@@ -20,7 +20,7 @@ import (
20
20
"context"
21
21
"encoding/json"
22
22
"fmt"
23
- "io/ioutil "
23
+ "io"
24
24
"net/http"
25
25
"net/url"
26
26
"os"
@@ -62,17 +62,17 @@ const (
62
62
)
63
63
64
64
type LicenseEnforcer struct {
65
- opts verifier. VerifyOptions
66
- config * rest. Config
67
- kc kubernetes. Interface
68
- getLicense func () ([] byte , error )
65
+ licenseFile string
66
+ opts verifier. VerifyOptions
67
+ config * rest. Config
68
+ kc kubernetes. Interface
69
69
}
70
70
71
71
// NewLicenseEnforcer returns a newly created license enforcer
72
72
func NewLicenseEnforcer (config * rest.Config , licenseFile string ) (* LicenseEnforcer , error ) {
73
73
le := LicenseEnforcer {
74
- getLicense : getLicense ( config , licenseFile ) ,
75
- config : config ,
74
+ config : config ,
75
+ licenseFile : licenseFile ,
76
76
opts : verifier.VerifyOptions {
77
77
Features : info .ProductName ,
78
78
},
@@ -97,30 +97,38 @@ func MustLicenseEnforcer(config *rest.Config, licenseFile string) *LicenseEnforc
97
97
return le
98
98
}
99
99
100
- func getLicense (cfg * rest.Config , licenseFile string ) func () ([]byte , error ) {
101
- return func () ([]byte , error ) {
102
- licenseBytes , err := ioutil .ReadFile (licenseFile )
103
- if errors .Is (err , os .ErrNotExist ) {
104
- req := proxyserver.LicenseRequest {
105
- TypeMeta : metav1.TypeMeta {},
106
- Request : & proxyserver.LicenseRequestRequest {
107
- Features : info .Features (),
108
- },
109
- }
110
- pc , err := proxyclient .NewForConfig (cfg )
111
- if err != nil {
112
- return nil , errors .Wrap (err , "failed create client for license-proxyserver" )
113
- }
114
- resp , err := pc .ProxyserverV1alpha1 ().LicenseRequests ().Create (context .TODO (), & req , metav1.CreateOptions {})
115
- if err != nil {
116
- return nil , errors .Wrap (err , "failed to read license" )
117
- }
118
- licenseBytes = []byte (resp .Response .License )
119
- } else if err != nil {
100
+ func (le * LicenseEnforcer ) getLicense () ([]byte , error ) {
101
+ licenseBytes , err := os .ReadFile (le .licenseFile )
102
+ if errors .Is (err , os .ErrNotExist ) || (err == nil && le .invalidLicense (licenseBytes )) {
103
+ req := proxyserver.LicenseRequest {
104
+ TypeMeta : metav1.TypeMeta {},
105
+ Request : & proxyserver.LicenseRequestRequest {
106
+ Features : info .Features (),
107
+ },
108
+ }
109
+ pc , err := proxyclient .NewForConfig (le .config )
110
+ if err != nil {
111
+ return nil , errors .Wrap (err , "failed create client for license-proxyserver" )
112
+ }
113
+ resp , err := pc .ProxyserverV1alpha1 ().LicenseRequests ().Create (context .TODO (), & req , metav1.CreateOptions {})
114
+ if err != nil {
120
115
return nil , errors .Wrap (err , "failed to read license" )
121
116
}
122
- return licenseBytes , nil
117
+ licenseBytes = []byte (resp .Response .License )
118
+ } else if err != nil {
119
+ return nil , errors .Wrap (err , "failed to read license" )
123
120
}
121
+ return licenseBytes , nil
122
+ }
123
+
124
+ func (le * LicenseEnforcer ) invalidLicense (license []byte ) bool {
125
+ le .opts .License = license
126
+ // We don't want to acquire license from license-proxyserver is the license file
127
+ // contains a valid license for a different product.
128
+ // We want to acquire license-proxyserver is a previously valid license has not expired.
129
+ // So, we don't check features in the license found is license file.
130
+ l , err := verifier .ParseLicense (le .opts .ParserOptions )
131
+ return sets .NewString (l .Features ... ).HasAny (info .ParseFeatures (le .opts .Features )... ) && err != nil
124
132
}
125
133
126
134
func (le * LicenseEnforcer ) createClients () (err error ) {
@@ -136,22 +144,13 @@ func (le *LicenseEnforcer) acquireLicense() (err error) {
136
144
}
137
145
138
146
func (le * LicenseEnforcer ) readClusterUID () (err error ) {
147
+ if le .opts .ClusterUID != "" {
148
+ return
149
+ }
139
150
le .opts .ClusterUID , err = clusterid .ClusterUID (le .kc .CoreV1 ().Namespaces ())
140
151
return err
141
152
}
142
153
143
- func (le * LicenseEnforcer ) podName () (string , error ) {
144
- if name , ok := os .LookupEnv ("MY_POD_NAME" ); ok {
145
- return name , nil
146
- }
147
-
148
- if meta .PossiblyInCluster () {
149
- // Read current pod name
150
- return os .Hostname ()
151
- }
152
- return "" , errors .New ("failed to detect pod name" )
153
- }
154
-
155
154
func (le * LicenseEnforcer ) handleLicenseVerificationFailure (licenseErr error ) error {
156
155
// Send interrupt so that all go-routines shut-down gracefully
157
156
// https://pracucci.com/graceful-shutdown-of-kubernetes-pods.html
@@ -170,10 +169,6 @@ func (le *LicenseEnforcer) handleLicenseVerificationFailure(licenseErr error) er
170
169
// Log licenseInfo verification failure
171
170
klog .Errorln ("Failed to verify license. Reason: " , licenseErr .Error ())
172
171
173
- podName , err := le .podName ()
174
- if err != nil {
175
- return err
176
- }
177
172
// Read the namespace of current pod
178
173
namespace := meta .PodNamespace ()
179
174
@@ -183,7 +178,7 @@ func (le *LicenseEnforcer) handleLicenseVerificationFailure(licenseErr error) er
183
178
le .config ,
184
179
core .SchemeGroupVersion .WithResource (core .ResourcePods .String ()),
185
180
namespace ,
186
- podName ,
181
+ meta . PodName () ,
187
182
)
188
183
if err != nil {
189
184
return err
@@ -297,9 +292,6 @@ func verifyLicensePeriodically(le *LicenseEnforcer, licenseFile string, stopCh <
297
292
return false , nil
298
293
}
299
294
300
- if _ , err := os .Stat (licenseFile ); os .IsNotExist (err ) {
301
- return errors .New ("license file is missing" )
302
- }
303
295
return wait .PollImmediateUntil (licenseCheckInterval , fn , stopCh )
304
296
}
305
297
@@ -382,7 +374,7 @@ func CheckLicenseEndpoint(config *rest.Config, apiServiceName string, features [
382
374
}
383
375
defer resp .Body .Close ()
384
376
385
- data , err := ioutil .ReadAll (resp .Body )
377
+ data , err := io .ReadAll (resp .Body )
386
378
if err != nil {
387
379
return err
388
380
}
0 commit comments