internal/concierge/impersonator: use kubeconfig from kubeclient

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2021-02-09 15:28:56 -05:00 · 2021-02-09 15:28:56 -05:00 · 8697488126
commit 8697488126
parent dfcc2a1eb8
1 changed files with 8 additions and 1 deletions
--- a/internal/concierge/impersonator/impersonator.go
+++ b/internal/concierge/impersonator/impersonator.go
@ -20,6 +20,7 @@ import (
 	"go.pinniped.dev/generated/1.20/apis/concierge/login"
 	loginv1alpha1 "go.pinniped.dev/generated/1.20/apis/concierge/login/v1alpha1"
 	"go.pinniped.dev/internal/controller/authenticator/authncache"
 	"go.pinniped.dev/internal/kubeclient"
 )
 // allowedHeaders are the set of HTTP headers that are allowed to be forwarded through the impersonation proxy.
@ -39,7 +40,13 @@ type Proxy struct {
 }
 func New(cache *authncache.Cache, log logr.Logger) (*Proxy, error) {
-	return newInternal(cache, log, rest.InClusterConfig)
+	return newInternal(cache, log, func() (*rest.Config, error) {
 		client, err := kubeclient.New()
 		if err != nil {
 			return nil, err
 		}
 		return client.JSONConfig, nil
 	})
 }
 func newInternal(cache *authncache.Cache, log logr.Logger, getConfig func() (*rest.Config, error)) (*Proxy, error) {