mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-05-02 06:16:08 -04:00
Move cloud metadata packages and kubernetes resources marshaling to internal
Decouples cloud provider metadata packages from kubernetes related code Signed-off-by: Malte Poll <mp@edgeless.systems>
This commit is contained in:
Malte Poll
Malte Poll
parent
89e3acf6a1
commit
26e9c67a00
81 changed files with 169 additions and 145 deletions
|
|
@ -3,8 +3,8 @@ package kubernetes
|
|||
import (
|
||||
"context"
|
||||
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
|
||||
"github.com/edgelesssys/constellation/internal/cloud/metadata"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
)
|
||||
|
|
@ -41,10 +41,10 @@ type CloudControllerManager interface {
|
|||
ExtraArgs() []string
|
||||
// ConfigMaps returns a list of ConfigMaps to deploy together with the k8s cloud-controller-manager
|
||||
// Reference: https://kubernetes.io/docs/concepts/configuration/configmap/ .
|
||||
ConfigMaps(instance metadata.InstanceMetadata) (resources.ConfigMaps, error)
|
||||
ConfigMaps(instance metadata.InstanceMetadata) (kubernetes.ConfigMaps, error)
|
||||
// Secrets returns a list of secrets to deploy together with the k8s cloud-controller-manager.
|
||||
// Reference: https://kubernetes.io/docs/concepts/configuration/secret/ .
|
||||
Secrets(ctx context.Context, providerID, cloudServiceAccountURI string) (resources.Secrets, error)
|
||||
Secrets(ctx context.Context, providerID, cloudServiceAccountURI string) (kubernetes.Secrets, error)
|
||||
// Volumes returns a list of volumes to deploy together with the k8s cloud-controller-manager.
|
||||
// Reference: https://kubernetes.io/docs/concepts/storage/volumes/ .
|
||||
Volumes() []k8s.Volume
|
||||
|
|
@ -73,7 +73,7 @@ type ClusterAutoscaler interface {
|
|||
// Name returns the cloud-provider name as used by k8s cluster-autoscaler.
|
||||
Name() string
|
||||
// Secrets returns a list of secrets to deploy together with the k8s cluster-autoscaler.
|
||||
Secrets(providerID, cloudServiceAccountURI string) (resources.Secrets, error)
|
||||
Secrets(providerID, cloudServiceAccountURI string) (kubernetes.Secrets, error)
|
||||
// Volumes returns a list of volumes to deploy together with the k8s cluster-autoscaler.
|
||||
Volumes() []k8s.Volume
|
||||
// VolumeMounts returns a list of volume mounts to deploy together with the k8s cluster-autoscaler.
|
||||
|
|
@ -159,11 +159,11 @@ func (m *stubCloudControllerManager) ExtraArgs() []string {
|
|||
return []string{}
|
||||
}
|
||||
|
||||
func (m *stubCloudControllerManager) ConfigMaps(instance metadata.InstanceMetadata) (resources.ConfigMaps, error) {
|
||||
func (m *stubCloudControllerManager) ConfigMaps(instance metadata.InstanceMetadata) (kubernetes.ConfigMaps, error) {
|
||||
return []*k8s.ConfigMap{}, nil
|
||||
}
|
||||
|
||||
func (m *stubCloudControllerManager) Secrets(ctx context.Context, instance, cloudServiceAccountURI string) (resources.Secrets, error) {
|
||||
func (m *stubCloudControllerManager) Secrets(ctx context.Context, instance, cloudServiceAccountURI string) (kubernetes.Secrets, error) {
|
||||
return []*k8s.Secret{}, nil
|
||||
}
|
||||
|
||||
|
|
@ -216,8 +216,8 @@ func (a *stubClusterAutoscaler) Name() string {
|
|||
}
|
||||
|
||||
// Secrets returns a list of secrets to deploy together with the k8s cluster-autoscaler.
|
||||
func (a *stubClusterAutoscaler) Secrets(instance, cloudServiceAccountURI string) (resources.Secrets, error) {
|
||||
return resources.Secrets{}, nil
|
||||
func (a *stubClusterAutoscaler) Secrets(instance, cloudServiceAccountURI string) (kubernetes.Secrets, error) {
|
||||
return kubernetes.Secrets{}, nil
|
||||
}
|
||||
|
||||
// Volumes returns a list of volumes to deploy together with the k8s cluster-autoscaler.
