Getting error "src" is null when browsing tree

[deejonz]

I get the following stacktrace when browsing the kubernates tree in many places, I can see the pods item well BTW:

2024-03-18 15:05:59,803 [ 255348]   WARN - #com.redhat.devtools.intellij.kubernetes.tree.TreeStructure - Cannot invoke "String.getBytes(java.nio.charset.Charset)" because "src" is null
java.lang.NullPointerException: Cannot invoke "String.getBytes(java.nio.charset.Charset)" because "src" is null
    at java.base/java.util.Base64$Decoder.decode(Base64.java:589)
    at io.fabric8.kubernetes.client.utils.OpenIDConnectionUtils.getDefaultHttpClientWithPemCert(OpenIDConnectionUtils.java:292)
    at io.fabric8.kubernetes.client.utils.OpenIDConnectionUtils.getOIDCProviderTokenEndpointAndRefreshToken(OpenIDConnectionUtils.java:330)
    at io.fabric8.kubernetes.client.utils.OpenIDConnectionUtils.resolveOIDCTokenFromAuthConfig(OpenIDConnectionUtils.java:86)
    at io.fabric8.kubernetes.client.utils.TokenRefreshInterceptor.extractNewAccessTokenFrom(TokenRefreshInterceptor.java:83)
    at io.fabric8.kubernetes.client.utils.TokenRefreshInterceptor.refreshToken(TokenRefreshInterceptor.java:76)
    at io.fabric8.kubernetes.client.utils.TokenRefreshInterceptor.before(TokenRefreshInterceptor.java:58)
    at io.fabric8.kubernetes.client.http.StandardHttpClient.consumeBytes(StandardHttpClient.java:65)
    at io.fabric8.kubernetes.client.http.SendAsyncUtils.bytes(SendAsyncUtils.java:51)
    at io.fabric8.kubernetes.client.http.HttpResponse$SupportedResponses.sendAsync(HttpResponse.java:105)
    at io.fabric8.kubernetes.client.http.StandardHttpClient.sendAsync(StandardHttpClient.java:52)
    at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.retryWithExponentialBackoff(OperationSupport.java:604)
    at io.fabric8.kubernetes.client.dsl.internal.OperationSupport.handleResponse(OperationSupport.java:581)
    at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.submitList(BaseOperation.java:414)
    at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.list(BaseOperation.java:427)
    at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.list(BaseOperation.java:392)
    at io.fabric8.kubernetes.client.dsl.internal.BaseOperation.list(BaseOperation.java:93)
    at com.redhat.devtools.intellij.kubernetes.model.resource.NamespacedResourceOperator.loadAllResources(NamespacedResourceOperator.kt:68)
    at com.redhat.devtools.intellij.kubernetes.model.resource.NamespacedResourceOperator.getAllResources(NamespacedResourceOperator.kt:54)
    at com.redhat.devtools.intellij.kubernetes.model.resource.NamespacedResourceOperator.getAllResources(NamespacedResourceOperator.kt:36)
    at com.redhat.devtools.intellij.kubernetes.model.context.ActiveContext.getAllResources(ActiveContext.kt:148)
    at com.redhat.devtools.intellij.kubernetes.model.ResourceModel.getAllResources(ResourceModel.kt:122)
    at com.redhat.devtools.intellij.kubernetes.model.ListableResources.list(ResourceModelQuery.kt:39)
    at com.redhat.devtools.intellij.kubernetes.tree.KubernetesStructure$createWorkloadElements$3$3.invoke(KubernetesStructure.kt:193)
    at com.redhat.devtools.intellij.kubernetes.tree.KubernetesStructure$createWorkloadElements$3$3.invoke(KubernetesStructure.kt:189)
    at com.redhat.devtools.intellij.kubernetes.tree.AbstractTreeStructureContribution$ElementNode.getChildElements(AbstractTreeStructureContribution.kt:97)
    at com.redhat.devtools.intellij.kubernetes.tree.AbstractTreeStructureContribution.getChildElements(AbstractTreeStructureContribution.kt:28)
    at com.redhat.devtools.intellij.kubernetes.tree.TreeStructure.getChildElements(TreeStructure.kt:71)
    at com.redhat.devtools.intellij.kubernetes.tree.TreeStructure.getChildElements(TreeStructure.kt:64)
    at com.intellij.ui.tree.StructureTreeModel.getValidChildren(StructureTreeModel.java:411)
    at com.intellij.ui.tree.StructureTreeModel.validateChildren(StructureTreeModel.java:329)
    at com.intellij.ui.tree.StructureTreeModel.getNode(StructureTreeModel.java:323)
    at com.intellij.ui.tree.StructureTreeModel.getChildren(StructureTreeModel.java:343)
    at com.intellij.ui.tree.AsyncTreeModel$CmdGetChildren.computeNode(AsyncTreeModel.java:613)
    at com.intellij.ui.tree.AsyncTreeModel$Command.computeNode(AsyncTreeModel.java:489)
    at com.intellij.util.concurrency.Invoker$Task.run(Invoker.java:381)
    at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$1(CoreProgressManager.java:192)
    at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$executeProcessUnderProgress$12(CoreProgressManager.java:610)
    at com.intellij.openapi.progress.impl.CoreProgressManager.registerIndicatorAndRun(CoreProgressManager.java:685)
    at com.intellij.openapi.progress.impl.CoreProgressManager.computeUnderProgress(CoreProgressManager.java:641)
    at com.intellij.openapi.progress.impl.CoreProgressManager.executeProcessUnderProgress(CoreProgressManager.java:609)
    at com.intellij.openapi.progress.impl.ProgressManagerImpl.executeProcessUnderProgress(ProgressManagerImpl.java:78)
    at com.intellij.openapi.progress.impl.CoreProgressManager.runProcess(CoreProgressManager.java:179)
    at com.intellij.util.concurrency.Invoker.startTask(Invoker.java:236)
    at com.intellij.util.concurrency.Invoker.invokeSafely(Invoker.java:194)
    at com.intellij.util.concurrency.Invoker.lambda$offerSafely$0(Invoker.java:177)
    at com.intellij.util.concurrency.Invoker$Background.lambda$offer$0(Invoker.java:508)
    at com.intellij.util.concurrency.BoundedTaskExecutor.doRun(BoundedTaskExecutor.java:244)
    at com.intellij.util.concurrency.BoundedTaskExecutor.access$200(BoundedTaskExecutor.java:30)
    at com.intellij.util.concurrency.BoundedTaskExecutor$1.executeFirstTaskAndHelpQueue(BoundedTaskExecutor.java:222)
    at com.intellij.util.ConcurrencyUtil.runUnderThreadName(ConcurrencyUtil.java:218)
    at com.intellij.util.concurrency.BoundedTaskExecutor$1.run(BoundedTaskExecutor.java:210)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
    at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1$1.run(Executors.java:702)
    at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1$1.run(Executors.java:699)
    at java.base/java.security.AccessController.doPrivileged(AccessController.java:399)
    at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1.run(Executors.java:699)
    at java.base/java.lang.Thread.run(Thread.java:840)
2024-03-18 15:06:17,456 [ 273001]   INFO - #c.i.w.i.i.j.s.JpsGlobalModelSynchronizerImpl - Saving global entities to files

