From 1679e4a1dcbb6a8d471a5637e038ddf7c68724fa Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Thu, 2 Mar 2023 16:48:29 +0530 Subject: [PATCH 01/13] remove creation of awsacfg resource from helm charts --- charts/kyverno-aws-adapter/templates/resource.yaml | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 charts/kyverno-aws-adapter/templates/resource.yaml diff --git a/charts/kyverno-aws-adapter/templates/resource.yaml b/charts/kyverno-aws-adapter/templates/resource.yaml deleted file mode 100644 index e05bb3c..0000000 --- a/charts/kyverno-aws-adapter/templates/resource.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: security.nirmata.io/v1alpha1 -kind: AWSAdapterConfig -metadata: - name: {{ include "kyverno-aws-adapter.fullname" . }} - labels: - {{- include "kyverno-aws-adapter.labels" . | nindent 4 }} -spec: - name: {{ required "EKS cluster name is required" .Values.eksCluster.name }} - region: {{ required "EKS cluster region is required" .Values.eksCluster.region }} From 1800193f3b6186d14ec031786ff6e6c8f70a6d72 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Thu, 2 Mar 2023 16:49:29 +0530 Subject: [PATCH 02/13] pass required fields for creating awsacfg resource as env variables --- charts/kyverno-aws-adapter/templates/deployment.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/charts/kyverno-aws-adapter/templates/deployment.yaml b/charts/kyverno-aws-adapter/templates/deployment.yaml index 1c93d4b..b6af10c 100644 --- a/charts/kyverno-aws-adapter/templates/deployment.yaml +++ b/charts/kyverno-aws-adapter/templates/deployment.yaml @@ -26,6 +26,15 @@ spec: image: {{ include "kyverno-aws-adapter.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy }} name: manager + env: + - name: ADAPTER_NAME + value: {{ include "kyverno-aws-adapter.fullname" . }} + - name: ADAPTER_NAMESPACE + value: {{ .Release.Namespace }} + - name: CLUSTER_NAME + value: {{ required "EKS cluster name is required" .Values.eksCluster.name }} + - name: CLUSTER_REGION + value: {{ required "EKS cluster region is required" .Values.eksCluster.region }} {{- if .Values.pollInterval }} args: - --sync-period={{ .Values.pollInterval }} From 1e6a346dbfacc8525d33f14e6f60ae6c918770f8 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Thu, 2 Mar 2023 16:50:22 +0530 Subject: [PATCH 03/13] add CreateCRIfNotPresent --- controllers/awsadapterconfig_controller.go | 55 ++++++++++++++++++++++ main.go | 7 ++- 2 files changed, 60 insertions(+), 2 deletions(-) diff --git a/controllers/awsadapterconfig_controller.go b/controllers/awsadapterconfig_controller.go index 05fa6b7..748597e 100644 --- a/controllers/awsadapterconfig_controller.go +++ b/controllers/awsadapterconfig_controller.go @@ -19,11 +19,13 @@ package controllers import ( "context" "fmt" + "os" "strings" "time" "github.com/go-logr/logr" "github.com/google/go-cmp/cmp" + "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" ctrl "sigs.k8s.io/controller-runtime" @@ -444,6 +446,59 @@ func (r *AWSAdapterConfigReconciler) updateLastPollStatusFailure(ctx context.Con return ctrl.Result{RequeueAfter: r.RequeueInterval}, nil } +func (r *AWSAdapterConfigReconciler) CreateCRIfNotPresent() { + l := log.FromContext(context.TODO()) + + l.Info("Creating AWS SDK config") + + clusterName := getClusterName() + clusterRegion := getClusterRegion() + res := &securityv1alpha1.AWSAdapterConfig{ + ObjectMeta: metav1.ObjectMeta{ + Name: getAdapterName(), + Namespace: getAdapterNamespace(), + }, + Spec: securityv1alpha1.AWSAdapterConfigSpec{ + Name: &clusterName, + Region: &clusterRegion, + }, + } + + err := r.Create(context.TODO(), res) + if err == nil { + l.Info("AWS SDK config created successfully") + } else { + if errors.IsAlreadyExists(err) { + l.Info("AWS SDK config already exists. Skipping resource creation.") + } else { + l.Error(err, "Error creating AWS SDK config") + } + } +} + +const ( + ADAPTER_NAME_ENV_VAR = "ADAPTER_NAME" + ADAPTER_NAMESPACE_ENV_VAR = "ADAPTER_NAMESPACE" + CLUSTER_NAME_ENV_VAR = "CLUSTER_NAME" + CLUSTER_REGION_ENV_VAR = "CLUSTER_REGION" +) + +func getAdapterName() string { + return os.Getenv(ADAPTER_NAME_ENV_VAR) +} + +func getAdapterNamespace() string { + return os.Getenv(ADAPTER_NAMESPACE_ENV_VAR) +} + +func getClusterName() string { + return os.Getenv(CLUSTER_NAME_ENV_VAR) +} + +func getClusterRegion() string { + return os.Getenv(CLUSTER_REGION_ENV_VAR) +} + func isStatusVacuous(status *securityv1alpha1.AWSAdapterConfigStatus) bool { return (status.LastUpdatedTimestamp == nil && status.LastPollInfo == securityv1alpha1.LastPollInfo{} && diff --git a/main.go b/main.go index b67972c..d9d7cb1 100644 --- a/main.go +++ b/main.go @@ -92,11 +92,12 @@ func main() { os.Exit(1) } - if err = (&controllers.AWSAdapterConfigReconciler{ + reconciler := &controllers.AWSAdapterConfigReconciler{ Client: mgr.GetClient(), Scheme: mgr.GetScheme(), RequeueInterval: time.Duration(syncPeriod) * time.Minute, - }).SetupWithManager(mgr); err != nil { + } + if err = reconciler.SetupWithManager(mgr); err != nil { setupLog.Error(err, "unable to create controller", "controller", "AWSAdapterConfig") os.Exit(1) } @@ -111,6 +112,8 @@ func main() { os.Exit(1) } + reconciler.CreateCRIfNotPresent() + setupLog.Info("starting manager") if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { setupLog.Error(err, "problem running manager") From b66a5ef4fb5ff082255e5ce41b027de092e3a8a1 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Tue, 7 Mar 2023 10:17:45 +0530 Subject: [PATCH 04/13] update getting_started.md with the updated behavior --- docs/getting_started.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/docs/getting_started.md b/docs/getting_started.md index 5c948c1..d09e267 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -162,3 +162,27 @@ kubectl get awsacfg -n nirmata-aws-adapter NAME ... CLUSTER NAME ... LAST POLLED STATUS kyverno-aws-adapter ... cluster-name ... success ``` + +### Uninstalling the AWS Adapter Helm chart + +To uninstall the AWS Adapter Helm chart, use the following command. + +```bash +helm uninstall kyverno-aws-adapter --namespace nirmata-aws-adapter +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +The `awsadapterconfigs.security.nirmata.io` CRD created by this chart is not removed by default and should be manually cleaned up. So, after uninstalling helm chart the following command can be used to remove the CRD. + +```bash +kubectl delete crd awsadapterconfigs.security.nirmata.io +``` + +### Deleting the AWSAdapterConfig + +The `AWSAdapterConfig` CR is not deleted by `helm uninstall` or by deleting the pod, and must be manually cleaned up. + +```bash +kubectl delete awsacfg kyverno-aws-adapter -n nirmata-aws-adapter +``` From 