privilegedescalation/headlamp-sealed-secrets-plugin
Archived
12
0
Fork 0
Code Issues 2 Pull Requests 2 Actions Packages Projects Releases 27 Wiki Activity
49 Commits 20 Branches 27 Tags
b8afb29ebe1b356af2fbd88294d4bc5f2a4d6d92
Commit Graph

2 Commits

Author SHA1 Message Date
Chris Farhood 5256c8febd feat: extract business logic into custom React hooks (Phase 3.1) 
Refactor components to use custom hooks for business logic, dramatically
simplifying component code while improving testability and reusability.

Changes:
- Create useSealedSecretEncryption() hook
  - Encapsulates complete encryption workflow
  - Handles validation, cert fetching, expiry checks, encryption
  - Built-in error handling with snackbar notifications
  - Returns ready-to-apply SealedSecret object
  - Type-safe Result<T, E> pattern

- Create useControllerHealth() hook
  - Encapsulates health monitoring logic
  - Auto-refresh with configurable interval
  - Manual refresh function
  - Loading state management
  - Proper cleanup

- Refactor EncryptDialog component
  - Simplified from 215 → 130 lines (-85 lines, -40%)
  - Business logic extracted to hook
  - Focus on presentation logic only
  - Much easier to understand and maintain

- Refactor ControllerStatus component
  - Simplified from 115 → 58 lines (-57 lines, -50%)
  - One-line hook usage
  - Perfect abstraction example

Benefits:
- Separation of concerns (business vs presentation)
- Reusable hooks across components
- Easier to test (hooks testable independently)
- Better maintainability (single source of truth)
- Code reduction: ~140 lines removed from components

Build: 352.05 kB (96.99 kB gzipped), +0.71 kB (+0.2%)
Phase 3.1 complete. 8 of 14 phases done (57%).

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
 2026-02-11 22:02:37 -05:00
Chris Farhood 839fdd4819 feat: implement RBAC permissions helper (Phase 2.3) 
Add comprehensive RBAC permission checking using Kubernetes
SelfSubjectAccessReview API. Hide/disable UI elements based on
user permissions for better security and UX.

Features:
- RBAC module with permission checking utilities
- React hooks for permission management (usePermissions, usePermission, etc.)
- Permission-aware UI (hide create/delete/re-encrypt buttons)
- Decrypt button disabled if no Secret access
- Multi-namespace permission support
- Fail-safe design (returns false on error)

Technical details:
- Uses Kubernetes authorization.k8s.io/v1 SelfSubjectAccessReview API
- Concurrent permission checks with Promise.all
- Automatic loading states and error handling
- React cleanup on unmount prevents memory leaks
- Type-safe with Result<T, E> types

Files:
- src/lib/rbac.ts: NEW RBAC checking module (+168 lines)
- src/hooks/usePermissions.ts: NEW React hooks (+138 lines)
- src/components/SealedSecretList.tsx: Hide create button if no permission
- src/components/SealedSecretDetail.tsx: Hide re-encrypt/delete/decrypt based on permissions
- PHASE_2.3_COMPLETE.md: Implementation documentation
- .claude/agents/: Add 5 new specialized agents (test, accessibility, docs, orchestration)

Bundle size: 348.46 kB (96.05 kB gzipped), +1.81 kB (+0.5%)
Build time: 3.93s
Zero TypeScript/lint errors

Generated with [Claude Code](https://claude.ai/code)
via [Happy](https://happy.engineering)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-Authored-By: Happy <yesreply@happy.engineering>
 2026-02-11 21:51:05 -05:00