zishuo/onepanel
1
0
Fork 0
mirror of https://github.com/onepanelio/onepanel.git synced 2025-10-04 21:32:39 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

move secret and namespace

Browse Source
This commit is contained in:
rushtehrani
2020-02-18 11:31:10 -08:00
parent d14904a894
commit 42f0ff173f
7 changed files with 77 additions and 141 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
kube/namespace.go
View File

@@ -1,26 +0,0 @@
package kube
import (
"github.com/onepanelio/core/model"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
func (c *Client) ListNamespaces(opts model.ListOptions) (namespaces []*model.Namespace, err error) {
namespaceList, err := c.CoreV1().Namespaces().List(metav1.ListOptions{
LabelSelector: opts.LabelSelector,
FieldSelector: opts.FieldSelector,
})
if err != nil {
return
}
for _, ns := range namespaceList.Items {
namespaces = append(namespaces, &model.Namespace{
Name: ns.Name,
Labels: ns.Labels,
})
}
return
}

45
kube/namespace_test.go
View File

@@ -1,45 +0,0 @@
package kube
import (
"strconv"
"testing"
"github.com/onepanelio/core/model"
"github.com/stretchr/testify/assert"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
func testCreateNamespace(c *Client) {
for i := 0; i < 5; i++ {
c.CoreV1().Namespaces().Create(&corev1.Namespace{
ObjectMeta: metav1.ObjectMeta{
Name: "namespace-" + strconv.Itoa(i),
Labels: map[string]string{
"label": "label-" + strconv.Itoa(i),
},
},
})
}
}
func TestListNamespace(t *testing.T) {
c := NewTestClient()
testCreateNamespace(c)
n, err := c.ListNamespaces(model.ListOptions{})
assert.Nil(t, err)
assert.NotEmpty(t, n)
assert.Equal(t, len(n), 5)
}
func TestListNamespaceByLabel(t *testing.T) {
c := NewTestClient()
testCreateNamespace(c)
n, err := c.ListNamespaces(model.ListOptions{LabelSelector: "label=label-0"})
assert.Nil(t, err)
assert.NotEmpty(t, n)
assert.Equal(t, n[0].Name, "namespace-0")
}

6
main.go
View File

@@ -63,8 +63,8 @@ func startRPCServer(db *repository.DB, kubeConfig *kube.Config) {
grpc_middleware.ChainUnaryServer(loggingInterceptor, grpc_middleware.ChainUnaryServer(loggingInterceptor,
grpc_recovery.UnaryServerInterceptor(opts...)))) grpc_recovery.UnaryServerInterceptor(opts...))))
api.RegisterWorkflowServiceServer(s, server.NewWorkflowServer(resourceManager)) api.RegisterWorkflowServiceServer(s, server.NewWorkflowServer(resourceManager))
api.RegisterSecretServiceServer(s, server.NewSecretServer(resourceManager)) api.RegisterSecretServiceServer(s, server.NewSecretServer(kubeConfig))
api.RegisterNamespaceServiceServer(s, server.NewNamespaceServer(resourceManager)) api.RegisterNamespaceServiceServer(s, server.NewNamespaceServer(kubeConfig))
if err := s.Serve(lis); err != nil { if err := s.Serve(lis); err != nil {
log.Fatalf("Failed to serve RPC server: %v", err) log.Fatalf("Failed to serve RPC server: %v", err)
@@ -121,7 +121,7 @@ func loggingInterceptor(ctx context.Context, req interface{}, info *grpc.UnarySe
if err != nil { if err != nil {
log.WithFields(log.Fields{ log.WithFields(log.Fields{
"fullMethod": info.FullMethod, "fullMethod": info.FullMethod,
}).Warning("call failed") }).Warning(err)
return return
} }
log.WithFields(log.Fields{ log.WithFields(log.Fields{

