backend, frontend, electron: Allow kubeconfig cluster removal via flag

Introduces a new backend configuration flag --allow-kubeconfig-removal to control whether users can delete clusters sourced from their kubeconfig via the UI.

- backend: Add flag and expose it in client config.

- frontend: Conditionally enable delete option based on flag.

- electron: Enable flag by default as desktop app already supports kubeconfig management.

- makefile: Enable flag in dev mode.

Author: alokdangre

Makefile

@@ -234,10 +234,10 @@ run-backend:
 	@echo "**** Warning: Running with Helm and dynamic-clusters endpoints enabled. ****"
 
 ifeq ($(UNIXSHELL),true)
-	HEADLAMP_BACKEND_TOKEN=headlamp HEADLAMP_CONFIG_ENABLE_HELM=true HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true ./backend/headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost
+	HEADLAMP_BACKEND_TOKEN=headlamp HEADLAMP_CONFIG_ENABLE_HELM=true HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true HEADLAMP_CONFIG_ALLOW_KUBECONFIG_REMOVAL=true ./backend/headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost
 else
 	@echo "**** Running on Windows without bash or zsh. ****"
-	@cmd /c "set HEADLAMP_BACKEND_TOKEN=headlamp&& set HEADLAMP_CONFIG_ENABLE_HELM=true&& set HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true&& backend\headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost"
+	@cmd /c "set HEADLAMP_BACKEND_TOKEN=headlamp&& set HEADLAMP_CONFIG_ENABLE_HELM=true&& set HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true&& set HEADLAMP_CONFIG_ALLOW_KUBECONFIG_REMOVAL=true&& backend\headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost"
 endif
 
 run-dev:
@@ -251,10 +251,11 @@ ifeq ($(UNIXSHELL),true)
     HEADLAMP_CONFIG_METRICS_ENABLED=true \
     HEADLAMP_CONFIG_ENABLE_HELM=true \
     HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true \
+    HEADLAMP_CONFIG_ALLOW_KUBECONFIG_REMOVAL=true \
     ./backend/headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost
 else
 	@echo "**** Running on Windows without bash or zsh. ****"
-	@cmd /c "set HEADLAMP_BACKEND_TOKEN=headlamp&& set HEADLAMP_CONFIG_METRICS_ENABLED=true&& set HEADLAMP_CONFIG_ENABLE_HELM=true&& set HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true&& backend\headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost"
+	@cmd /c "set HEADLAMP_BACKEND_TOKEN=headlamp&& set HEADLAMP_CONFIG_METRICS_ENABLED=true&& set HEADLAMP_CONFIG_ENABLE_HELM=true&& set HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true&& set HEADLAMP_CONFIG_ALLOW_KUBECONFIG_REMOVAL=true&& backend\headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost"
 endif
 
 run-backend-with-traces:
@@ -264,10 +265,11 @@ ifeq ($(UNIXSHELL),true)
     HEADLAMP_CONFIG_TRACING_ENABLED=true \
     HEADLAMP_CONFIG_ENABLE_HELM=true \
     HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true \
+    HEADLAMP_CONFIG_ALLOW_KUBECONFIG_REMOVAL=true \
     ./backend/headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost
 else
 	@echo "**** Running on Windows without bash or zsh. ****"
-	@cmd /c "set HEADLAMP_BACKEND_TOKEN=headlamp&& set HEADLAMP_CONFIG_TRACING_ENABLED=true&& set HEADLAMP_CONFIG_ENABLE_HELM=true&& set HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true&& backend\headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost"
+	@cmd /c "set HEADLAMP_BACKEND_TOKEN=headlamp&& set HEADLAMP_CONFIG_TRACING_ENABLED=true&& set HEADLAMP_CONFIG_ENABLE_HELM=true&& set HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS=true&& set HEADLAMP_CONFIG_ALLOW_KUBECONFIG_REMOVAL=true&& backend\headlamp-server -dev -proxy-urls https://artifacthub.io/* -listen-addr=localhost"
 endif
 
 run-frontend:

app/electron/main.ts

@@ -754,6 +754,7 @@ async function startServer(flags: string[] = []): Promise<ChildProcessWithoutNul
   // Enable the Helm and dynamic cluster endpoints
   process.env.HEADLAMP_CONFIG_ENABLE_HELM = 'true';
   process.env.HEADLAMP_CONFIG_ENABLE_DYNAMIC_CLUSTERS = 'true';
+  process.env.HEADLAMP_CONFIG_ALLOW_KUBECONFIG_REMOVAL = 'true';
 
   // Pass a token to the backend that can be used for auth on some routes
   process.env.HEADLAMP_BACKEND_TOKEN = backendToken;

backend/cmd/headlamp.go

@@ -97,6 +97,7 @@ const (
 type clientConfig struct {
 	Clusters                []Cluster `json:"clusters"`
 	IsDynamicClusterEnabled bool      `json:"isDynamicClusterEnabled"`
+	AllowKubeconfigRemoval  bool      `json:"allowKubeconfigRemoval"`
 }
 
 type OauthConfig struct {
@@ -1749,7 +1750,11 @@ func parseClusterFromKubeConfig(kubeConfigs []string) ([]Cluster, []error) {
 func (c *HeadlampConfig) getConfig(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/json")
 
-	clientConfig := clientConfig{c.getClusters(), c.EnableDynamicClusters}
+	clientConfig := clientConfig{
+		Clusters:                c.getClusters(),
+		IsDynamicClusterEnabled: c.EnableDynamicClusters,
+		AllowKubeconfigRemoval:  c.AllowKubeconfigRemoval,
+	}
 
 	if err := json.NewEncoder(w).Encode(&clientConfig); err != nil {
 		logger.Log(logger.LevelError, nil, err, "encoding config")

backend/cmd/stateless.go

@@ -178,7 +178,11 @@ func (c *HeadlampConfig) parseKubeConfig(w http.ResponseWriter, r *http.Request)
 		return
 	}
 
