feat: look up Gitea pod using selector (#224)

* feat: look up Gitea pod using selector

* feat: improve kubeapi error handling

* fix: do not catch when thrown anyway

* chore: upgraded gitea client

Author: merll

package-lock.json

@@ -12,7 +12,7 @@
     "@apidevtools/json-schema-ref-parser": "9.0.6",
     "@kubernetes/client-node": "1.1.2",
     "@linode/apl-k8s-operator": "0.1.0",
-    "@linode/gitea-client-node": "1.19.1",
+    "@linode/gitea-client-node": "1.23.6",
     "@linode/harbor-client-node": "^2.2.1",
     "@linode/keycloak-client-node": "^15.0.0",
     "async-retry": "^1.3.3",

package.json

@@ -1,5 +1,5 @@
 /* eslint-disable no-console */
-import { Exec, KubeConfig, KubernetesObject, V1Status } from '@kubernetes/client-node'
+import { CoreV1Api, Exec, KubeConfig, KubernetesObject, V1Status } from '@kubernetes/client-node'
 import Operator, { ResourceEvent, ResourceEventType } from '@linode/apl-k8s-operator'
 import {
   AdminApi,
@@ -273,7 +273,7 @@ export const createServiceAccounts = async (
   organizations: Organization[],
   orgApi: OrganizationApi,
 ) => {
-  const users: User[] = await doApiCall(errors, `Getting all users`, () => adminApi.adminGetAllUsers())
+  const users: User[] = await doApiCall(errors, `Getting all users`, () => adminApi.adminSearchUsers())
   const filteredOrganizations = organizations.filter((org) => org.name !== 'otomi')
   await Promise.all(
     filteredOrganizations.map(async (organization) => {
@@ -783,14 +783,34 @@ export function buildTeamString(teamNames: any[]): string {
   return JSON.stringify(teamObject)
 }
 
+async function getGiteaPodName(namespace: string): Promise<string | undefined> {
+  const k8sApi = kc.makeApiClient(CoreV1Api)
+  const giteaPods = await k8sApi.listNamespacedPod({
+    namespace,
+    labelSelector: 'app.kubernetes.io/instance=gitea,app.kubernetes.io/name=gitea',
+    limit: 1,
+  })
+  if (giteaPods.items.length === 0) {
+    console.debug('Not ready for setting up OIDC config: Gitea pod not found.')
+    return
+  }
+  return giteaPods.items[0].metadata?.name
+}
+
 async function setGiteaOIDCConfig(update = false) {
   if (!env.oidcClientId || !env.oidcClientSecret || !env.oidcEndpoint) return
   const podNamespace = 'gitea'
-  const podName = 'gitea-0'
   const clientID = env.oidcClientId
   const clientSecret = env.oidcClientSecret
   const discoveryURL = `${env.oidcEndpoint}/.well-known/openid-configuration`
   const teamNamespaceString = buildTeamString(env.teamNames)
+
+  const podName = await getGiteaPodName(podNamespace)
+  if (!podName) {
+    console.debug('Not ready for setting up OIDC config: Name of Gitea pod not found.')
+    return
+  }
+
   try {
     // WARNING: Dont enclose the teamNamespaceString in double quotes, this will escape the string incorrectly and breaks OIDC group mapping in gitea
     const execCommand = [