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ import (
|
|||
"path/filepath"
|
||||
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubelet"
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
|
||||
"github.com/edgelesssys/constellation/internal/constants"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
|
|
@ -223,12 +223,12 @@ func (k *KubeadmJoinYAML) SetControlPlane(advertiseAddress string) {
|
|||
}
|
||||
|
||||
func (k *KubeadmJoinYAML) Marshal() ([]byte, error) {
|
||||
return resources.MarshalK8SResources(k)
|
||||
return kubernetes.MarshalK8SResources(k)
|
||||
}
|
||||
|
||||
func (k *KubeadmJoinYAML) Unmarshal(yamlData []byte) (KubeadmJoinYAML, error) {
|
||||
var tmp KubeadmJoinYAML
|
||||
return tmp, resources.UnmarshalK8SResources(yamlData, &tmp)
|
||||
return tmp, kubernetes.UnmarshalK8SResources(yamlData, &tmp)
|
||||
}
|
||||
|
||||
type KubeadmInitYAML struct {
|
||||
|
|
@ -291,10 +291,10 @@ func (k *KubeadmInitYAML) SetProviderID(providerID string) {
|
|||
}
|
||||
|
||||
func (k *KubeadmInitYAML) Marshal() ([]byte, error) {
|
||||
return resources.MarshalK8SResources(k)
|
||||
return kubernetes.MarshalK8SResources(k)
|
||||
}
|
||||
|
||||
func (k *KubeadmInitYAML) Unmarshal(yamlData []byte) (KubeadmInitYAML, error) {
|
||||
var tmp KubeadmInitYAML
|
||||
return tmp, resources.UnmarshalK8SResources(yamlData, &tmp)
|
||||
return tmp, kubernetes.UnmarshalK8SResources(yamlData, &tmp)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import (
|
|||
"context"
|
||||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
|
||||
kubernetesshared "github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
|
||||
apiextensionsclientv1 "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
|
||||
|
|
@ -83,7 +83,7 @@ func (c *Client) ApplyOneObject(info *resource.Info, forceConflicts bool) error
|
|||
}
|
||||
|
||||
// GetObjects tries to marshal the resources into []*resource.Info using a resource.Builder.
|
||||
func (c *Client) GetObjects(resources resources.Marshaler) ([]*resource.Info, error) {
|
||||
func (c *Client) GetObjects(resources kubernetesshared.Marshaler) ([]*resource.Info, error) {
|
||||
// convert our resource struct into YAML
|
||||
data, err := resources.Marshal()
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import (
|
|||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"go.uber.org/goleak"
|
||||
|
|
@ -263,7 +264,7 @@ func TestApplyOneObject(t *testing.T) {
|
|||
|
||||
func TestGetObjects(t *testing.T) {
|
||||
testCases := map[string]struct {
|
||||
wantResources resources.Marshaler
|
||||
wantResources kubernetes.Marshaler
|
||||
httpResponseData map[string]string
|
||||
resourcesYAML string
|
||||
wantErr bool
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import (
|
|||
"errors"
|
||||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
"k8s.io/cli-runtime/pkg/resource"
|
||||
)
|
||||
|
|
@ -18,7 +18,7 @@ type Client interface {
|
|||
// ApplyOneObject applies a k8s resource similar to kubectl apply.
|
||||
ApplyOneObject(info *resource.Info, forceConflicts bool) error
|
||||
// GetObjects converts resources into prepared info fields for use in ApplyOneObject.
|
||||
GetObjects(resources resources.Marshaler) ([]*resource.Info, error)
|
||||
GetObjects(resources kubernetes.Marshaler) ([]*resource.Info, error)
|
||||
CreateConfigMap(ctx context.Context, configMap corev1.ConfigMap) error
|
||||
AddTolerationsToDeployment(ctx context.Context, tolerations []corev1.Toleration, name string, namespace string) error
|
||||
AddNodeSelectorsToDeployment(ctx context.Context, selectors map[string]string, name string, namespace string) error
|
||||
|
|
@ -45,7 +45,7 @@ func New() *Kubectl {
|
|||
}
|
||||
|
||||
// Apply will apply the given resources using server-side-apply.