27
manager/namespace_manager.go
View File

@@ -1,27 +0,0 @@
package manager
import (
"fmt"
"github.com/onepanelio/core/util"
"github.com/onepanelio/core/util/logging"
log "github.com/sirupsen/logrus"
"google.golang.org/grpc/codes"
"github.com/onepanelio/core/model"
)
var onepanelEnabledLabelKey = labelKeyPrefix + "enabled"
func (r *ResourceManager) ListNamespaces() (namespaces []*model.Namespace, err error) {
namespaces, err = r.NewKubeClient().ListNamespaces(model.ListOptions{
LabelSelector: fmt.Sprintf("%s=%s", onepanelEnabledLabelKey, "true"),
})
if err != nil {
logging.Logger.Log.WithFields(log.Fields{
"Error": err.Error(),
}).Error("ListNamespaces failed.")
err = util.NewUserError(codes.Unknown, "List namespaces failed.")
}
return
}

6
model/namespace.go
View File

@@ -1,6 +0,0 @@
package model
type Namespace struct {
Name string
Labels map[string]string
}

24
server/namespace_server.go
View File

@@ -6,19 +6,20 @@ import (
"github.com/golang/protobuf/ptypes/empty" "github.com/golang/protobuf/ptypes/empty"
"github.com/onepanelio/core/api" "github.com/onepanelio/core/api"
"github.com/onepanelio/core/manager" v1 "github.com/onepanelio/core/pkg"
"github.com/onepanelio/core/model" "github.com/onepanelio/core/util"
"google.golang.org/grpc/codes"
) )
type NamespaceServer struct { type NamespaceServer struct {
resourceManager *manager.ResourceManager kubeConfig *v1.Config
} }
func NewNamespaceServer(resourceManager *manager.ResourceManager) *NamespaceServer { func NewNamespaceServer(kubeConfig *v1.Config) *NamespaceServer {
return &NamespaceServer{resourceManager: resourceManager} return &NamespaceServer{kubeConfig: kubeConfig}
} }
func apiNamespace(ns *model.Namespace) (namespace *api.Namespace) { func apiNamespace(ns *v1.Namespace) (namespace *api.Namespace) {
namespace = &api.Namespace{ namespace = &api.Namespace{
Name: ns.Name, Name: ns.Name,
} }
@@ -27,11 +28,14 @@ func apiNamespace(ns *model.Namespace) (namespace *api.Namespace) {
} }
func (s *NamespaceServer) ListNamespaces(ctx context.Context, empty *empty.Empty) (*api.ListNamespacesResponse, error) { func (s *NamespaceServer) ListNamespaces(ctx context.Context, empty *empty.Empty) (*api.ListNamespacesResponse, error) {
namespaces, err := s.resourceManager.ListNamespaces() client, err := v1.NewClient(s.kubeConfig, "")
if err != nil { if err != nil {
if errors.As(err, &userError) { return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
return nil, userError.GRPCError() }
}
namespaces, err := client.ListNamespaces()
if errors.As(err, &userError) {
return nil, userError.GRPCError()
} }
apiNamespaces := []*api.Namespace{} apiNamespaces := []*api.Namespace{}

