-
Notifications
You must be signed in to change notification settings - Fork 151
/
transformer_cluster_credential.go
102 lines (87 loc) · 3.36 KB
/
transformer_cluster_credential.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
/*
Copyright (C) 2022-2024 ApeCloud Co., Ltd
This file is part of KubeBlocks project
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package apps
import (
corev1 "k8s.io/api/core/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"sigs.k8s.io/controller-runtime/pkg/client"
"github.com/apecloud/kubeblocks/pkg/common"
"github.com/apecloud/kubeblocks/pkg/controller/component"
"github.com/apecloud/kubeblocks/pkg/controller/factory"
"github.com/apecloud/kubeblocks/pkg/controller/graph"
"github.com/apecloud/kubeblocks/pkg/controller/model"
)
// clusterCredentialTransformer creates the default cluster connection credential secret
type clusterConnCredentialTransformer struct{}
var _ graph.Transformer = &clusterConnCredentialTransformer{}
func (t *clusterConnCredentialTransformer) Transform(ctx graph.TransformContext, dag *graph.DAG) error {
transCtx, _ := ctx.(*clusterTransformContext)
if model.IsObjectDeleting(transCtx.OrigCluster) {
return nil
}
if common.IsCompactMode(transCtx.OrigCluster.Annotations) {
transCtx.V(1).Info("Cluster is in compact mode, no need to create accounts related secrets", "cluster", client.ObjectKeyFromObject(transCtx.OrigCluster))
return nil
}
if !t.isLegacyCluster(transCtx) {
return nil
}
return t.buildClusterConnCredential(transCtx, dag)
}
func (t *clusterConnCredentialTransformer) isLegacyCluster(transCtx *clusterTransformContext) bool {
for _, compSpec := range transCtx.ComponentSpecs {
compDef, ok := transCtx.ComponentDefs[compSpec.ComponentDef]
if ok && (len(compDef.UID) > 0 || !compDef.CreationTimestamp.IsZero()) {
return false
}
}
return true
}
func (t *clusterConnCredentialTransformer) buildClusterConnCredential(transCtx *clusterTransformContext, dag *graph.DAG) error {
graphCli, _ := transCtx.Client.(model.GraphClient)
synthesizedComponent := t.buildSynthesizedComponent(transCtx)
if synthesizedComponent == nil {
return nil
}
secret := factory.BuildConnCredential(transCtx.ClusterDef, transCtx.Cluster, synthesizedComponent)
if secret == nil {
return nil
}
err := transCtx.Client.Get(transCtx.Context, client.ObjectKeyFromObject(secret), &corev1.Secret{})
if err != nil && !apierrors.IsNotFound(err) {
return err
}
if apierrors.IsNotFound(err) {
graphCli.Create(dag, secret)
}
return nil
}
func (t *clusterConnCredentialTransformer) buildSynthesizedComponent(transCtx *clusterTransformContext) *component.SynthesizedComponent {
for _, compDef := range transCtx.ClusterDef.Spec.ComponentDefs {
if compDef.Service == nil {
continue
}
for _, compSpec := range transCtx.ComponentSpecs {
if compDef.Name != compSpec.ComponentDefRef {
continue
}
return &component.SynthesizedComponent{
Name: compSpec.Name,
Services: []corev1.Service{{Spec: compDef.Service.ToSVCSpec()}},
}
}
}
return nil
}