-
Notifications
You must be signed in to change notification settings - Fork 702
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Migrate namespaces retrieval from Kubeops to Kubeapps APIs (#5239)
* Migrate namespaces retrieval from Kubeops to Kubeapps APIs Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com> * Added missing copyright headers Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com> * Leave the two CLI params as deprecated Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com> * Updated README.md Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com> Signed-off-by: Rafa Castelblanque <rcastelblanq@vmware.com>
- Loading branch information
1 parent
2403fcf
commit 83b277a
Showing
22 changed files
with
783 additions
and
611 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
{{- if .Values.rbac.create -}} | ||
apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} | ||
kind: ClusterRole | ||
metadata: | ||
name: {{ printf "kubeapps:%s:kubeappsapis-ns-discovery" .Release.Namespace | quote }} | ||
labels: {{- include "common.labels.standard" . | nindent 4 }} | ||
app.kubernetes.io/component: kubeappsapis | ||
{{- if .Values.commonLabels }} | ||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" . ) | nindent 4 }} | ||
{{- end }} | ||
{{- if .Values.commonAnnotations }} | ||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} | ||
{{- end }} | ||
rules: | ||
- apiGroups: | ||
- "" | ||
resources: | ||
- namespaces | ||
verbs: | ||
- list | ||
--- | ||
apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} | ||
kind: ClusterRoleBinding | ||
metadata: | ||
name: {{ printf "kubeapps:%s:kubeappsapis-ns-discovery" .Release.Namespace | quote }} | ||
labels: {{- include "common.labels.standard" . | nindent 4 }} | ||
app.kubernetes.io/component: kubeappsapis | ||
{{- if .Values.commonLabels }} | ||
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" . ) | nindent 4 }} | ||
{{- end }} | ||
{{- if .Values.commonAnnotations }} | ||
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} | ||
{{- end }} | ||
roleRef: | ||
apiGroup: rbac.authorization.k8s.io | ||
kind: ClusterRole | ||
name: {{ printf "kubeapps:%s:kubeappsapis-ns-discovery" .Release.Namespace | quote }} | ||
subjects: | ||
- kind: ServiceAccount | ||
name: {{ template "kubeapps.kubeappsapis.serviceAccountName" . }} | ||
namespace: {{ .Release.Namespace }} | ||
{{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
61 changes: 61 additions & 0 deletions
61
cmd/kubeapps-apis/plugins/resources/v1alpha1/common/plugin.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
// Copyright 2022 the Kubeapps contributors. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package common | ||
|
||
import ( | ||
"encoding/json" | ||
"fmt" | ||
"os" | ||
) | ||
|
||
type ResourcesPluginConfig struct { | ||
TrustedNamespaces TrustedNamespaces | ||
} | ||
|
||
type TrustedNamespaces struct { | ||
HeaderName string | ||
HeaderPattern string | ||
} | ||
|
||
func NewDefaultPluginConfig() *ResourcesPluginConfig { | ||
// If no config is provided, we default to the existing values for backwards compatibility. | ||
return &ResourcesPluginConfig{} | ||
} | ||
|
||
// ParsePluginConfig parses the input plugin configuration json file and returns the configuration options. | ||
func ParsePluginConfig(pluginConfigPath string) (*ResourcesPluginConfig, error) { | ||
|
||
// Resources plugin config defines the following struct and json config | ||
type resourcesConfig struct { | ||
Resources struct { | ||
Packages struct { | ||
V1alpha1 struct { | ||
TrustedNamespaces struct { | ||
HeaderName string `json:"headerName"` | ||
HeaderPattern string `json:"headerPattern"` | ||
} `json:"trustedNamespaces"` | ||
} `json:"v1alpha1"` | ||