84
server/secret_server.go
View File

@@ -6,19 +6,20 @@ import (
"github.com/golang/protobuf/ptypes/empty" "github.com/golang/protobuf/ptypes/empty"
"github.com/onepanelio/core/api" "github.com/onepanelio/core/api"
"github.com/onepanelio/core/manager" v1 "github.com/onepanelio/core/pkg"
"github.com/onepanelio/core/model" "github.com/onepanelio/core/util"
"google.golang.org/grpc/codes"
) )
type SecretServer struct { type SecretServer struct {
resourceManager *manager.ResourceManager kubeConfig *v1.Config
} }
func NewSecretServer(resourceManager *manager.ResourceManager) *SecretServer { func NewSecretServer(kubeConfig *v1.Config) *NamespaceServer {
return &SecretServer{resourceManager: resourceManager} return &NamespaceServer{kubeConfig: kubeConfig}
} }
func apiSecret(s *model.Secret) *api.Secret { func apiSecret(s *v1.Secret) *api.Secret {
return &api.Secret{ return &api.Secret{
Name: s.Name, Name: s.Name,
Data: s.Data, Data: s.Data,
@@ -26,7 +27,12 @@ func apiSecret(s *model.Secret) *api.Secret {
} }
func (s *SecretServer) CreateSecret(ctx context.Context, req *api.CreateSecretRequest) (*empty.Empty, error) { func (s *SecretServer) CreateSecret(ctx context.Context, req *api.CreateSecretRequest) (*empty.Empty, error) {
err := s.resourceManager.CreateSecret(req.Namespace, &model.Secret{ client, err := v1.NewClient(s.kubeConfig, "")
if err != nil {
return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
}
err := client.CreateSecret(req.Namespace, &v1.Secret{
Name: req.Secret.Name, Name: req.Secret.Name,
Data: req.Secret.Data, Data: req.Secret.Data,
}) })
@@ -37,8 +43,12 @@ func (s *SecretServer) CreateSecret(ctx context.Context, req *api.CreateSecretRe
} }
func (s *SecretServer) SecretExists(ctx context.Context, req *api.SecretExistsRequest) (secretExists *api.SecretExistsResponse, err error) { func (s *SecretServer) SecretExists(ctx context.Context, req *api.SecretExistsRequest) (secretExists *api.SecretExistsResponse, err error) {
var secretExistsBool bool client, err := v1.NewClient(s.kubeConfig, "")
secretExistsBool, err = s.resourceManager.SecretExists(req.Namespace, req.Name) if err != nil {
return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
}
secretExistsBool, err := client.SecretExists(req.Namespace, req.Name)
if errors.As(err, &userError) { if errors.As(err, &userError) {
return &api.SecretExistsResponse{ return &api.SecretExistsResponse{
Exists: false, Exists: false,
@@ -50,7 +60,12 @@ func (s *SecretServer) SecretExists(ctx context.Context, req *api.SecretExistsRe
} }
func (s *SecretServer) GetSecret(ctx context.Context, req *api.GetSecretRequest) (*api.Secret, error) { func (s *SecretServer) GetSecret(ctx context.Context, req *api.GetSecretRequest) (*api.Secret, error) {
secret, err := s.resourceManager.GetSecret(req.Namespace, req.Name) client, err := v1.NewClient(s.kubeConfig, "")
if err != nil {
return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
}
secret, err := client.GetSecret(req.Namespace, req.Name)
if errors.As(err, &userError) { if errors.As(err, &userError) {
return nil, userError.GRPCError() return nil, userError.GRPCError()
} }
@@ -58,7 +73,12 @@ func (s *SecretServer) GetSecret(ctx context.Context, req *api.GetSecretRequest)
} }
func (s *SecretServer) ListSecrets(ctx context.Context, req *api.ListSecretsRequest) (*api.ListSecretsResponse, error) { func (s *SecretServer) ListSecrets(ctx context.Context, req *api.ListSecretsRequest) (*api.ListSecretsResponse, error) {
secrets, err := s.resourceManager.ListSecrets(req.Namespace) client, err := v1.NewClient(s.kubeConfig, "")
if err != nil {
return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
}
secrets, err := client.ListSecrets(req.Namespace)
if errors.As(err, &userError) { if errors.As(err, &userError) {
return nil, userError.GRPCError() return nil, userError.GRPCError()
} }
