mirror of
https://github.com/ahmetb/kubectx.git
synced 2026-05-14 10:54:10 +00:00
e868cdb984
Introduces a new internal/proxy package that provides a localhost HTTP reverse proxy enforcing read-only access to the Kubernetes API server. - Allows GET, HEAD, OPTIONS requests (kubectl get/describe/logs/top/watch) - Blocks POST, PUT, DELETE, PATCH with metav1.Status 405 responses - Blocks Connection: Upgrade requests (kubectl exec/cp/port-forward) - Uses client-go transport for TLS/auth to the real API server - Rewrites kubeconfig: server URL to proxy, strips auth, sets insecure-skip-tls-verify - Appends [RO] suffix to context name in rewritten kubeconfig - DEBUG=1 enables request/response logging - Comprehensive test coverage for all proxy behavior Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>