Feat: filter out OCM ManagedCluster underlying secret

Signed-off-by: Yin Da <[email protected]>
kubevela · Jun 13, 2022 · 15fe69a · 15fe69a
1 parent 27c9883
commit 15fe69a
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 7 deletions.
diff --git a/pkg/apis/cluster/v1alpha1/errors.go b/pkg/apis/cluster/v1alpha1/errors.go
@@ -18,20 +18,31 @@ package v1alpha1
 
 import "errors"
 
-type invalidClusterSecretError struct{}
+type emptyCredentialTypeClusterSecretError struct{}
 
-func (e invalidClusterSecretError) Error() string {
+func (e emptyCredentialTypeClusterSecretError) Error() string {
 	return "secret is not a valid cluster secret, no credential type found"
 }
 
-// NewInvalidClusterSecretError create an invalid cluster secret error
-func NewInvalidClusterSecretError() error {
-	return invalidClusterSecretError{}
+// NewEmptyCredentialTypeClusterSecretError create an invalid cluster secret error due to empty credential type
+func NewEmptyCredentialTypeClusterSecretError() error {
+	return emptyCredentialTypeClusterSecretError{}
+}
+
+type emptyEndpointClusterSecretError struct{}
+
+func (e emptyEndpointClusterSecretError) Error() string {
+	return "secret is not a valid cluster secret, no credential type found"
+}
+
+// NewEmptyEndpointClusterSecretError create an invalid cluster secret error due to empty endpoint
+func NewEmptyEndpointClusterSecretError() error {
+	return emptyEndpointClusterSecretError{}
 }
 
 // IsInvalidClusterSecretError check if an error is an invalid cluster secret error
 func IsInvalidClusterSecretError(err error) bool {
-	return errors.As(err, &invalidClusterSecretError{})
+	return errors.As(err, &emptyCredentialTypeClusterSecretError{}) || errors.As(err, &emptyEndpointClusterSecretError{})
 }
 
 type invalidManagedClusterError struct{}

diff --git a/pkg/apis/cluster/v1alpha1/reader.go b/pkg/apis/cluster/v1alpha1/reader.go
@@ -89,8 +89,11 @@ func NewClusterFromSecret(secret *corev1.Secret) (*Cluster, error) {
 	if metav1.HasLabel(secret.ObjectMeta, clustergatewaycommon.LabelKeyClusterEndpointType) {
 		cluster.Spec.Endpoint = secret.GetLabels()[clustergatewaycommon.LabelKeyClusterEndpointType]
 	}
+	if cluster.Spec.Endpoint == "" {
+		return nil, NewEmptyEndpointClusterSecretError()
+	}
 	if !metav1.HasLabel(secret.ObjectMeta, clustergatewaycommon.LabelKeyClusterCredentialType) {
-		return nil, NewInvalidClusterSecretError()
+		return nil, NewEmptyCredentialTypeClusterSecretError()
 	}
 	cluster.Spec.CredentialType = clustergatewayv1alpha1.CredentialType(
 		secret.GetLabels()[clustergatewaycommon.LabelKeyClusterCredentialType])

diff --git a/pkg/apis/cluster/v1alpha1/types_test.go b/pkg/apis/cluster/v1alpha1/types_test.go
@@ -78,6 +78,16 @@ var _ = Describe("Test Cluster API", func() {
 				Name:      "cluster-invalid",
 				Namespace: StorageNamespace,
 			},
+			Data: map[string][]byte{"endpoint": []byte("127.0.0.1:6443")},
+		})).To(Succeed())
+		Ω(singleton.GetKubeClient().Create(ctx, &v1.Secret{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      "ocm-cluster",
+				Namespace: StorageNamespace,
+				Labels: map[string]string{
+					clustergatewaycommon.LabelKeyClusterCredentialType: string(clustergatewayv1alpha1.CredentialTypeX509Certificate),
+				},
+			},
 		})).To(Succeed())
 
 		By("Test get cluster from cluster secret")