From 2c3fe01662efb02301a0d5455f83a6ef4fa25926 Mon Sep 17 00:00:00 2001
From: Thomas Graf <thomas@cilium.io>
Date: Wed, 8 Apr 2020 18:40:58 +0200
Subject: [PATCH] identity: Factor out model handling

The models dependency blows up the dependency chain of pkg/identity
which is otherwise representing a basic type. Move it into a sub
package.

Signed-off-by: Thomas Graf <thomas@cilium.io>
---
 cilium/cmd/bpf_policy_get.go            |  3 +-
 daemon/cmd/daemon.go                    |  3 +-
 daemon/cmd/identity.go                  |  5 ++-
 pkg/endpoint/api.go                     |  3 +-
 pkg/identity/cache/cache.go             |  7 +--
 pkg/identity/identity.go                | 37 ----------------
 pkg/identity/identitymanager/manager.go |  3 +-
 pkg/identity/model/identity.go          | 57 +++++++++++++++++++++++++
 pkg/testutils/endpoint.go               | 12 ++----
 9 files changed, 75 insertions(+), 55 deletions(-)
 create mode 100644 pkg/identity/model/identity.go

diff --git a/cilium/cmd/bpf_policy_get.go b/cilium/cmd/bpf_policy_get.go
index 0e6c90e33c8d..791311a87e77 100644
--- a/cilium/cmd/bpf_policy_get.go
+++ b/cilium/cmd/bpf_policy_get.go
@@ -29,6 +29,7 @@ import (
 	"github.com/cilium/cilium/pkg/byteorder"
 	"github.com/cilium/cilium/pkg/command"
 	"github.com/cilium/cilium/pkg/identity"
+	identitymodel "github.com/cilium/cilium/pkg/identity/model"
 	"github.com/cilium/cilium/pkg/maps/policymap"
 	"github.com/cilium/cilium/pkg/policy/trafficdirection"
 	"github.com/cilium/cilium/pkg/u8proto"
@@ -138,7 +139,7 @@ func formatMap(w io.Writer, statsMap []policymap.PolicyEntryDump) {
 				fmt.Fprintf(os.Stderr, "Was impossible to retrieve label ID %d: %s\n",
 					id, err)
 			} else {
-				labelsID[id] = identity.NewIdentityFromModel(lbls)
+				labelsID[id] = identitymodel.NewIdentityFromModel(lbls)
 			}
 		}
 
diff --git a/daemon/cmd/daemon.go b/daemon/cmd/daemon.go
index c52cdcc65203..9613e360f370 100644
--- a/daemon/cmd/daemon.go
+++ b/daemon/cmd/daemon.go
@@ -43,6 +43,7 @@ import (
 	"github.com/cilium/cilium/pkg/identity"
 	"github.com/cilium/cilium/pkg/identity/cache"
 	"github.com/cilium/cilium/pkg/identity/identitymanager"
+	identitymodel "github.com/cilium/cilium/pkg/identity/model"
 	"github.com/cilium/cilium/pkg/ipam"
 	"github.com/cilium/cilium/pkg/ipcache"
 	"github.com/cilium/cilium/pkg/k8s"
@@ -649,7 +650,7 @@ func (d *Daemon) GetIdentity(securityIdentity uint64) (*models.Identity, error)
 	if ident == nil {
 		return nil, fmt.Errorf("identity %d not found", securityIdentity)
 	}
-	return ident.GetModel(), nil
+	return identitymodel.CreateModel(ident), nil
 }
 
 // GetEndpointInfo returns endpoint info for a given IP address. Hubble uses this function to populate
diff --git a/daemon/cmd/identity.go b/daemon/cmd/identity.go
index e03104e3a2bf..0d5854727a11 100644
--- a/daemon/cmd/identity.go
+++ b/daemon/cmd/identity.go
@@ -20,6 +20,7 @@ import (
 	"github.com/cilium/cilium/pkg/identity"
 	"github.com/cilium/cilium/pkg/identity/cache"
 	"github.com/cilium/cilium/pkg/identity/identitymanager"
+	identitymodel "github.com/cilium/cilium/pkg/identity/model"
 	"github.com/cilium/cilium/pkg/labels"
 	"github.com/cilium/cilium/pkg/logging/logfields"
 
@@ -46,7 +47,7 @@ func (h *getIdentity) Handle(params GetIdentityParams) middleware.Responder {
 			return NewGetIdentityIDNotFound()
 		}
 
-		identities = append(identities, identity.GetModel())
+		identities = append(identities, identitymodel.CreateModel(identity))
 	}
 
 	return NewGetIdentityOK().WithPayload(identities)
@@ -73,7 +74,7 @@ func (h *getIdentityID) Handle(params GetIdentityIDParams) middleware.Responder
 		return NewGetIdentityIDNotFound()
 	}
 
