refactor(k8s): namespace core logic (#12142)

Co-authored-by: testA113 <aliharriss1995@gmail.com>
Co-authored-by: Anthony Lapenna <anthony.lapenna@portainer.io>
Co-authored-by: James Carppe <85850129+jamescarppe@users.noreply.github.com>
Co-authored-by: Ali <83188384+testA113@users.noreply.github.com>

api/http/handler/registries/handler.go

@@ -135,7 +135,7 @@ func (handler *Handler) userHasRegistryAccess(r *http.Request, registry *portain
 
 	// validate access for kubernetes namespaces (leverage registry.RegistryAccesses[endpointId].Namespaces)
 	if endpointutils.IsKubernetesEndpoint(endpoint) {
-		kcl, err := handler.K8sClientFactory.GetKubeClient(endpoint)
+		kcl, err := handler.K8sClientFactory.GetPrivilegedKubeClient(endpoint)
 		if err != nil {
 			return false, false, errors.Wrap(err, "unable to retrieve kubernetes client to validate registry access")
 		}

api/http/handler/registries/registry_configure.go

@@ -41,7 +41,7 @@ func (payload *registryConfigurePayload) Validate(r *http.Request) error {
 	if useAuthentication {
 		username, err := request.RetrieveMultiPartFormValue(r, "Username", false)
 		if err != nil {
-			return errors.New("Invalid username")
+			return errors.New("invalid username")
 		}
 		payload.Username = username
 
@@ -61,19 +61,19 @@ func (payload *registryConfigurePayload) Validate(r *http.Request) error {
 	if useTLS && !skipTLSVerify {
 		cert, _, err := request.RetrieveMultiPartFormFile(r, "TLSCertFile")
 		if err != nil {
-			return errors.New("Invalid certificate file. Ensure that the file is uploaded correctly")
+			return errors.New("invalid certificate file. Ensure that the file is uploaded correctly")
 		}
 		payload.TLSCertFile = cert
 
 		key, _, err := request.RetrieveMultiPartFormFile(r, "TLSKeyFile")
 		if err != nil {
-			return errors.New("Invalid key file. Ensure that the file is uploaded correctly")
+			return errors.New("invalid key file. Ensure that the file is uploaded correctly")
 		}
 		payload.TLSKeyFile = key
 
 		ca, _, err := request.RetrieveMultiPartFormFile(r, "TLSCACertFile")
 		if err != nil {
-			return errors.New("Invalid CA certificate file. Ensure that the file is uploaded correctly")
+			return errors.New("invalid CA certificate file. Ensure that the file is uploaded correctly")
 		}
 		payload.TLSCACertFile = ca
 	}

api/http/handler/registries/registry_create.go

@@ -45,15 +45,15 @@ type registryCreatePayload struct {
 
 func (payload *registryCreatePayload) Validate(_ *http.Request) error {
 	if len(payload.Name) == 0 {
-		return errors.New("Invalid registry name")
+		return errors.New("invalid registry name")
 	}
 	if len(payload.URL) == 0 {
-		return errors.New("Invalid registry URL")
+		return errors.New("invalid registry URL")
 	}
 
 	if payload.Authentication {
 		if len(payload.Username) == 0 || len(payload.Password) == 0 {
-			return errors.New("Invalid credentials. Username and password must be specified when authentication is enabled")
+			return errors.New("invalid credentials. Username and password must be specified when authentication is enabled")
 		}
 		if payload.Type == portainer.EcrRegistry {
 			if len(payload.Ecr.Region) == 0 {
@@ -127,10 +127,10 @@ func (handler *Handler) registryCreate(w http.ResponseWriter, r *http.Request) *
 	}
 	for _, r := range registries {
 		if r.Name == registry.Name {
-			return httperror.Conflict("Another registry with the same name already exists", errors.New("A registry is already defined with this name"))
+			return httperror.Conflict("Another registry with the same name already exists", errors.New("a registry is already defined with this name"))
 		}
 		if handler.registriesHaveSameURLAndCredentials(&r, registry) {
-			return httperror.Conflict("Another registry with the same URL and credentials already exists", errors.New("A registry is already defined for this URL and credentials"))
+			return httperror.Conflict("Another registry with the same URL and credentials already exists", errors.New("a registry is already defined for this URL and credentials"))
 		}
 	}
 

api/http/handler/registries/registry_delete.go

@@ -67,7 +67,7 @@ func (handler *Handler) deleteKubernetesSecrets(registry *portainer.Registry) {
 				continue
 			}
 
-			cli, err := handler.K8sClientFactory.GetKubeClient(endpoint)
+			cli, err := handler.K8sClientFactory.GetPrivilegedKubeClient(endpoint)
 			if err != nil {
 				// Skip environments that can't get a kubeclient from
 				log.Warn().Err(err).Msgf("Unable to get kubernetes client for environment %d", endpointId)

api/http/handler/registries/registry_update.go

@@ -96,7 +96,7 @@ func (handler *Handler) registryUpdate(w http.ResponseWriter, r *http.Request) *
 	// See https://portainer.atlassian.net/browse/EE-2706 for more details
 	for _, r := range registries {
 		if r.ID != registry.ID && r.Name == registry.Name {
-			return httperror.Conflict("Another registry with the same name already exists", errors.New("A registry is already defined with this name"))
+			return httperror.Conflict("Another registry with the same name already exists", errors.New("a registry is already defined with this name"))
 		}
 	}
 
@@ -147,7 +147,7 @@ func (handler *Handler) registryUpdate(w http.ResponseWriter, r *http.Request) *
 
 		for _, r := range registries {
 			if r.ID != registry.ID && handler.registriesHaveSameURLAndCredentials(&r, registry) {
-				return httperror.Conflict("Another registry with the same URL and credentials already exists", errors.New("A registry is already defined for this URL and credentials"))
+				return httperror.Conflict("Another registry with the same URL and credentials already exists", errors.New("a registry is already defined for this URL and credentials"))
 			}
 		}
 	}
@@ -193,7 +193,7 @@ func syncConfig(registry *portainer.Registry) *portainer.RegistryManagementConfi
 }
 
 func (handler *Handler) updateEndpointRegistryAccess(endpoint *portainer.Endpoint, registry *portainer.Registry, endpointAccess portainer.RegistryAccessPolicies) error {
-	cli, err := handler.K8sClientFactory.GetKubeClient(endpoint)
+	cli, err := handler.K8sClientFactory.GetPrivilegedKubeClient(endpoint)
 	if err != nil {
 		return err
 	}