-
Notifications
You must be signed in to change notification settings - Fork 67
/
remote.go
105 lines (87 loc) · 3 KB
/
remote.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors
//
// SPDX-License-Identifier: Apache-2.0
package provider
import (
"fmt"
"strings"
"sync"
"github.com/gardener/controller-manager-library/pkg/controllermanager/controller"
"github.com/gardener/controller-manager-library/pkg/logger"
"github.com/gardener/controller-manager-library/pkg/resources"
"github.com/gardener/external-dns-management/pkg/server/remote/embed"
corev1 "k8s.io/api/core/v1"
)
var _ LightDNSHandler = &dnsProviderVersionLightHandler{}
type dnsProviderVersionLightHandler struct {
version *dnsProviderVersion
}
func handler(version *dnsProviderVersion) LightDNSHandler {
return dnsProviderVersionLightHandler{
version: version,
}
}
func (h dnsProviderVersionLightHandler) ProviderType() string {
return h.version.TypeCode()
}
func (h dnsProviderVersionLightHandler) GetZones() (DNSHostedZones, error) {
return h.version.GetZones(), nil
}
func (h dnsProviderVersionLightHandler) GetZoneState(zone DNSHostedZone) (DNSZoneState, error) {
for _, z := range h.version.GetZones() {
if z.Id() == zone.Id() {
return h.version.GetZoneState(zone)
}
}
return nil, fmt.Errorf("zone %s is not included", zone.Id())
}
func (h dnsProviderVersionLightHandler) ExecuteRequests(logger logger.LogContext, zone DNSHostedZone, state DNSZoneState, reqs []*ChangeRequest) error {
return h.version.ExecuteRequests(logger, zone, state, reqs)
}
func createRemoteAccessConfig(c controller.Interface) (*embed.RemoteAccessServerConfig, error) {
remoteAccessPort, err := c.GetIntOption(OPT_REMOTE_ACCESS_PORT)
if err != nil {
return nil, err
}
if remoteAccessPort == 0 {
return nil, nil
}
values := map[string]string{}
for _, key := range []string{OPT_REMOTE_ACCESS_CACERT, OPT_REMOTE_ACCESS_SERVER_SECRET_NAME} {
value, _ := c.GetStringOption(key)
if value == "" {
return nil, fmt.Errorf("missing %s for activated remote access server", key)
}
values[key] = value
}
parts := strings.Split(values[OPT_REMOTE_ACCESS_SERVER_SECRET_NAME], "/")
if len(parts) != 2 {
return nil, fmt.Errorf("invalid format for %s: expected '<namespace>/<name>'", OPT_REMOTE_ACCESS_SERVER_SECRET_NAME)
}
secretName := resources.NewObjectName(parts[0], parts[1])
return &embed.RemoteAccessServerConfig{
Port: remoteAccessPort,
CACertFilename: values[OPT_REMOTE_ACCESS_CACERT],
SecretName: secretName,
ServerSecretProvider: &serverSecretProvider{},
}, nil
}
type serverSecretProvider struct {
lock sync.Mutex
handlers []embed.ServerSecretUpdateHandler
secret *corev1.Secret
}
var _ embed.ServerSecretProvider = &serverSecretProvider{}
func (s *serverSecretProvider) UpdateSecret(secret *corev1.Secret) {
s.lock.Lock()
defer s.lock.Unlock()
s.secret = secret
for _, handler := range s.handlers {
handler(secret)
}
}
func (s *serverSecretProvider) AddUpdateHandler(handler embed.ServerSecretUpdateHandler) {
s.lock.Lock()
defer s.lock.Unlock()
s.handlers = append(s.handlers, handler)
}