-	return NewGetIdentityIDOK().WithPayload(identity.GetModel())
+	return NewGetIdentityIDOK().WithPayload(identitymodel.CreateModel(identity))
 }
 
 type getIdentityEndpoints struct{}
diff --git a/pkg/endpoint/api.go b/pkg/endpoint/api.go
index 76d201dcd437..8797bff2b5dd 100644
--- a/pkg/endpoint/api.go
+++ b/pkg/endpoint/api.go
@@ -28,6 +28,7 @@ import (
 	"github.com/cilium/cilium/pkg/endpoint/regeneration"
 	"github.com/cilium/cilium/pkg/fqdn"
 	"github.com/cilium/cilium/pkg/identity/cache"
+	identitymodel "github.com/cilium/cilium/pkg/identity/model"
 	"github.com/cilium/cilium/pkg/labels"
 	"github.com/cilium/cilium/pkg/labels/model"
 	"github.com/cilium/cilium/pkg/logging/logfields"
@@ -197,7 +198,7 @@ func (e *Endpoint) GetModelRLocked() *models.Endpoint {
 			// FIXME GH-3280 When we begin implementing revision numbers this will
 			// diverge from models.Endpoint.Spec to reflect the in-datapath config
 			Realized: spec,
-			Identity: e.SecurityIdentity.GetModel(),
+			Identity: identitymodel.CreateModel(e.SecurityIdentity),
 			Labels:   lblMdl,
 			Networking: &models.EndpointNetworking{
 				Addressing: []*models.AddressPair{{
diff --git a/pkg/identity/cache/cache.go b/pkg/identity/cache/cache.go
index 10512e1b0029..5fb8e50e8645 100644
--- a/pkg/identity/cache/cache.go
+++ b/pkg/identity/cache/cache.go
@@ -21,6 +21,7 @@ import (
 	"github.com/cilium/cilium/api/v1/models"
 	"github.com/cilium/cilium/pkg/allocator"
 	"github.com/cilium/cilium/pkg/identity"
+	identitymodel "github.com/cilium/cilium/pkg/identity/model"
 	"github.com/cilium/cilium/pkg/idpool"
 	"github.com/cilium/cilium/pkg/kvstore"
 	"github.com/cilium/cilium/pkg/labels"
@@ -84,17 +85,17 @@ func (m *CachingIdentityAllocator) GetIdentities() IdentitiesModel {
 	m.IdentityAllocator.ForeachCache(func(id idpool.ID, val allocator.AllocatorKey) {
 		if gi, ok := val.(GlobalIdentity); ok {
 			identity := identity.NewIdentityFromLabelArray(identity.NumericIdentity(id), gi.LabelArray)
-			identities = append(identities, identity.GetModel())
+			identities = append(identities, identitymodel.CreateModel(identity))
 		}
 
 	})
 	// append user reserved identities
 	for _, v := range identity.ReservedIdentityCache {
-		identities = append(identities, v.GetModel())
+		identities = append(identities, identitymodel.CreateModel(v))
 	}
 
 	for _, v := range m.localIdentities.GetIdentities() {
-		identities = append(identities, v.GetModel())
+		identities = append(identities, identitymodel.CreateModel(v))
 	}
 
 	return identities
diff --git a/pkg/identity/identity.go b/pkg/identity/identity.go
index 7fd3e9a55c23..dfebf0f7e909 100644
--- a/pkg/identity/identity.go
+++ b/pkg/identity/identity.go
@@ -18,7 +18,6 @@ import (
 	"fmt"
 	"net"
 
-	"github.com/cilium/cilium/api/v1/models"
 	"github.com/cilium/cilium/pkg/labels"
 )
 
@@ -70,24 +69,6 @@ type IPIdentityPair struct {
 	K8sPodName   string          `json:"K8sPodName,omitempty"`
 }
 
-func NewIdentityFromModel(base *models.Identity) *Identity {
-	if base == nil {
-		return nil
-	}
-
-	id := &Identity{
-		ID:     NumericIdentity(base.ID),
-		Labels: make(labels.Labels),
-	}
-	for _, v := range base.Labels {
-		lbl := labels.ParseLabel(v)
-		id.Labels[lbl.Key] = lbl
-	}
-	id.Sanitize()
-
-	return id
-}
-
 // Sanitize takes a partially initialized Identity (for example, deserialized
 // from json) and reconstitutes the full object from what has been restored.
 func (id *Identity) Sanitize() {
@@ -116,24 +97,6 @@ func (id *Identity) String() string {
 	return id.ID.StringID()
 }
 
