appscode-cloud
diff --git a/‎go.mod‎
Lines changed: 1 addition & 1 deletion b/‎go.mod‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/cmds/debug/license/hub.go‎
Lines changed: 95 additions & 0 deletions b/‎pkg/cmds/debug/license/hub.go‎
Lines changed: 95 additions & 0 deletions
diff --git a/‎pkg/cmds/debug/license/license.go‎
Lines changed: 4 additions & 22 deletions b/‎pkg/cmds/debug/license/license.go‎
Lines changed: 4 additions & 22 deletions
diff --git a/‎pkg/cmds/utils/kubeconfig.go‎
Lines changed: 209 additions & 0 deletions b/‎pkg/cmds/utils/kubeconfig.go‎
Lines changed: 209 additions & 0 deletions
diff --git a/‎vendor/modules.txt‎
Lines changed: 1 addition & 0 deletions b/‎vendor/modules.txt‎
Lines changed: 1 addition & 0 deletions
@@ -33,6 +33,7 @@ require (
 	kmodules.xyz/resource-metadata v0.40.2
 	kubedb.dev/apimachinery v0.60.0-rc.0.0.20251220111349-72d44c386702
 	kubeops.dev/installer v0.0.0-20250502231931-f9d6b5e4a0a3
+	open-cluster-management.io/api v1.0.0
 	sigs.k8s.io/controller-runtime v0.22.4
 	sigs.k8s.io/gateway-api v1.4.0
 	sigs.k8s.io/yaml v1.6.0
@@ -261,7 +262,6 @@ require (
 	kubeops.dev/sidekick v0.0.12 // indirect
 	kubestash.dev/apimachinery v0.22.0 // indirect
 	kubevault.dev/apimachinery v0.22.0 // indirect
-	open-cluster-management.io/api v1.0.0 // indirect
 	sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
 	sigs.k8s.io/kustomize/api v0.20.1 // indirect
 	sigs.k8s.io/kustomize/kyaml v0.20.1 // indirect
 
@@ -0,0 +1,95 @@
+/*
+Copyright AppsCode Inc. and Contributors
+
+Licensed under the AppsCode Community License 1.0.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    https://github.com/appscode/licenses/raw/1.0.0/AppsCode-Community-1.0.0.md
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package license
+
+import (
+	"context"
+	"os"
+	"path"
+
+	"go.bytebuilders.dev/cli/pkg/cmds/utils"
+
+	"gomodules.xyz/go-sh"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/klog/v2"
+	ocmapi "open-cluster-management.io/api/cluster/v1"
+)
+
+func (g *licenseOpts) fun() error {
+	getter := utils.NewKubeconfigGetter(scheme, g.config)
+
+	var clusters ocmapi.ManagedClusterList
+	err := g.kc.List(context.TODO(), &clusters)
+	if err != nil {
+		return err
+	}
+
+	for _, cluster := range clusters.Items {
+		// cond types: HubAcceptedManagedCluster, ManagedClusterJoined, ManagedClusterConditionAvailable, ManagedClusterConditionClockSynced
+		if !isConditionTrue(cluster.Status.Conditions, ocmapi.ManagedClusterConditionAvailable) {
+			continue
+		}
+		kc, err := getter.GetSpokeClient(cluster.Name)
+		if err != nil {
+			return err
+		}
+		var ns corev1.Namespace
+		err = kc.Get(context.TODO(), types.NamespacedName{Name: "org1"}, &ns)
+		if err != nil {
+			klog.Errorf("err getting namespace: %v", err)
+		}
+		klog.Infof("managed Cluster: %v , ns: %v found -------- Success!", cluster.Name, ns.Name)
+
+		spokePath := path.Join(g.rootPath, cluster.Name)
+		err = os.MkdirAll(spokePath, dirPerm)
+		if err != nil {
+			return err
+		}
+
+		err = g.runCommands(spokePath)
+		if err != nil {
+			klog.Errorf("err running commands: %v", err)
+			return err
+		}
+	}
+	return nil
+}
+
+func isConditionTrue(conditions []metav1.Condition, conditionType string) bool {
+	for _, condition := range conditions {
+		if condition.Type == conditionType && condition.Status == metav1.ConditionTrue {
+			return true
+		}
+	}
+	return false
+}
+
+// Helper that runs your license-collection logic against any kubeconfig
+func (g *licenseOpts) runCommands(spokePath string) error {
+	out := []byte("\n\n===== License status =====\n")
+	args := []any{"--kubeconfig", utils.DefaultPath, "get", "licensestatus"}
+	o, err := sh.Command(kubectlCommand, args...).Output()
+	if err != nil {
+		return err
+	}
+	out = append(out, o...)
+
+	p := path.Join(spokePath, defaultFile)
+	return os.WriteFile(p, out, 0o640)
+}
@@ -21,13 +21,6 @@ import (
 	"os"
 	"path"
 