|
||||
func (k *Kubectl) Apply(resources resources.Marshaler, forceConflicts bool) error {
|
||||
func (k *Kubectl) Apply(resources kubernetes.Marshaler, forceConflicts bool) error {
|
||||
if k.kubeconfig == nil {
|
||||
return ErrKubeconfigNotSet
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import (
|
|||
"errors"
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"go.uber.org/goleak"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
|
@ -30,7 +30,7 @@ func (s *stubClient) ApplyOneObject(info *resource.Info, forceConflicts bool) er
|
|||
return s.applyOneObjectErr
|
||||
}
|
||||
|
||||
func (s *stubClient) GetObjects(resources resources.Marshaler) ([]*resource.Info, error) {
|
||||
func (s *stubClient) GetObjects(resources kubernetes.Marshaler) ([]*resource.Info, error) {
|
||||
return s.getObjectsInfos, s.getObjectsErr
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
"google.golang.org/protobuf/proto"
|
||||
apps "k8s.io/api/apps/v1"
|
||||
|
|
@ -192,5 +193,5 @@ func NewAccessManagerDeployment(sshUsers map[string]string) *accessManagerDeploy
|
|||
|
||||
// Marshal marshals the access-manager deployment as YAML documents.
|
||||
func (c *accessManagerDeployment) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(c)
|
||||
return kubernetes.MarshalK8SResources(c)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"go.uber.org/goleak"
|
||||
|
|
@ -22,7 +23,7 @@ func TestAccessManagerMarshalUnmarshal(t *testing.T) {
|
|||
require.NoError(err)
|
||||
|
||||
var recreated accessManagerDeployment
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(accessManagerDeplNil, &recreated)
|
||||
|
||||
// With data
|
||||
|
|
@ -32,6 +33,6 @@ func TestAccessManagerMarshalUnmarshal(t *testing.T) {
|
|||
data, err = accessManagerDeplNil.Marshal()
|
||||
require.NoError(err)
|
||||
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(accessManagerDeplNil, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
auditv1 "k8s.io/apiserver/pkg/apis/audit/v1"
|
||||
)
|
||||
|
|
@ -29,5 +30,5 @@ func NewDefaultAuditPolicy() *AuditPolicy {
|
|||
|
||||
// Marshal marshals the audit policy as a YAML document.
|
||||
func (p *AuditPolicy) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(p)
|
||||
return kubernetes.MarshalK8SResources(p)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -16,6 +17,6 @@ func TestAuditPolicyMarshalUnmarshal(t *testing.T) {
|
|||
require.NoError(err)
|
||||
|
||||
var recreated AuditPolicy
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(auditPolicy, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
apps "k8s.io/api/apps/v1"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
rbac "k8s.io/api/rbac/v1"
|
||||
|
|
@ -168,5 +169,5 @@ func NewDefaultCloudControllerManagerDeployment(cloudProvider, image, path, podC
|
|||
}
|
||||
|
||||
func (c *cloudControllerManagerDeployment) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(c)
|
||||
return kubernetes.MarshalK8SResources(c)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
|
|
@ -17,6 +18,6 @@ func TestCloudControllerMarshalUnmarshal(t *testing.T) {
|
|||
require.NoError(err)
|
||||
|
||||
var recreated cloudControllerManagerDeployment
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(cloudControllerManagerDepl, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
apps "k8s.io/api/apps/v1"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
rbac "k8s.io/api/rbac/v1"
|
||||
|
|
@ -176,5 +177,5 @@ func NewDefaultCloudNodeManagerDeployment(image, path string, extraArgs []string
|
|||
|
||||
// Marshal marshals the cloud-node-manager deployment as YAML documents.
|
||||
func (c *cloudNodeManagerDeployment) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(c)
|
||||
return kubernetes.MarshalK8SResources(c)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -16,6 +17,6 @@ func TestCloudNodeManagerMarshalUnmarshal(t *testing.T) {
|
|||
require.NoError(err)
|
||||
|
||||
var recreated cloudNodeManagerDeployment
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(cloudNodeManagerDepl, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
"google.golang.org/protobuf/proto"
|
||||
apps "k8s.io/api/apps/v1"
|
||||
|
|
@ -485,7 +486,7 @@ func NewDefaultAutoscalerDeployment(extraVolumes []k8s.Volume, extraVolumeMounts
|
|||
}
|
||||
|
||||
func (a *autoscalerDeployment) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(a)
|
||||
return kubernetes.MarshalK8SResources(a)
|
||||
}
|
||||
|
||||
func (a *autoscalerDeployment) SetAutoscalerCommand(cloudprovider string, autoscalingNodeGroups []string) {
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -19,7 +20,7 @@ func TestAutoscalerDeploymentMarshalUnmarshal(t *testing.T) {
|
|||
t.Log(string(data))
|
||||
|
||||
var recreated autoscalerDeployment
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(autoscalerDepl, &recreated)
|
||||
}
|
||||
|
||||
|
|
@ -36,6 +37,6 @@ func TestAutoscalerDeploymentWithCommandMarshalUnmarshal(t *testing.T) {
|
|||
t.Log(string(data))
|
||||
|
||||
var recreated autoscalerDeployment
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(autoscalerDepl, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,18 +0,0 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
k8s "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
)
|
||||
|
||||
// ConfigMaps represent a list of k8s ConfigMap.
