Move istio util duncs to pkg/util/istio
Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
This commit is contained in:
joshvanl
parent
e8a585f740
commit
3af22cf6c6
@ -24,7 +24,6 @@ import (
|
||||
"time"
|
||||
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
"k8s.io/apimachinery/pkg/api/resource"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
dynamicclient "k8s.io/client-go/dynamic"
|
||||
@ -48,10 +47,10 @@ import (
|
||||
"github.com/jetstack/cert-manager/pkg/controller"
|
||||
"github.com/jetstack/cert-manager/pkg/controller/clusterissuers"
|
||||
dnsutil "github.com/jetstack/cert-manager/pkg/issuer/acme/dns/util"
|
||||
"github.com/jetstack/cert-manager/pkg/issuer/acme/http/internal/istio"
|
||||
logf "github.com/jetstack/cert-manager/pkg/logs"
|
||||
"github.com/jetstack/cert-manager/pkg/metrics"
|
||||
"github.com/jetstack/cert-manager/pkg/util"
|
||||
"github.com/jetstack/cert-manager/pkg/util/istio"
|
||||
)
|
||||
|
||||
const controllerAgentName = "cert-manager"
|
||||
@ -72,14 +71,14 @@ func Run(opts *options.ControllerOptions, stopCh <-chan struct{}) {
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
ctx.IstioEnabled, err = isIstioInstalled(ctx)
|
||||
ctx.IstioEnabled, err = istio.IsIstioInstalled(ctx)
|
||||
if err != nil {
|
||||
log.Error(err, "failed to discover if Istio is available")
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
if ctx.IstioEnabled {
|
||||
ctx.IstioEnabled, err = canListVirtualService(rootCtx, ctx, opts.Namespace)
|
||||
ctx.IstioEnabled, err = istio.CanListVirtualService(ctx, opts.Namespace)
|
||||
if err != nil {
|
||||
log.Error(err, "failed to list Istio VirtualServices")
|
||||
os.Exit(1)
|
||||
@ -163,33 +162,6 @@ func Run(opts *options.ControllerOptions, stopCh <-chan struct{}) {
|
||||
startLeaderElection(rootCtx, opts, leaderElectionClient, ctx.Recorder, run)
|
||||
}
|
||||
|
||||
func isIstioInstalled(ctx *controller.Context) (bool, error) {
|
||||
groups, err := ctx.Client.Discovery().ServerGroups()
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
for _, group := range groups.Groups {
|
||||
if group.Name == istio.VirtualServiceGvr().Group {
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
return false, nil
|
||||
}
|
||||
|
||||
func canListVirtualService(rootCtx context.Context, ctx *controller.Context, namespace string) (bool, error) {
|
||||
// Check if sa has permissions to list virtualservice
|
||||
_, err := ctx.DynamicClient.Resource(istio.VirtualServiceGvr()).Namespace(namespace).List(rootCtx, metav1.ListOptions{})
|
||||
if errors.IsForbidden(err) {
|
||||
return false, nil
|
||||
}
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
return true, nil
|
||||
}
|
||||
|
||||
func buildControllerContext(ctx context.Context, stopCh <-chan struct{}, opts *options.ControllerOptions) (*controller.Context, *rest.Config, error) {
|
||||
log := logf.FromContext(ctx, "build-context")
|
||||
// Load the users Kubernetes config
|
||||
|
||||
@ -35,10 +35,10 @@ import (
|
||||
cmlisters "github.com/jetstack/cert-manager/pkg/client/listers/certmanager/v1"
|
||||
controllerpkg "github.com/jetstack/cert-manager/pkg/controller"
|
||||
"github.com/jetstack/cert-manager/pkg/controller/acmechallenges/scheduler"
|
||||
"github.com/jetstack/cert-manager/pkg/internal/apis/istio"
|
||||
"github.com/jetstack/cert-manager/pkg/issuer"
|
||||
"github.com/jetstack/cert-manager/pkg/issuer/acme/dns"
|
||||
"github.com/jetstack/cert-manager/pkg/issuer/acme/http"
|
||||
"github.com/jetstack/cert-manager/pkg/issuer/acme/http/internal/istio"
|
||||
logf "github.com/jetstack/cert-manager/pkg/logs"
|
||||
)
|
||||
|
||||
|
||||
52
pkg/util/istio/istio.go
Normal file
52
pkg/util/istio/istio.go
Normal file
@ -0,0 +1,52 @@
|
||||
/*
|
||||
Copyright 2020 The cert-manager Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package istio
|
||||
|
||||
import (
|
||||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
|
||||
"github.com/jetstack/cert-manager/pkg/controller"
|
||||
"github.com/jetstack/cert-manager/pkg/internal/apis/istio"
|
||||
)
|
||||
|
||||
func IsIstioInstalled(ctx *controller.Context) (bool, error) {
|
||||
groups, err := ctx.Client.Discovery().ServerGroups()
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
for _, group := range groups.Groups {
|
||||
if group.Name == istio.VirtualServiceGvr().Group {
|
||||
return true, nil
|
||||
}
|
||||
}
|
||||
return false, nil
|
||||
}
|
||||
|
||||
func CanListVirtualService(ctx *controller.Context, namespace string) (bool, error) {
|
||||
// Check if sa has permissions to list virtualservice
|
||||
_, err := ctx.DynamicClient.Resource(istio.VirtualServiceGvr()).Namespace(namespace).List(ctx.RootContext, metav1.ListOptions{})
|
||||
if errors.IsForbidden(err) {
|
||||
return false, nil
|
||||
}
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
return true, nil
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user