150f3915c879d2869b474e44f6a4251af6b71c7c Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Tue, 7 Mar 2023 18:37:49 +0530 Subject: [PATCH 05/13] check if resource exists using Get and use ctrl.New instead of mgr.GetClient --- controllers/awsadapterconfig_controller.go | 30 ++++++++++++++++------ main.go | 19 +++++++++++--- 2 files changed, 37 insertions(+), 12 deletions(-) diff --git a/controllers/awsadapterconfig_controller.go b/controllers/awsadapterconfig_controller.go index 748597e..0fdfaa1 100644 --- a/controllers/awsadapterconfig_controller.go +++ b/controllers/awsadapterconfig_controller.go @@ -28,6 +28,7 @@ import ( "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" + apimachineryTypes "k8s.io/apimachinery/pkg/types" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log" @@ -446,17 +447,34 @@ func (r *AWSAdapterConfigReconciler) updateLastPollStatusFailure(ctx context.Con return ctrl.Result{RequeueAfter: r.RequeueInterval}, nil } -func (r *AWSAdapterConfigReconciler) CreateCRIfNotPresent() { +func (r *AWSAdapterConfigReconciler) IsCRPresent() bool { + l := log.FromContext(context.TODO()) + + obj := &securityv1alpha1.AWSAdapterConfig{} + err := r.Get(context.TODO(), apimachineryTypes.NamespacedName{Namespace: getAdapterNamespace(), Name: getAdapterName()}, obj) + if err != nil { + if !errors.IsNotFound(err) { + l.Error(err, "Error checking if AWS SDK config exists") + } + + return false + } + return true +} + +func (r *AWSAdapterConfigReconciler) CreateCR() { l := log.FromContext(context.TODO()) l.Info("Creating AWS SDK config") clusterName := getClusterName() clusterRegion := getClusterRegion() + adapterName := getAdapterName() + adapterNamespace := getAdapterNamespace() res := &securityv1alpha1.AWSAdapterConfig{ ObjectMeta: metav1.ObjectMeta{ - Name: getAdapterName(), - Namespace: getAdapterNamespace(), + Name: adapterName, + Namespace: adapterNamespace, }, Spec: securityv1alpha1.AWSAdapterConfigSpec{ Name: &clusterName, @@ -468,11 +486,7 @@ func (r *AWSAdapterConfigReconciler) CreateCRIfNotPresent() { if err == nil { l.Info("AWS SDK config created successfully") } else { - if errors.IsAlreadyExists(err) { - l.Info("AWS SDK config already exists. Skipping resource creation.") - } else { - l.Error(err, "Error creating AWS SDK config") - } + l.Error(err, "Error creating AWS SDK config") } } diff --git a/main.go b/main.go index d9d7cb1..1a55f8b 100644 --- a/main.go +++ b/main.go @@ -29,6 +29,7 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" @@ -92,12 +93,18 @@ func main() { os.Exit(1) } - reconciler := &controllers.AWSAdapterConfigReconciler{ - Client: mgr.GetClient(), + cl, err := client.New(ctrl.GetConfigOrDie(), client.Options{Scheme: scheme}) + if err != nil { + setupLog.Error(err, "unable to create client") + os.Exit(1) + } + + r := &controllers.AWSAdapterConfigReconciler{ + Client: cl, Scheme: mgr.GetScheme(), RequeueInterval: time.Duration(syncPeriod) * time.Minute, } - if err = reconciler.SetupWithManager(mgr); err != nil { + if err = r.SetupWithManager(mgr); err != nil { setupLog.Error(err, "unable to create controller", "controller", "AWSAdapterConfig") os.Exit(1) } @@ -112,7 +119,11 @@ func main() { os.Exit(1) } - reconciler.CreateCRIfNotPresent() + if !r.IsCRPresent() { + r.CreateCR() + } else { + ctrl.Log.Info("AWS SDK config already exists. Skipping resource