From a39b62c6e1664462db2ce9f0ec04fbcc0367e0de Mon Sep 17 00:00:00 2001 From: Anders Eknert Date: Fri, 29 May 2020 23:46:39 +0200 Subject: [PATCH] Force exit on timeout. - Force exit after 10 minutes of (in)activity in order to avoid staying in the background forever on idle as some people reported. - Add a sleep on the main loop to avoid hogging CPU while waiting for token. - Fix linter warnings about the use of fmt.Print(fmt.Sprint(..)) Closes #6. --- CHANGELOG.md | 6 ++++++ handler/handler.go | 5 +++-- main.go | 14 +++++++++++--- 3 files changed, 20 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a8c6788..74f744e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.1.1] - 2020-05-29 +### Changed +- kubectl-login will now exit after 10 minutes of idling. This in order to prevent the program from staying in the + background if left unattended. +- Added a sleep in the main loop to avoid hogging the CPU while active. + ## [1.1.0] - 2020-02-12 ### Changed - Token is now stored outside of `KUBECONFIG` to avoid it being sent when expired, as described in the kubernetes issue diff --git a/handler/handler.go b/handler/handler.go index 97c3147..54c04c5 100644 --- a/handler/handler.go +++ b/handler/handler.go @@ -4,6 +4,7 @@ import ( "fmt" "log" "net/http" + "os" "time" "github.com/Bisnode/kubectl-login/util" @@ -90,8 +91,8 @@ func (h *IDTokenWebhookHandler) ServeHTTP(w http.ResponseWriter, r *http.Request } if !h.ExecCredentialMode { - fmt.Println(fmt.Sprintf( - "Authenticated for context %v. Token valid until %v.", h.ClientCfg.CurrentContext, exp)) + _, _ = fmt.Fprintf(os.Stdout, + "Authenticated for context %v. Token valid until %v.\n", h.ClientCfg.CurrentContext, exp) } // Return control to shell at this point diff --git a/main.go b/main.go index d65ceaa..c4fe17c 100644 --- a/main.go +++ b/main.go @@ -111,7 +111,7 @@ func parseArgs(clientCfg *api.Config) (forceLogin bool, execCredentialMode bool, } if flag.NArg() > 0 { - _, _ = fmt.Fprint(os.Stderr, fmt.Sprintf("Unrecognized parameter(s): %v\n", flag.Args())) + _, _ = fmt.Fprintf(os.Stderr, "Unrecognized parameter(s): %v\n", flag.Args()) flag.Usage() os.Exit(1) } @@ -135,6 +135,12 @@ func currentToken(clientCfg *api.Config) string { func main() { quitChan := make(chan struct{}) sigChan := make(chan os.Signal, 1) + timeoutChan := make(chan bool, 1) + go func() { + time.Sleep(10 * time.Minute) + timeoutChan <- true + }() + signal.Notify(sigChan, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT) cluster := api.NewCluster() @@ -181,8 +187,7 @@ func main() { authzEndpointURL, _ := url.Parse(issuer.AuthorizeEndpoint) _, err = net.LookupIP(authzEndpointURL.Host) if err != nil { - fmt.Println(fmt.Sprintf("Could not resolve %v. Are you on the office network / VPN?", authzEndpointURL.Host)) - os.Exit(1) + log.Fatalf("Could not resolve %v. Are you on the office network / VPN?", authzEndpointURL.Host) } nonce := util.RandomString(12) @@ -239,7 +244,10 @@ func main() { return case <-sigChan: close(quitChan) + case <-timeoutChan: + log.Fatal("kubetcl-login aborting after idling for 10 minutes") default: + time.Sleep(100 * time.Millisecond) } } }