Previously we were using the org claim inside the auth info token to determine the org name in DeriveState. Since moving to use exec instead of a raw token, we don't have a token to query. This workaround pulls the name of the organization from the exec env variables list. It's a hack that should be replaced by use of Kubeconfig extensions, which should also replace some other pains and workarounds we've been using in up ctx
Description of your changes
Previously we were using the
orgclaim inside the auth info token to determine the org name inDeriveState. Since moving to useexecinstead of a raw token, we don't have a token to query. This workaround pulls the name of the organization from the exec env variables list. It's a hack that should be replaced by use of Kubeconfig extensions, which should also replace some other pains and workarounds we've been using inup ctxI have:
make reviewableto ensure this PR is ready for review.backport release-x.ylabels to auto-backport this PR, as appropriate.How has this code been tested
up ctx ..inside a control plane now resolves to the group level, which implies that the code was able to detect the organization inDeriveState