From 42f0ff173f3fe1d45b24860cc45f10012c004b12 Mon Sep 17 00:00:00 2001 From: rushtehrani Date: Tue, 18 Feb 2020 11:31:10 -0800 Subject: [PATCH] move secret and namespace --- kube/namespace.go | 26 ----------- kube/namespace_test.go | 45 ------------------- main.go | 6 +-- manager/namespace_manager.go | 27 ------------ model/namespace.go | 6 --- server/namespace_server.go | 24 ++++++----- server/secret_server.go | 84 +++++++++++++++++++++++++----------- 7 files changed, 77 insertions(+), 141 deletions(-) delete mode 100644 kube/namespace.go delete mode 100644 kube/namespace_test.go delete mode 100644 manager/namespace_manager.go delete mode 100644 model/namespace.go diff --git a/kube/namespace.go b/kube/namespace.go deleted file mode 100644 index 9f8273d..0000000 --- a/kube/namespace.go +++ /dev/null @@ -1,26 +0,0 @@ -package kube - -import ( - "github.com/onepanelio/core/model" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -func (c *Client) ListNamespaces(opts model.ListOptions) (namespaces []*model.Namespace, err error) { - namespaceList, err := c.CoreV1().Namespaces().List(metav1.ListOptions{ - LabelSelector: opts.LabelSelector, - FieldSelector: opts.FieldSelector, - }) - if err != nil { - return - } - - for _, ns := range namespaceList.Items { - namespaces = append(namespaces, &model.Namespace{ - Name: ns.Name, - Labels: ns.Labels, - }) - } - - return -} diff --git a/kube/namespace_test.go b/kube/namespace_test.go deleted file mode 100644 index c5909e5..0000000 --- a/kube/namespace_test.go +++ /dev/null @@ -1,45 +0,0 @@ -package kube - -import ( - "strconv" - "testing" - - "github.com/onepanelio/core/model" - "github.com/stretchr/testify/assert" - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -func testCreateNamespace(c *Client) { - for i := 0; i < 5; i++ { - c.CoreV1().Namespaces().Create(&corev1.Namespace{ - ObjectMeta: metav1.ObjectMeta{ - Name: "namespace-" + strconv.Itoa(i), - Labels: map[string]string{ - "label": "label-" + strconv.Itoa(i), - }, - }, - }) - } -} -func TestListNamespace(t *testing.T) { - c := NewTestClient() - - testCreateNamespace(c) - - n, err := c.ListNamespaces(model.ListOptions{}) - assert.Nil(t, err) - assert.NotEmpty(t, n) - assert.Equal(t, len(n), 5) -} - -func TestListNamespaceByLabel(t *testing.T) { - c := NewTestClient() - - testCreateNamespace(c) - - n, err := c.ListNamespaces(model.ListOptions{LabelSelector: "label=label-0"}) - assert.Nil(t, err) - assert.NotEmpty(t, n) - assert.Equal(t, n[0].Name, "namespace-0") -} diff --git a/main.go b/main.go index add149d..99b0ae2 100644 --- a/main.go +++ b/main.go @@ -63,8 +63,8 @@ func startRPCServer(db *repository.DB, kubeConfig *kube.Config) { grpc_middleware.ChainUnaryServer(loggingInterceptor, grpc_recovery.UnaryServerInterceptor(opts...)))) api.RegisterWorkflowServiceServer(s, server.NewWorkflowServer(resourceManager)) - api.RegisterSecretServiceServer(s, server.NewSecretServer(resourceManager)) - api.RegisterNamespaceServiceServer(s, server.NewNamespaceServer(resourceManager)) + api.RegisterSecretServiceServer(s, server.NewSecretServer(kubeConfig)) + api.RegisterNamespaceServiceServer(s, server.NewNamespaceServer(kubeConfig)) if err := s.Serve(lis); err != nil { log.Fatalf("Failed to serve RPC server: %v", err) @@ -121,7 +121,7 @@ func loggingInterceptor(ctx context.Context, req interface{}, info *grpc.UnarySe if err != nil { log.WithFields(log.Fields{ "fullMethod": info.FullMethod, - }).Warning("call failed") + }).Warning(err) return } log.WithFields(log.Fields{ diff --git a/manager/namespace_manager.go b/manager/namespace_manager.go deleted file mode 100644 index f779485..0000000 --- a/manager/namespace_manager.go +++ /dev/null @@ -1,27 +0,0 @@ -package manager - -import ( - "fmt" - - "github.com/onepanelio/core/util" - "github.com/onepanelio/core/util/logging" - log "github.com/sirupsen/logrus" - "google.golang.org/grpc/codes" - - "github.com/onepanelio/core/model" -) - -var onepanelEnabledLabelKey = labelKeyPrefix + "enabled" - -func (r *ResourceManager) ListNamespaces() (namespaces []*model.Namespace, err