Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Get ingress host and CA from space through connect #535

Merged
merged 4 commits into from
May 30, 2024
Merged

Get ingress host and CA from space through connect #535

merged 4 commits into from
May 30, 2024

Conversation

RedbackThomson
Copy link
Member

@RedbackThomson RedbackThomson commented May 22, 2024
edited
Loading

Description of your changes

Closes https://github.com/upbound/team-orchestration/issues/99

Instead of connecting directly to the space using its FQDN and with skipping TLS, query the space through connect to get the ingress host and CA data. This allows for a TLS-secured connection to the space, and unlocks the ability to connect to "connected spaces" (assuming their host is accessible).

With the requirement to pass a context writer and now an ingress reader to a lot of different methods, I decided to wrap these into a new "context" object (navCtx) to make things cleaner - rather than passing many args into every method.

I have:

  • Read and followed Upbound's contribution process.
  • Run make reviewable to ensure this PR is ready for review.
  • Added backport release-x.y labels to auto-backport this PR, as appropriate.

How has this code been tested

Blocked on testing in dev until https://github.com/upbound/spaces/pull/1067 is merged, but tested using stubbed responses.

adamwg
adamwg approved these changes May 23, 2024
View reviewed changes
Copy link
Member

@adamwg adamwg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm. It would be nice to have some test coverage for the new code, but I'm not sure where we are with tests in up at this point (looks pretty limited).

cbuto
cbuto reviewed May 30, 2024
View reviewed changes
internal/spaces/ingress.go
nsn := types.NamespacedName{Name: space.Name, Namespace: space.Namespace}

// cache hit
if i, ok := c.ingresses[nsn]; ok {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need a mutex here? or use something like https://github.com/hashicorp/golang-lru to handle it for us

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't expect concurrent/multi-threaded access to any of these methods, but I am happy to move to using a purpose built cache just in case

@RedbackThomson RedbackThomson merged commit d013fd4 into upbound:main May 30, 2024
7 checks passed
@RedbackThomson RedbackThomson deleted the kubeconfig-ca branch May 30, 2024 21:49
@RedbackThomson RedbackThomson mentioned this pull request Jun 20, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@avalanche123 avalanche123 avalanche123 approved these changes

@adamwg adamwg adamwg approved these changes

@cbuto cbuto cbuto approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@RedbackThomson @avalanche123 @adamwg @cbuto