-func (id *Identity) GetModel() *models.Identity {
-	if id == nil {
-		return nil
-	}
-
-	ret := &models.Identity{
-		ID:           int64(id.ID),
-		Labels:       []string{},
-		LabelsSHA256: "",
-	}
-
-	for _, v := range id.Labels {
-		ret.Labels = append(ret.Labels, v.String())
-	}
-	ret.LabelsSHA256 = id.GetLabelsSHA256()
-	return ret
-}
-
 // IsReserved returns whether the identity represents a reserved identity
 // (true), or not (false).
 func (id *Identity) IsReserved() bool {
diff --git a/pkg/identity/identitymanager/manager.go b/pkg/identity/identitymanager/manager.go
index a56525b3203b..dd29782ac8b4 100644
--- a/pkg/identity/identitymanager/manager.go
+++ b/pkg/identity/identitymanager/manager.go
@@ -17,6 +17,7 @@ package identitymanager
 import (
 	"github.com/cilium/cilium/api/v1/models"
 	"github.com/cilium/cilium/pkg/identity"
+	"github.com/cilium/cilium/pkg/identity/model"
 	"github.com/cilium/cilium/pkg/lock"
 	"github.com/cilium/cilium/pkg/logging/logfields"
 
@@ -187,7 +188,7 @@ func (idm *IdentityManager) GetIdentityModels() []*models.IdentityEndpoints {
 
 	for _, v := range idm.identities {
 		identities = append(identities, &models.IdentityEndpoints{
-			Identity: v.identity.GetModel(),
+			Identity: model.CreateModel(v.identity),
 			RefCount: int64(v.refCount),
 		})
 	}
diff --git a/pkg/identity/model/identity.go b/pkg/identity/model/identity.go
new file mode 100644
index 000000000000..9d1133a69e51
--- /dev/null
+++ b/pkg/identity/model/identity.go
@@ -0,0 +1,57 @@
+// Copyright 2018-2019 Authors of Cilium
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package model
+
+import (
+	"github.com/cilium/cilium/api/v1/models"
+	"github.com/cilium/cilium/pkg/identity"
+	"github.com/cilium/cilium/pkg/labels"
+)
+
+func NewIdentityFromModel(base *models.Identity) *identity.Identity {
+	if base == nil {
+		return nil
+	}
+
+	id := &identity.Identity{
+		ID:     identity.NumericIdentity(base.ID),
+		Labels: make(labels.Labels),
+	}
+	for _, v := range base.Labels {
+		lbl := labels.ParseLabel(v)
+		id.Labels[lbl.Key] = lbl
+	}
+	id.Sanitize()
+
+	return id
+}
+
+func CreateModel(id *identity.Identity) *models.Identity {
+	if id == nil {
+		return nil
+	}
+
+	ret := &models.Identity{
+		ID:           int64(id.ID),
+		Labels:       []string{},
+		LabelsSHA256: "",
+	}
+
+	for _, v := range id.Labels {
+		ret.Labels = append(ret.Labels, v.String())
+	}
+	ret.LabelsSHA256 = id.GetLabelsSHA256()
+	return ret
+}
diff --git a/pkg/testutils/endpoint.go b/pkg/testutils/endpoint.go
index 83f8e7afc884..323b133ad81b 100644
--- a/pkg/testutils/endpoint.go
+++ b/pkg/testutils/endpoint.go
@@ -15,9 +15,9 @@
 package testutils
 
 import (
-	identityMdl "github.com/cilium/cilium/api/v1/models"
 	"github.com/cilium/cilium/common/addressing"
 	"github.com/cilium/cilium/pkg/identity"
+	"github.com/cilium/cilium/pkg/labels"
 	"github.com/cilium/cilium/pkg/mac"
 	"github.com/cilium/cilium/pkg/option"
 
@@ -25,10 +25,7 @@ import (
 )
 
 var (
-	defaultIdentity = identity.NewIdentityFromModel(&identityMdl.Identity{
-		ID:     42,
-		Labels: []string{"foo"},
-	})
+	defaultIdentity = identity.NewIdentity(42, labels.NewLabelsFromModel([]string{"foo"}))
 )
 
 type TestEndpoint struct {
@@ -82,10 +79,7 @@ func (e *TestEndpoint) Logger(subsystem string) *logrus.Entry {
 }
 
 func (e *TestEndpoint) SetIdentity(secID int64, newEndpoint bool) {
-	e.Identity = identity.NewIdentityFromModel(&identityMdl.Identity{
-		ID:     secID,
-		Labels: []string{"bar"},
-	})
+	e.Identity = identity.NewIdentity(identity.NumericIdentity(secID), labels.NewLabelsFromModel([]string{"bar"}))
 }
 
 func (e *TestEndpoint) StateDir() string {