error) { - namespaces, err = r.NewKubeClient().ListNamespaces(model.ListOptions{ - LabelSelector: fmt.Sprintf("%s=%s", onepanelEnabledLabelKey, "true"), - }) - if err != nil { - logging.Logger.Log.WithFields(log.Fields{ - "Error": err.Error(), - }).Error("ListNamespaces failed.") - err = util.NewUserError(codes.Unknown, "List namespaces failed.") - } - return -} diff --git a/model/namespace.go b/model/namespace.go deleted file mode 100644 index 9dca74e..0000000 --- a/model/namespace.go +++ /dev/null @@ -1,6 +0,0 @@ -package model - -type Namespace struct { - Name string - Labels map[string]string -} diff --git a/server/namespace_server.go b/server/namespace_server.go index 4bf6521..9258810 100644 --- a/server/namespace_server.go +++ b/server/namespace_server.go @@ -6,19 +6,20 @@ import ( "github.com/golang/protobuf/ptypes/empty" "github.com/onepanelio/core/api" - "github.com/onepanelio/core/manager" - "github.com/onepanelio/core/model" + v1 "github.com/onepanelio/core/pkg" + "github.com/onepanelio/core/util" + "google.golang.org/grpc/codes" ) type NamespaceServer struct { - resourceManager *manager.ResourceManager + kubeConfig *v1.Config } -func NewNamespaceServer(resourceManager *manager.ResourceManager) *NamespaceServer { - return &NamespaceServer{resourceManager: resourceManager} +func NewNamespaceServer(kubeConfig *v1.Config) *NamespaceServer { + return &NamespaceServer{kubeConfig: kubeConfig} } -func apiNamespace(ns *model.Namespace) (namespace *api.Namespace) { +func apiNamespace(ns *v1.Namespace) (namespace *api.Namespace) { namespace = &api.Namespace{ Name: ns.Name, } @@ -27,11 +28,14 @@ func apiNamespace(ns *model.Namespace) (namespace *api.Namespace) { } func (s *NamespaceServer) ListNamespaces(ctx context.Context, empty *empty.Empty) (*api.ListNamespacesResponse, error) { - namespaces, err := s.resourceManager.ListNamespaces() + client, err := v1.NewClient(s.kubeConfig, "") if err != nil { - if errors.As(err, &userError) { - return nil, userError.GRPCError() - } + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + namespaces, err := client.ListNamespaces() + if errors.As(err, &userError) { + return nil, userError.GRPCError() } apiNamespaces := []*api.Namespace{} diff --git a/server/secret_server.go b/server/secret_server.go index e399b40..4f21e7a 100644 --- a/server/secret_server.go +++ b/server/secret_server.go @@ -6,19 +6,20 @@ import ( "github.com/golang/protobuf/ptypes/empty" "github.com/onepanelio/core/api" - "github.com/onepanelio/core/manager" - "github.com/onepanelio/core/model" + v1 "github.com/onepanelio/core/pkg" + "github.com/onepanelio/core/util" + "google.golang.org/grpc/codes" ) type SecretServer struct { - resourceManager *manager.ResourceManager + kubeConfig *v1.Config } -func NewSecretServer(resourceManager *manager.ResourceManager) *SecretServer { - return &SecretServer{resourceManager: resourceManager} +func NewSecretServer(kubeConfig *v1.Config) *NamespaceServer { + return &NamespaceServer{kubeConfig: kubeConfig} } -func apiSecret(s *model.Secret) *api.Secret { +func apiSecret(s *v1.Secret) *api.Secret { return &api.Secret{ Name: s.Name, Data: s.Data, @@ -26,7 +27,12 @@ func apiSecret(s *model.Secret) *api.Secret { } func (s *SecretServer) CreateSecret(ctx context.Context, req *api.CreateSecretRequest) (*empty.Empty, error) { - err := s.resourceManager.CreateSecret(req.Namespace, &model.Secret{ + client, err := v1.NewClient(s.kubeConfig, "") + if err != nil { + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + err := client.CreateSecret(req.Namespace, &v1.Secret{ Name: req.Secret.Name, Data: req.Secret.Data, }) @@ -37,8 +43,12 @@ func (s *SecretServer) CreateSecret(ctx context.Context, req *api.CreateSecretRe } func (s *SecretServer) SecretExists(ctx context.Context, req *api.SecretExistsRequest) (secretExists *api.SecretExistsResponse, err error) { - var secretExistsBool bool - secretExistsBool, err = s.resourceManager.SecretExists(req.Namespace, req.Name) + client, err := v1.NewClient(s.kubeConfig, "") + if err != nil { + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + