-
Notifications
You must be signed in to change notification settings - Fork 1
/
create.go
98 lines (82 loc) · 2.92 KB
/
create.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package organization
import (
"context"
"fmt"
"strings"
orgv1 "github.com/appuio/control-api/apis/organization/v1"
controlv1 "github.com/appuio/control-api/apis/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apiserver/pkg/registry/rest"
)
var _ rest.Creater = &organizationStorage{}
func (s *organizationStorage) Create(ctx context.Context, obj runtime.Object, createValidation rest.ValidateObjectFunc, options *metav1.CreateOptions) (runtime.Object, error) {
org, ok := obj.(*orgv1.Organization)
if !ok {
return nil, fmt.Errorf("not an organization: %#v", obj)
}
// Status can only be updated (not created) though the status subresource
org.Status = orgv1.OrganizationStatus{}
// Validate Org
if err := createValidation(ctx, obj); err != nil {
return nil, err
}
if err := s.billingEntityValidator(ctx, org, nil); err != nil {
return nil, fmt.Errorf("failed to validate billing entity reference: %w", err)
}
return s.create(ctx, org, options)
}
func (s *organizationStorage) create(ctx context.Context, org *orgv1.Organization, options *metav1.CreateOptions) (*orgv1.Organization, error) {
ns, err := s.namepaces.CreateNamespace(ctx, org.ToNamespace(), options)
if err != nil {
return nil, convertNamespaceError(err)
}
org = orgv1.NewOrganizationFromNS(ns)
user, ok := userFrom(ctx, s.usernamePrefix)
if ok {
if err := s.rbac.CreateRoleBindings(ctx, org.Name, user.GetName()); err != nil {
// rollback
_, deleteErr := s.namepaces.DeleteNamespace(ctx, org.Name, nil)
if deleteErr != nil {
err = fmt.Errorf("%w and failed to clean up namespace: %s", err, deleteErr.Error())
}
return nil, fmt.Errorf("failed to create organization: %w", err)
}
}
orgMembers := newOrganizationMembers(ctx, org, s.usernamePrefix)
if err := s.members.CreateMembers(ctx, orgMembers); err != nil {
// rollback
_, deleteErr := s.namepaces.DeleteNamespace(ctx, org.Name, nil)
if deleteErr != nil {
err = fmt.Errorf("%w and failed to clean up namespace: %s", err, deleteErr.Error())
}
return nil, fmt.Errorf("failed to create organization: %w", err)
}
return org, nil
}
func newOrganizationMembers(ctx context.Context, organization *orgv1.Organization, usernamePrefix string) *controlv1.OrganizationMembers {
userRefs := []controlv1.UserRef{}
user, ok := userFrom(ctx, usernamePrefix)
if ok {
userRefs = append(userRefs, controlv1.UserRef{
Name: strings.TrimPrefix(user.GetName(), usernamePrefix),
})
}
isController := true
return &controlv1.OrganizationMembers{
ObjectMeta: metav1.ObjectMeta{
Name: "members",
Namespace: organization.Name,
OwnerReferences: []metav1.OwnerReference{{
APIVersion: orgv1.GroupVersion.String(),
Kind: "Organization",
UID: organization.UID,
Name: organization.Name,
Controller: &isController,
}},
},
Spec: controlv1.OrganizationMembersSpec{
UserRefs: userRefs,
},
}
}