Release/v6.2.3 (#6649)

* Revert "fix: getAllowedResources for all namespaces using SelfSubjectRulesReview (#6614)" This reverts commit 6d7090f Signed-off-by: Iku-turso <[email protected]> * Bump version for patch release Co-authored-by: Janne Savolainen <[email protected]> Signed-off-by: Iku-turso <[email protected]> Signed-off-by: Iku-turso <[email protected]>
lensapp · Nov 25, 2022 · 3011bab · 3011bab
1 parent 4a13f51
commit 3011bab
Show file tree

Hide file tree

Showing 13 changed files with 111 additions and 321 deletions.
diff --git a/integration/__tests__/cluster-pages.tests.ts b/integration/__tests__/cluster-pages.tests.ts
@@ -390,6 +390,12 @@ const scenarios = [
     sidebarItemTestId: "sidebar-item-link-for-service-accounts",
   },
 
+  {
+    expectedSelector: "h5.title",
+    parentSidebarItemTestId: "sidebar-item-link-for-user-management",
+    sidebarItemTestId: "sidebar-item-link-for-roles",
+  },
+
   {
     expectedSelector: "h5.title",
     parentSidebarItemTestId: "sidebar-item-link-for-user-management",
@@ -399,7 +405,7 @@ const scenarios = [
   {
     expectedSelector: "h5.title",
     parentSidebarItemTestId: "sidebar-item-link-for-user-management",
-    sidebarItemTestId: "sidebar-item-link-for-roles",
+    sidebarItemTestId: "sidebar-item-link-for-role-bindings",
   },
 
   {
@@ -411,7 +417,7 @@ const scenarios = [
   {
     expectedSelector: "h5.title",
     parentSidebarItemTestId: "sidebar-item-link-for-user-management",
-    sidebarItemTestId: "sidebar-item-link-for-role-bindings",
+    sidebarItemTestId: "sidebar-item-link-for-pod-security-policies",
   },
 
   {

diff --git a/package.json b/package.json
@@ -3,7 +3,7 @@
   "productName": "OpenLens",
   "description": "OpenLens - Open Source IDE for Kubernetes",
   "homepage": "https://github.com/lensapp/lens",
-  "version": "6.2.2",
+  "version": "6.2.3",
   "main": "static/build/main.js",
   "copyright": "© 2022 OpenLens Authors",
   "license": "MIT",

diff --git a/src/common/cluster-types.ts b/src/common/cluster-types.ts
@@ -195,6 +195,13 @@ export enum ClusterMetricsResourceType {
  */
 export const initialNodeShellImage = "docker.io/alpine:3.13";
 
+/**
+ * The arguments for requesting to refresh a cluster's metadata
+ */
+export interface ClusterRefreshOptions {
+  refreshMetadata?: boolean;
+}
+
 /**
  * The data representing a cluster's state, for passing between main and renderer
  */

diff --git a/src/common/cluster/authorization-namespace-review.injectable.ts b/src/common/cluster/authorization-namespace-review.injectable.ts
diff --git a/src/common/cluster/authorization-review.injectable.ts b/src/common/cluster/authorization-review.injectable.ts
@@ -5,55 +5,42 @@
 
 import type { KubeConfig, V1ResourceAttributes } from "@kubernetes/client-node";
 import { AuthorizationV1Api } from "@kubernetes/client-node";
+import logger from "../logger";
 import { getInjectable } from "@ogre-tools/injectable";
-import type { Logger } from "../logger";
-import loggerInjectable from "../logger.injectable";
 
-/**
- * Requests the permissions for actions on the kube cluster
- * @param resourceAttributes The descriptor of the action that is desired to be known if it is allowed
- * @returns `true` if the actions described are allowed
- */
 export type CanI = (resourceAttributes: V1ResourceAttributes) => Promise<boolean>;
 
 /**
  * @param proxyConfig This config's `currentContext` field must be set, and will be used as the target cluster
- */
-export type AuthorizationReview = (proxyConfig: KubeConfig) => CanI; 
-
-interface Dependencies { 
-  logger: Logger;
-}
-
-const authorizationReview = ({ logger }: Dependencies): AuthorizationReview => {
-  return (proxyConfig) => {
-    const api = proxyConfig.makeApiClient(AuthorizationV1Api);
-
-    return async (resourceAttributes: V1ResourceAttributes): Promise<boolean> => {
-      try {
-        const { body } = await api.createSelfSubjectAccessReview({
-          apiVersion: "authorization.k8s.io/v1",
-          kind: "SelfSubjectAccessReview",
-          spec: { resourceAttributes },
-        });
-
-        return body.status?.allowed ?? false;
-      } catch (error) {
-        logger.error(`[AUTHORIZATION-REVIEW]: failed to create access review: ${error}`, { resourceAttributes });
-
-        return false;
-      }
-    };
+   */
+export function authorizationReview(proxyConfig: KubeConfig): CanI {
+  const api = proxyConfig.makeApiClient(AuthorizationV1Api);
+
+  /**
+   * Requests the permissions for actions on the kube cluster
+   * @param resourceAttributes The descriptor of the action that is desired to be known if it is allowed
+   * @returns `true` if the actions described are allowed
+   */
+  return async (resourceAttributes: V1ResourceAttributes): Promise<boolean> => {
+    try {
+      const { body } = await api.createSelfSubjectAccessReview({
+        apiVersion: "authorization.k8s.io/v1",
+        kind: "SelfSubjectAccessReview",
+        spec: { resourceAttributes },
+      });
+
+      return body.status?.allowed ?? false;
+    } catch (error) {
+      logger.error(`[AUTHORIZATION-REVIEW]: failed to create access review: ${error}`, { resourceAttributes });
+
+      return false;
+    }
   };
-};
+}
 
 const authorizationReviewInjectable = getInjectable({
   id: "authorization-review",
-  instantiate: (di) => {
-    const logger = di.inject(loggerInjectable);
-
-    return authorizationReview({ logger });
-  },
+  instantiate: () => authorizationReview,
 });
 
 export default authorizationReviewInjectable;