refactor

Signed-off-by: Tamal Saha <[email protected]>

go.mod

@@ -44,11 +44,11 @@ require (
 	k8s.io/kube-state-metrics/v2 v2.12.0
 	kmodules.xyz/apiversion v0.2.0
 	kmodules.xyz/authorizer v0.29.1
-	kmodules.xyz/client-go v0.30.3-0.20240611195846-3c1fd4efca12
-	kmodules.xyz/custom-resources v0.29.1
+	kmodules.xyz/client-go v0.30.4
+	kmodules.xyz/custom-resources v0.30.0
 	kmodules.xyz/go-containerregistry v0.0.12
 	kmodules.xyz/monitoring-agent-api v0.29.0
-	kmodules.xyz/resource-metadata v0.18.7-0.20240611202519-4f1ddd09edb6
+	kmodules.xyz/resource-metadata v0.18.8-0.20240612015959-9832ca0a2adb
 	kmodules.xyz/resource-metrics v0.30.1
 	kmodules.xyz/resource-metrics/utils v0.30.1
 	kmodules.xyz/sets v0.29.0
@@ -65,6 +65,7 @@ require (
 	cloud.google.com/go/compute/metadata v0.3.0 // indirect
 	cloud.google.com/go/monitoring v1.18.0 // indirect
 	cloud.google.com/go/trace v1.10.6 // indirect
+	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
 	github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.20.0 // indirect
 	github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.44.0 // indirect
@@ -110,7 +111,7 @@ require (
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
-	github.com/go-sql-driver/mysql v1.7.1 // indirect
+	github.com/go-sql-driver/mysql v1.8.1 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect

