[Bug] K8s API authentication failing for pod

[kaiwalyakoparkar]

Project Idea: “Pod-logger” - Simple application which uses k8s api to fetch the logs from the pods in the cluster and show it on a simple ui dashboard

What I am trying to do:

Deploying podlogger as a container in a pod and trying to access k8s api through this container/pod. (So that I can get logs of any pod in cluster)

Things I tried:

Creating a sh file with all the environments and simple curl command

• Works if you exec in the container and run it manually but fails to curl if tried to run via Dockerfile
  Based on above, I add the environments to docker file this time and added the curl command inside the docker file args/cmd to see if it runs as the container is running.
• It fails without outputting any type of logs so I am confused if it’s running or not
  I created a separate service account with view access to logs and linked it to the pod, still fails to curl the k8s api - Returns the Json with status: failure

Contexts to understand the code:

pod-logger/api/controllers/controller.go

Line 33 in 11f0f27

func getStatus() string {

- Here I am trying to invoke the shell script using the api endpoint, still fails

pod-logger/api/controllers/controller.go

Line 53 in 11f0f27

func getEnvs() string {

- This endpoint was to see if there is an error with env loading but that doesn’t seem to be an issue, last I checked all envs I needed were loaded

pod-logger/api/controllers/controller.go

Line 13 in 11f0f27

func getLogs() string {

- This is the curl command I am trying to run through this endpoint

[Revolyssup]

1. Dont expand env variables in exec.Command like {TOKEN}. instead:
2. This will still cause error because your TOKEN env variable is just the path and not the actual token. Read that file and pass it

	cacert := os.Getenv("CACERT")
	tokenPath := os.Getenv("TOKEN")
	apiserver := os.Getenv("APISERVER")
	tokenFile, err := os.Open(tokenPath)
	if err != nil {
		fmt.Println("could not open token file: ", err)
		return ""
	}
	tokenData, err := io.ReadAll(tokenFile)
	if err != nil {
		fmt.Println("could not read token file: ", err)
		return ""
	}
	output := string(out)
	cmd = exec.Command("curl", "--cacert", cacert, "--header", "Authorization: Bearer "+string(tokenData), apiserver+"/api")

[kaiwalyakoparkar]

1. Dont expand env variables in exec.Command like {TOKEN}. instead:
2. This will still cause error because your TOKEN env variable is just the path and not the actual token. Read that file and pass it

	cacert := os.Getenv("CACERT")
	tokenPath := os.Getenv("TOKEN")
	apiserver := os.Getenv("APISERVER")
	tokenFile, err := os.Open(tokenPath)
	if err != nil {
		fmt.Println("could not open token file: ", err)
		return ""
	}
	tokenData, err := io.ReadAll(tokenFile)
	if err != nil {
		fmt.Println("could not read token file: ", err)
		return ""
	}
	output := string(out)
	cmd = exec.Command("curl", "--cacert", cacert, "--header", "Authorization: Bearer "+string(tokenData), apiserver+"/api")

Thank you so much @Revolyssup I will try this :D