Split proxy code to be shared between EKS and RDS

pkg/cfcfg/cfcfg.go

@@ -36,6 +36,15 @@ func GetCommonFateURL(profile *cfaws.Profile) (*url.URL, error) {
 	return u, nil
 }
 
+func GenerateRequestURL(apiURL string, requestID string) (string, error) {
+	u, err := url.Parse(apiURL)
+	if err != nil {
+		return "", err
+	}
+	p := u.JoinPath("access", "requests", requestID)
+	return p.String(), nil
+}
+
 func Load(ctx context.Context, profile *cfaws.Profile) (*sdkconfig.Context, error) {
 	cfURL, err := GetCommonFateURL(profile)
 	if err != nil {

pkg/granted/eks/config.go

@@ -4,10 +4,12 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
-	"strings"
 
 	"github.com/common-fate/clio"
 	"github.com/common-fate/granted/pkg/granted/kubeconfig"
+	"github.com/common-fate/granted/pkg/granted/proxy"
+	accessv1alpha1 "github.com/common-fate/sdk/gen/commonfate/access/v1alpha1"
+	"github.com/fatih/color"
 )
 
 func OpenKubeConfig() (*kubeconfig.Config, error) {
@@ -29,15 +31,17 @@ func OpenKubeConfig() (*kubeconfig.Config, error) {
 	return kc, nil
 }
 
-func AddContextToConfig(ensureAccessOutput *ensureAccessOutput) error {
+func AddContextToConfig(ensureAccessOutput *proxy.EnsureAccessOutput[*accessv1alpha1.AWSEKSProxyOutput], port string) error {
 
 	kc, err := OpenKubeConfig()
 	if err != nil {
 		return err
 	}
 
-	clusterName := fmt.Sprintf("cf-proxy-%s", ensureAccessOutput.GrantOutput.EksCluster.Name)
-	clusterContextName := fmt.Sprintf("cf-grant-%s-%s", strings.ToLower(clusterName), ensureAccessOutput.GrantOutput.ServiceAccountName)
+	clusterContextName := fmt.Sprintf("cf-grant-to-%s-as-%s", ensureAccessOutput.GrantOutput.EksCluster.Name, ensureAccessOutput.GrantOutput.ServiceAccountName)
+	// Use the same name for the context and the cluster, so that each grant is assigned a unique entry for the cluster
+	clusterName := clusterContextName
+
 	username := ensureAccessOutput.GrantOutput.ServiceAccountName
 
 	var contexts []*kubeconfig.ContextConfig
@@ -69,7 +73,7 @@ func AddContextToConfig(ensureAccessOutput *ensureAccessOutput) error {
 	err = kc.AddCluster(&kubeconfig.ClusterConfig{
 		Name: clusterName,
 		Cluster: kubeconfig.Cluster{
-			Server:                "http://localhost:5555", //todo update this to be the proxy url
+			Server:                fmt.Sprintf("http://localhost:%s", port),
 			InsecureSkipTLSVerify: true,
 		},
 	})
@@ -81,6 +85,7 @@ func AddContextToConfig(ensureAccessOutput *ensureAccessOutput) error {
 	err = kc.AddContext(&kubeconfig.ContextConfig{
 		Name: clusterContextName,
 		Context: kubeconfig.Context{
+			// @TODO, teams may wish to specify a default namespace for each user or cluster?
 			Namespace: "default",
 			Cluster:   clusterName,
 			User:      username,
@@ -91,28 +96,23 @@ func AddContextToConfig(ensureAccessOutput *ensureAccessOutput) error {
 	}
 
 	//add users
-	// for _, u := range []string{"common-fate-readonly", "common-fate-admin"} {
 	err = kc.AddUser(&kubeconfig.UserConfig{
 		Name: username,
 		User: kubeconfig.AuthInfo{
-			Exec: &kubeconfig.ExecConfig{
-				Command:         "cf",
-				Args:            []string{"kube", "credentials"},
-				InteractiveMode: kubeconfig.IfAvailableExecInteractiveMode,
-				APIVersion:      "client.authentication.k8s.io/v1",
-			},
 			As: username,
 		},
 	})
 	if err != nil {
 		return err
 	}
 
-	// }
-
 	//set the context
-	clio.Warnf("`~/.kube/config` Updated. Set current context with: `kubectl config use-context %s`", clusterContextName)
-
+	clio.Infof("EKS proxy is ready for connections")
+	clio.Infof("Your `~/.kube/config` file has been updated with a new cluster context. To connect to this cluster, run the following command to switch your current context:")
+	clio.Log(color.YellowString("kubectl config use-context %s", clusterContextName))
+	clio.NewLine()
+	clio.Infof("Or using the --context flag with kubectl: %s", color.YellowString("kubectl --context=%s", clusterContextName))
+	clio.NewLine()
 	err = kc.SaveConfig()
 	if err != nil {
 		return err