go.sum

@@ -23,6 +23,8 @@ cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiy
 cloud.google.com/go/trace v1.10.6 h1:XF0Ejdw0NpRfAvuZUeQe3ClAG4R/9w5JYICo7l2weaw=
 cloud.google.com/go/trace v1.10.6/go.mod h1:EABXagUjxGuKcZMy4pXyz0fJpE5Ghog3jzTxcEsVJS4=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
+filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
+filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
 github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0=
 github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
@@ -186,8 +188,8 @@ github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF
 github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4=
 github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE=
 github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
-github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
-github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
+github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
+github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
@@ -902,20 +904,20 @@ kmodules.xyz/apiversion v0.2.0 h1:vAQYqZFm4xu4pbB1cAdHbFEPES6EQkcR4wc06xdTOWk=
 kmodules.xyz/apiversion v0.2.0/go.mod h1:oPX8g8LvlPdPX3Yc5YvCzJHQnw3YF/X4/jdW0b1am80=
 kmodules.xyz/authorizer v0.29.1 h1:uByGGoryKbZcfiEAhjcK/Y345I9mygNQP7DVpkMbNQQ=
 kmodules.xyz/authorizer v0.29.1/go.mod h1:kZRhclL8twzyt2bQuJQJbpYww2sc+qFr8I5PPoq/sWY=
-kmodules.xyz/client-go v0.30.3-0.20240611195846-3c1fd4efca12 h1:veFfiUw7N0eblNTAS9rXtiArw64zET9Uh/0J4YZTHAo=
-kmodules.xyz/client-go v0.30.3-0.20240611195846-3c1fd4efca12/go.mod h1:ekDSUC0UFLI0Jq3A62myW7VG8TYLBqCwMjqWJM1SrqU=
+kmodules.xyz/client-go v0.30.4 h1:lfCNkSUvd4HkQnW94nm65AgwMt1UppqPffqXH0NPh2w=
+kmodules.xyz/client-go v0.30.4/go.mod h1:ekDSUC0UFLI0Jq3A62myW7VG8TYLBqCwMjqWJM1SrqU=
 kmodules.xyz/crd-schema-fuzz v0.29.1 h1:zJTlWYOrT5dsVVHW8HGcnR/vaWfxQfNh11QwTtkYpcs=
 kmodules.xyz/crd-schema-fuzz v0.29.1/go.mod h1:n708z9YQqLMP2KNLQVgBcRJw1QpSWLvpNCEi+KJDOYE=
-kmodules.xyz/custom-resources v0.29.1 h1:xiNylhs3ILRbcUhxxy306AOy9GMA4Mq7xFIptZKgal4=
-kmodules.xyz/custom-resources v0.29.1/go.mod h1:829zDY1EjaxPP52h1T73LZx/vgv8Pld9/uTT/ViZTc0=
+kmodules.xyz/custom-resources v0.30.0 h1:vR3CbseHMLwR4GvtcJJuRuwIV8voKqFqNii27rMcm1o=
+kmodules.xyz/custom-resources v0.30.0/go.mod h1:ZsTuI2mLG2s3byre7bHmpxJ9w0HDqAkRTL1+izGFI24=
 kmodules.xyz/go-containerregistry v0.0.12 h1:Tl32QGmSqRVm9PUEb/f3dgDeu9zW5fVzt3qmAFIE37I=
 kmodules.xyz/go-containerregistry v0.0.12/go.mod h1:KgeNg0hDsgeda+qc0NzWk0iVRdF0+ZIg/oRzGoYh78I=
 kmodules.xyz/monitoring-agent-api v0.29.0 h1:gpFl6OZrlMLb/ySMHdREI9EwGtnJ91oZBn9H1UFRwB4=
 kmodules.xyz/monitoring-agent-api v0.29.0/go.mod h1:iNbvaMTgVFOI5q2LJtGK91j4Dmjv4ZRiRdasGmWLKQI=
 kmodules.xyz/offshoot-api v0.29.4 h1:WQV2BIUIoVKKiqZNmZ4gAy367jEdwBhEl3dFCLZM1qA=
 kmodules.xyz/offshoot-api v0.29.4/go.mod h1:e+NQ0s4gW/YTPWBWEfdISZcmk+tlTq8IjvP5SLdqvko=
-kmodules.xyz/resource-metadata v0.18.7-0.20240611202519-4f1ddd09edb6 h1:QMSnm0gbTBbzKH3+hlYzkztimTipAwCgOJ22VUAdoK0=
-kmodules.xyz/resource-metadata v0.18.7-0.20240611202519-4f1ddd09edb6/go.mod h1:5eKpd3npAuXog95Z0J0B1V+gIbnW28AMnRjQzsDOw2M=
+kmodules.xyz/resource-metadata v0.18.8-0.20240612015959-9832ca0a2adb h1:4iHgeGV4lO/d60fd0V13DqPqnJ3XgepsCDOIaYmxytg=
+kmodules.xyz/resource-metadata v0.18.8-0.20240612015959-9832ca0a2adb/go.mod h1:iWMQ1teVvqqHygN79A+UlhuY2QDamIqzO94yXBHdYrY=
 kmodules.xyz/resource-metrics v0.30.1 h1:o7mVY8ZwSe5iEILy1eMG4EPZCli7mXZCkgQONjoY9uU=
 kmodules.xyz/resource-metrics v0.30.1/go.mod h1:UYcQQLN+3o8rNPQJwJa2D9bt5ihJCeo5bCDuQ4O3MPY=
 kmodules.xyz/resource-metrics/utils v0.30.1 h1:iRnAKNMMdAi7QYjMQrK9W3vNMhSC21RWNx9yS3qlpTA=

pkg/apiserver/apiserver.go

@@ -32,7 +32,6 @@ import (
 	licenseapi "kubeops.dev/ui-server/apis/offline/v1alpha1"
 	policyinstall "kubeops.dev/ui-server/apis/policy/install"
 	policyapi "kubeops.dev/ui-server/apis/policy/v1alpha1"
-	"kubeops.dev/ui-server/pkg/b3"
 	clustermetacontroller "kubeops.dev/ui-server/pkg/controllers/clustermetadata"
 	projectquotacontroller "kubeops.dev/ui-server/pkg/controllers/projectquota"
 	"kubeops.dev/ui-server/pkg/graph"
@@ -46,6 +45,7 @@ import (
 	clusteridstorage "kubeops.dev/ui-server/pkg/registry/identity/clusteridentity"
 	inboxtokenreqstorage "kubeops.dev/ui-server/pkg/registry/identity/inboxtokenrequest"
 	"kubeops.dev/ui-server/pkg/registry/identity/selfsubjectnamespaceaccessreview"
+	siteinfostorage "kubeops.dev/ui-server/pkg/registry/identity/siteinfo"
 	"kubeops.dev/ui-server/pkg/registry/meta/chartpresetquery"
 	clusterprofilestorage "kubeops.dev/ui-server/pkg/registry/meta/clusterprofile"
 	clusterstatusstorage "kubeops.dev/ui-server/pkg/registry/meta/clusterstatus"
@@ -106,6 +106,7 @@ import (
 	rsapi "kmodules.xyz/resource-metadata/apis/meta/v1alpha1"
 	uiinstall "kmodules.xyz/resource-metadata/apis/ui/install"
 	uiapi "kmodules.xyz/resource-metadata/apis/ui/v1alpha1"
+	identitylib "kmodules.xyz/resource-metadata/pkg/identity"
 	"sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
@@ -257,7 +258,7 @@ func (c completedConfig) New(ctx context.Context) (*UIServer, error) {
 		return nil, err
 	}
 
