, []byte(""), 0644); err != nil {
 			t.Fatalf("failed to create kubeconfig file: %v", err)
 		}
-		k := Kubernetes{Kubeconfig: kubeconfigPath}
-		err := resolveKubernetesConfigurations(&k)
+		m := Manager{Kubeconfig: kubeconfigPath}
+		err := resolveKubernetesConfigurations(&m)
 		if err == nil {
 			t.Errorf("expected error, got nil")
 		}
@@ -123,16 +123,16 @@ users:
 		if err := os.WriteFile(kubeconfigPath, []byte(kubeconfigContent), 0644); err != nil {
 			t.Fatalf("failed to create kubeconfig file: %v", err)
 		}
-		k := Kubernetes{Kubeconfig: kubeconfigPath}
-		err := resolveKubernetesConfigurations(&k)
+		m := Manager{Kubeconfig: kubeconfigPath}
+		err := resolveKubernetesConfigurations(&m)
 		if err != nil {
 			t.Fatalf("expected no error, got %v", err)
 		}
-		if k.cfg == nil {
+		if m.cfg == nil {
 			t.Errorf("expected non-nil config, got nil")
 		}
-		if k.cfg.Host != "https://example.com" {
-			t.Errorf("expected host https://example.com, got %s", k.cfg.Host)
+		if m.cfg.Host != "https://example.com" {
+			t.Errorf("expected host https://example.com, got %s", m.cfg.Host)
 		}
 	})
 }

pkg/kubernetes/kubernetes.go

@@ -27,6 +27,10 @@ const (
 type CloseWatchKubeConfig func() error
 
 type Kubernetes struct {
+	manager *Manager
+}
+
+type Manager struct {
 	// Kubeconfig path override
 	Kubeconfig                  string
 	cfg                         *rest.Config
@@ -38,11 +42,10 @@ type Kubernetes struct {
 	discoveryClient             discovery.CachedDiscoveryInterface
 	deferredDiscoveryRESTMapper *restmapper.DeferredDiscoveryRESTMapper
 	dynamicClient               *dynamic.DynamicClient
-	Helm                        *helm.Helm
 }
 
-func NewKubernetes(kubeconfig string) (*Kubernetes, error) {
-	k8s := &Kubernetes{
+func NewManager(kubeconfig string) (*Manager, error) {
+	k8s := &Manager{
 		Kubeconfig: kubeconfig,
 	}
 	if err := resolveKubernetesConfigurations(k8s); err != nil {
@@ -68,15 +71,14 @@ func NewKubernetes(kubeconfig string) (*Kubernetes, error) {
 		return nil, err
 	}
 	k8s.parameterCodec = runtime.NewParameterCodec(k8s.scheme)
-	k8s.Helm = helm.NewHelm(k8s)
 	return k8s, nil
 }
 
-func (k *Kubernetes) WatchKubeConfig(onKubeConfigChange func() error) {
-	if k.clientCmdConfig == nil {
+func (m *Manager) WatchKubeConfig(onKubeConfigChange func() error) {
+	if m.clientCmdConfig == nil {
 		return
 	}
-	kubeConfigFiles := k.clientCmdConfig.ConfigAccess().GetLoadingPrecedence()
+	kubeConfigFiles := m.clientCmdConfig.ConfigAccess().GetLoadingPrecedence()
 	if len(kubeConfigFiles) == 0 {
 		return
 	}
@@ -102,33 +104,33 @@ func (k *Kubernetes) WatchKubeConfig(onKubeConfigChange func() error) {
 			}
 		}
 	}()
-	if k.CloseWatchKubeConfig != nil {
-		_ = k.CloseWatchKubeConfig()
+	if m.CloseWatchKubeConfig != nil {
+		_ = m.CloseWatchKubeConfig()
 	}
-	k.CloseWatchKubeConfig = watcher.Close
+	m.CloseWatchKubeConfig = watcher.Close
 }
 
-func (k *Kubernetes) Close() {
-	if k.CloseWatchKubeConfig != nil {
-		_ = k.CloseWatchKubeConfig()
+func (m *Manager) Close() {
+	if m.CloseWatchKubeConfig != nil {
+		_ = m.CloseWatchKubeConfig()
 	}
 }
 
-func (k *Kubernetes) ToDiscoveryClient() (discovery.CachedDiscoveryInterface, error) {
-	return k.discoveryClient, nil
+func (m *Manager) ToDiscoveryClient() (discovery.CachedDiscoveryInterface, error) {
+	return m.discoveryClient, nil
 }
 