-	catalogapi "go.bytebuilders.dev/catalog/api/catalog/v1alpha1"
-	catgwapi "go.bytebuilders.dev/catalog/api/gateway/v1alpha1"
-
-	acmev1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1"
-	certv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
-	egv1a1 "github.com/envoyproxy/gateway/api/v1alpha1"
-	flux "github.com/fluxcd/helm-controller/api/v2"
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
@@ -37,28 +30,16 @@ import (
 	"k8s.io/klog/v2"
 	cmdutil "k8s.io/kubectl/pkg/cmd/util"
 	kubedbscheme "kubedb.dev/apimachinery/client/clientset/versioned/scheme"
+	ocmapi "open-cluster-management.io/api/cluster/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
-	gwapi "sigs.k8s.io/gateway-api/apis/v1"
-	gwapia3 "sigs.k8s.io/gateway-api/apis/v1alpha3"
-	gwapib1 "sigs.k8s.io/gateway-api/apis/v1beta1"
-	vgapi "voyagermesh.dev/gateway-api/apis/gateway/v1alpha1"
 )
 
 var scheme = runtime.NewScheme()
 
 func init() {
 	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
-	utilruntime.Must(catalogapi.AddToScheme(scheme))
-	utilruntime.Must(catgwapi.AddToScheme(scheme))
 	utilruntime.Must(kubedbscheme.AddToScheme(scheme))
-	utilruntime.Must(gwapi.Install(scheme))
-	utilruntime.Must(gwapia3.Install(scheme))
-	utilruntime.Must(gwapib1.Install(scheme))
-	utilruntime.Must(vgapi.AddToScheme(scheme))
-	utilruntime.Must(egv1a1.AddToScheme(scheme))
-	utilruntime.Must(flux.AddToScheme(scheme))
-	utilruntime.Must(certv1.AddToScheme(scheme))
-	utilruntime.Must(acmev1.AddToScheme(scheme))
+	utilruntime.Must(ocmapi.AddToScheme(scheme))
 }
 
 func NewCmdLicense(f cmdutil.Factory) *cobra.Command {
@@ -69,7 +50,8 @@ func NewCmdLicense(f cmdutil.Factory) *cobra.Command {
 		DisableAutoGenTag: true,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			klog.Infof("The debug info will be generated in current directory under '%s' folder", defaultDir)
-			return opt.run()
+			_ = opt.run()
+			return opt.fun()
 		},
 	}
 	return cmd
 
