/
radixdeployment.go
80 lines (66 loc) · 2.29 KB
/
radixdeployment.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package observe
import (
"context"
"encoding/json"
"fmt"
"github.com/equinor/radix-operator/pkg/apis/defaults"
v1 "github.com/equinor/radix-operator/pkg/apis/radix/v1"
"github.com/equinor/radix-vulnerability-scanner/pkg/dockercfg"
"github.com/rs/zerolog/log"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
)
type (
// ImageInfo is sent to observers of RadixDeploymentContainerImageMapper
ImageInfo struct {
ImageName string
DockerAuths dockercfg.DockerAuthConfig
}
// RadixDeploymentContainerImageMapper receives RadixDeployments and emits images defined in jobs and componenets
// together with docker auths data to any observers
RadixDeploymentContainerImageMapper struct {
KubeClient kubernetes.Interface
observable[ImageInfo]
}
// RadixDeploymentListMapper receives slices of RadixDeployments and emits each RadixDeployments to any observers
RadixDeploymentListMapper struct {
observable[*v1.RadixDeployment]
}
)
func (m *RadixDeploymentContainerImageMapper) Receive(rd *v1.RadixDeployment) {
if rd == nil {
return
}
dockerAuths, err := m.readDockerConfigJSON(rd.Namespace)
if err != nil {
log.Warn().Err(err).Msg("unable to read dockerconfigjson secret")
}
for _, c := range rd.Spec.Components {
m.notifyObservers(ImageInfo{ImageName: c.GetImage(), DockerAuths: dockerAuths})
}
for _, c := range rd.Spec.Jobs {
m.notifyObservers(ImageInfo{ImageName: c.GetImage(), DockerAuths: dockerAuths})
}
}
func (m *RadixDeploymentContainerImageMapper) readDockerConfigJSON(namespace string) (dockercfg.DockerAuthConfig, error) {
secret, err := m.KubeClient.CoreV1().Secrets(namespace).Get(context.Background(), defaults.PrivateImageHubSecretName, metav1.GetOptions{})
if err != nil {
return nil, err
}
authJSON, ok := secret.Data[corev1.DockerConfigJsonKey]
if !ok {
return nil, fmt.Errorf("secret %s in namespace %s does not contain data for %s", defaults.PrivateImageHubSecretName, namespace, corev1.DockerConfigJsonKey)
}
var dockerAuths dockercfg.DockerConfigAuthJSON
err = json.Unmarshal(authJSON, &dockerAuths)
if err != nil {
return nil, err
}
return dockerAuths.Auths, nil
}
func (m *RadixDeploymentListMapper) Receive(rds []*v1.RadixDeployment) {
for _, rd := range rds {
m.notifyObservers(rd)
}
}