Moved portal related k8s operations to k8s/portal.go file. Implemente…

…d first phase of the CR Signed-off-by: Burak Sekili <buraksekili@gmail.com>
TykTechnologies · Nov 9, 2023 · 73e0851 · 73e0851
1 parent 92d2528
commit 73e0851
Show file tree

Hide file tree

Showing 9 changed files with 128 additions and 219 deletions.
diff --git a/cmd/bootstrap-post/main.go b/cmd/bootstrap-post/main.go
@@ -1,7 +1,6 @@
 package main
 
 import (
-	"errors"
 	"os"
 	"strings"
 	"tyk/tyk/bootstrap/k8s"
@@ -11,6 +10,11 @@ import (
 	"github.com/sirupsen/logrus"
 )
 
+const (
+	secretTypeOperator = "Operator"
+	secretTypePortal   = "Portal"
+)
+
 func main() {
 	log := logrus.New()
 
@@ -29,7 +33,7 @@ func main() {
 	}
 
 	log.SetLevel(level)
-	log.WithField("level", level.String()).Debug("Set the log level")
+	log.WithField("level", level.String()).Info("Set the log level")
 
 	k8sClient, err := k8s.NewClient(conf, log.WithField("Client", "Kubernetes"))
 	if err != nil {
@@ -40,15 +44,18 @@ func main() {
 		exit(log, err)
 	}
 
-	orgExists := false
-
-	tykSvc := tyk.NewService(conf, log.WithField("Client", "Tyk"))
-	if err = tykSvc.OrgExists(); err != nil {
-		if !errors.Is(err, tyk.ErrOrgExists) {
+	if conf.BootstrapDashboard {
+		conf.K8s.DashboardSvcUrl, err = k8sClient.DiscoverDashboardSvc()
+		if err != nil {
 			exit(log, err)
 		}
+	}
 
-		orgExists = true
+	tykSvc := tyk.NewClient(conf, log.WithField("Client", "Tyk"))
+
+	orgExists, err := tykSvc.OrgExists()
+	if err != nil {
+		exit(log, err)
 	}
 
 	if !orgExists {
@@ -86,40 +93,50 @@ func main() {
 			"Please provide the Organisation ID and Dashboard Access Key for Kubernetes secrets")
 	}
 
-	createK8sSecret := func(k8sClient *k8s.Client, secretName, secretType string) {
-		fields := logrus.Fields{"secretName": secretName}
-
-		if conf.Tyk.Org.ID == "" {
-			log.WithFields(fields).
-				Warn("Given Organisation ID is empty, the Kubernetes secret will contain empty TYK_ORG")
+	if conf.DevPortalKubernetesSecretName != "" {
+		err = createK8sSecret(
+			log, *conf, k8sClient, conf.DevPortalKubernetesSecretName, "Tyk Developer Portal",
+		)
+		if err != nil {
+			exit(log, err)
 		}
+	}
 
-		if conf.Tyk.Admin.Auth == "" {
-			log.WithFields(fields).
-				Warn("Given User Auth key is empty, the Kubernetes secret will contain empty TYK_AUTH")
+	if conf.OperatorKubernetesSecretName != "" {
+		err = createK8sSecret(log, *conf, k8sClient, conf.OperatorKubernetesSecretName, "Tyk Operator")
+		if err != nil {
+			exit(log, err)
 		}
+	}
+}
 
-		log.WithFields(fields).Infof("Creating Kubernetes Secret for %s", secretType)
+func createK8sSecret(l *logrus.Logger, c config.Config, client *k8s.Client, secretName, secretType string) error {
+	fields := logrus.Fields{"secretName": secretName}
 
-		switch {
-		case strings.Contains(secretType, "Operator"):
-			if err := k8sClient.BootstrapTykOperatorSecret(); err != nil {
-				exit(log, err)
-			}
-		case strings.Contains(secretType, "Portal"):
-			if err := k8sClient.BootstrapTykPortalSecret(); err != nil {
-				exit(log, err)
-			}
-		}
+	if c.Tyk.Org.ID == "" {
+		l.WithFields(fields).
+			Warn("Given Organisation ID is empty, the Kubernetes secret will contain empty TYK_ORG")
 	}
 
