-
-
Notifications
You must be signed in to change notification settings - Fork 3
/
common.go
130 lines (103 loc) · 3.43 KB
/
common.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
package reconciler
import (
"context"
v1beta1 "github.com/ckotzbauer/access-manager/apis/access-manager.io/v1beta1"
"github.com/go-logr/logr"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/client-go/kubernetes"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/reconcile"
)
// Reconciler runtime-object
type Reconciler struct {
Client kubernetes.Clientset
ControllerClient client.Client
Scheme *runtime.Scheme
Logger logr.Logger
}
// ReconcileNamespace applies all desired changes of the Namespace
func (r *Reconciler) ReconcileNamespace(instance *corev1.Namespace) (reconcile.Result, error) {
result1, err1 := r.processRbacDefinitions()
result2, err2 := r.processSecretDefinitions()
if err1 != nil {
return result1, err1
}
if err2 != nil {
return result2, err2
}
return reconcile.Result{}, nil
}
func (r *Reconciler) processRbacDefinitions() (reconcile.Result, error) {
list := &v1beta1.RbacDefinitionList{}
err := r.ControllerClient.List(context.Background(), list)
if err != nil {
r.Logger.Error(err, "Unexpected error occurred!")
return reconcile.Result{}, err
}
for _, def := range list.Items {
if def.Spec.Paused {
continue
}
_, err = r.ReconcileRbacDefinition(&def)
if err != nil {
return reconcile.Result{}, err
}
}
return reconcile.Result{}, nil
}
func (r *Reconciler) processSecretDefinitions() (reconcile.Result, error) {
list := &v1beta1.SyncSecretDefinitionList{}
err := r.ControllerClient.List(context.Background(), list)
if err != nil {
r.Logger.Error(err, "Unexpected error occurred!")
return reconcile.Result{}, err
}
for _, def := range list.Items {
if def.Spec.Paused {
continue
}
_, err = r.ReconcileSyncSecretDefinition(&def)
if err != nil {
return reconcile.Result{}, err
}
}
return reconcile.Result{}, nil
}
// HasNamedOwner returns true if the owner array includes a object of the givien kind and name
func HasNamedOwner(refs []metav1.OwnerReference, kind, name string) bool {
for _, ref := range refs {
if ref.Controller != nil && *ref.Controller && ref.Kind == kind && (name == "" || name == ref.Name) {
return true
}
}
return false
}
// GetRelevantNamespaces returns a filtered list of namespaces matching the NamespacedSpec
func (r *Reconciler) GetRelevantNamespaces(selector metav1.LabelSelector, nameSpec v1beta1.NamespaceSpec) []corev1.Namespace {
if selector.MatchLabels != nil || len(selector.MatchExpressions) > 0 {
selector, err := metav1.LabelSelectorAsSelector(&selector)
if err != nil {
r.Logger.WithValues("Selector", selector).Error(err, "Could not parse LabelSelector or MatchExpression.")
return nil
}
listOptions := metav1.ListOptions{LabelSelector: selector.String()}
namespaces, err := r.Client.CoreV1().Namespaces().List(context.Background(), listOptions)
if err != nil {
r.Logger.Error(err, "Could not list namespaces.")
return nil
}
return namespaces.Items
} else if nameSpec.Name != "" {
namespace, err := r.Client.CoreV1().Namespaces().Get(context.Background(), nameSpec.Name, metav1.GetOptions{})
if err != nil {
r.Logger.WithValues("NsName", nameSpec.Name).Error(err, "Could not find Namespace with name.")
return nil
}
return []corev1.Namespace{*namespace}
} else {
r.Logger.Error(nil, "Invalid role binding, namespace or namespaceSelector required")
return nil
}
}