|
||||
type ConfigMaps []*k8s.ConfigMap
|
||||
|
||||
// Marshal marshals config maps into multiple YAML documents.
|
||||
func (s ConfigMaps) Marshal() ([]byte, error) {
|
||||
objects := make([]runtime.Object, len(s))
|
||||
for i := range s {
|
||||
objects[i] = s[i]
|
||||
}
|
||||
return MarshalK8SResourcesList(objects)
|
||||
}
|
||||
|
|
@ -1,49 +0,0 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
||||
func TestConfigMaps(t *testing.T) {
|
||||
require := require.New(t)
|
||||
assert := assert.New(t)
|
||||
|
||||
configMaps := ConfigMaps{
|
||||
&k8s.ConfigMap{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string]string{"key": "value1"},
|
||||
},
|
||||
&k8s.ConfigMap{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string]string{"key": "value2"},
|
||||
},
|
||||
}
|
||||
data, err := configMaps.Marshal()
|
||||
require.NoError(err)
|
||||
|
||||
assert.Equal(`apiVersion: v1
|
||||
data:
|
||||
key: value1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
key: value2
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`, string(data))
|
||||
}
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
apps "k8s.io/api/apps/v1"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
|
|
@ -172,5 +173,5 @@ func NewGCPGuestAgentDaemonset() *gcpGuestAgentDaemonset {
|
|||
|
||||
// Marshal marshals the access-manager deployment as YAML documents.
|
||||
func (c *gcpGuestAgentDaemonset) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(c)
|
||||
return kubernetes.MarshalK8SResources(c)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import (
|
|||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/constants"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
apps "k8s.io/api/apps/v1"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
|
|
@ -252,5 +253,5 @@ func NewJoinServiceDaemonset(csp, measurementsJSON, enforcedPCRsJSON string, mea
|
|||
|
||||
// Marshal the daemonset using the Kubernetes resource marshaller.
|
||||
func (a *joinServiceDaemonset) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(a)
|
||||
return kubernetes.MarshalK8SResources(a)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -13,6 +14,6 @@ func TestNewJoinServiceDaemonset(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
|
||||
var recreated joinServiceDaemonset
|
||||
require.NoError(t, UnmarshalK8SResources(deploymentYAML, &recreated))
|
||||
require.NoError(t, kubernetes.UnmarshalK8SResources(deploymentYAML, &recreated))
|
||||
assert.Equal(t, deployment, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import (
|
|||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/constants"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
apps "k8s.io/api/apps/v1"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
|
|
@ -246,5 +247,5 @@ func NewKMSDeployment(csp string, config KMSConfig) *kmsDeployment {
|
|||
}
|
||||
|
||||
func (c *kmsDeployment) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(c)
|
||||
return kubernetes.MarshalK8SResources(c)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -16,6 +17,6 @@ func TestKMSMarshalUnmarshal(t *testing.T) {
|
|||
require.NoError(err)
|
||||
|
||||
var recreated kmsDeployment
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(kmsDepl, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,149 +0,0 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"reflect"
|
||||
|
||||
"gopkg.in/yaml.v3"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/runtime/serializer"
|
||||
"k8s.io/apimachinery/pkg/runtime/serializer/json"
|
||||
"k8s.io/client-go/kubernetes/scheme"
|
||||
)
|
||||
|
||||
// Marshaler is used by all k8s resources that can be marshaled to YAML.
|
||||
type Marshaler interface {
|
||||
Marshal() ([]byte, error)
|
||||
}
|
||||
|
||||
// MarshalK8SResources marshals every field of a struct into a k8s resource YAML.
