Remove client pkg from kubectl pkg (#638)

The nested client pkg was necessary to implement a generator pattern.
The generator was necessary as the Kubewrapper type
expects a k8sapi.Client object during instantiation.
However, the required kubeconfig is not ready during Kubewrapper creation.
This patch relies on an Initialize function to set the Kubeconfig
and hands over an empty struct during Kubewrapper creation.
This allows us to remove the extra Client abstraction.

bootstrapper/internal/kubernetes/k8sapi/kubectl/kubectl.go

@@ -8,97 +8,68 @@ package kubectl
 
 import (
 	"context"
-	"errors"
 	"fmt"
 
-	"github.com/edgelesssys/constellation/v2/internal/kubernetes"
 	corev1 "k8s.io/api/core/v1"
+	apiextensionsclientv1 "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/cli-runtime/pkg/resource"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/tools/clientcmd"
+	"k8s.io/client-go/util/retry"
 )
 
-// ErrKubeconfigNotSet is the error value returned by Kubectl.Apply when SetKubeconfig was not called first.
-var ErrKubeconfigNotSet = errors.New("kubeconfig not set")
-
-// Client wraps marshable k8s resources into resource.Info fields and applies them in a cluster.
-type Client interface {
-	// ApplyOneObject applies a k8s resource similar to kubectl apply.
-	ApplyOneObject(info *resource.Info, forceConflicts bool) error
-	// GetObjects converts resources into prepared info fields for use in ApplyOneObject.
-	GetObjects(resources kubernetes.Marshaler) ([]*resource.Info, error)
-	CreateConfigMap(ctx context.Context, configMap corev1.ConfigMap) error
-	AddTolerationsToDeployment(ctx context.Context, tolerations []corev1.Toleration, name string, namespace string) error
-	AddNodeSelectorsToDeployment(ctx context.Context, selectors map[string]string, name string, namespace string) error
-	// WaitForCRD waits for the given CRD to be established.
-	WaitForCRD(ctx context.Context, crd string) error
-	ListAllNamespaces(ctx context.Context) (*corev1.NamespaceList, error)
-}
-
-// clientGenerator can generate new clients from a kubeconfig.
-type clientGenerator interface {
-	NewClient(kubeconfig []byte) (Client, error)
-}
-
-// Kubectl implements kubernetes.Apply interface and acts like the Kubernetes "kubectl" tool.
+// Kubectl implements functionality of the Kubernetes "kubectl" tool.
 type Kubectl struct {
-	clientGenerator
-	kubeconfig []byte
+	kubernetes.Interface
+	apiextensionClient apiextensionsclientv1.ApiextensionsV1Interface
+	builder            *resource.Builder
 }
 
-// New creates a new kubectl using the real clientGenerator.
+// New returns an empty Kubectl client. Need to call Initialize before usable.
 func New() *Kubectl {
-	return &Kubectl{
-		clientGenerator: &generator{},
-	}
+	return &Kubectl{}
 }
 
-// Apply will apply the given resources using server-side-apply.
-func (k *Kubectl) Apply(resources kubernetes.Marshaler, forceConflicts bool) error {
-	if k.kubeconfig == nil {
-		return ErrKubeconfigNotSet
-	}
-	client, err := k.clientGenerator.NewClient(k.kubeconfig)
+// Initialize sets sets all required fields so the Kubectl client can be used.
+func (k *Kubectl) Initialize(kubeconfig []byte) error {
+	clientConfig, err := clientcmd.RESTConfigFromKubeConfig(kubeconfig)
 	if err != nil {
-		return err
+		return fmt.Errorf("creating k8s client config from kubeconfig: %w", err)
 	}
-	// convert marshaler object into []*resource.info
-	infos, err := client.GetObjects(resources)
+	clientset, err := kubernetes.NewForConfig(clientConfig)
 	if err != nil {
-		return err
+		return fmt.Errorf("creating k8s client from kubeconfig: %w", err)
 	}
+	k.Interface = clientset
 