@@ -0,0 +1,209 @@
+/*
+Copyright AppsCode Inc. and Contributors
+
+Licensed under the AppsCode Community License 1.0.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    https://github.com/appscode/licenses/raw/1.0.0/AppsCode-Community-1.0.0.md
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package utils
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"net"
+	"net/url"
+	"strings"
+
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/clientcmd"
+	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
+	"k8s.io/klog/v2"
+	kmapi "kmodules.xyz/client-go/api/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+const (
+	firstUser      = "ace.user.1"
+	firstOrg       = "2"
+	defaultCluster = "generated-cluster"
+	defaultContext = "generated-context"
+	defaultUser    = "default"
+	DefaultPath    = "/tmp/kubeconfig"
+)
+
+type KubeConfigGetter struct {
+	scm     *runtime.Scheme
+	config  *rest.Config
+	kc      client.Client
+	kubeCfg *clientcmdapi.Config
+	secret  *corev1.Secret
+}
+
+func NewKubeconfigGetter(scm *runtime.Scheme, config *rest.Config) *KubeConfigGetter {
+	kc, err := client.New(config, client.Options{Scheme: scm})
+	if err != nil {
+		log.Fatalf("failed to create client: %v", err)
+	}
+
+	secret, err := getAuthSecret(kc)
+	if err != nil {
+		klog.Errorf("failed to get auth secret: %v", err)
+		return nil
+	}
+
+	return &KubeConfigGetter{
+		scm:     scm,
+		config:  config,
+		kc:      kc,
+		kubeCfg: RESTConfigToKubeconfig(config),
+		secret:  &secret,
+	}
+}
+
+func RESTConfigToKubeconfig(cfg *rest.Config) *clientcmdapi.Config {
+	kubeCfg := clientcmdapi.NewConfig()
+
+	kubeCfg.Clusters[defaultCluster] = &clientcmdapi.Cluster{
+		Server:                   cfg.Host,
+		CertificateAuthorityData: cfg.CAData,
+		InsecureSkipTLSVerify:    cfg.Insecure,
+	}
+
+	kubeCfg.AuthInfos[defaultUser] = &clientcmdapi.AuthInfo{
+		Token:                 cfg.BearerToken,
+		ClientCertificateData: cfg.CertData,
+		ClientKeyData:         cfg.KeyData,
+		Username:              cfg.Username,
+		Password:              cfg.Password,
+	}
+
+	kubeCfg.Contexts[defaultContext] = &clientcmdapi.Context{
+		Cluster:  defaultCluster,
+		AuthInfo: defaultUser,
+	}
+
+	kubeCfg.CurrentContext = defaultContext
+
+	return kubeCfg
+}
+
+func getAuthSecret(kc client.Client) (corev1.Secret, error) {
+	var secretList corev1.SecretList
+	err := kc.List(context.TODO(), &secretList, &client.ListOptions{Namespace: "open-cluster-management-cluster-auth"})
+	if err != nil {
+		return corev1.Secret{}, err
+	}
+	var secret corev1.Secret
+	for _, s := range secretList.Items {
+		// kubectl get secrets -n open-cluster-management-cluster-auth ace.user.1-token-j8dhhc
+		//   annotations:
+		//    kubernetes.io/service-account.name: ace.user.1
+		if strings.HasPrefix(s.Name, firstUser) {
+			val, exists := s.Annotations[corev1.ServiceAccountNameKey]
+			if exists && val == firstUser {
+				secret = s
+			}
+		}
+	}
+
+	if secret.Name == "" {
+		return corev1.Secret{}, fmt.Errorf("secret not found")
+	}
+	return secret, nil
+}
+
+func (g *KubeConfigGetter) GetSpokeClient(spokeName string) (client.Client, error) {
+	spokeKubeCfg := g.getSpokeKubeConfig(spokeName)
+	return g.convertToClient(spokeKubeCfg)
+}
+
+func (g *KubeConfigGetter) getSpokeKubeConfig(spokeName string) *clientcmdapi.Config {
+	kubeCfg := g.kubeCfg.DeepCopy()
+	// clusters:
+	//  - cluster:
+	//      certificate-authority-data: <ca-from-above-secret>
+	//      server: https://<hub-ip>:6443/apis/gateway.open-cluster-management.io/v1alpha1/clustergateways/<spoke-name>/proxy
+	// users:
+	//  - name: default
+	//    user:
+	//      as: ace.user.1
+	//      as-user-extra:
+	//        ace.appscode.com/org-id:
+	//        - "2"
+	//      token: <token-from-above-secret>
+	kubeCfg.Clusters[defaultCluster].CertificateAuthorityData = g.secret.Data["ca.crt"]
+	kubeCfg.Clusters[defaultCluster].Server = calculateServerURL(kubeCfg.Clusters[defaultCluster].Server, spokeName)
+	kubeCfg.AuthInfos[defaultUser] = calculateUser(string(g.secret.Data["token"]))
+	return kubeCfg
+}
+
+func calculateServerURL(cur string, spokeName string) string {
+	getHost := func(server string) (string, error) {
+		u, err := url.Parse(server)
+		if err != nil {
+			return "", err
+		}
+
+		host := u.Hostname()
+
+		// If it's an IP, return as-is
+		if net.ParseIP(host) != nil {
+			return host, nil
+		}
+
+		// Otherwise it's DNS
+		return host, nil
+	}
+	host, err := getHost(cur)
+	if err != nil {
+		_ = fmt.Errorf("err getting host: %v", err)
+	}
+	ret := fmt.Sprintf("https://%s:6443/apis/gateway.open-cluster-management.io/v1alpha1/clustergateways/%s/proxy", host, spokeName)
+	fmt.Printf("Using host: %s\n", ret)
+	return ret
+}
+
+func calculateUser(token string) *clientcmdapi.AuthInfo {
+	user := clientcmdapi.NewAuthInfo()
+	user.Token = token
+	user.Impersonate = firstUser
+	user.ImpersonateUserExtra = map[string][]string{
+		kmapi.AceOrgIDKey: {firstOrg},
+	}
+	return user
+}
+
+func (g *KubeConfigGetter) convertToClient(kubeCfg *clientcmdapi.Config) (client.Client, error) {
+	err := writeKubeconfig(DefaultPath, kubeCfg)
+	if err != nil {
+		return nil, err
+	}
+
+	config, err := clientcmd.BuildConfigFromFlags("", DefaultPath)
+	if err != nil {
+		klog.Errorf("err building config: %v", err)
+	}
+
+	kc, err := client.New(config, client.Options{Scheme: g.scm})
+	if err != nil {
+		klog.Errorf("err creating client: %v", err)
+	}
+
+	return kc, nil
+}
+
+func writeKubeconfig(path string, cfg *clientcmdapi.Config) error {
+	return clientcmd.WriteToFile(*cfg, path)
+}
@@ -2018,6 +2018,7 @@ kubestash.dev/apimachinery/crds
 kubevault.dev/apimachinery/apis
 # open-cluster-management.io/api v1.0.0
 ## explicit; go 1.23.6
+open-cluster-management.io/api/cluster/v1
 open-cluster-management.io/api/work/v1
 # sigs.k8s.io/controller-runtime v0.22.4 => github.com/kmodules/controller-runtime v0.22.5-0.20251227114913-f011264689cd
 ## explicit; go 1.24.0