-
Notifications
You must be signed in to change notification settings - Fork 22
/
state.go
143 lines (114 loc) · 4.46 KB
/
state.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
/*
* SPDX-FileCopyrightText: 2019 SAP SE or an SAP affiliate company and Gardener contributors
*
* SPDX-License-Identifier: Apache-2.0
*/
package core
import (
"github.com/gardener/cert-management/pkg/apis/cert/v1alpha1"
"github.com/gardener/cert-management/pkg/cert/utils"
"github.com/gardener/controller-manager-library/pkg/resources"
v1 "k8s.io/api/core/v1"
)
type state struct {
secrets ReferencedSecrets
altSecrets ReferencedSecrets
eabSecrets ReferencedSecrets
certificates AssociatedObjects
quotas Quotas
selections IssuerDNSSelections
overdueCerts objectNameSet
revokedCerts objectNameSet
}
func newState() *state {
return &state{secrets: *NewReferencedSecrets(), altSecrets: *NewReferencedSecrets(), eabSecrets: *NewReferencedSecrets(),
certificates: *NewAssociatedObjects(), quotas: *NewQuotas(),
selections: *NewIssuerDNSSelections(),
overdueCerts: *newObjectNameSet(), revokedCerts: *newObjectNameSet()}
}
func (s *state) AddIssuerDomains(key utils.IssuerKey, sel *v1alpha1.DNSSelection) {
s.selections.Add(key, sel)
}
func (s *state) GetAllIssuerDomains() map[utils.IssuerKey]*v1alpha1.DNSSelection {
return s.selections.GetAll()
}
func (s *state) RemoveIssuer(key utils.IssuerKey) bool {
s.certificates.RemoveBySource(key)
s.quotas.RemoveIssuer(key)
s.eabSecrets.RemoveIssuer(key)
s.altSecrets.RemoveIssuer(key)
s.selections.Remove(key)
return s.secrets.RemoveIssuer(key)
}
func (s *state) AddCertAssoc(issuer utils.IssuerKey, cert resources.ObjectName) {
s.certificates.AddAssoc(issuer, cert)
}
func (s *state) RemoveCertAssoc(cert resources.ObjectName) {
s.certificates.RemoveByDest(cert)
}
func (s *state) CertificateNamesForIssuer(issuer utils.IssuerKey) []resources.ObjectName {
return s.certificates.DestinationsAsArray(issuer)
}
func (s *state) CertificateCountForIssuer(issuer utils.IssuerKey) int {
return s.certificates.DestinationsCount(issuer)
}
func (s *state) KnownIssuers() []utils.IssuerKey {
return s.selections.Issuers()
}
func (s *state) RememberIssuerQuotas(issuer utils.IssuerKey, requestsPerDay int) {
s.quotas.RememberQuotas(issuer, requestsPerDay)
}
// TryAcceptCertificateRequest tries to accept a certificate request according to the quotas.
// Return true if accepted and the requests per days quota value
func (s *state) TryAcceptCertificateRequest(issuer utils.IssuerKey) (bool, int) {
return s.quotas.TryAccept(issuer)
}
func (s *state) IssuerNamesForSecret(secretKey utils.IssuerSecretKey) utils.IssuerKeySet {
return s.secrets.IssuerNamesFor(secretKey)
}
func (s *state) RememberIssuerSecret(issuer utils.IssuerKey, secretRef *v1.SecretReference, hash string) {
s.secrets.RememberIssuerSecret(issuer, secretRef, hash)
}
func (s *state) GetIssuerSecretHash(issuerKey utils.IssuerKey) string {
return s.secrets.GetIssuerSecretHash(issuerKey)
}
// RememberAltIssuerSecret for migration
// This method is only needed for a bugfix for migrating v0.7.x to v0.8.x an can be deleted after v0.9.0
func (s *state) RememberAltIssuerSecret(issuer utils.IssuerKey, secretRef *v1.SecretReference, hash string) {
s.altSecrets.RememberIssuerSecret(issuer, secretRef, hash)
}
// GetAltIssuerSecretHash for migration
// This method is only needed for a bugfix for migrating v0.7.x to v0.8.x an can be deleted after v0.9.0
func (s *state) GetAltIssuerSecretHash(issuerKey utils.IssuerKey) string {
return s.altSecrets.GetIssuerSecretHash(issuerKey)
}
func (s *state) IssuerNamesForEABSecret(secretKey utils.IssuerSecretKey) utils.IssuerKeySet {
return s.eabSecrets.IssuerNamesFor(secretKey)
}
func (s *state) RememberIssuerEABSecret(issuer utils.IssuerKey, secretRef *v1.SecretReference, hash string) {
s.eabSecrets.RememberIssuerSecret(issuer, secretRef, hash)
}
func (s *state) AddRenewalOverdue(certName resources.ObjectName) bool {
return s.overdueCerts.Add(certName)
}
func (s *state) RemoveRenewalOverdue(certName resources.ObjectName) bool {
return s.overdueCerts.Remove(certName)
}
func (s *state) GetAllRenewalOverdue() []resources.ObjectName {
return s.overdueCerts.AsArray()
}
func (s *state) GetRenewalOverdueCount() int {
return s.overdueCerts.Size()
}
func (s *state) AddRevoked(certName resources.ObjectName) bool {
return s.revokedCerts.Add(certName)
}
func (s *state) RemoveRevoked(certName resources.ObjectName) bool {
return s.revokedCerts.Remove(certName)
}
func (s *state) GetAllRevoked() []resources.ObjectName {
return s.revokedCerts.AsArray()
}
func (s *state) GetRevokedCount() int {
return s.revokedCerts.Size()
}