From 3995ca7512f4f1fe21fa3e8490a00cb8024518da Mon Sep 17 00:00:00 2001
From: Robert Detjens <github@detjens.dev>
Date: Sat, 15 Jun 2024 21:39:12 -0700
Subject: [PATCH] Build kubernetes client for check access

Signed-off-by: Robert Detjens <github@detjens.dev>
---
 src/access_handlers/kube.rs | 37 +++++++++++++++++++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)

diff --git a/src/access_handlers/kube.rs b/src/access_handlers/kube.rs
index 227f0b6..6794134 100644
--- a/src/access_handlers/kube.rs
+++ b/src/access_handlers/kube.rs
@@ -1,9 +1,42 @@
 use anyhow::{Error, Result};
+use kube;
 
 use crate::configparser::{config, CONFIG};
 
 /// kubernetes access checks
 pub fn check(profile: &config::ProfileConfig) -> Result<()> {
-    // Ok(())
-    Err(Error::msg("bad kube!"))
+    // we need to make sure that:
+    // a) can talk to the cluster
+    // b) have the right permissions (a la `kubectl auth can-i`)
+
+    // build a client
+    let client = client(profile);
+
+    return Ok(());
+}
+
+/// Returns K8S Client for selected profile
+async fn client(profile: &config::ProfileConfig) -> Result<kube::Client> {
+    // make sure the profile exists
+
+    // read in kubeconfig from given kubeconfig (or default)
+    // (use kube::Config to specify context)
+    let options = kube::config::KubeConfigOptions {
+        context: Some(profile.kubecontext.to_owned()),
+        cluster: None,
+        user: None,
+    };
+
+    let client_config = match &profile.kubeconfig {
+        Some(kc_path) => {
+            let kc = kube::config::Kubeconfig::read_from(kc_path)?;
+            kube::Config::from_custom_kubeconfig(kc, &options).await?
+        }
+        None => kube::Config::from_kubeconfig(&options).await?,
+    };
+
+    // client::try_from returns a Result, but the Error is not compatible
+    // with anyhow::Error, so assign this with ? and return Ok() separately
+    let client = kube::Client::try_from(client_config)?;
+    return Ok(client);
 }