-func (k *Kubernetes) ToRESTMapper() (meta.RESTMapper, error) {
-	return k.deferredDiscoveryRESTMapper, nil
+func (m *Manager) ToRESTMapper() (meta.RESTMapper, error) {
+	return m.deferredDiscoveryRESTMapper, nil
 }
 
-func (k *Kubernetes) Derived(ctx context.Context) *Kubernetes {
+func (m *Manager) Derived(ctx context.Context) *Kubernetes {
 	authorization, ok := ctx.Value(AuthorizationHeader).(string)
 	if !ok || !strings.HasPrefix(authorization, "Bearer ") {
-		return k
+		return &Kubernetes{manager: m}
 	}
 	klog.V(5).Infof("%s header found (Bearer), using provided bearer token", AuthorizationHeader)
-	derivedCfg := rest.CopyConfig(k.cfg)
+	derivedCfg := rest.CopyConfig(m.cfg)
 	derivedCfg.BearerToken = strings.TrimPrefix(authorization, "Bearer ")
 	derivedCfg.BearerTokenFile = ""
 	derivedCfg.Username = ""
@@ -137,28 +139,42 @@ func (k *Kubernetes) Derived(ctx context.Context) *Kubernetes {
 	derivedCfg.AuthConfigPersister = nil
 	derivedCfg.ExecProvider = nil
 	derivedCfg.Impersonate = rest.ImpersonationConfig{}
-	clientCmdApiConfig, err := k.clientCmdConfig.RawConfig()
+	clientCmdApiConfig, err := m.clientCmdConfig.RawConfig()
 	if err != nil {
-		return k
+		return &Kubernetes{manager: m}
 	}
 	clientCmdApiConfig.AuthInfos = make(map[string]*clientcmdapi.AuthInfo)
-	derived := &Kubernetes{
-		Kubeconfig:      k.Kubeconfig,
+	derived := &Kubernetes{manager: &Manager{
+		Kubeconfig:      m.Kubeconfig,
 		clientCmdConfig: clientcmd.NewDefaultClientConfig(clientCmdApiConfig, nil),
 		cfg:             derivedCfg,
-		scheme:          k.scheme,
-		parameterCodec:  k.parameterCodec,
-	}
-	derived.clientSet, err = kubernetes.NewForConfig(derived.cfg)
+		scheme:          m.scheme,
+		parameterCodec:  m.parameterCodec,
+	}}
+	derived.manager.clientSet, err = kubernetes.NewForConfig(derived.manager.cfg)
 	if err != nil {
-		return k
+		return &Kubernetes{manager: m}
 	}
-	derived.discoveryClient = memory.NewMemCacheClient(discovery.NewDiscoveryClient(derived.clientSet.CoreV1().RESTClient()))
-	derived.deferredDiscoveryRESTMapper = restmapper.NewDeferredDiscoveryRESTMapper(derived.discoveryClient)
-	derived.dynamicClient, err = dynamic.NewForConfig(derived.cfg)
+	derived.manager.discoveryClient = memory.NewMemCacheClient(discovery.NewDiscoveryClient(derived.manager.clientSet.CoreV1().RESTClient()))
+	derived.manager.deferredDiscoveryRESTMapper = restmapper.NewDeferredDiscoveryRESTMapper(derived.manager.discoveryClient)
+	derived.manager.dynamicClient, err = dynamic.NewForConfig(derived.manager.cfg)
 	if err != nil {
-		return k
+		return &Kubernetes{manager: m}
 	}
-	derived.Helm = helm.NewHelm(derived)
 	return derived
 }
+
+// TODO: check test to see why cache isn't getting invalidated automatically https://github.com/manusa/kubernetes-mcp-server/pull/125#discussion_r2152194784
+func (k *Kubernetes) CacheInvalidate() {
+	if k.manager.discoveryClient != nil {
+		k.manager.discoveryClient.Invalidate()
+	}
+	if k.manager.deferredDiscoveryRESTMapper != nil {
+		k.manager.deferredDiscoveryRESTMapper.Reset()
+	}
+}
+
+func (k *Kubernetes) NewHelm() *helm.Helm {
+	// This is a derived Kubernetes, so it already has the Helm initialized
+	return helm.NewHelm(k.manager)
+}

pkg/kubernetes/openshift.go

@@ -6,10 +6,10 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
 
-func (k *Kubernetes) IsOpenShift(ctx context.Context) bool {
+func (m *Manager) IsOpenShift(ctx context.Context) bool {
 	// This method should be fast and not block (it's called at startup)
 	timeoutSeconds := int64(5)
-	if _, err := k.dynamicClient.Resource(schema.GroupVersionResource{
+	if _, err := m.dynamicClient.Resource(schema.GroupVersionResource{
 		Group:    "project.openshift.io",
 		Version:  "v1",
 		Resource: "projects",