-
Notifications
You must be signed in to change notification settings - Fork 67
/
x509.go
93 lines (83 loc) · 2.98 KB
/
x509.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
package changedetector
import (
"context"
"fmt"
"github.com/armory/spinnaker-operator/pkg/apis/spinnaker/interfaces"
"github.com/armory/spinnaker-operator/pkg/util"
"github.com/go-logr/logr"
v1 "k8s.io/api/core/v1"
"k8s.io/client-go/tools/record"
"sigs.k8s.io/controller-runtime/pkg/client"
"strconv"
)
type x509ChangeDetector struct {
client client.Client
log logr.Logger
evtRecorder record.EventRecorder
}
type x509ChangeDetectorGenerator struct {
}
func (g *x509ChangeDetectorGenerator) NewChangeDetector(client client.Client, log logr.Logger, evtRecorder record.EventRecorder) (ChangeDetector, error) {
return &x509ChangeDetector{client: client, log: log, evtRecorder: evtRecorder}, nil
}
// IsSpinnakerUpToDate returns true if there is a x509 configuration with a matching service
func (ch *x509ChangeDetector) IsSpinnakerUpToDate(ctx context.Context, spinSvc interfaces.SpinnakerService) (bool, error) {
rLogger := ch.log.WithValues("Service", spinSvc.GetName())
exp := spinSvc.GetExposeConfig()
if exp.Type == "" {
return true, nil
}
// ignore error as default.apiPort may not exist
apiPort, _ := spinSvc.GetSpinnakerConfig().GetServiceConfigPropString(ctx, "gate", "default.apiPort")
svc, err := util.GetService(util.GateX509ServiceName, spinSvc.GetNamespace(), ch.client)
if err != nil {
rLogger.Info(fmt.Sprintf("Error retrieving service %s: %s", util.GateX509ServiceName, err.Error()))
return false, err
}
if apiPort == "" {
return svc == nil, nil
}
if svc == nil {
rLogger.Info(fmt.Sprintf("x509 support enabled in config but no kubernetes exposed service exists yet"))
return false, err
}
if len(svc.Spec.Ports) < 1 {
rLogger.Info(fmt.Sprintf("%s kubernetes service missing ports", util.GateX509ServiceName))
return false, err
}
apiPortInt, err := strconv.ParseInt(apiPort, 10, 32)
if err != nil {
rLogger.Info(fmt.Sprintf("Error converting api port %s from configs to integer", apiPort))
return false, err
}
publicPort, targetPort := ch.getX509Ports(svc)
// TargetPort is different?
if targetPort != int32(apiPortInt) {
rLogger.Info(fmt.Sprintf("Target (internal) port for service %s expected: %d, actual: %d", util.GateX509ServiceName, apiPortInt, targetPort))
return false, nil
}
// Public port is different?
desiredPort := util.GetDesiredExposePort(ctx, "gate-x509", int32(443), spinSvc)
if desiredPort != publicPort {
rLogger.Info(fmt.Sprintf("Public port for service %s expected: %d, actual: %d", util.GateX509ServiceName, desiredPort, publicPort))
return false, nil
}
return true, nil
}
func (ch *x509ChangeDetector) AlwaysRun() bool {
return false
}
func (ch *x509ChangeDetector) getX509Ports(svc *v1.Service) (int32, int32) {
for _, p := range svc.Spec.Ports {
if p.Name == util.GateX509PortName {
return p.Port, p.TargetPort.IntVal
}
}
return 0, 0
}
func (ch *x509ChangeDetector) getPortOverride(exp interfaces.ExposeConfig) int32 {
if c, ok := exp.Service.Overrides["gate-x509"]; ok {
return c.PublicPort
}
return 0
}