creation.") + } setupLog.Info("starting manager") if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { From 01f8b5787f5660de9cdd9d0f02a03f2ef5244287 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Wed, 8 Mar 2023 10:41:33 +0530 Subject: [PATCH 06/13] fix IsCRPresent not returnign err --- controllers/awsadapterconfig_controller.go | 34 +++++++--------------- main.go | 14 +++++++-- 2 files changed, 21 insertions(+), 27 deletions(-) diff --git a/controllers/awsadapterconfig_controller.go b/controllers/awsadapterconfig_controller.go index 0fdfaa1..91eccdf 100644 --- a/controllers/awsadapterconfig_controller.go +++ b/controllers/awsadapterconfig_controller.go @@ -447,31 +447,24 @@ func (r *AWSAdapterConfigReconciler) updateLastPollStatusFailure(ctx context.Con return ctrl.Result{RequeueAfter: r.RequeueInterval}, nil } -func (r *AWSAdapterConfigReconciler) IsCRPresent() bool { - l := log.FromContext(context.TODO()) - +func (r *AWSAdapterConfigReconciler) IsCRPresent() (bool, error) { obj := &securityv1alpha1.AWSAdapterConfig{} err := r.Get(context.TODO(), apimachineryTypes.NamespacedName{Namespace: getAdapterNamespace(), Name: getAdapterName()}, obj) - if err != nil { - if !errors.IsNotFound(err) { - l.Error(err, "Error checking if AWS SDK config exists") - } - - return false + if err == nil { + return true, nil + } + if errors.IsNotFound(err) { + return false, nil } - return true + return false, err } -func (r *AWSAdapterConfigReconciler) CreateCR() { - l := log.FromContext(context.TODO()) - - l.Info("Creating AWS SDK config") - +func (r *AWSAdapterConfigReconciler) CreateCR() error { clusterName := getClusterName() clusterRegion := getClusterRegion() adapterName := getAdapterName() adapterNamespace := getAdapterNamespace() - res := &securityv1alpha1.AWSAdapterConfig{ + return r.Create(context.TODO(), &securityv1alpha1.AWSAdapterConfig{ ObjectMeta: metav1.ObjectMeta{ Name: adapterName, Namespace: adapterNamespace, @@ -480,14 +473,7 @@ func (r *AWSAdapterConfigReconciler) CreateCR() { Name: &clusterName, Region: &clusterRegion, }, - } - - err := r.Create(context.TODO(), res) - if err == nil { - l.Info("AWS SDK config created successfully") - } else { - l.Error(err, "Error creating AWS SDK config") - } + }) } const ( diff --git a/main.go b/main.go index 1a55f8b..54cb9f2 100644 --- a/main.go +++ b/main.go @@ -119,10 +119,18 @@ func main() { os.Exit(1) } - if !r.IsCRPresent() { - r.CreateCR() + if isCRPresent, err := r.IsCRPresent(); err != nil { + setupLog.Error(err, "problem checking if AWS SDK config exists") + os.Exit(1) + } else if isCRPresent { + setupLog.Info("AWS SDK config already exists. Skipping resource creation.") } else { - ctrl.Log.Info("AWS SDK config already exists. Skipping resource creation.") + setupLog.Info("creating AWS SDK config") + if err := r.CreateCR(); err != nil { + setupLog.Error(err, "unable to create AWS SDK config") + os.Exit(1) + } + setupLog.Info("AWS SDK config created successfully") } setupLog.Info("starting manager") From a446e2da7c15cb0e453b616d9f9b04a03f910381 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Wed, 8 Mar 2023 22:24:16 +0530 Subject: [PATCH 07/13] use AWS Adapter instead of AWS SDK --- controllers/awsadapterconfig_controller.go | 10 +++++----- main.go | 12 ++++++------ 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/controllers/awsadapterconfig_controller.go