Get the actual k8s username for automatic role creation and CLI display

actor/v7action/actor.go

@@ -4,6 +4,7 @@ package v7action
 import (
 	"code.cloudfoundry.org/cli/api/uaa/constant"
 	"code.cloudfoundry.org/cli/cf/configuration/coreconfig"
+	"code.cloudfoundry.org/cli/util/configv3"
 	"code.cloudfoundry.org/clock"
 )
 
@@ -21,6 +22,7 @@ type Warnings []string
 type AuthActor interface {
 	Authenticate(credentials map[string]string, origin string, grantType constant.GrantType) error
 	GetLoginPrompts() (map[string]coreconfig.AuthPrompt, error)
+	GetCurrentUser() (configv3.User, error)
 }
 
 // Actor represents a V7 actor.
@@ -46,7 +48,7 @@ func NewActor(
 ) *Actor {
 	authActor := NewDefaultAuthActor(config, uaaClient)
 	if config != nil && config.IsCFOnK8s() {
-		authActor = NewKubernetesAuthActor(config, NewDefaultKubernetesConfigGetter())
+		authActor = NewKubernetesAuthActor(config, NewDefaultKubernetesConfigGetter(), client)
 	}
 
 	return &Actor{

actor/v7action/auth.go

@@ -9,6 +9,7 @@ import (
 	"code.cloudfoundry.org/cli/actor/actionerror"
 	"code.cloudfoundry.org/cli/api/uaa/constant"
 	"code.cloudfoundry.org/cli/cf/configuration/coreconfig"
+	"code.cloudfoundry.org/cli/util/configv3"
 )
 
 type defaultAuthActor struct {
@@ -68,6 +69,10 @@ func (actor defaultAuthActor) GetLoginPrompts() (map[string]coreconfig.AuthPromp
 	return prompts, nil
 }
 
+func (actor defaultAuthActor) GetCurrentUser() (configv3.User, error) {
+	return actor.config.CurrentUser()
+}
+
 // TODO: error check this in future stories
 func (actor Actor) RevokeAccessAndRefreshTokens() error {
 	accessToken := actor.Config.AccessToken()
@@ -87,7 +92,6 @@ func (actor Actor) isTokenRevocable(token string) bool {
 	}
 
 	jsonPayload, err := base64.RawURLEncoding.DecodeString(segments[1])
-
 	if err != nil {
 		return false
 	}

actor/v7action/auth_test.go

@@ -7,6 +7,7 @@ import (
 	. "code.cloudfoundry.org/cli/actor/v7action"
 	"code.cloudfoundry.org/cli/actor/v7action/v7actionfakes"
 	"code.cloudfoundry.org/cli/api/uaa/constant"
+	"code.cloudfoundry.org/cli/util/configv3"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 )
@@ -172,7 +173,6 @@ var _ = Describe("Default Auth Actions", func() {
 		})
 
 		When("the token is revokable", func() {
-
 			It("calls the UAA to revoke refresh and access tokens", func() {
 				Expect(fakeUAAClient.RevokeCallCount()).To(Equal(2))
 
@@ -193,4 +193,23 @@ var _ = Describe("Default Auth Actions", func() {
 		})
 	})
 
+	Describe("Get Current User", func() {
+		var (
+			user configv3.User
+			err  error
+		)
+
+		JustBeforeEach(func() {
+			user, err = actor.GetCurrentUser()
+		})
+
+		BeforeEach(func() {
+			fakeConfig.CurrentUserReturns(configv3.User{Name: "jim"}, nil)
+		})
+
+		It("delegates to the injected config", func() {
+			Expect(err).NotTo(HaveOccurred())
+			Expect(user.Name).To(Equal("jim"))
+		})
+	})
 })

actor/v7action/cloud_controller_client.go

@@ -186,6 +186,7 @@ type CloudControllerClient interface {
 	UploadBuildpack(buildpackGUID string, buildpackPath string, buildpack io.Reader, buildpackLength int64) (ccv3.JobURL, ccv3.Warnings, error)
 	UploadDropletBits(dropletGUID string, dropletPath string, droplet io.Reader, dropletLength int64) (ccv3.JobURL, ccv3.Warnings, error)
 	UploadPackage(pkg resources.Package, zipFilepath string) (resources.Package, ccv3.Warnings, error)
+	WhoAmI() (resources.K8sUser, ccv3.Warnings, error)
 
 	servicePlanVisibilityClient
 }

actor/v7action/config.go

@@ -11,6 +11,7 @@ import (
 type Config interface {
 	AccessToken() string
 	APIVersion() string
+	CurrentUser() (configv3.User, error)
 	DialTimeout() time.Duration
 	PollingInterval() time.Duration
 	RefreshToken() string

actor/v7action/k8s_auth.go

@@ -2,10 +2,14 @@ package v7action
 
 import (
 	"errors"
+	"fmt"
 	"sort"
 
