forked from kyma-incubator/compass
/
loader.go
106 lines (93 loc) · 2.74 KB
/
loader.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package revocation
import (
"context"
"time"
"github.com/kyma-incubator/compass/components/director/pkg/log"
v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/watch"
)
const revocationListLoaderCorrelationID = "revocation-list-loader"
type Loader interface {
Run(ctx context.Context)
}
type revokedCertificatesLoader struct {
revokedCertsCache Cache
configMapManager Manager
configMapName string
reconnectInterval time.Duration
}
func NewRevokedCertificatesLoader(revokedCertsCache Cache,
configMapManager Manager,
configMapName string,
reconnectInterval time.Duration,
) Loader {
return &revokedCertificatesLoader{
revokedCertsCache: revokedCertsCache,
configMapManager: configMapManager,
configMapName: configMapName,
reconnectInterval: reconnectInterval,
}
}
func (rl *revokedCertificatesLoader) Run(ctx context.Context) {
entry := log.C(ctx)
entry = entry.WithField(log.FieldRequestID, revocationListLoaderCorrelationID)
ctx = log.ContextWithLogger(ctx, entry)
rl.startKubeWatch(ctx)
}
func (rl *revokedCertificatesLoader) startKubeWatch(ctx context.Context) {
for {
select {
case <-ctx.Done():
log.C(ctx).Info("Context cancelled, stopping revocation config map watcher...")
return
default:
}
log.C(ctx).Info("Starting watcher for revocation list configmap changes...")
watcher, err := rl.configMapManager.Watch(metav1.ListOptions{
FieldSelector: "metadata.name=" + rl.configMapName,
Watch: true,
})
if err != nil {
log.C(ctx).WithError(err).Errorf("Could not initialize watcher. Sleep for %s and try again...", rl.reconnectInterval.String())
time.Sleep(rl.reconnectInterval)
continue
}
log.C(ctx).Info("Waiting for revocation list configmap events...")
rl.processEvents(ctx, watcher.ResultChan())
// Cleanup any allocated resources
watcher.Stop()
time.Sleep(rl.reconnectInterval)
}
}
func (rl *revokedCertificatesLoader) processEvents(ctx context.Context, events <-chan watch.Event) {
for {
select {
case <-ctx.Done():
return
case ev, ok := <-events:
if !ok {
return
}
switch ev.Type {
case watch.Added:
fallthrough
case watch.Modified:
log.C(ctx).Info("Revocation list updated")
config, ok := ev.Object.(*v1.ConfigMap)
if !ok {
log.C(ctx).Error("Unexpected error: object is not configmap. Try again")
continue
}
rl.revokedCertsCache.Put(config.Data)
log.C(ctx).Debugf("New configmap is: %s", config.Data)
case watch.Deleted:
log.C(ctx).Info("Revocation list deleted")
rl.revokedCertsCache.Put(make(map[string]string))
case watch.Error:
log.C(ctx).Error("Error event is received, stop revocation list configmap watcher and try again...")
return
}
}
}
}