-	bc, err := b3.NewClient(c.ExtraConfig.BaseURL, c.ExtraConfig.Token, c.ExtraConfig.CACert, cid)
+	bc, err := identitylib.NewClient(c.ExtraConfig.BaseURL, c.ExtraConfig.Token, c.ExtraConfig.CACert, mgr.GetClient())
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to create b3 api client")
 	}
@@ -278,20 +279,23 @@ func (c completedConfig) New(ctx context.Context) (*UIServer, error) {
 		os.Exit(1)
 	}
 
-	if err := mgr.Add(manager.RunnableFunc(func(ctx context.Context) error {
-		md, err := bc.Identify(cid)
+	if c.ExtraConfig.Token != "" {
+		if err := mgr.Add(manager.RunnableFunc(func(ctx context.Context) error {
+			md, err := bc.Identify(cid)
+			if err != nil {
+				return err
+			}
+			return clustermeta.UpsertClusterMetadata(mgr.GetClient(), md)
+		})); err != nil {
+			setupLog.Error(err, fmt.Sprintf("unable to upsert cluster metadata into configmap %s/%s", metav1.NamespacePublic, kmapi.AceInfoConfigMapName))
+			os.Exit(1)
+		}
+
+		err = clustermetacontroller.NewReconciler(mgr.GetClient(), bc).SetupWithManager(mgr)
 		if err != nil {
-			return err
+			klog.Error(err, "unable to create controller", "controller", "ConfigMap")
+			os.Exit(1)
 		}
-		return clustermeta.UpsertClusterMetadata(mgr.GetClient(), md)
-	})); err != nil {
-		setupLog.Error(err, fmt.Sprintf("unable to upsert cluster metadata into configmap %s/%s", metav1.NamespacePublic, kmapi.AceInfoConfigMapName))
-		os.Exit(1)
-	}
-	err = clustermetacontroller.NewReconciler(mgr.GetClient(), bc).SetupWithManager(mgr)
-	if err != nil {
-		klog.Error(err, "unable to create controller", "controller", "ConfigMap")
-		os.Exit(1)
 	}
 
 	s := &UIServer{
@@ -361,6 +365,7 @@ func (c completedConfig) New(ctx context.Context) (*UIServer, error) {
 		v1alpha1storage[identityapi.ResourceClusterIdentities] = clusteridstorage.NewStorage(ctrlClient, bc)
 		v1alpha1storage[identityapi.ResourceInboxTokenRequests] = inboxtokenreqstorage.NewStorage(ctrlClient, bc)
 		v1alpha1storage[identityapi.ResourceSelfSubjectNamespaceAccessReviews] = selfsubjectnamespaceaccessreview.NewStorage(kc, ctrlClient)
+		v1alpha1storage[identityapi.ResourceSiteInfos] = siteinfostorage.NewStorage(mgr.GetConfig(), kc, ctrlClient)
 		apiGroupInfo.VersionedResourcesStorageMap["v1alpha1"] = v1alpha1storage
 
 		if err := s.GenericAPIServer.InstallAPIGroup(&apiGroupInfo); err != nil {

pkg/cmds/server/start.go

@@ -169,6 +169,7 @@ func (o *UIServerOptions) Config() (*apiserver.Config, error) {
 		fmt.Sprintf("/apis/%s/%s", identityapi.SchemeGroupVersion, identityapi.ResourceClusterIdentities),
 		fmt.Sprintf("/apis/%s/%s", identityapi.SchemeGroupVersion, identityapi.ResourceInboxTokenRequests),
 		fmt.Sprintf("/apis/%s/%s", identityapi.SchemeGroupVersion, identityapi.ResourceSelfSubjectNamespaceAccessReviews),
+		fmt.Sprintf("/apis/%s/%s", identityapi.SchemeGroupVersion, identityapi.ResourceSiteInfos),
 	}
 
 	serverConfig.OpenAPIConfig = genericapiserver.DefaultOpenAPIConfig(

pkg/controllers/clustermetadata/cm_controller.go

@@ -19,12 +19,11 @@ package clustermetadata
 import (
 	"context"
 
