util: NewK8sClient() should not panic on non-Kubernetes clusters

When NewK8sClient() detects and error, it used to call FatalLogMsg() which causes a panic. There are additional features that can be used on Kubernetes clusters, but these are not a requirement for most functionalities of the driver. Instead of causing a panic, returning an error should suffice. This allows using the driver on non-Kubernetes clusters again. Fixes: #2452 Signed-off-by: Niels de Vos <ndevos@redhat.com>
2025-06-13 02:33:34 +00:00 · 2021-08-31 14:18:37 +02:00
parent e8efa272a6
commit 60c2afbcca
9 changed files with 77 additions and 21 deletions
--- a/internal/kms/vault_tokens.go
+++ b/internal/kms/vault_tokens.go
@ -438,12 +438,16 @@ func (vtc *vaultTenantConnection) initCertificates(config map[string]interface{}
 	return nil
 }

-func (vtc *vaultTenantConnection) getK8sClient() *kubernetes.Clientset {
+func (vtc *vaultTenantConnection) getK8sClient() (*kubernetes.Clientset, error) {
 	if vtc.client == nil {
-		vtc.client = k8s.NewK8sClient()
+		client, err := k8s.NewK8sClient()
+		if err != nil {
+			return nil, err
+		}
+		vtc.client = client
 	}

-	return vtc.client
+	return vtc.client, nil
 }

 // FetchDEK returns passphrase from Vault. The passphrase is stored in a
@ -493,7 +497,11 @@ func (vtc *vaultTenantConnection) RemoveDEK(key string) error {
 }

 func (kms *VaultTokensKMS) getToken() (string, error) {
-	c := kms.getK8sClient()
+	c, err := kms.getK8sClient()
+	if err != nil {
+		return "", err
+	}
+
 	secret, err := c.CoreV1().Secrets(kms.Tenant).Get(context.TODO(), kms.TokenName, metav1.GetOptions{})
 	if err != nil {
 		return "", err
@ -508,7 +516,11 @@ func (kms *VaultTokensKMS) getToken() (string, error) {
 }

 func (vtc *vaultTenantConnection) getCertificate(tenant, secretName, key string) (string, error) {
-	c := vtc.getK8sClient()
+	c, err := vtc.getK8sClient()
+	if err != nil {
+		return "", err
+	}
+
 	secret, err := c.CoreV1().Secrets(tenant).Get(context.TODO(), secretName, metav1.GetOptions{})
 	if err != nil {
 		return "", err
@ -551,7 +563,11 @@ func (vtc *vaultTenantConnection) parseTenantConfig() (map[string]interface{}, e
 	}

 	// fetch the ConfigMap from the tenants namespace
-	c := vtc.getK8sClient()
+	c, err := vtc.getK8sClient()
+	if err != nil {
+		return nil, err
+	}
+
 	cm, err := c.CoreV1().ConfigMaps(vtc.Tenant).Get(context.TODO(),
 		vtc.ConfigName, metav1.GetOptions{})
 	if apierrs.IsNotFound(err) {