-
Notifications
You must be signed in to change notification settings - Fork 288
/
store.go
108 lines (88 loc) · 3.42 KB
/
store.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
/*
Copyright 2020 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package k8s
import (
"fmt"
"time"
"sigs.k8s.io/secrets-store-csi-driver/controllers"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
coreInformers "k8s.io/client-go/informers/core/v1"
"k8s.io/client-go/informers/internalinterfaces"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/tools/cache"
)
// Informer holds the shared index informers
type Informer struct {
NodePublishSecretRefSecret cache.SharedIndexInformer
}
// Lister holds the object lister
type Lister struct {
NodePublishSecretRefSecret SecretLister
}
// Store for secrets with label 'secrets-store.csi.k8s.io/used'
type Store interface {
// GetNodePublishSecretRefSecret returns the NodePublishSecretRef secret matching name and namespace
GetNodePublishSecretRefSecret(name, namespace string) (*corev1.Secret, error)
// Run initializes and runs the informers
Run(stopCh <-chan struct{}) error
}
type k8sStore struct {
informers *Informer
listers *Lister
}
// New returns store.Store for NodePublishSecretRefSecret
func New(kubeClient kubernetes.Interface, resyncPeriod time.Duration) (Store, error) {
store := &k8sStore{
informers: &Informer{},
listers: &Lister{},
}
store.informers.NodePublishSecretRefSecret = newNodePublishSecretRefSecretInformer(kubeClient, resyncPeriod)
store.listers.NodePublishSecretRefSecret.Store = store.informers.NodePublishSecretRefSecret.GetStore()
return store, nil
}
// Run initiates the sync of the informers and caches
func (s k8sStore) Run(stopCh <-chan struct{}) error {
return s.informers.run(stopCh)
}
// GetNodePublishSecretRefSecret returns the NodePublishSecretRef secret matching name and namespace
func (s k8sStore) GetNodePublishSecretRefSecret(name, namespace string) (*corev1.Secret, error) {
return s.listers.NodePublishSecretRefSecret.GetWithKey(fmt.Sprintf("%s/%s", namespace, name))
}
func (i *Informer) run(stopCh <-chan struct{}) error {
go i.NodePublishSecretRefSecret.Run(stopCh)
synced := []cache.InformerSynced{
i.NodePublishSecretRefSecret.HasSynced,
}
if !cache.WaitForCacheSync(stopCh, synced...) {
return fmt.Errorf("failed to sync informer caches")
}
return nil
}
// newNodePublishSecretRefSecretInformer returns a NodePublishSecretRef informer
func newNodePublishSecretRefSecretInformer(kubeClient kubernetes.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return coreInformers.NewFilteredSecretInformer(
kubeClient,
corev1.NamespaceAll,
resyncPeriod,
cache.Indexers{},
usedFilterForSecret(),
)
}
// usedFilterForSecret returns tweak options to filter using used label (secrets-store.csi.k8s.io/used=true).
// this label will need to be configured by user for NodePublishSecretRef secrets.
func usedFilterForSecret() internalinterfaces.TweakListOptionsFunc {
return func(options *metav1.ListOptions) {
options.LabelSelector = fmt.Sprintf("%s=true", controllers.SecretUsedLabel)
}
}