secretExistsBool, err := client.SecretExists(req.Namespace, req.Name) if errors.As(err, &userError) { return &api.SecretExistsResponse{ Exists: false, @@ -50,7 +60,12 @@ func (s *SecretServer) SecretExists(ctx context.Context, req *api.SecretExistsRe } func (s *SecretServer) GetSecret(ctx context.Context, req *api.GetSecretRequest) (*api.Secret, error) { - secret, err := s.resourceManager.GetSecret(req.Namespace, req.Name) + client, err := v1.NewClient(s.kubeConfig, "") + if err != nil { + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + secret, err := client.GetSecret(req.Namespace, req.Name) if errors.As(err, &userError) { return nil, userError.GRPCError() } @@ -58,7 +73,12 @@ func (s *SecretServer) GetSecret(ctx context.Context, req *api.GetSecretRequest) } func (s *SecretServer) ListSecrets(ctx context.Context, req *api.ListSecretsRequest) (*api.ListSecretsResponse, error) { - secrets, err := s.resourceManager.ListSecrets(req.Namespace) + client, err := v1.NewClient(s.kubeConfig, "") + if err != nil { + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + secrets, err := client.ListSecrets(req.Namespace) if errors.As(err, &userError) { return nil, userError.GRPCError() } @@ -75,8 +95,12 @@ func (s *SecretServer) ListSecrets(ctx context.Context, req *api.ListSecretsRequ } func (s *SecretServer) DeleteSecret(ctx context.Context, req *api.DeleteSecretRequest) (deleted *api.DeleteSecretResponse, err error) { - var isDeleted bool - isDeleted, err = s.resourceManager.DeleteSecret(req.Namespace, req.Name) + client, err := v1.NewClient(s.kubeConfig, "") + if err != nil { + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + isDeleted, err := client.DeleteSecret(req.Namespace, req.Name) if errors.As(err, &userError) { return &api.DeleteSecretResponse{ Deleted: false, @@ -88,14 +112,18 @@ func (s *SecretServer) DeleteSecret(ctx context.Context, req *api.DeleteSecretRe } func (s *SecretServer) DeleteSecretKey(ctx context.Context, req *api.DeleteSecretKeyRequest) (deleted *api.DeleteSecretKeyResponse, err error) { - var isDeleted bool - secret := model.Secret{ - Name: req.SecretName, + client, err := v1.NewClient(s.kubeConfig, "") + if err != nil { + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + secret := v1.Secret{ + Name: req.Secret.Name, Data: map[string]string{ - req.Key:"", + req.Key: "", }, } - isDeleted, err = s.resourceManager.DeleteSecretKey(req.Namespace, &secret) + isDeleted, err := client.DeleteSecretKey(req.Namespace, &secret) if err != nil { if errors.As(err, &userError) { return &api.DeleteSecretKeyResponse{ @@ -109,12 +137,16 @@ func (s *SecretServer) DeleteSecretKey(ctx context.Context, req *api.DeleteSecre } func (s *SecretServer) AddSecretKeyValue(ctx context.Context, req *api.AddSecretKeyValueRequest) (updated *api.AddSecretKeyValueResponse, err error) { - var isAdded bool - secret := &model.Secret{ + client, err := v1.NewClient(s.kubeConfig, "") + if err != nil { + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + secret := &v1.Secret{ Name: req.Secret.Name, Data: req.Secret.Data, } - isAdded, err = s.resourceManager.AddSecretKeyValue(req.Namespace, secret) + isAdded, err := client.AddSecretKeyValue(req.Namespace, secret) if err != nil { if errors.As(err, &userError) { return &api.AddSecretKeyValueResponse{ @@ -128,12 +160,16 @@ func (s *SecretServer) AddSecretKeyValue(ctx context.Context, req *api.AddSecret } func (s *SecretServer) UpdateSecretKeyValue(ctx context.Context, req *api.UpdateSecretKeyValueRequest) (updated *api.UpdateSecretKeyValueResponse, err error) { - var isUpdated bool - secret := model.Secret{ + client, err := v1.NewClient(s.kubeConfig, "") + if err != nil { + return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.") + } + + secret := v1.Secret{ Name: req.Secret.Name, Data: req.Secret.Data, } - isUpdated, err = s.resourceManager.UpdateSecretKeyValue(req.Namespace, &secret) + isUpdated, err := client.UpdateSecretKeyValue(req.Namespace, &secret) if errors.As(err, &userError) { return &api.UpdateSecretKeyValueResponse{ Updated: false,