This repository has been archived by the owner on Dec 19, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
tenantcluster.go
90 lines (72 loc) · 2.13 KB
/
tenantcluster.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package tenantcluster
import (
"context"
"github.com/giantswarm/certs/v3/pkg/certs"
"github.com/giantswarm/k8sclient/v4/pkg/k8srestconfig"
"github.com/giantswarm/microerror"
"github.com/giantswarm/micrologger"
"k8s.io/client-go/rest"
)
// Config represents the configuration used to create a new tenant cluster
// service.
type Config struct {
CertsSearcher certs.Interface
Logger micrologger.Logger
CertID certs.Cert
}
// TenantCluster provides functionality for connecting to tenant clusters.
type TenantCluster struct {
certsSearcher certs.Interface
logger micrologger.Logger
certID certs.Cert
}
// New creates a new tenant cluster service.
func New(config Config) (*TenantCluster, error) {
if config.CertsSearcher == nil {
return nil, microerror.Maskf(invalidConfigError, "%T.CertsSearcher must not be empty", config)
}
if config.Logger == nil {
return nil, microerror.Maskf(invalidConfigError, "%T.Logger must not be empty", config)
}
if config.CertID == "" {
return nil, microerror.Maskf(invalidConfigError, "%T.CertID must not be empty", config)
}
t := &TenantCluster{
certsSearcher: config.CertsSearcher,
logger: config.Logger,
certID: config.CertID,
}
return t, nil
}
func (t *TenantCluster) NewRestConfig(ctx context.Context, clusterID, apiDomain string) (*rest.Config, error) {
var err error
t.logger.LogCtx(ctx, "level", "debug", "message", "looking for certificates for the tenant cluster")
var tls certs.TLS
{
tls, err = t.certsSearcher.SearchTLS(ctx, clusterID, t.certID)
if certs.IsTimeout(err) {
return nil, microerror.Maskf(timeoutError, err.Error())
} else if err != nil {
return nil, microerror.Mask(err)
}
}
t.logger.LogCtx(ctx, "level", "debug", "message", "found certificates for the tenant cluster")
var restConfig *rest.Config
{
c := k8srestconfig.Config{
Logger: t.logger,
Address: apiDomain,
InCluster: false,
TLS: k8srestconfig.ConfigTLS{
CAData: tls.CA,
CrtData: tls.Crt,
KeyData: tls.Key,
},
}
restConfig, err = k8srestconfig.New(c)
if err != nil {
return nil, microerror.Mask(err)
}
}
return restConfig, nil
}