-	if conf.DevPortalKubernetesSecretName != "" {
-		createK8sSecret(k8sClient, conf.DevPortalKubernetesSecretName, "Tyk Developer Portal")
+	if c.Tyk.Admin.Auth == "" {
+		l.WithFields(fields).
+			Warn("Given User Auth key is empty, the Kubernetes secret will contain empty TYK_AUTH")
 	}
 
-	if conf.OperatorKubernetesSecretName != "" {
-		createK8sSecret(k8sClient, conf.OperatorKubernetesSecretName, "Tyk Operator")
+	l.WithFields(fields).Infof("Creating Kubernetes Secret for %s", secretType)
+
+	switch {
+	case strings.Contains(secretType, secretTypeOperator):
+		if err := client.BootstrapTykOperatorSecret(); err != nil {
+			return err
+		}
+	case strings.Contains(secretType, secretTypePortal):
+		if err := client.BootstrapTykPortalSecret(); err != nil {
+			return err
+		}
 	}
+
+	return nil
 }
 
 func exit(log *logrus.Logger, err error) {

diff --git a/k8s/client.go b/k8s/client.go
@@ -43,14 +43,5 @@ func NewClient(conf *config.Config, l *logrus.Entry) (*Client, error) {
 
 	cl.clientSet = cs
 
-	if conf.BootstrapDashboard {
-		dashURL, err := cl.discoverDashboardSvc()
-		if err != nil {
-			return nil, err
-		}
-
-		conf.K8s.DashboardSvcUrl = dashURL
-	}
-
 	return cl, nil
 }
diff --git a/k8s/dashboard.go b/k8s/dashboard.go
@@ -56,9 +56,13 @@ func (c *Client) RestartDashboard() error {
 	return err
 }
 
-// discoverDashboardSvc lists Service objects with constants.TykBootstrapLabel label that has
+func (c *Client) Get() string {
+	return c.appArgs.K8s.DashboardSvcUrl
+}
+
+// DiscoverDashboardSvc lists Service objects with constants.TykBootstrapLabel label that has
 // constants.TykBootstrapDashboardSvcLabel value and returns a service URL for Tyk Dashboard.
-func (c *Client) discoverDashboardSvc() (string, error) {
+func (c *Client) DiscoverDashboardSvc() (string, error) {
 	ls := metav1.LabelSelector{MatchLabels: map[string]string{
 		constants.TykBootstrapLabel: constants.TykBootstrapDashboardSvcLabel,
 	}}
@@ -90,10 +94,12 @@ func (c *Client) discoverDashboardSvc() (string, error) {
 		c.l.Warnf("Found multiple open ports in svc/%v/%v", service.Name, service.Namespace)
 	}
 
-	return fmt.Sprintf("%s://%s.%s.svc.cluster.local:%d",
+	c.appArgs.K8s.DashboardSvcUrl = fmt.Sprintf("%s://%s.%s.svc.cluster.local:%d",
 		c.appArgs.K8s.DashboardSvcProto,
 		service.Name,
 		c.appArgs.K8s.ReleaseNamespace,
 		service.Spec.Ports[0].Port,
-	), nil
+	)
+
+	return c.appArgs.K8s.DashboardSvcUrl, nil
 }
diff --git a/k8s/operator.go b/k8s/operator.go
@@ -2,8 +2,8 @@ package k8s
 
