From 21dd26503f8b13a14764467e5b03cba503f2cd5a Mon Sep 17 00:00:00 2001 From: allanice001 Date: Thu, 11 Dec 2025 13:08:39 +0000 Subject: [PATCH] feat: add kubeconfig to payload if available Signed-off-by: allanice001 --- internal/bg/prepare_cluster.go | 23 +++++++++++++++++++++++ internal/handlers/clusters.go | 25 +++++++++++++++++++++++-- internal/handlers/dto/clusters.go | 1 + 3 files changed, 47 insertions(+), 2 deletions(-) diff --git a/internal/bg/prepare_cluster.go b/internal/bg/prepare_cluster.go index 863ae6f..d8da52c 100644 --- a/internal/bg/prepare_cluster.go +++ b/internal/bg/prepare_cluster.go @@ -133,6 +133,29 @@ func ClusterPrepareWorker(db *gorm.DB, jobs *Jobs) archer.WorkerFn { dtoCluster := mapper.ClusterToDTO(*c) + if c.EncryptedKubeconfig != "" && c.KubeIV != "" && c.KubeTag != "" { + kubeconfig, err := utils.DecryptForOrg( + c.OrganizationID, + c.EncryptedKubeconfig, + c.KubeIV, + c.KubeTag, + db, + ) + if err != nil { + fail++ + failedIDs = append(failedIDs, c.ID) + failures = append(failures, ClusterPrepareFailure{ + ClusterID: c.ID, + Step: "decrypt_kubeconfig", + Reason: err.Error(), + }) + clusterLog.Error().Err(err).Msg("[cluster_prepare] decrypt kubeconfig failed") + _ = setClusterStatus(db, c.ID, clusterStatusFailed, err.Error()) + continue + } + dtoCluster.Kubeconfig = &kubeconfig + } + payloadJSON, err := json.MarshalIndent(dtoCluster, "", " ") if err != nil { fail++ diff --git a/internal/handlers/clusters.go b/internal/handlers/clusters.go index 4f5e9a1..62d74c9 100644 --- a/internal/handlers/clusters.go +++ b/internal/handlers/clusters.go @@ -69,7 +69,17 @@ func ListClusters(db *gorm.DB) http.HandlerFunc { out := make([]dto.ClusterResponse, 0, len(rows)) for _, row := range rows { - out = append(out, clusterToDTO(row)) + cr := clusterToDTO(row) + + if row.EncryptedKubeconfig != "" && row.KubeIV != "" && row.KubeTag != "" { + kubeconfig, err := utils.DecryptForOrg(orgID, row.EncryptedKubeconfig, row.KubeIV, row.KubeTag, db) + if err != nil { + utils.WriteError(w, http.StatusInternalServerError, "kubeconfig_decrypt_failed", "failed to decrypt kubeconfig") + return + } + cr.Kubeconfig = &kubeconfig + } + out = append(out, cr) } utils.WriteJSON(w, http.StatusOK, out) } @@ -131,7 +141,18 @@ func GetCluster(db *gorm.DB) http.HandlerFunc { return } - utils.WriteJSON(w, http.StatusOK, clusterToDTO(cluster)) + resp := clusterToDTO(cluster) + + if cluster.EncryptedKubeconfig != "" && cluster.KubeIV != "" && cluster.KubeTag != "" { + kubeconfig, err := utils.DecryptForOrg(orgID, cluster.EncryptedKubeconfig, cluster.KubeIV, cluster.KubeTag, db) + if err != nil { + utils.WriteError(w, http.StatusInternalServerError, "kubeconfig_decrypt_failed", "failed to decrypt kubeconfig") + return + } + resp.Kubeconfig = &kubeconfig + } + + utils.WriteJSON(w, http.StatusOK, resp) } } diff --git a/internal/handlers/dto/clusters.go b/internal/handlers/dto/clusters.go index f8c68dd..cc90bdc 100644 --- a/internal/handlers/dto/clusters.go +++ b/internal/handlers/dto/clusters.go @@ -24,6 +24,7 @@ type ClusterResponse struct { NodePools []NodePoolResponse `json:"node_pools,omitempty"` DockerImage string `json:"docker_image"` DockerTag string `json:"docker_tag"` + Kubeconfig *string `json:"kubeconfig,omitempty"` CreatedAt time.Time `json:"created_at"` UpdatedAt time.Time `json:"updated_at"` }