[adietish]

Hi @deejonz, sure, sorry for being late. Here it is: https://drive.google.com/file/d/190iiADA7SEmbchyXq2PihYEAc_wVy1ZC/view?usp=sharing

ps. you'd have to uninstall the other custom build with the same version first. I now have a EKS cluster with external OIDC authentication. Still, I'm not using the AWS OIDC service but keycloack running on our infrastructure. It is close, not identical. Crossing fingers it's close enough.

[deejonz]

it looks much better now 👍 thanks.

[deejonz]

Good morning @adietish same problem this morning with updated plugin:

and after clicking refresh:

then I've restarted intellij and I've got this:

clicked refresh, nothing happened. If I do: "get po" then it works fine.

[rohanKanojia]

@deejonz : I'm not sure whether somehow IntelliJ is reverting to stable build of plugin or whether it's actually a problem in KubernetesClient. Is it possible for you to run the BasicPodListTest in the reproducer project I had shared tomorrow morning when your token expires https://github.com/fabric8io/kubernetes-client/issues/5817#issuecomment-2033900546?

[deejonz]

the plugin version is still 6.11-SNAPSHOT in the plugin folder..

[adietish]

@deejonz: @rohanKanojia could replicate it with the binary build while showing that the client library by itself didnt have the issue. I'm digging into it to see what is happensing here

[deejonz]

@adietish hello, same issue this morning, so I run the unit test and it passed. After that the plugin automatically refreshed and it started to work so no need to restart intellij to make it working.

[rohanKanojia]

@deejonz : When you ran the test, KubernetesClient refreshed the token and persisted it in kubeconfig. Plugin picked up that updated token and started working.

[adietish]

Hi @deejonz, thanks for reporting this latest behaviour. I think that we found what was causing it. I have a new build for you to test if you want: https://drive.google.com/file/d/1eZge8aacPOUbh2vjU2GKCBO5uMm09bsW/view?usp=sharing

[deejonz]

Hi @adietish sure I will test it, thanks for the update.

[adietish]

For my own documentation, our code was preventing the OIDC token from being refreshed:

In https://github.com/fabric8io/kubernetes-client/blob/a400d760fc966f660cd687d8d773dc1be04bbb85/kubernetes-client-api/src/main/java/io/fabric8/kubernetes/client/utils/TokenRefreshInterceptor.java#L138 a refresh of the token is only attempted if the kube config has an OIDC auth provider.

  protected boolean useRemoteRefresh(Config newestConfig) {
    // TODO: in a hard failure scenario, should we skip the expired check
    return isAuthProviderOidc(newestConfig) && OpenIDConnectionUtils.idTokenExpired(newestConfig);
  }

  private static boolean isAuthProviderOidc(Config newestConfig) {
    return newestConfig.getAuthProvider() != null && newestConfig.getAuthProvider().getName().equalsIgnoreCase("oidc");
  }

Our code was erroneously thinking that the cluster was an OpenShift cluster. The config in the OpenShift client hides the auth provider (that exists in the Kubernetes client) and thus prevents tokens from being refreshed. Correcting https://github.com/redhat-developer/intellij-common/issues/216 therefore causes tokens to be refreshed if the kube config is configured with an OIDC auth provider.

[deejonz]

Good, this morning it is working fine! Thanks for the fix!

[adietish]

@deejonz wohoo, great news. Very happy that all this work came to fruition 🕺 Thanks a lot for all the testing!

[adietish]

The PR for this can be reviewed and merged once we have a new release of kubernetes-client. fabric8/kubernetes-client is planning one for very soon. Once merged we'll release a 1.3 of our plugin.

[adietish]

fixed by #713. Closing.