@@ -75,8 +95,12 @@ func (s *SecretServer) ListSecrets(ctx context.Context, req *api.ListSecretsRequ
} }
func (s *SecretServer) DeleteSecret(ctx context.Context, req *api.DeleteSecretRequest) (deleted *api.DeleteSecretResponse, err error) { func (s *SecretServer) DeleteSecret(ctx context.Context, req *api.DeleteSecretRequest) (deleted *api.DeleteSecretResponse, err error) {
var isDeleted bool client, err := v1.NewClient(s.kubeConfig, "")
isDeleted, err = s.resourceManager.DeleteSecret(req.Namespace, req.Name) if err != nil {
return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
}
isDeleted, err := client.DeleteSecret(req.Namespace, req.Name)
if errors.As(err, &userError) { if errors.As(err, &userError) {
return &api.DeleteSecretResponse{ return &api.DeleteSecretResponse{
Deleted: false, Deleted: false,
@@ -88,14 +112,18 @@ func (s *SecretServer) DeleteSecret(ctx context.Context, req *api.DeleteSecretRe
} }
func (s *SecretServer) DeleteSecretKey(ctx context.Context, req *api.DeleteSecretKeyRequest) (deleted *api.DeleteSecretKeyResponse, err error) { func (s *SecretServer) DeleteSecretKey(ctx context.Context, req *api.DeleteSecretKeyRequest) (deleted *api.DeleteSecretKeyResponse, err error) {
var isDeleted bool client, err := v1.NewClient(s.kubeConfig, "")
secret := model.Secret{ if err != nil {
Name: req.SecretName, return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
}
secret := v1.Secret{
Name: req.Secret.Name,
Data: map[string]string{ Data: map[string]string{
req.Key:"", req.Key: "",
}, },
} }
isDeleted, err = s.resourceManager.DeleteSecretKey(req.Namespace, &secret) isDeleted, err := client.DeleteSecretKey(req.Namespace, &secret)
if err != nil { if err != nil {
if errors.As(err, &userError) { if errors.As(err, &userError) {
return &api.DeleteSecretKeyResponse{ return &api.DeleteSecretKeyResponse{
@@ -109,12 +137,16 @@ func (s *SecretServer) DeleteSecretKey(ctx context.Context, req *api.DeleteSecre
} }
func (s *SecretServer) AddSecretKeyValue(ctx context.Context, req *api.AddSecretKeyValueRequest) (updated *api.AddSecretKeyValueResponse, err error) { func (s *SecretServer) AddSecretKeyValue(ctx context.Context, req *api.AddSecretKeyValueRequest) (updated *api.AddSecretKeyValueResponse, err error) {
var isAdded bool client, err := v1.NewClient(s.kubeConfig, "")
secret := &model.Secret{ if err != nil {
return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
}
secret := &v1.Secret{
Name: req.Secret.Name, Name: req.Secret.Name,
Data: req.Secret.Data, Data: req.Secret.Data,
} }
isAdded, err = s.resourceManager.AddSecretKeyValue(req.Namespace, secret) isAdded, err := client.AddSecretKeyValue(req.Namespace, secret)
if err != nil { if err != nil {
if errors.As(err, &userError) { if errors.As(err, &userError) {
return &api.AddSecretKeyValueResponse{ return &api.AddSecretKeyValueResponse{
@@ -128,12 +160,16 @@ func (s *SecretServer) AddSecretKeyValue(ctx context.Context, req *api.AddSecret
} }
func (s *SecretServer) UpdateSecretKeyValue(ctx context.Context, req *api.UpdateSecretKeyValueRequest) (updated *api.UpdateSecretKeyValueResponse, err error) { func (s *SecretServer) UpdateSecretKeyValue(ctx context.Context, req *api.UpdateSecretKeyValueRequest) (updated *api.UpdateSecretKeyValueResponse, err error) {
var isUpdated bool client, err := v1.NewClient(s.kubeConfig, "")
secret := model.Secret{ if err != nil {
return nil, util.NewUserError(codes.PermissionDenied, "Permission denied.")
}
secret := v1.Secret{
Name: req.Secret.Name, Name: req.Secret.Name,
Data: req.Secret.Data, Data: req.Secret.Data,
} }
isUpdated, err = s.resourceManager.UpdateSecretKeyValue(req.Namespace, &secret) isUpdated, err := client.UpdateSecretKeyValue(req.Namespace, &secret)
if errors.As(err, &userError) { if errors.As(err, &userError) {
return &api.UpdateSecretKeyValueResponse{ return &api.UpdateSecretKeyValueResponse{
Updated: false, Updated: false,