From ee28c98cc48a69208819a2e9759de4aabaaeff34 Mon Sep 17 00:00:00 2001 From: Uwe Krueger Date: Tue, 27 Aug 2019 10:42:12 +0200 Subject: [PATCH] support realms in source controllers --- VERSION | 2 +- pkg/dns/source/controller.go | 2 ++ pkg/dns/source/reconciler.go | 55 +++++++++++++++++++++++++----------- 3 files changed, 42 insertions(+), 17 deletions(-) diff --git a/VERSION b/VERSION index 3d996fc16..9400325a4 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.6.4-dev \ No newline at end of file +0.7.0-dev \ No newline at end of file diff --git a/pkg/dns/source/controller.go b/pkg/dns/source/controller.go index a644e3482..59d467d7a 100644 --- a/pkg/dns/source/controller.go +++ b/pkg/dns/source/controller.go @@ -47,6 +47,7 @@ const OPT_TARGET_CREATOR_LABEL_NAME = "target-creator-label-name" const OPT_TARGET_CREATOR_LABEL_VALUE = "target-creator-label-value" const OPT_TARGET_OWNER_ID = "target-owner-id" const OPT_TARGET_SET_IGNORE_OWNERS = "target-set-ignore-owners" +const OPT_TARGET_REALMS = "target-realms" var ENTRY = resources.NewGroupKind(api.GroupName, api.DNSEntryKind) @@ -67,6 +68,7 @@ func DNSSourceController(source DNSSourceType, reconcilerType controller.Reconci StringOption(OPT_TARGET_CREATOR_LABEL_VALUE, "label value for creator label"). StringOption(OPT_TARGET_OWNER_ID, "owner id to use for generated DNS entries"). BoolOption(OPT_TARGET_SET_IGNORE_OWNERS, "mark generated DNS entries to omit owner based access control"). + StringOption(OPT_TARGET_REALMS, "realm(s) to use for generated DNS entries"). FinalizerDomain(api.GroupName). Reconciler(SourceReconciler(source, reconcilerType)). Cluster(cluster.DEFAULT). // first one used as MAIN cluster diff --git a/pkg/dns/source/reconciler.go b/pkg/dns/source/reconciler.go index 93589a236..f714b37eb 100644 --- a/pkg/dns/source/reconciler.go +++ b/pkg/dns/source/reconciler.go @@ -43,6 +43,13 @@ func SourceReconciler(sourceType DNSSourceType, rtype controller.ReconcilerType) if err != nil { return nil, err } + opt, err := c.GetStringOption(OPT_TARGET_REALMS) + if err!=nil { + opt="" + } + realmtype:=access.NewRealmType(dns.REALM_ANNOTATION) + realms:=realmtype.NewRealms(opt) + c.Infof("target realm(s): %v", realms) classes := controller.NewClassesByOption(c, OPT_CLASS,dns.CLASS_ANNOTATION, dns.DEFAULT_CLASS) c.SetFinalizerHandler(controller.NewFinalizerForClasses(c, c.GetDefinition().FinalizerName(), classes)) targetclasses := controller.NewTargetClassesByOption(c, OPT_TARGET_CLASS, dns.CLASS_ANNOTATION, classes) @@ -52,8 +59,10 @@ func SourceReconciler(sourceType DNSSourceType, rtype controller.ReconcilerType) source: s, classes: classes, targetclasses: targetclasses, + targetrealms: realms, } + reconciler.namespace, _ = c.GetStringOption(OPT_NAMESPACE) reconciler.nameprefix, _ = c.GetStringOption(OPT_NAMEPREFIX) reconciler.creatorLabelName, _ = c.GetStringOption(OPT_TARGET_CREATOR_LABEL_NAME) @@ -86,6 +95,7 @@ type sourceReconciler struct { source DNSSource classes *controller.Classes targetclasses *controller.Classes + targetrealms *access.Realms namespace string nameprefix string creatorLabelName string @@ -343,6 +353,9 @@ func (this *sourceReconciler) createEntryFor(logger logger.LogContext, obj resou if !this.targetclasses.IsDefault() { resources.SetAnnotation(entry, CLASS_ANNOTATION, this.targetclasses.Main()) } + if !this.targetrealms.IsDefault() { + resources.SetAnnotation(entry, dns.REALM_ANNOTATION, this.targetrealms.AnnotationValue()) + } if this.setIgnoreOwners { resources.SetAnnotation(entry, access.ANNOTATION_IGNORE_OWNERS, "true") } @@ -381,32 +394,27 @@ func (this *sourceReconciler) createEntryFor(logger logger.LogContext, obj resou return nil } -func (this *sourceReconciler) deleteEntry(logger logger.LogContext, obj resources.Object, e resources.Object) error { - err := e.Delete() - if err == nil { - obj.Eventf(core.EventTypeNormal, "reconcile", "deleted dns entry object %s", e.ObjectName()) - logger.Infof("deleted dns entry object %s", e.ObjectName()) - } else { - if !errors.IsNotFound(err) { - logger.Errorf("cannot delete dns entry object %s: %s", e.ObjectName(), err) - } else { - err = nil - } - } - return err -} - func (this *sourceReconciler) updateEntry(logger logger.LogContext, info *DNSInfo, obj resources.Object) (bool, error) { f := func(o resources.ObjectData) (bool, error) { spec := &o.(*api.DNSEntry).Spec mod := &utils.ModificationState{} var changed bool + if !this.targetclasses.IsDefault() { + changed = resources.SetAnnotation(o, CLASS_ANNOTATION, this.targetclasses.Main()) + } else { changed = resources.RemoveAnnotation(o, CLASS_ANNOTATION) + } + mod.Modify(changed) + + if !this.targetrealms.IsDefault() { + changed = resources.SetAnnotation(o, dns.REALM_ANNOTATION, this.targetrealms.AnnotationValue()) } else { - changed = resources.SetAnnotation(o, CLASS_ANNOTATION, this.targetclasses.Main()) + changed = resources.RemoveAnnotation(o, dns.REALM_ANNOTATION) } mod.Modify(changed) + + if this.setIgnoreOwners { changed = resources.SetAnnotation(o, access.ANNOTATION_IGNORE_OWNERS, "true") } else { @@ -441,3 +449,18 @@ func (this *sourceReconciler) updateEntry(logger logger.LogContext, info *DNSInf } return obj.Modify(f) } + +func (this *sourceReconciler) deleteEntry(logger logger.LogContext, obj resources.Object, e resources.Object) error { + err := e.Delete() + if err == nil { + obj.Eventf(core.EventTypeNormal, "reconcile", "deleted dns entry object %s", e.ObjectName()) + logger.Infof("deleted dns entry object %s", e.ObjectName()) + } else { + if !errors.IsNotFound(err) { + logger.Errorf("cannot delete dns entry object %s: %s", e.ObjectName(), err) + } else { + err = nil + } + } + return err +}