-
Notifications
You must be signed in to change notification settings - Fork 233
/
csr.go
60 lines (54 loc) · 1.67 KB
/
csr.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package cluster
import (
"context"
"encoding/json"
"fmt"
"time"
crcerrors "github.com/crc-org/crc/v2/pkg/crc/errors"
"github.com/crc-org/crc/v2/pkg/crc/logging"
"github.com/crc-org/crc/v2/pkg/crc/oc"
k8scerts "k8s.io/api/certificates/v1beta1"
)
func WaitForOpenshiftResource(ctx context.Context, ocConfig oc.Config, resource string) error {
logging.Debugf("Waiting for availability of resource type '%s'", resource)
waitForAPIServer := func() error {
stdout, stderr, err := ocConfig.WithFailFast().RunOcCommand("get", resource)
if err != nil {
logging.Debug(stderr)
return &crcerrors.RetriableError{Err: err}
}
logging.Debug(stdout)
return nil
}
return crcerrors.Retry(ctx, 80*time.Second, waitForAPIServer, time.Second)
}
func getCSRList(ctx context.Context, ocConfig oc.Config, expectedSignerName string) (*k8scerts.CertificateSigningRequestList, error) {
var csrs k8scerts.CertificateSigningRequestList
if err := WaitForOpenshiftResource(ctx, ocConfig, "csr"); err != nil {
return nil, err
}
output, stderr, err := ocConfig.WithFailFast().RunOcCommand("get", "csr", "-ojson")
if err != nil {
return nil, fmt.Errorf("Failed to get all certificate signing requests: %v %s", err, stderr)
}
err = json.Unmarshal([]byte(output), &csrs)
if err != nil {
return nil, err
}
if expectedSignerName == "" {
return &csrs, nil
}
var filteredCsrs []k8scerts.CertificateSigningRequest
for _, csr := range csrs.Items {
var signerName string
if csr.Spec.SignerName != nil {
signerName = *csr.Spec.SignerName
}
if expectedSignerName != signerName {
continue
}
filteredCsrs = append(filteredCsrs, csr)
}
csrs.Items = filteredCsrs
return &csrs, nil
}