+	"code.cloudfoundry.org/cli/api/cloudcontroller/ccv3"
 	"code.cloudfoundry.org/cli/api/uaa/constant"
 	"code.cloudfoundry.org/cli/cf/configuration/coreconfig"
+	"code.cloudfoundry.org/cli/resources"
+	"code.cloudfoundry.org/cli/util/configv3"
 	"k8s.io/client-go/tools/clientcmd"
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 )
@@ -16,6 +20,12 @@ type KubernetesConfigGetter interface {
 	Get() (*clientcmdapi.Config, error)
 }
 
+//go:generate go run github.com/maxbrunsfeld/counterfeiter/v6 . WhoAmIer
+
+type WhoAmIer interface {
+	WhoAmI() (resources.K8sUser, ccv3.Warnings, error)
+}
+
 type DefaultKubernetesConfigGetter struct{}
 
 func NewDefaultKubernetesConfigGetter() DefaultKubernetesConfigGetter {
@@ -30,12 +40,14 @@ func (c DefaultKubernetesConfigGetter) Get() (*clientcmdapi.Config, error) {
 type kubernetesAuthActor struct {
 	config          Config
 	k8sConfigGetter KubernetesConfigGetter
+	whoAmIer        WhoAmIer
 }
 
-func NewKubernetesAuthActor(config Config, k8sConfigGetter KubernetesConfigGetter) AuthActor {
+func NewKubernetesAuthActor(config Config, k8sConfigGetter KubernetesConfigGetter, whoAmIer WhoAmIer) AuthActor {
 	return &kubernetesAuthActor{
 		config:          config,
 		k8sConfigGetter: k8sConfigGetter,
+		whoAmIer:        whoAmIer,
 	}
 }
 
@@ -66,3 +78,12 @@ func (actor kubernetesAuthActor) GetLoginPrompts() (map[string]coreconfig.AuthPr
 		DisplayName: "Choose your Kubernetes authentication info",
 	}}, nil
 }
+
+func (actor kubernetesAuthActor) GetCurrentUser() (configv3.User, error) {
+	user, _, err := actor.whoAmIer.WhoAmI()
+	if err != nil {
+		return configv3.User{}, fmt.Errorf("calling /whoami endpoint failed: %w", err)
+	}
+
+	return configv3.User{Name: user.Name}, nil
+}

actor/v7action/k8s_auth_test.go

@@ -7,6 +7,8 @@ import (
 	"code.cloudfoundry.org/cli/actor/v7action/v7actionfakes"
 	"code.cloudfoundry.org/cli/api/uaa/constant"
 	"code.cloudfoundry.org/cli/cf/configuration/coreconfig"
+	"code.cloudfoundry.org/cli/resources"
+	"code.cloudfoundry.org/cli/util/configv3"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
@@ -16,6 +18,7 @@ var _ = Describe("KubernetesAuthActor", func() {
 	var (
 		k8sAuthActor    v7action.AuthActor
 		k8sConfigGetter *v7actionfakes.FakeKubernetesConfigGetter
+		whoAmIer        *v7actionfakes.FakeWhoAmIer
 		config          *v7actionfakes.FakeConfig
 		err             error
 	)
@@ -26,7 +29,8 @@ var _ = Describe("KubernetesAuthActor", func() {
 		k8sConfigGetter.GetReturns(&clientcmdapi.Config{
 			AuthInfos: map[string]*clientcmdapi.AuthInfo{"foo": {}, "bar": {}},
 		}, nil)
-		k8sAuthActor = v7action.NewKubernetesAuthActor(config, k8sConfigGetter)
+		whoAmIer = new(v7actionfakes.FakeWhoAmIer)
+		k8sAuthActor = v7action.NewKubernetesAuthActor(config, k8sConfigGetter, whoAmIer)
 	})
 
 	Describe("Authenticate", func() {
@@ -84,4 +88,34 @@ var _ = Describe("KubernetesAuthActor", func() {
 			})
 		})
 	})
+
+	Describe("Get Current User", func() {
+		var (
+			user configv3.User
+			err  error
+		)
+
+		BeforeEach(func() {
+			whoAmIer.WhoAmIReturns(resources.K8sUser{Name: "bob", Kind: "User"}, nil, nil)
+		})
+
+		JustBeforeEach(func() {
+			user, err = k8sAuthActor.GetCurrentUser()
+		})
+
+		It("uses the WhoAmI function to get the real current user name", func() {
+			Expect(err).NotTo(HaveOccurred())
+			Expect(user.Name).To(Equal("bob"))
+		})
+
+		When("calling the whoami endpoint fails", func() {
+			BeforeEach(func() {
+				whoAmIer.WhoAmIReturns(resources.K8sUser{}, nil, errors.New("boom!"))
+			})
+
+			It("returns an error", func() {
+				Expect(err).To(MatchError(ContainSubstring("boom!")))
+			})
+		})
+	})
 })