b/controllers/awsadapterconfig_controller.go index 91eccdf..dfa1fab 100644 --- a/controllers/awsadapterconfig_controller.go +++ b/controllers/awsadapterconfig_controller.go @@ -89,13 +89,13 @@ func (r *AWSAdapterConfigReconciler) Reconcile(ctx context.Context, req ctrl.Req } l.Info("Reconciling", "req", req) - l.Info("Loading AWS SDK config") + l.Info("Loading AWS Adapter config") cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion(*objOld.Spec.Region)) if err != nil { - l.Error(err, "error occurred while loading aws sdk config") - return r.updateLastPollStatusFailure(ctx, objOld, "error occurred while loading aws sdk config", err, &l, time.Now()) + l.Error(err, "error occurred while loading aws adapter config") + return r.updateLastPollStatusFailure(ctx, objOld, "error occurred while loading aws adapter config", err, &l, time.Now()) } - l.Info("AWS SDK config loaded successfully") + l.Info("AWS Adapter config loaded successfully") stsClient := sts.NewFromConfig(cfg) ec2Client := ec2.NewFromConfig(cfg) @@ -459,7 +459,7 @@ func (r *AWSAdapterConfigReconciler) IsCRPresent() (bool, error) { return false, err } -func (r *AWSAdapterConfigReconciler) CreateCR() error { +func (r *AWSAdapterConfigReconciler) CreateAWSAdapterConfig() error { clusterName := getClusterName() clusterRegion := getClusterRegion() adapterName := getAdapterName() diff --git a/main.go b/main.go index 54cb9f2..39976e9 100644 --- a/main.go +++ b/main.go @@ -120,17 +120,17 @@ func main() { } if isCRPresent, err := r.IsCRPresent(); err != nil { - setupLog.Error(err, "problem checking if AWS SDK config exists") + setupLog.Error(err, "problem checking if AWS Adapter config exists") os.Exit(1) } else if isCRPresent { - setupLog.Info("AWS SDK config already exists. Skipping resource creation.") + setupLog.Info("AWS Adapter config already exists. Skipping resource creation.") } else { - setupLog.Info("creating AWS SDK config") - if err := r.CreateCR(); err != nil { - setupLog.Error(err, "unable to create AWS SDK config") + setupLog.Info("creating AWS Adapter config") + if err := r.CreateAWSAdapterConfig(); err != nil { + setupLog.Error(err, "unable to create AWS Adapter config") os.Exit(1) } - setupLog.Info("AWS SDK config created successfully") + setupLog.Info("AWS Adapter config created successfully") } setupLog.Info("starting manager") From 8fd0537c473c1f8cb8bd154d3ba2dcaa0462a7c6 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Wed, 8 Mar 2023 22:32:35 +0530 Subject: [PATCH 08/13] move client and resource creation code to seperate functions --- main.go | 33 ++++++++++++++++++++------------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/main.go b/main.go index 39976e9..a0094c6 100644 --- a/main.go +++ b/main.go @@ -93,14 +93,8 @@ func main() { os.Exit(1) } - cl, err := client.New(ctrl.GetConfigOrDie(), client.Options{Scheme: scheme}) - if err != nil { - setupLog.Error(err, "unable to create client") - os.Exit(1) - } - r := &controllers.AWSAdapterConfigReconciler{ - Client: cl, + Client: getClient(), Scheme: mgr.GetScheme(), RequeueInterval: time.Duration(syncPeriod) * time.Minute, } @@ -119,6 +113,25 @@ func main() { os.Exit(1) } + createAWSAdapterConfigIfNotPresent(r) + + setupLog.Info("starting manager") + if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { + setupLog.Error(err, "problem running