-	"kubeops.dev/ui-server/pkg/b3"
-
 	core "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	kmapi "kmodules.xyz/client-go/api/v1"
 	clustermeta "kmodules.xyz/client-go/cluster"
+	identitylib "kmodules.xyz/resource-metadata/pkg/identity"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -36,13 +35,13 @@ import (
 // ClusterMetadataReconciler reconciles a ClusterMetadata object
 type ClusterMetadataReconciler struct {
 	kc        client.Client
-	bc        *b3.Client
+	bc        *identitylib.Client
 	clusterID string
 }
 
 var _ reconcile.Reconciler = &ClusterMetadataReconciler{}
 
-func NewReconciler(kc client.Client, bc *b3.Client) *ClusterMetadataReconciler {
+func NewReconciler(kc client.Client, bc *identitylib.Client) *ClusterMetadataReconciler {
 	return &ClusterMetadataReconciler{
 		kc: kc,
 		bc: bc,

pkg/registry/identity/clusteridentity/storage.go

@@ -20,21 +20,20 @@ import (
 	"context"
 	"strings"
 
-	"kubeops.dev/ui-server/pkg/b3"
-
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apiserver/pkg/registry/rest"
 	identityapi "kmodules.xyz/resource-metadata/apis/identity/v1alpha1"
+	identitylib "kmodules.xyz/resource-metadata/pkg/identity"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
 type Storage struct {
 	kc        client.Client
-	bc        *b3.Client
+	bc        *identitylib.Client
 	convertor rest.TableConvertor
 }
 
@@ -46,7 +45,7 @@ var (
 	_ rest.SingularNameProvider     = &Storage{}
 )
 
-func NewStorage(kc client.Client, bc *b3.Client) *Storage {
+func NewStorage(kc client.Client, bc *identitylib.Client) *Storage {
 	return &Storage{
 		kc: kc,
 		bc: bc,
@@ -76,7 +75,7 @@ func (r *Storage) New() runtime.Object {
 func (r *Storage) Destroy() {}
 
 func (r *Storage) Get(ctx context.Context, name string, options *metav1.GetOptions) (runtime.Object, error) {
-	if name != b3.SelfName {
+	if name != identitylib.SelfName {
 		return nil, apierrors.NewNotFound(schema.GroupResource{Group: identityapi.GroupName, Resource: identityapi.ResourceClusterIdentities}, name)
 	}
 	return r.bc.GetIdentity()

pkg/registry/identity/inboxtokenrequest/storage.go

@@ -20,19 +20,18 @@ import (
 	"context"
 	"strings"
 
-	"kubeops.dev/ui-server/pkg/b3"
-
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apiserver/pkg/registry/rest"
 	identityapi "kmodules.xyz/resource-metadata/apis/identity/v1alpha1"
+	identitylib "kmodules.xyz/resource-metadata/pkg/identity"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
 type Storage struct {
 	kc client.Client
-	bc *b3.Client
+	bc *identitylib.Client
 }
 
 var (
@@ -43,7 +42,7 @@ var (
 	_ rest.SingularNameProvider     = &Storage{}
 )
 
-func NewStorage(kc client.Client, bc *b3.Client) *Storage {
+func NewStorage(kc client.Client, bc *identitylib.Client) *Storage {
 	return &Storage{
 		kc: kc,
 		bc: bc,
@@ -70,8 +69,12 @@ func (r *Storage) Destroy() {}
 
 func (r *Storage) Create(ctx context.Context, obj runtime.Object, _ rest.ValidateObjectFunc, _ *metav1.CreateOptions) (runtime.Object, error) {
 	req := obj.(*identityapi.InboxTokenRequest)
+	token, err := r.bc.GetToken()
+	if err != nil {
+		return nil, err
+	}
 	req.Response = &identityapi.InboxTokenRequestResponse{
-		AdminJWTToken: r.bc.GetToken(),
+		AdminJWTToken: token,
 	}
 	return req, nil
 }