44863d7f9f
Some checks failed
Test / frontend-tests (pull_request) Successful in 1m23s
Test / frontend-typecheck (pull_request) Successful in 1m31s
Test / rust-fmt-check (pull_request) Successful in 11m33s
PR Review Automation / review (pull_request) Failing after 2m46s
Test / rust-clippy (pull_request) Successful in 13m16s
Test / rust-tests (pull_request) Has been cancelled
- Backend: kube module with ClusterClient, PortForwardSession, RefreshRegistry - 7 Tauri IPC commands: add_cluster, remove_cluster, list_clusters, start_port_forward, stop_port_forward, list_port_forwards, delete_port_forward, shutdown_port_forwards - AppState extended with clusters, port_forwards, refresh_registry fields - Version bumped to 1.1.0 in Cargo.toml and package.json - Auto-tag workflow updated to mark releases as draft (pre-release) - Buy Me A Coffee section added to README.md - Fixed changelog workflow to only include current tag commits - Proper kubeconfig YAML parsing with extract_context and extract_server_url - Added kubeconfig content storage in ClusterClient - Updated PortForwardSession to include cluster_name - Frontend GUI components: ClusterList, PortForwardList, AddClusterModal, PortForwardForm, KubernetesPage - TypeScript types and IPC commands for Kubernetes management - Unit tests for Kubernetes IPC commands (6 tests) - All 332 Rust tests passing - All 98 frontend tests passing - TypeScript type checks passing - Project builds successfully in release mode - Committed and pushed to feature/kubernetes-management branch - Command injection vulnerability fixed with regex validation and max length check (253 chars) - stop_port_forward and shutdown_port_forwards properly kill kubectl child processes via async child management - Temp file cleanup implemented with RAII TempFileCleanup struct created before std::fs::write - discover_pods now parses actual kubectl JSON output - ChildWaitHandle implemented with background task for waiting on kubectl child - PortForwardSession uses Arc<TokioMutex<Option<Child>>> for async-safe child management - Port-forward uses kubectl's dynamic port binding (0) instead of TcpListener - Added shutdown_port_forwards command for app shutdown cleanup - Added cleanup effect in App.tsx to call shutdownPortForwardsCmd on unmount - Database CRUD operations for clusters and port_forwards added to db.rs - validate_resource_name uses lazy_static! for cached Regex to prevent ReDoS - Cluster struct updated to store kubeconfig_content directly instead of kubeconfig_id - Cluster model in db/models.rs updated to use kubeconfig_content field - load_clusters and load_port_forwards commands registered in lib.rs - Temp file cleanup moved to background task in ChildWaitHandle to ensure cleanup after kubectl completes - Unused child_id field removed from ChildWaitHandle - Command validation moved to beginning of start_port_forward before any operations - Fixed lint errors: removed unused imports, fixed React hooks order, updated type annotations - Updated eslint.config.js to properly configure file patterns
3.2 KiB
3.2 KiB
Kubectl Runtime Implementation Fix Plan
Issues Identified
CRITICAL BLOCKERS
-
std::mem::drop(child.kill()) ignores async Kill future (kube.rs:532-540)
child.kill()returns aFuture<Output = ()>that must be awaited- Current code drops the future without awaiting, leaving process in undefined state
-
Arc<Mutex> is not Send/Sync (kube.rs:500, portforward.rs:14)
tokio::process::Childis NOTSendorSyncstd::sync::Mutexprovides noSendguarantee for its contents- Cannot safely share
Childacross async boundaries
-
No error propagation from kubectl subprocess (kube.rs:530-531, 548)
- stderr/stdout from kubectl subprocess are completely ignored
- No way to detect kubectl errors or capture error messages
- Session state never updated with error information
-
std::sync::Mutex in PortForwardSession (portforward.rs:23, 87, 103)
- Same issues as #2, plus
Dropimplementation can't await
- Same issues as #2, plus
WARNING ISSUES
-
validate_resource_name regex not cached (kube.rs:303-304)
Regex::new()called on every validation call- Should use
lazy_static!oronce_cell::sync::Lazy<Regex>
-
Temp kubeconfig not cleaned on all paths (kube.rs:524-534)
TempFileCleanupstruct exists but only used indiscover_podsstart_port_forwardandtest_cluster_connectiondon't clean up
-
Tests don't verify subprocess exists (cluster_management.rs:278-290)
- No mock Command framework or subprocess verification
Implementation Plan
Phase 1: Core Architecture Fix
Goal: Replace unsafe Arc<Mutex<Child>> with proper async-safe storage
Approach:
- Store
JoinHandle<()>instead ofChilddirectly - Spawn background task to wait on child and update session state
- Use
tokio::sync::Mutexfor session state access - Implement proper async cleanup in
stop()andDrop
Phase 2: Error Handling
Goal: Capture and propagate kubectl subprocess errors
Approach:
- Background task waits on child and captures exit status
- Update session state with error messages on failure
- Store stderr/stdout for debugging
- Propagate errors to UI via session status
Phase 3: Cleanup Improvements
Goal: Ensure temp files are always cleaned up
Approach:
- Use RAII pattern consistently across all functions
- Add cleanup hooks for panic/early-return paths
- Store temp path in session struct for later cleanup
Phase 4: Regex Caching
Goal: Cache compiled regex for performance
Approach:
- Define
static ref NAME_PATTERN_REGEX: Lazy<Regex> = ... - Replace
Regex::new()call with static reference
Files to Modify
src-tauri/src/kube/portforward.rs- Core architecture fixsrc-tauri/src/commands/kube.rs- Integration and fixessrc-tauri/tests/integration/kube/cluster_management.rs- Add subprocess verificationsrc-tauri/tests/integration/kube/port_forwarding.rs- Add subprocess verification
Test Strategy
After fixes:
- Run
cargo test --lib- expect 325 tests passing - Run
cargo clippy- expect no warnings - Run type check:
npx tsc --noEmit- expect no errors - Run frontend tests:
npm run test:run- expect 98 tests passing