-	clientConfig := clientConfig{contexts, c.EnableDynamicClusters}
+	clientConfig := clientConfig{
+		Clusters:                contexts,
+		IsDynamicClusterEnabled: c.EnableDynamicClusters,
+		AllowKubeconfigRemoval:  c.AllowKubeconfigRemoval,
+	}
 
 	if err := json.NewEncoder(w).Encode(&clientConfig); err != nil {
 		logger.Log(logger.LevelError, nil, err, "encoding config")

backend/pkg/config/config.go

@@ -45,6 +45,7 @@ type Config struct {
 	CacheEnabled              bool   `koanf:"cache-enabled"`
 	EnableHelm                bool   `koanf:"enable-helm"`
 	EnableDynamicClusters     bool   `koanf:"enable-dynamic-clusters"`
+	AllowKubeconfigRemoval    bool   `koanf:"allow-kubeconfig-removal"`
 	ListenAddr                string `koanf:"listen-addr"`
 	WatchPluginsChanges       bool   `koanf:"watch-plugins-changes"`
 	Port                      uint   `koanf:"port"`
@@ -421,6 +422,7 @@ func addGeneralFlags(f *flag.FlagSet) {
 	f.Bool("insecure-ssl", false, "Accept/Ignore all server SSL certificates")
 	f.String("log-level", "info", "Set backend log verbosity. Options: debug, info (default), warn, error")
 	f.Bool("enable-dynamic-clusters", false, "Enable dynamic clusters, which stores stateless clusters in the frontend.")
+	f.Bool("allow-kubeconfig-removal", false, "Allow users to remove clusters from their kubeconfig via the UI")
 	// Note: When running in-cluster and if not explicitly set, this flag defaults to false.
 	f.Bool("watch-plugins-changes", true, "Reloads plugins when there are changes to them or their directory")
 

backend/pkg/headlampconfig/headlampConfig.go

@@ -46,7 +46,8 @@ type HeadlampCFG struct {
 	DevMode               bool
 	Insecure              bool
 	EnableHelm            bool
-	EnableDynamicClusters bool
+	EnableDynamicClusters  bool
+	AllowKubeconfigRemoval bool
 	WatchPluginsChanges   bool
 	Port                  uint
 	KubeConfigPath        string

frontend/src/components/App/Home/ClusterContextMenu.tsx

@@ -53,6 +53,7 @@ export default function ClusterContextMenu({ cluster }: ClusterContextMenuProps)
   const dialogs = useTypedSelector(state => state.clusterProvider.dialogs);
   const menuItems = useTypedSelector(state => state.clusterProvider.menuItems);
   const isDynamicClusterEnabled = useTypedSelector(state => state.config.isDynamicClusterEnabled);
+  const allowKubeconfigRemoval = useTypedSelector(state => state.config.allowKubeconfigRemoval);
 
   const kubeconfigOrigin = cluster.meta_data?.origin?.kubeconfig;
   const deleteFromKubeconfig = cluster.meta_data?.source === 'kubeconfig';
@@ -155,9 +156,10 @@ export default function ClusterContextMenu({ cluster }: ClusterContextMenuProps)
           <ListItemText>{t('translation|Settings')}</ListItemText>
         </MenuItem>
         {(!menuItems || menuItems.length === 0) &&
-          (helpers.isElectron() || isDynamicClusterEnabled) &&
-          (cluster.meta_data?.source === 'dynamic_cluster' ||
-            cluster.meta_data?.source === 'kubeconfig') && (
+          ((cluster.meta_data?.source === 'dynamic_cluster' &&
+            (helpers.isElectron() || isDynamicClusterEnabled)) ||
+            (cluster.meta_data?.source === 'kubeconfig' &&
+              (helpers.isElectron() || allowKubeconfigRemoval))) && (
             <MenuItem
               onClick={() => {
                 setOpenConfirmDialog('deleteDynamic');

frontend/src/redux/configSlice.ts

@@ -47,6 +47,12 @@ export interface ConfigState {
    * When true, users can add and delete clusters dynamically.
    */
   isDynamicClusterEnabled: boolean;
+  /**
+   * Whether users are allowed to remove clusters from their kubeconfig.
+   * When true, the UI will show options to delete kubeconfig-sourced clusters.
+   * Defaults to false to prevent accidental removal in company-deployed environments.
+   */
+  allowKubeconfigRemoval: boolean;
   /**
    * Settings is a map of settings names to settings values.
    */
@@ -77,6 +83,7 @@ export const initialState: ConfigState = {
   statelessClusters: null,
   allClusters: null,
   isDynamicClusterEnabled: false,
+  allowKubeconfigRemoval: false,
   settings: {
     tableRowsPerPageOptions:
       storedSettings.tableRowsPerPageOptions || defaultTableRowsPerPageOptions,
@@ -100,12 +107,16 @@ const configSlice = createSlice({
       action: PayloadAction<{
         clusters: ConfigState['clusters'];
         isDynamicClusterEnabled?: boolean;
+        allowKubeconfigRemoval?: boolean;
       }>
     ) {
       state.clusters = action.payload.clusters;
       if (action.payload.isDynamicClusterEnabled !== undefined) {
         state.isDynamicClusterEnabled = action.payload.isDynamicClusterEnabled;
       }
+      if (action.payload.allowKubeconfigRemoval !== undefined) {
+        state.allowKubeconfigRemoval = action.payload.allowKubeconfigRemoval;
+      }
     },
     /**
      * Save the config. To both the store, and localStorage.