🌱 Use url.JoinPath instead of fmt to concat endpoint (#10917)

* use url.JoinPath instead of fmt to concat endpoint

Signed-off-by: sivchari <[email protected]>

* handle err

Signed-off-by: sivchari <[email protected]>

* fix: variable

Signed-off-by: sivchari <[email protected]>

---------

Signed-off-by: sivchari <[email protected]>

Author: sivchari

util/kubeconfig/kubeconfig.go

@@ -22,6 +22,7 @@ import (
 	"crypto"
 	"crypto/x509"
 	"fmt"
+	"net/url"
 	"time"
 
 	"github.com/pkg/errors"
@@ -109,7 +110,10 @@ func CreateSecret(ctx context.Context, c client.Client, cluster *clusterv1.Clust
 
 // CreateSecretWithOwner creates the Kubeconfig secret for the given cluster name, namespace, endpoint, and owner reference.
 func CreateSecretWithOwner(ctx context.Context, c client.Client, clusterName client.ObjectKey, endpoint string, owner metav1.OwnerReference) error {
-	server := fmt.Sprintf("https://%s", endpoint)
+	server, err := url.JoinPath("https://", endpoint)
+	if err != nil {
+		return err
+	}
 	out, err := generateKubeconfig(ctx, c, clusterName, server)
 	if err != nil {
 		return err

util/kubeconfig/kubeconfig_test.go

@@ -284,6 +284,61 @@ func TestCreateSecretWithOwner(t *testing.T) {
 	g.Expect(restClient.Host).To(Equal("https://localhost:6443"))
 }
 
+func TestCreateSecretWithOwnerHasEndpointPrefixIsSlush(t *testing.T) {
+	g := NewWithT(t)
+
+	caKey, err := certs.NewPrivateKey()
+	g.Expect(err).ToNot(HaveOccurred())
+
+	caCert, err := getTestCACert(caKey)
+	g.Expect(err).ToNot(HaveOccurred())
+
+	caSecret := &corev1.Secret{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "test1-ca",
+			Namespace: "test",
+		},
+		Data: map[string][]byte{
+			secret.TLSKeyDataName: certs.EncodePrivateKeyPEM(caKey),
+			secret.TLSCrtDataName: certs.EncodeCertPEM(caCert),
+		},
+	}
+
+	c := fake.NewClientBuilder().WithObjects(caSecret).Build()
+
+	owner := metav1.OwnerReference{
+		Name:       "test1",
+		Kind:       "Cluster",
+		APIVersion: clusterv1.GroupVersion.String(),
+	}
+
+	err = CreateSecretWithOwner(
+		ctx,
+		c,
+		client.ObjectKey{
+			Name:      "test1",
+			Namespace: "test",
+		},
+		"/localhost:6443",
+		owner,
+	)
+
+	g.Expect(err).ToNot(HaveOccurred())
+
+	s := &corev1.Secret{}
+	key := client.ObjectKey{Name: "test1-kubeconfig", Namespace: "test"}
+	g.Expect(c.Get(ctx, key, s)).To(Succeed())
+	g.Expect(s.OwnerReferences).To(ContainElement(owner))
+	g.Expect(s.Type).To(Equal(clusterv1.ClusterSecretType))
+
+	clientConfig, err := clientcmd.NewClientConfigFromBytes(s.Data[secret.KubeconfigDataName])
+	g.Expect(err).ToNot(HaveOccurred())
+	restClient, err := clientConfig.ClientConfig()
+	g.Expect(err).ToNot(HaveOccurred())
+	g.Expect(restClient.CAData).To(Equal(certs.EncodeCertPEM(caCert)))
+	g.Expect(restClient.Host).To(Equal("https://localhost:6443"))
+}
+
 func TestCreateSecret(t *testing.T) {
 	g := NewWithT(t)