-
Notifications
You must be signed in to change notification settings - Fork 12
/
aiven.go
118 lines (99 loc) · 3.21 KB
/
aiven.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
package aiven
import (
"fmt"
"time"
aiven_nais_io_v1 "github.com/nais/liberator/pkg/apis/aiven.nais.io/v1"
nais_io_v1 "github.com/nais/liberator/pkg/apis/nais.io/v1"
nais_io_v1alpha1 "github.com/nais/liberator/pkg/apis/nais.io/v1alpha1"
"github.com/nais/liberator/pkg/namegen"
v1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/util/validation"
"github.com/nais/naiserator/pkg/resourcecreator/pod"
"github.com/nais/naiserator/pkg/resourcecreator/resource"
)
const (
aivenCredentialFilesVolumeName = "aiven-credentials"
)
type Source interface {
resource.Source
GetInflux() *nais_io_v1.Influx
GetKafka() *nais_io_v1.Kafka
GetOpenSearch() *nais_io_v1.OpenSearch
GetRedis() []nais_io_v1.Redis
}
type Config interface {
IsKafkaratorEnabled() bool
IsInfluxCredentialsEnabled() bool
GetAivenProject() string
}
func generateSharedAivenSecretName(name string) (string, error) {
prefixedName := fmt.Sprintf("aiven-%s", name)
year, week := time.Now().ISOWeek()
suffix := fmt.Sprintf("%d-%d", year, week)
maxLen := validation.DNS1035LabelMaxLength
return namegen.SuffixedShortName(prefixedName, suffix, maxLen)
}
func Create(source Source, ast *resource.Ast, config Config) error {
secretName, err := generateSharedAivenSecretName(source.GetName())
if err != nil {
return err
}
aivenApp := aiven_nais_io_v1.NewAivenApplicationBuilder(source.GetName(), source.GetNamespace()).
WithSpec(aiven_nais_io_v1.AivenApplicationSpec{
SecretName: secretName,
}).
Build()
aivenApp.ObjectMeta = resource.CreateObjectMeta(source)
kafkaKeyPaths := Kafka(source, ast, config, source.GetKafka(), &aivenApp)
influxEnabled, err := Influx(ast, source.GetInflux(), &aivenApp, config.IsInfluxCredentialsEnabled())
if err != nil {
return err
}
openSearchEnabled, err := OpenSearch(ast, source.GetOpenSearch(), &aivenApp)
if err != nil {
return err
}
redisEnabled, err := Redis(ast, config, source, &aivenApp)
if err != nil {
return err
}
if len(kafkaKeyPaths) > 0 {
credentialFilesVolume := pod.FromFilesSecretVolume(aivenCredentialFilesVolumeName, secretName, kafkaKeyPaths)
ast.Volumes = append(ast.Volumes, credentialFilesVolume)
ast.VolumeMounts = append(ast.VolumeMounts, pod.FromFilesVolumeMount(credentialFilesVolume.Name, nais_io_v1alpha1.DefaultKafkaratorMountPath, "", true))
}
if len(kafkaKeyPaths) > 0 || influxEnabled || openSearchEnabled || redisEnabled {
ast.AppendOperation(resource.OperationCreateOrUpdate, &aivenApp)
ast.Env = append(ast.Env, makeSecretEnvVar("AIVEN_SECRET_UPDATED", aivenApp.Spec.SecretName))
ast.Env = append(ast.Env, makeOptionalSecretEnvVar("AIVEN_CA", aivenApp.Spec.SecretName))
}
return nil
}
func makeSecretEnvVar(key, secretName string) v1.EnvVar {
return v1.EnvVar{
Name: key,
ValueFrom: &v1.EnvVarSource{
SecretKeyRef: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: secretName,
},
Key: key,
},
},
}
}
func makeOptionalSecretEnvVar(key, secretName string) v1.EnvVar {
optional := true
return v1.EnvVar{
Name: key,
ValueFrom: &v1.EnvVarSource{
SecretKeyRef: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
Name: secretName,
},
Key: key,
Optional: &optional,
},
},
}
}