 import (
 	"context"
-
 	v1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -19,29 +19,13 @@ const (
 // If the system has the secret created already, it deletes the existing one and recreates
 // a secret for Tyk Operator.
 func (c *Client) BootstrapTykOperatorSecret() error {
-	secrets, err := c.clientSet.
+	err := c.clientSet.
 		CoreV1().
 		Secrets(c.appArgs.K8s.ReleaseNamespace).
-		List(context.TODO(), metav1.ListOptions{})
+		Delete(context.TODO(), c.appArgs.OperatorKubernetesSecretName, metav1.DeleteOptions{})
 	if err != nil {
-		return err
-	}
-
-	for i := range secrets.Items {
-		secret := secrets.Items[i]
-		if secret.Name == c.appArgs.OperatorKubernetesSecretName {
-			err = c.clientSet.
-				CoreV1().
-				Secrets(c.appArgs.K8s.ReleaseNamespace).
-				Delete(context.TODO(), secret.Name, metav1.DeleteOptions{})
-
-			if err != nil {
-				return err
-			}
-
-			c.l.Info("A previously created operator secret was identified and deleted")
-
-			break
+		if !errors.IsNotFound(err) {
+			return err
 		}
 	}
 
@@ -69,59 +53,3 @@ func (c *Client) BootstrapTykOperatorSecret() error {
 
 	return nil
 }
-
-// BootstrapTykPortalSecret creates a secret required by Tyk Developer Portal pod which
-// is not going to be ready until this secret is created. If there is a secret created already,
-// it deletes the existing one and recreates the secret.
-func (c *Client) BootstrapTykPortalSecret() error {
-	// TODO(buraksekili): do we need to list the secrets? Can we just try getting the secret?
-	secrets, err := c.clientSet.
-		CoreV1().
-		Secrets(c.appArgs.K8s.ReleaseNamespace).
-		List(context.TODO(), metav1.ListOptions{})
-	if err != nil {
-		return err
-	}
-
-	for i := range secrets.Items {
-		secret := secrets.Items[i]
-
-		if c.appArgs.DevPortalKubernetesSecretName == secret.Name {
-			err = c.clientSet.
-				CoreV1().
-				Secrets(c.appArgs.K8s.ReleaseNamespace).
-				Delete(context.TODO(), secret.Name, metav1.DeleteOptions{})
-			if err != nil {
-				return err
-			}
-
-			c.l.Info("A previously created portal secret was identified and deleted")
-
-			break
-		}
-	}
-
-	if c.appArgs.DevPortalKubernetesSecretName != "" {
-		secretData := map[string][]byte{
-			tykAuthKey: []byte(c.appArgs.Tyk.Admin.Auth),
-			tykOrgKey:  []byte(c.appArgs.Tyk.Org.ID),
-		}
-
-		objectMeta := metav1.ObjectMeta{Name: c.appArgs.DevPortalKubernetesSecretName}
-
-		secret := v1.Secret{
-			ObjectMeta: objectMeta,
-			Data:       secretData,
-		}
-
-		_, err = c.clientSet.
-			CoreV1().
-			Secrets(c.appArgs.K8s.ReleaseNamespace).
-			Create(context.TODO(), &secret, metav1.CreateOptions{})
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
diff --git a/k8s/portal.go b/k8s/portal.go
@@ -0,0 +1,45 @@
+package k8s
+
+import (
+	"context"
+	v1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// BootstrapTykPortalSecret creates a secret required by Tyk Developer Portal pod which
+// is not going to be ready until this secret is created. If there is a secret created already,
+// it deletes the existing one and recreates the secret.
+func (c *Client) BootstrapTykPortalSecret() error {
+	err := c.clientSet.
+		CoreV1().
+		Secrets(c.appArgs.K8s.ReleaseNamespace).
+		Delete(context.TODO(), c.appArgs.DevPortalKubernetesSecretName, metav1.DeleteOptions{})
+	if err != nil {
+		if !errors.IsNotFound(err) {
+			return err
+		}
+	}
+
+	secretData := map[string][]byte{
+		tykAuthKey: []byte(c.appArgs.Tyk.Admin.Auth),
+		tykOrgKey:  []byte(c.appArgs.Tyk.Org.ID),
+	}
+
+	objectMeta := metav1.ObjectMeta{Name: c.appArgs.DevPortalKubernetesSecretName}
+
+	secret := v1.Secret{
+		ObjectMeta: objectMeta,
+		Data:       secretData,
+	}
+
+	_, err = c.clientSet.
+		CoreV1().
+		Secrets(c.appArgs.K8s.ReleaseNamespace).
+		Create(context.TODO(), &secret, metav1.CreateOptions{})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}