manager") + os.Exit(1) + } +} + +func getClient() client.Client { + cl, err := client.New(ctrl.GetConfigOrDie(), client.Options{Scheme: scheme}) + if err != nil { + setupLog.Error(err, "unable to create client") + os.Exit(1) + } + return cl +} + +func createAWSAdapterConfigIfNotPresent(r *controllers.AWSAdapterConfigReconciler) { if isCRPresent, err := r.IsCRPresent(); err != nil { setupLog.Error(err, "problem checking if AWS Adapter config exists") os.Exit(1) @@ -132,10 +145,4 @@ func main() { } setupLog.Info("AWS Adapter config created successfully") } - - setupLog.Info("starting manager") - if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { - setupLog.Error(err, "problem running manager") - os.Exit(1) - } } From 357b1118a92ef0eeec6d7b631bedfdb45a215d58 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Wed, 8 Mar 2023 22:41:29 +0530 Subject: [PATCH 09/13] change IsCRPresent with IsAWSAdapterConfigPresent --- controllers/awsadapterconfig_controller.go | 2 +- main.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/controllers/awsadapterconfig_controller.go b/controllers/awsadapterconfig_controller.go index dfa1fab..23bc120 100644 --- a/controllers/awsadapterconfig_controller.go +++ b/controllers/awsadapterconfig_controller.go @@ -447,7 +447,7 @@ func (r *AWSAdapterConfigReconciler) updateLastPollStatusFailure(ctx context.Con return ctrl.Result{RequeueAfter: r.RequeueInterval}, nil } -func (r *AWSAdapterConfigReconciler) IsCRPresent() (bool, error) { +func (r *AWSAdapterConfigReconciler) IsAWSAdapterConfigPresent() (bool, error) { obj := &securityv1alpha1.AWSAdapterConfig{} err := r.Get(context.TODO(), apimachineryTypes.NamespacedName{Namespace: getAdapterNamespace(), Name: getAdapterName()}, obj) if err == nil { diff --git a/main.go b/main.go index a0094c6..cc5c2fa 100644 --- a/main.go +++ b/main.go @@ -132,10 +132,10 @@ func getClient() client.Client { } func createAWSAdapterConfigIfNotPresent(r *controllers.AWSAdapterConfigReconciler) { - if isCRPresent, err := r.IsCRPresent(); err != nil { + if isAWSAdapterConfigPresent, err := r.IsAWSAdapterConfigPresent(); err != nil { setupLog.Error(err, "problem checking if AWS Adapter config exists") os.Exit(1) - } else if isCRPresent { + } else if isAWSAdapterConfigPresent { setupLog.Info("AWS Adapter config already exists. Skipping resource creation.") } else { setupLog.Info("creating AWS Adapter config") From 0dfe88bcb8fbc88e5cd533ccd42fd796a8ca2a87 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Tue, 14 Mar 2023 23:14:58 +0530 Subject: [PATCH 10/13] add error handling for required parameters to create CR --- controllers/awsadapterconfig_controller.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/controllers/awsadapterconfig_controller.go b/controllers/awsadapterconfig_controller.go index 23bc120..6f79b52 100644 --- a/controllers/awsadapterconfig_controller.go +++ b/controllers/awsadapterconfig_controller.go @@ -464,6 +464,11 @@ func (r *AWSAdapterConfigReconciler) CreateAWSAdapterConfig() error { clusterRegion := getClusterRegion() adapterName := getAdapterName() adapterNamespace := getAdapterNamespace() + + if len(clusterName) == 0 || len(clusterRegion) == 0 || len(adapterName) == 0 || len(adapterNamespace) == 0 { + return fmt.Errorf("one or more of the required parameters could not be found") + } + return