internal/concierge/impersonator: use kubeconfig from kubeclient

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2021-02-09 15:28:56 -05:00 · 2021-02-09 15:28:56 -05:00 · 8697488126
commit 8697488126
parent dfcc2a1eb8
1 changed files with 8 additions and 1 deletions
--- a/internal/concierge/impersonator/impersonator.go
+++ b/internal/concierge/impersonator/impersonator.go
@ -20,6 +20,7 @@ import (
 	"go.pinniped.dev/generated/1.20/apis/concierge/login"
 	loginv1alpha1 "go.pinniped.dev/generated/1.20/apis/concierge/login/v1alpha1"
 	"go.pinniped.dev/internal/controller/authenticator/authncache"
+	"go.pinniped.dev/internal/kubeclient"
 )

 // allowedHeaders are the set of HTTP headers that are allowed to be forwarded through the impersonation proxy.
@ -39,7 +40,13 @@ type Proxy struct {
 }

 func New(cache *authncache.Cache, log logr.Logger) (*Proxy, error) {
-	return newInternal(cache, log, rest.InClusterConfig)
+	return newInternal(cache, log, func() (*rest.Config, error) {
+		client, err := kubeclient.New()
+		if err != nil {
+			return nil, err
+		}
+		return client.JSONConfig, nil
+	})
 }

 func newInternal(cache *authncache.Cache, log logr.Logger, getConfig func() (*rest.Config, error)) (*Proxy, error) {