-	// apply each object, one by one
-	for i, resource := range infos {
-		if err := client.ApplyOneObject(resource, forceConflicts); err != nil {
-			return fmt.Errorf("kubectl apply of object %v/%v: %w", i+1, len(infos), err)
-		}
+	apiextensionClient, err := apiextensionsclientv1.NewForConfig(clientConfig)
+	if err != nil {
+		return fmt.Errorf("creating api extension client from kubeconfig: %w", err)
 	}
+	k.apiextensionClient = apiextensionClient
+
+	restClientGetter, err := newRESTClientGetter(kubeconfig)
+	if err != nil {
+		return fmt.Errorf("creating k8s RESTClientGetter from kubeconfig: %w", err)
+	}
+	k.builder = resource.NewBuilder(restClientGetter).Unstructured()
 
 	return nil
 }
 
-// SetKubeconfig will store the kubeconfig to generate Clients using the clientGenerator later.
-func (k *Kubectl) SetKubeconfig(kubeconfig []byte) {
-	k.kubeconfig = kubeconfig
-}
-
 // CreateConfigMap creates the provided configmap.
 func (k *Kubectl) CreateConfigMap(ctx context.Context, configMap corev1.ConfigMap) error {
-	client, err := k.clientGenerator.NewClient(k.kubeconfig)
+	_, err := k.CoreV1().ConfigMaps(configMap.ObjectMeta.Namespace).Create(ctx, &configMap, metav1.CreateOptions{})
 	if err != nil {
 		return err
 	}
-
-	return client.CreateConfigMap(ctx, configMap)
+	return nil
 }
 
 // ListAllNamespaces returns all namespaces in the cluster.
 func (k *Kubectl) ListAllNamespaces(ctx context.Context) (*corev1.NamespaceList, error) {
-	client, err := k.clientGenerator.NewClient(k.kubeconfig)
-	if err != nil {
-		return nil, err
-	}
-
-	return client.ListAllNamespaces(ctx)
+	return k.CoreV1().Namespaces().List(ctx, metav1.ListOptions{})
 }
 
 // AddTolerationsToDeployment adds [K8s tolerations] to the deployment, identified
@@ -106,15 +77,24 @@ func (k *Kubectl) ListAllNamespaces(ctx context.Context) (*corev1.NamespaceList,
 //
 // [K8s tolerations]: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
 func (k *Kubectl) AddTolerationsToDeployment(ctx context.Context, tolerations []corev1.Toleration, name string, namespace string) error {
-	client, err := k.clientGenerator.NewClient(k.kubeconfig)
+	deployments := k.AppsV1().Deployments(namespace)
+
+	// retry resource update if an error occurs
+	err := retry.RetryOnConflict(retry.DefaultRetry, func() error {
+		result, err := deployments.Get(ctx, name, metav1.GetOptions{})
+		if err != nil {
+			return fmt.Errorf("failed to get Deployment to add toleration: %w", err)
+		}
+
+		result.Spec.Template.Spec.Tolerations = append(result.Spec.Template.Spec.Tolerations, tolerations...)
+		if _, err = deployments.Update(ctx, result, metav1.UpdateOptions{}); err != nil {
+			return err
+		}
+		return nil
+	})
 	if err != nil {
 		return err
 	}
-
-	if err = client.AddTolerationsToDeployment(ctx, tolerations, name, namespace); err != nil {
-		return err
-	}
-
 	return nil
 }
 
@@ -123,30 +103,26 @@ func (k *Kubectl) AddTolerationsToDeployment(ctx context.Context, tolerations []
 //
 // [K8s selectors]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
 func (k *Kubectl) AddNodeSelectorsToDeployment(ctx context.Context, selectors map[string]string, name string, namespace string) error {
-	client, err := k.clientGenerator.NewClient(k.kubeconfig)
-	if err != nil {
-		return err
-	}
+	deployments := k.AppsV1().Deployments(namespace)
 
-	if err = client.AddNodeSelectorsToDeployment(ctx, selectors, name, namespace); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-// WaitForCRDs waits for a list of CRDs to be established.
-func (k *Kubectl) WaitForCRDs(ctx context.Context, crds []string) error {
-	client, err := k.clientGenerator.NewClient(k.kubeconfig)
-	if err != nil {
-		return err
-	}
-
-	for _, crd := range crds {
-		err = client.WaitForCRD(ctx, crd)
+	// retry resource update if an error occurs
+	err := retry.RetryOnConflict(retry.DefaultRetry, func() error {
+		result, err := deployments.Get(ctx, name, metav1.GetOptions{})
 		if err != nil {
+			return fmt.Errorf("failed to get Deployment to add node selector: %w", err)
+		}
+
+		for k, v := range selectors {
+			result.Spec.Template.Spec.NodeSelector[k] = v
+		}
+
+		if _, err = deployments.Update(ctx, result, metav1.UpdateOptions{}); err != nil {
 			return err
 		}
+		return nil
+	})
+	if err != nil {
+		return err
 	}
 	return nil
 }