r.Create(context.TODO(), &securityv1alpha1.AWSAdapterConfig{ ObjectMeta: metav1.ObjectMeta{ Name: adapterName, From c6fcbbfc23ae0b371d0d7c3459704123ebcb5d77 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Wed, 15 Mar 2023 13:35:55 +0530 Subject: [PATCH 11/13] move required params error handling to main file --- controllers/awsadapterconfig_controller.go | 39 ++--------------- main.go | 50 +++++++++++++++++++++- 2 files changed, 51 insertions(+), 38 deletions(-) diff --git a/controllers/awsadapterconfig_controller.go b/controllers/awsadapterconfig_controller.go index 6f79b52..5a3ac8d 100644 --- a/controllers/awsadapterconfig_controller.go +++ b/controllers/awsadapterconfig_controller.go @@ -19,7 +19,6 @@ package controllers import ( "context" "fmt" - "os" "strings" "time" @@ -447,9 +446,9 @@ func (r *AWSAdapterConfigReconciler) updateLastPollStatusFailure(ctx context.Con return ctrl.Result{RequeueAfter: r.RequeueInterval}, nil } -func (r *AWSAdapterConfigReconciler) IsAWSAdapterConfigPresent() (bool, error) { +func (r *AWSAdapterConfigReconciler) IsAWSAdapterConfigPresent(adapterName, adapterNamespace string) (bool, error) { obj := &securityv1alpha1.AWSAdapterConfig{} - err := r.Get(context.TODO(), apimachineryTypes.NamespacedName{Namespace: getAdapterNamespace(), Name: getAdapterName()}, obj) + err := r.Get(context.TODO(), apimachineryTypes.NamespacedName{Namespace: adapterNamespace, Name: adapterName}, obj) if err == nil { return true, nil } @@ -459,16 +458,7 @@ func (r *AWSAdapterConfigReconciler) IsAWSAdapterConfigPresent() (bool, error) { return false, err } -func (r *AWSAdapterConfigReconciler) CreateAWSAdapterConfig() error { - clusterName := getClusterName() - clusterRegion := getClusterRegion() - adapterName := getAdapterName() - adapterNamespace := getAdapterNamespace() - - if len(clusterName) == 0 || len(clusterRegion) == 0 || len(adapterName) == 0 || len(adapterNamespace) == 0 { - return fmt.Errorf("one or more of the required parameters could not be found") - } - +func (r *AWSAdapterConfigReconciler) CreateAWSAdapterConfig(clusterName, clusterRegion, adapterName, adapterNamespace string) error { return r.Create(context.TODO(), &securityv1alpha1.AWSAdapterConfig{ ObjectMeta: metav1.ObjectMeta{ Name: adapterName, @@ -481,29 +471,6 @@ func (r *AWSAdapterConfigReconciler) CreateAWSAdapterConfig() error { }) } -const ( - ADAPTER_NAME_ENV_VAR = "ADAPTER_NAME" - ADAPTER_NAMESPACE_ENV_VAR = "ADAPTER_NAMESPACE" - CLUSTER_NAME_ENV_VAR = "CLUSTER_NAME" - CLUSTER_REGION_ENV_VAR = "CLUSTER_REGION" -) - -func getAdapterName() string { - return os.Getenv(ADAPTER_NAME_ENV_VAR) -} - -func getAdapterNamespace() string { - return os.Getenv(ADAPTER_NAMESPACE_ENV_VAR) -} - -func getClusterName() string { - return os.Getenv(CLUSTER_NAME_ENV_VAR) -} - -func getClusterRegion() string { - return os.Getenv(CLUSTER_REGION_ENV_VAR) -} - func isStatusVacuous(status *securityv1alpha1.AWSAdapterConfigStatus) bool { return (status.LastUpdatedTimestamp == nil && status.LastPollInfo == securityv1alpha1.LastPollInfo{} && diff --git a/main.go b/main.go index cc5c2fa..b2c6d2b 100644 --- a/main.go +++ b/main.go @@ -131,18 +131,64 @@ func getClient() client.Client { return cl } +type requiredParams struct { + clusterName string + clusterRegion string + adapterName string + adapterNamespace string +} + +func (rp *requiredParams) areAllPresent() bool { + return rp.clusterName != "" && rp.clusterRegion != "" && rp.adapterName != "" && rp.adapterNamespace != "" +} + func createAWSAdapterConfigIfNotPresent(r *controllers.AWSAdapterConfigReconciler) { - if isAWSAdapterConfigPresent, err := r.IsAWSAdapterConfigPresent(); err != nil { + rp := requiredParams{ + clusterName: getClusterName(), + clusterRegion: getClusterRegion(), + adapterName: getAdapterName(), + adapterNamespace: getAdapterNamespace(), + } + + if rp.areAllPresent() { + setupLog.Info("One or more of the required parameters could not be found") + return + } + + if isAWSAdapterConfigPresent, err := r.IsAWSAdapterConfigPresent(rp.adapterName, rp.adapterNamespace); err != nil { setupLog.Error(err, "problem checking if AWS Adapter config exists") os.Exit(1) } else if isAWSAdapterConfigPresent { setupLog.Info("AWS Adapter config already exists. Skipping resource creation.") } else { setupLog.Info("creating AWS Adapter config") - if err := r.CreateAWSAdapterConfig(); err != nil { + if err := r.CreateAWSAdapterConfig(rp.clusterName, rp.clusterRegion, rp.adapterName, rp.adapterNamespace); err != nil { setupLog.Error(err, "unable to create AWS Adapter config") os.Exit(1) } setupLog.Info("AWS Adapter config created successfully") } } + +const ( + ADAPTER_NAME_ENV_VAR = "ADAPTER_NAME" + ADAPTER_NAMESPACE_ENV_VAR = "ADAPTER_NAMESPACE" + CLUSTER_NAME_ENV_VAR = "CLUSTER_NAME" + CLUSTER_REGION_ENV_VAR = "CLUSTER_REGION" +) + +func getAdapterName() string { + return os.Getenv(ADAPTER_NAME_ENV_VAR) +} + +func getAdapterNamespace() string { + return os.Getenv(ADAPTER_NAMESPACE_ENV_VAR) +} + +func getClusterName() string { + return os.Getenv(CLUSTER_NAME_ENV_VAR) +} + +func getClusterRegion() string { + return os.Getenv(CLUSTER_REGION_ENV_VAR) +} From 2f72ea76808d77458c38ca94590fcb581c17e6a9 Mon Sep 17 00:00:00 2001 From: Kushal Beniwal Date: Wed, 15 Mar 2023 20:22:15 +0530 Subject: [PATCH 12/13] show param names --- main.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.go b/main.go index b2c6d2b..ebcbe9e 100644 --- a/main.go +++ b/main.go @@ -151,7 +151,7 @@ func createAWSAdapterConfigIfNotPresent(r *controllers.AWSAdapterConfigReconcile } if rp.areAllPresent() { - setupLog.Info("One or more of the required parameters could not be found") + setupLog.Info("One or more of the required parameters could not be found: clusterName='%s' clusterRegion='%s' adapterName='%s' adapterNamespace='%s'", rp.clusterName, rp.clusterRegion, rp.adapterName, rp.adapterNamespace) return } From ff62d8e8674143d3addd6d3baa216ecb53c737a5 Mon Sep 17 00:00:00 2001 From: Parikshit Samant <99033865+pns-nirmata@users.noreply.github.com> Date: Thu, 16 Mar 2023 16:24:36 +0530 Subject: [PATCH 13/13] fix: merge error --- controllers/awsadapterconfig_controller.go | 1 + 1 file changed, 1 insertion(+) diff --git a/controllers/awsadapterconfig_controller.go b/controllers/awsadapterconfig_controller.go index 1e95735..932ef0c 100644 --- a/controllers/awsadapterconfig_controller.go +++ b/controllers/awsadapterconfig_controller.go @@ -489,6 +489,7 @@ func (r *AWSAdapterConfigReconciler) CreateAWSAdapterConfig(clusterName, cluster Region: &clusterRegion, }, }) +} func getAmi(ctx context.Context, ec2Client *ec2.Client, imageId *string) (*types.Image, error) { amis, err := ec2Client.DescribeImages(ctx, &ec2.DescribeImagesInput{