} `json:"packages"` | ||
} `json:"resources"` | ||
} | ||
var config resourcesConfig | ||
|
||
// #nosec G304 | ||
pluginConfig, err := os.ReadFile(pluginConfigPath) | ||
if err != nil { | ||
return nil, fmt.Errorf("unable to open plugin config at %q: %w", pluginConfigPath, err) | ||
} | ||
err = json.Unmarshal(pluginConfig, &config) | ||
if err != nil { | ||
return nil, fmt.Errorf("unable to unmarshal pluginconfig: %q error: %w", string(pluginConfig), err) | ||
} | ||
|
||
// return configured value | ||
return &ResourcesPluginConfig{ | ||
TrustedNamespaces: TrustedNamespaces{ | ||
HeaderName: config.Resources.Packages.V1alpha1.TrustedNamespaces.HeaderName, | ||
HeaderPattern: config.Resources.Packages.V1alpha1.TrustedNamespaces.HeaderPattern, | ||
}, | ||
}, nil | ||
} |
97 changes: 97 additions & 0 deletions
97
cmd/kubeapps-apis/plugins/resources/v1alpha1/common/plugin_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
// Copyright 2022 the Kubeapps contributors. | ||
// SPDX-License-Identifier: Apache-2.0 | ||
package common | ||
|
||
import ( | ||
"github.com/google/go-cmp/cmp" | ||
"github.com/google/go-cmp/cmp/cmpopts" | ||
"github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/pkg/pkgutils" | ||
log "k8s.io/klog/v2" | ||
"os" | ||
"runtime" | ||
"sigs.k8s.io/yaml" | ||
"strings" | ||
"testing" | ||
) | ||
|
||
func TestParsePluginConfig(t *testing.T) { | ||
testCases := []struct { | ||
name string | ||
pluginYAMLConf []byte | ||
expectedConfig *ResourcesPluginConfig | ||
expectedError string | ||
}{ | ||
{ | ||
name: "non existing plugin-config file", | ||
pluginYAMLConf: nil, | ||
expectedConfig: &ResourcesPluginConfig{}, | ||
expectedError: "", | ||
}, | ||
{ | ||
name: "invalid plugin config", | ||
pluginYAMLConf: []byte(` | ||
resources: | ||
packages: | ||
v1alpha1: | ||
trustedNamespaces: | ||
headerName: true | ||
`), | ||
expectedConfig: nil, | ||
expectedError: "json: cannot unmarshal", | ||
}, | ||
{ | ||
name: "non-default, valid plugin config", | ||
pluginYAMLConf: []byte(` | ||
resources: | ||
packages: | ||
v1alpha1: | ||
trustedNamespaces: | ||
headerName: "X-Consumer-Groups" | ||
headerPattern: "^namespace:([\\w-]+)$" | ||
`), | ||
expectedConfig: &ResourcesPluginConfig{ | ||
TrustedNamespaces: TrustedNamespaces{ | ||
HeaderName: "X-Consumer-Groups", | ||
HeaderPattern: "^namespace:([\\w-]+)$", | ||
}, | ||
}, | ||
expectedError: "", | ||
}, | ||
} | ||
opts := cmpopts.IgnoreUnexported(pkgutils.VersionsInSummary{}) | ||
for _, tc := range testCases { | ||
t.Run(tc.name, func(t *testing.T) { | ||
// TODO(agamez): env vars and file paths should be handled properly for Windows operating system | ||
if runtime.GOOS == "windows" { | ||
t.Skip("Skipping in a Windows OS") | ||
} | ||
filename := "" | ||
if tc.pluginYAMLConf != nil { | ||
pluginJSONConf, err := yaml.YAMLToJSON(tc.pluginYAMLConf) | ||
if err != nil { | ||
log.Fatalf("%s", err) | ||
} | ||
f, err := os.CreateTemp(".", "plugin_json_conf") | ||
if err != nil { | ||
log.Fatalf("%s", err) | ||
} | ||
defer os.Remove(f.Name()) // clean up | ||
if _, err := f.Write(pluginJSONConf); err != nil { | ||
log.Fatalf("%s", err) | ||
} | ||
if err := f.Close(); err != nil { | ||
log.Fatalf("%s", err) | ||
} | ||
filename = f.Name() | ||
} | ||
pluginConfig, err := ParsePluginConfig(filename) | ||
if err != nil && !strings.Contains(err.Error(), tc.expectedError) { | ||
t.Errorf("err got %q, want to find %q", err.Error(), tc.expectedError) | ||
} else if pluginConfig != nil { | ||
if got, want := pluginConfig, tc.expectedConfig; !cmp.Equal(want, got, opts) { | ||
t.Errorf("mismatch (-want +got):\n%s", cmp.Diff(want, got, opts)) | ||
} | ||
} | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.