feat: Support specifying shell pod image and registry

go.mod

@@ -2,12 +2,7 @@ module github.com/cnrancher/kube-explorer
 
 go 1.22.0
 
-replace (
-	github.com/knative/pkg => github.com/rancher/pkg v0.0.0-20190514055449-b30ab9de040e
-	github.com/matryer/moq => github.com/rancher/moq v0.0.0-20200712062324-13d1f37d2d77
-	github.com/rancher/steve => github.com/rancher/steve v0.0.0-20240709130809-47871606146c
-	k8s.io/client-go => k8s.io/client-go v0.30.1
-)
+replace k8s.io/client-go => k8s.io/client-go v0.30.1
 
 require (
 	github.com/gorilla/mux v1.8.1

internal/config/flags.go

@@ -0,0 +1,28 @@
+package config
+
+import (
+	"github.com/urfave/cli"
+)
+
+var InsecureSkipTLSVerify bool
+var SystemDefaultRegistry string
+
+var ShellPodImage string
+
+func Flags() []cli.Flag {
+	return []cli.Flag{
+		cli.BoolFlag{
+			Name:        "insecure-skip-tls-verify",
+			Destination: &InsecureSkipTLSVerify,
+		},
+		cli.StringFlag{
+			Name:        "system-default-registry",
+			Destination: &SystemDefaultRegistry,
+		},
+		cli.StringFlag{
+			Name:        "pod-image",
+			Destination: &ShellPodImage,
+			Value:       "rancher/shell:v0.2.1-rc.7",
+		},
+	}
+}

internal/resources/cluster/cluster.go

@@ -20,7 +20,7 @@ func Register(_ context.Context, server *server.Server, displayName string) erro
 	shell := &shell{
 		cg:           cg,
 		namespace:    shellPodNS,
-		impersonator: podimpersonation.New("shell", cg, time.Hour, func() string { return shellPodImage }),
+		impersonator: podimpersonation.New("shell", cg, time.Hour, getShellPodImage),
 	}
 
 	clusterSchema := server.BaseSchemas.LookupSchema("management.cattle.io.cluster")

internal/resources/cluster/shell.go

@@ -2,10 +2,12 @@ package cluster
 
 import (
 	"context"
+	"fmt"
 	"net/http"
 	"net/http/httputil"
 	"time"
 
+	"github.com/cnrancher/kube-explorer/internal/config"
 	"github.com/rancher/steve/pkg/podimpersonation"
 	"github.com/rancher/steve/pkg/stores/proxy"
 	"github.com/rancher/wrangler/v3/pkg/schemas/validation"
@@ -18,9 +20,8 @@ import (
 	"k8s.io/client-go/rest"
 )
 
-const (
-	shellPodImage = "rancher/shell:v0.1.20"
-	shellPodNS    = "kube-system"
+var (
+	shellPodNS = "kube-system"
 )
 
 type shell struct {
@@ -145,10 +146,17 @@ func (s *shell) createPod() *v1.Pod {
 							Value: "/home/shell/.kube/config",
 						},
 					},
-					Image:           shellPodImage,
+					Image:           getShellPodImage(),
 					ImagePullPolicy: v1.PullIfNotPresent,
 				},
 			},
 		},
 	}
 }
+
+func getShellPodImage() string {
+	if config.SystemDefaultRegistry == "" {
+		return config.ShellPodImage
+	}
+	return fmt.Sprintf("%s/%s", config.SystemDefaultRegistry, config.ShellPodImage)
+}

internal/server/config.go

@@ -14,6 +14,7 @@ import (
 	"github.com/rancher/wrangler/v3/pkg/kubeconfig"
 	"github.com/rancher/wrangler/v3/pkg/ratelimit"
 
+	"github.com/cnrancher/kube-explorer/internal/config"
 	"github.com/cnrancher/kube-explorer/internal/resources/cluster"
 	"github.com/cnrancher/kube-explorer/internal/ui"
 )
@@ -29,7 +30,7 @@ func ToServer(ctx context.Context, c *cli.Config, sqlCache bool) (*server.Server
 	}
 	restConfig.RateLimiter = ratelimit.None
 
-	restConfig.Insecure = insecureSkipTLSVerify
+	restConfig.Insecure = config.InsecureSkipTLSVerify
 	if restConfig.Insecure {
 		restConfig.CAData = nil
 		restConfig.CAFile = ""

internal/server/flags.go

@@ -1,16 +0,0 @@
-package server
-
-import (
-	"github.com/urfave/cli"
-)
-
-var insecureSkipTLSVerify bool
-
-func Flags() []cli.Flag {
-	return []cli.Flag{
-		cli.BoolFlag{
-			Name:        "insecure-skip-tls-verify",
-			Destination: &insecureSkipTLSVerify,
-		},
-	}
-}

main.go

@@ -10,6 +10,7 @@ import (
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
 
+	keconfig "github.com/cnrancher/kube-explorer/internal/config"
 	"github.com/cnrancher/kube-explorer/internal/server"
 )
 
@@ -26,7 +27,7 @@ func main() {
 	app.Flags = joinFlags(
 		stevecli.Flags(&config),
 		debug.Flags(&debugconfig),
-		server.Flags(),
+		keconfig.Flags(),
 	)
 	app.Action = run