-
Notifications
You must be signed in to change notification settings - Fork 107
/
registryctl.go
80 lines (64 loc) · 2.86 KB
/
registryctl.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
package harbor
import (
"context"
goharborv1alpha2 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1alpha2"
harbormetav1 "github.com/goharbor/harbor-operator/apis/meta/v1alpha1"
"github.com/goharbor/harbor-operator/controllers"
"github.com/goharbor/harbor-operator/pkg/graph"
"github.com/pkg/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
type RegistryController graph.Resource
func (r *Reconciler) AddRegistryController(ctx context.Context, harbor *goharborv1alpha2.Harbor, registry Registry, tlsIssuer InternalTLSIssuer) (RegistryControllerInternalCertificate, RegistryController, error) {
certificate, err := r.AddRegistryControllerInternalCertificate(ctx, harbor, tlsIssuer)
if err != nil {
return nil, nil, errors.Wrap(err, "certificate")
}
registryCtl, err := r.GetRegistryCtl(ctx, harbor)
if err != nil {
return nil, nil, errors.Wrap(err, "cannot get registryCtl")
}
registryCtlRes, err := r.AddBasicResource(ctx, registryCtl, registry, certificate)
if err != nil {
return nil, nil, errors.Wrap(err, "cannot add registryCtl")
}
return certificate, RegistryController(registryCtlRes), nil
}
type RegistryControllerInternalCertificate graph.Resource
func (r *Reconciler) AddRegistryControllerInternalCertificate(ctx context.Context, harbor *goharborv1alpha2.Harbor, tlsIssuer InternalTLSIssuer) (RegistryControllerInternalCertificate, error) {
cert, err := r.GetInternalTLSCertificate(ctx, harbor, harbormetav1.RegistryControllerTLS)
if err != nil {
return nil, errors.Wrap(err, "get")
}
certRes, err := r.Controller.AddCertificateToManage(ctx, cert, tlsIssuer)
if err != nil {
return nil, errors.Wrap(err, "add")
}
return RegistryControllerInternalCertificate(certRes), nil
}
func (r *Reconciler) GetRegistryCtl(ctx context.Context, harbor *goharborv1alpha2.Harbor) (*goharborv1alpha2.RegistryController, error) {
name := r.NormalizeName(ctx, harbor.GetName())
namespace := harbor.GetNamespace()
registryName := r.NormalizeName(ctx, harbor.GetName())
coreSecretRef := r.NormalizeName(ctx, harbor.GetName(), controllers.Core.String(), "secret")
jobserviceSecretRef := r.NormalizeName(ctx, harbor.GetName(), controllers.JobService.String(), "secret")
tls := harbor.Spec.InternalTLS.GetComponentTLSSpec(r.GetInternalTLSCertificateSecretName(ctx, harbor, harbormetav1.RegistryControllerTLS))
return &goharborv1alpha2.RegistryController{
ObjectMeta: metav1.ObjectMeta{
Name: name,
Namespace: namespace,
},
Spec: goharborv1alpha2.RegistryControllerSpec{
ComponentSpec: harbor.Spec.Registry.ComponentSpec,
RegistryRef: registryName,
Log: goharborv1alpha2.RegistryControllerLogSpec{
Level: harbor.Spec.LogLevel.RegistryCtl(),
},
Authentication: goharborv1alpha2.RegistryControllerAuthenticationSpec{
CoreSecretRef: coreSecretRef,
JobServiceSecretRef: jobserviceSecretRef,
},
TLS: tls,
},
}, nil
}