From c21898df2a1b5e92fd25da10c83f669d9c93bd86 Mon Sep 17 00:00:00 2001 From: Harvey Xia Date: Tue, 15 Sep 2020 14:34:35 -0400 Subject: [PATCH] simplify remote namespace passing. ensure remote namespace. --- pkg/multicluster/register/helpers.go | 18 ++++++++++-------- pkg/multicluster/register/interfaces.go | 9 ++++++++- pkg/multicluster/register/registrant.go | 21 ++++++++++++++++----- 3 files changed, 34 insertions(+), 14 deletions(-) diff --git a/pkg/multicluster/register/helpers.go b/pkg/multicluster/register/helpers.go index 1d1ed68ad..3a2dedbc5 100644 --- a/pkg/multicluster/register/helpers.go +++ b/pkg/multicluster/register/helpers.go @@ -72,7 +72,7 @@ type RegistrationOptions struct { ClusterRoleBindings []client.ObjectKey // Set of labels to include on the KubernetesCluster resource. - Labels map[string]string + KubernetesClusterLabels map[string]string } /* @@ -122,8 +122,7 @@ func (opts RegistrationOptions) RegisterProviderCluster( rbacOpts, registrant, providerInfo, - opts.Labels, - opts.RemoteNamespace, + opts.KubernetesClusterLabels, clusterRolePolicyRules, ) } @@ -183,7 +182,7 @@ func RegisterClusterFromConfig( opts RbacOptions, registrant ClusterRegistrant, ) error { - return RegisterProviderClusterFromConfig(ctx, masterClusterCfg, remoteCfg, opts, registrant, nil, nil, "", nil) + return RegisterProviderClusterFromConfig(ctx, masterClusterCfg, remoteCfg, opts, registrant, nil, nil, nil) } func RegisterProviderClusterFromConfig( @@ -193,10 +192,14 @@ func RegisterProviderClusterFromConfig( opts RbacOptions, registrant ClusterRegistrant, providerInfo *v1alpha1.KubernetesClusterSpec_ProviderInfo, - labels map[string]string, - namespace string, + kubeClusterLabels map[string]string, policyRules []*v1alpha1.PolicyRule, ) error { + err := registrant.EnsureRemoteNamespace(ctx, remoteCfg, opts.RemoteNamespace) + if err != nil { + return err + } + sa, err := registrant.EnsureRemoteServiceAccount(ctx, remoteCfg, opts.Options) if err != nil { return err @@ -217,8 +220,7 @@ func RegisterProviderClusterFromConfig( token, opts.Options, providerInfo, - labels, - namespace, + kubeClusterLabels, policyRules, ) } diff --git a/pkg/multicluster/register/interfaces.go b/pkg/multicluster/register/interfaces.go index c708cbbbf..884436d08 100644 --- a/pkg/multicluster/register/interfaces.go +++ b/pkg/multicluster/register/interfaces.go @@ -89,6 +89,14 @@ func (o *Options) validate() error { the registrant instance. */ type ClusterRegistrant interface { + /* + EnsureRemoteNamespace ensures that the specified remoteNamespace exists on the remote cluster being registered. + */ + EnsureRemoteNamespace( + ctx context.Context, + remoteClientCfg clientcmd.ClientConfig, + remoteNamespace string, + ) error /* EnsureRemoteServiceAccount takes an instance of a remote config, and ensure a ServiceAccount exists on the @@ -158,7 +166,6 @@ type ClusterRegistrant interface { opts Options, providerInfo *v1alpha1.KubernetesClusterSpec_ProviderInfo, labels map[string]string, - namespace string, policyRules []*v1alpha1.PolicyRule, ) error diff --git a/pkg/multicluster/register/registrant.go b/pkg/multicluster/register/registrant.go index 9bcb4d123..3f759f342 100644 --- a/pkg/multicluster/register/registrant.go +++ b/pkg/multicluster/register/registrant.go @@ -94,6 +94,18 @@ type clusterRegistrant struct { localAPIServerAddress string } +func (c *clusterRegistrant) EnsureRemoteNamespace( + ctx context.Context, + remoteClientCfg clientcmd.ClientConfig, + remoteNamespace string, +) error { + remoteRestCfg, err := remoteClientCfg.ClientConfig() + if err != nil { + return err + } + return c.ensureRemoteNamespace(ctx, remoteNamespace, remoteRestCfg) +} + func (c *clusterRegistrant) EnsureRemoteServiceAccount( ctx context.Context, remoteClientCfg clientcmd.ClientConfig, @@ -289,7 +301,7 @@ func (c *clusterRegistrant) RegisterClusterWithToken( token string, opts Options, ) error { - return c.RegisterProviderClusterWithToken(ctx, masterClusterCfg, remoteClientCfg, token, opts, nil, nil, "", nil) + return c.RegisterProviderClusterWithToken(ctx, masterClusterCfg, remoteClientCfg, token, opts, nil, nil, nil) } func (c *clusterRegistrant) RegisterProviderClusterWithToken( @@ -300,7 +312,6 @@ func (c *clusterRegistrant) RegisterProviderClusterWithToken( opts Options, providerInfo *v1alpha1.KubernetesClusterSpec_ProviderInfo, labels map[string]string, - namespace string, policyRules []*v1alpha1.PolicyRule, ) error { if err := (&opts).validate(); err != nil { @@ -346,7 +357,7 @@ func (c *clusterRegistrant) RegisterProviderClusterWithToken( return err } - kubeCluster := buildKubeClusterResource(kcSecret, labels, opts.ClusterDomain, providerInfo, namespace, policyRules) + kubeCluster := buildKubeClusterResource(kcSecret, labels, opts.ClusterDomain, providerInfo, opts.RemoteNamespace, policyRules) kubeClusterClient, err := c.kubeClusterFactory(masterClusterCfg) if err != nil { @@ -392,7 +403,7 @@ func buildKubeClusterResource( labels map[string]string, clusterDomain string, providerInfo *v1alpha1.KubernetesClusterSpec_ProviderInfo, - namespace string, + remoteNamespace string, policyRules []*v1alpha1.PolicyRule, ) *v1alpha1.KubernetesCluster { if clusterDomain == "" { @@ -406,7 +417,7 @@ func buildKubeClusterResource( ProviderInfo: providerInfo, }, Status: v1alpha1.KubernetesClusterStatus{ - Namespace: namespace, + Namespace: remoteNamespace, PolicyRules: policyRules, }, }