oc: add create route subcommands #6819
Conversation
Do we really want structured generators? I didn't see a lot of value to having them. |
We don't necessarily need them here but we had a long discussion about generators in general and I suppose we want to switch to using structured. |
I'd like to leave them out until we need them or until someone here can present a strong use-case for them. |
|
ok, I will switch to the already existing generator interface |
| } | ||
|
|
||
| // CreateEdgeRoute implements the behavior to run the create edge route command. | ||
| func CreateEdgeRoute(f *clientcmd.Factory, cmdOut io.Writer, cmd *cobra.Command, args []string) error { |
There was a problem hiding this comment.
I would have expected a helper to get the certs in the correct format and a straight assignments, so something more like:
route := routeapi.Route{}
route.Name = args[0]
route.TLS.Termination = edge
route.TLS.CertFile = readCert(cert flag)
routeClient.Namespace(ns).Create(route)
0xmichalis
changed the title
|
[test] |
|
@Kargakis there's an "add global flag" or some such, right? |
| } | ||
|
|
||
| // LoadCert reads the specified certificate file and returns it as a bytes array. | ||
| func LoadCert(file string) ([]byte, error) { |
There was a problem hiding this comment.
Do you plan to add any logic specific to loading cert and key files here, like structure validation or something similar? Otherwise I don't see the valid in this being specific, should just use a generic loader like LoadData or LoadFileData.
There was a problem hiding this comment.
Do you plan to add any logic specific to loading cert and key files here, like structure validation or something similar? Otherwise I don't see the valid in this being specific, should just use a generic loader like LoadData or LoadFileData.
Nope, this is just a refactor of the oadm registry router code so that I won't duplicate logic. I will rename to LoadData
|
all comments addressed, ptal |
| cmd.Flags().String("cert-file", "", "Provide certificate contents.") | ||
| cmd.Flags().String("key-file", "", "Provide key contents.") | ||
| cmd.Flags().String("ca-cert-file", "", "Provide cert authority certificate contents.") | ||
| cmd.Flags().String("dest-ca-cert", "", "Provide the contents of the ca certificate of the final destination.") |
There was a problem hiding this comment.
Note that this is --dest-ca-cert and not --dest-ca-cert-file. I think we can use --cert, --key, and ca-cert for the rest of the flags. @fabianofranz @deads2k @liggitt
There was a problem hiding this comment.
Note that this is --dest-ca-cert and not --dest-ca-cert-file. I think we can use --cert, --key, and ca-cert for the rest of the flags. @fabianofranz @deads2k @liggitt
Is the help correct? Looks like its pointing at a file? I don't mind dropping the -file suffix, but I would like to have the help be a little more specific about exactly what kind of a file we need and a followup issue to actually parse the certs and keys.
There was a problem hiding this comment.
Is the help correct? Looks like its pointing at a file?
Yes, its' correct. How about --dest-ca-cert=CERTIFICATE? Or CERT, CERTIFICATE_LOCATION?
There was a problem hiding this comment.
I'm also ok with dropping the -file suffix, but the flag description must be clear about what it expects, like "Path to a certificate file for TLS..." or something similar. You could also add them to the usage, where we use FILENAME when flags are expected to get the path to a file. Example: ... [--dest-ca-cert=FILENAME].
There was a problem hiding this comment.
@fabianofranz square brackets mean the flag is optional, right? --dest-ca-cert is required for reencrypt routes so I didn't include them in the usage message.
There was a problem hiding this comment.
There was a problem hiding this comment.
Why is it required?
We require destination certificates in reencrypt routes
origin/pkg/route/api/validation/validation.go
Line 118 in a1c70de
There was a problem hiding this comment.
|
adding tests |
| if err != nil { | ||
| return err | ||
| } | ||
| mapper, typer := f.Object() |
There was a problem hiding this comment.
From here down this method is icky. We should make this easier to use, but I don't see it as a need for this pull.
| // unsecuredRoute will return a route with enough info so that it can direct traffic to | ||
| // the service provided by --expose. Callers of this helper are responsible for providing | ||
| // tls configuration, path, and the hostname of the route. | ||
| func unsecuredRoute(kc *kclient.Client, namespace, routeName, serviceName, portString string) (*api.Route, error) { |
There was a problem hiding this comment.
much more readable, thanks.
|
Minor comments. I'd like to get someone on the UI team to declare |
|
+1 for |
|
changed to --service and made --port mandatory in case of exposing a non-existent service Any other comments? |
Add three subcommands under `oc create route` that create secure routes. `oc expose` will continue creating unsecured routes as it already does but we will not enhance it further.
|
one clean run, one new-app flake [test] |
|
--service, not --expose. The create commands are about creating the On Sun, Jan 31, 2016 at 9:32 AM, Michail Kargakis notifications@github.com
|
|
Evaluated for origin test up to a555a35 |
|
continuous-integration/openshift-jenkins/test FAILURE (https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/630/) |
|
LGTM |
|
[merge] |
|
continuous-integration/openshift-jenkins/merge SUCCESS (https://ci.openshift.redhat.com/jenkins/job/merge_pull_requests_origin/4826/) (Image: devenv-rhel7_3311) |
|
Evaluated for origin merge up to a555a35 |
Add three subcommands under
oc create routethat create secureroutes.
oc exposewill continue creating unsecured routes as it alreadydoes but we will not enhance it further.
@deads2k @liggitt @pweil- @ramr @smarterclayton @jwforres @fabianofranz
Fixes #6094