From afc7586db73181778c07aec92cad0a4b34b0293a Mon Sep 17 00:00:00 2001 From: Jean-Philippe Garcia-Ballester Date: Thu, 2 Oct 2025 08:13:17 +0200 Subject: [PATCH] Avoid hard-coded values for API server address Avoid hard-coded value of 127.0.0.1 and 6443, as the API server can listen on another address when used outside of k3s. When used from another go program using the `chart` package, host and ports should be passed as argument. When used standalone, host and port should be derived from the kubeconfig and/or master-url options. --- pkg/controllers/chart/chart.go | 9 ++++++--- pkg/controllers/controllers.go | 22 +++++++++++++++++++++- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/pkg/controllers/chart/chart.go b/pkg/controllers/chart/chart.go index 3b42ba41..2b660be0 100644 --- a/pkg/controllers/chart/chart.go +++ b/pkg/controllers/chart/chart.go @@ -92,6 +92,7 @@ type Controller struct { secretCache corecontroller.SecretCache apply apply.Apply recorder record.EventRecorder + apiServerHost string apiServerPort string } @@ -100,6 +101,7 @@ func Register( systemNamespace, managedBy, jobClusterRole string, + apiServerHost string, apiServerPort string, k8s kubernetes.Interface, apply apply.Apply, @@ -128,6 +130,7 @@ func Register( jobCache: jobCache, secretCache: sCache, recorder: recorder, + apiServerHost: apiServerHost, apiServerPort: apiServerPort, } @@ -449,7 +452,7 @@ func (c *Controller) getJobAndRelatedResources(chart *v1.HelmChart) (*batch.Job, } // get the default job and configmaps - job, valuesSecret, contentConfigMap := job(chart, c.apiServerPort) + job, valuesSecret, contentConfigMap := job(chart, c.apiServerHost, c.apiServerPort) objects := []metav1.Object{contentConfigMap, valuesSecret} // make sure that changes to HelmChart ValuesSecrets triger change to hash @@ -522,7 +525,7 @@ func chartConfigBySecret(conf *v1.HelmChartConfig) ([]string, error) { return keys.UnsortedList(), nil } -func job(chart *v1.HelmChart, apiServerPort string) (*batch.Job, *corev1.Secret, *corev1.ConfigMap) { +func job(chart *v1.HelmChart, apiServerHost string, apiServerPort string) (*batch.Job, *corev1.Secret, *corev1.ConfigMap) { jobImage := strings.TrimSpace(chart.Spec.JobImage) if jobImage == "" { jobImage = DefaultJobImage @@ -728,7 +731,7 @@ func job(chart *v1.HelmChart, apiServerPort string) (*batch.Job, *corev1.Secret, job.Spec.Template.Spec.Containers[0].Env = append(job.Spec.Template.Spec.Containers[0].Env, []corev1.EnvVar{ { Name: "KUBERNETES_SERVICE_HOST", - Value: "127.0.0.1"}, + Value: apiServerHost}, { Name: "KUBERNETES_SERVICE_PORT", Value: apiServerPort}, diff --git a/pkg/controllers/controllers.go b/pkg/controllers/controllers.go index cf5ca1ae..e596abad 100644 --- a/pkg/controllers/controllers.go +++ b/pkg/controllers/controllers.go @@ -3,6 +3,7 @@ package controllers import ( "context" "time" + "net/url" "github.com/k3s-io/helm-controller/pkg/controllers/chart" "github.com/k3s-io/helm-controller/pkg/controllers/common" @@ -78,11 +79,17 @@ func Register(ctx context.Context, systemNamespace, controllerName string, cfg c chart.DefaultJobImage = opts.DefaultJobImage } + host, port, err := getHostPortFromClientConfig(cfg); + if err != nil { + return err + } + chart.Register(ctx, systemNamespace, controllerName, opts.JobClusterRole, - "6443", + host, + port, appCtx.K8s, appCtx.Apply, recorder, @@ -214,3 +221,16 @@ func newContext(cfg clientcmd.ClientConfig, systemNamespace string, opts common. }, }, nil } + +func getHostPortFromClientConfig(cfg clientcmd.ClientConfig) (string, string, error) { + client, err := cfg.ClientConfig() + if err != nil { + return "", "", err + } + u, err := url.ParseRequestURI(client.Host) + if err != nil { + return "", "", err + } + + return u.Hostname(), u.Port(), nil +}