|
||||
func MarshalK8SResources(resources any) ([]byte, error) {
|
||||
if resources == nil {
|
||||
return nil, errors.New("marshal on nil called")
|
||||
}
|
||||
serializer := json.NewYAMLSerializer(json.DefaultMetaFactory, nil, nil)
|
||||
var buf bytes.Buffer
|
||||
|
||||
// reflect over struct containing fields that are k8s resources
|
||||
value := reflect.ValueOf(resources)
|
||||
if value.Kind() != reflect.Ptr && value.Kind() != reflect.Interface {
|
||||
return nil, errors.New("marshal on non-pointer called")
|
||||
}
|
||||
elem := value.Elem()
|
||||
if elem.Kind() == reflect.Struct {
|
||||
// iterate over all struct fields
|
||||
for i := 0; i < elem.NumField(); i++ {
|
||||
field := elem.Field(i)
|
||||
var inter any
|
||||
// check if value can be converted to interface
|
||||
if field.CanInterface() {
|
||||
inter = field.Addr().Interface()
|
||||
} else {
|
||||
continue
|
||||
}
|
||||
// convert field interface to runtime.Object
|
||||
obj, ok := inter.(runtime.Object)
|
||||
if !ok {
|
||||
continue
|
||||
}
|
||||
|
||||
if i > 0 {
|
||||
// separate YAML documents
|
||||
buf.Write([]byte("---\n"))
|
||||
}
|
||||
// serialize k8s resource
|
||||
if err := serializer.Encode(obj, &buf); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return buf.Bytes(), nil
|
||||
}
|
||||
|
||||
// UnmarshalK8SResources takes YAML and converts it into a k8s resources struct.
|
||||
func UnmarshalK8SResources(data []byte, into any) error {
|
||||
if into == nil {
|
||||
return errors.New("unmarshal on nil called")
|
||||
}
|
||||
// reflect over struct containing fields that are k8s resources
|
||||
value := reflect.ValueOf(into).Elem()
|
||||
if value.Kind() != reflect.Struct {
|
||||
return errors.New("can only reflect over struct")
|
||||
}
|
||||
|
||||
decoder := serializer.NewCodecFactory(scheme.Scheme).UniversalDecoder()
|
||||
documents, err := splitYAML(data)
|
||||
if err != nil {
|
||||
return fmt.Errorf("splitting deployment YAML into multiple documents: %w", err)
|
||||
}
|
||||
if len(documents) != value.NumField() {
|
||||
return fmt.Errorf("expected %v YAML documents, got %v", value.NumField(), len(documents))
|
||||
}
|
||||
|
||||
for i := 0; i < value.NumField(); i++ {
|
||||
field := value.Field(i)
|
||||
var inter any
|
||||
// check if value can be converted to interface
|
||||
if !field.CanInterface() {
|
||||
return fmt.Errorf("cannot use struct field %v as interface", i)
|
||||
}
|
||||
inter = field.Addr().Interface()
|
||||
// convert field interface to runtime.Object
|
||||
obj, ok := inter.(runtime.Object)
|
||||
if !ok {
|
||||
return fmt.Errorf("cannot convert struct field %v as k8s runtime object", i)
|
||||
}
|
||||
|
||||
// decode YAML document into struct field
|
||||
if err := runtime.DecodeInto(decoder, documents[i], obj); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// MarshalK8SResourcesList marshals every element of a slice into a k8s resource YAML.
|
||||
func MarshalK8SResourcesList(resources []runtime.Object) ([]byte, error) {
|
||||
serializer := json.NewYAMLSerializer(json.DefaultMetaFactory, nil, nil)
|
||||
var buf bytes.Buffer
|
||||
|
||||
for i, obj := range resources {
|
||||
if i > 0 {
|
||||
// separate YAML documents
|
||||
buf.Write([]byte("---\n"))
|
||||
}
|
||||
// serialize k8s resource
|
||||
if err := serializer.Encode(obj, &buf); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
|
||||
return buf.Bytes(), nil
|
||||
}
|
||||
|
||||
// splitYAML splits a YAML multidoc into a slice of multiple YAML docs.
|
||||
func splitYAML(resources []byte) ([][]byte, error) {
|
||||
dec := yaml.NewDecoder(bytes.NewReader(resources))
|
||||
var res [][]byte
|
||||
for {
|
||||
var value any
|
||||
err := dec.Decode(&value)
|
||||
if errors.Is(err, io.EOF) {
|
||||
break
|
||||
}
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
valueBytes, err := yaml.Marshal(value)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
res = append(res, valueBytes)
|
||||
}
|
||||
return res, nil
|
||||
}
|
||||
|
|
@ -1,360 +0,0 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"google.golang.org/protobuf/proto"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
)
|
||||
|
||||
func TestMarshalK8SResources(t *testing.T) {
|
||||
testCases := map[string]struct {
|
||||
resources any
|
||||
wantErr bool
|
||||
wantYAML string
|
||||
}{
|
||||
"ConfigMap as only field can be marshaled": {
|
||||
resources: &struct {
|
||||
ConfigMap k8s.ConfigMap
|
||||
}{
|
||||
ConfigMap: k8s.ConfigMap{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string]string{
|
||||
"key": "value",
|
||||
},
|
||||
},
|
||||
},
|
||||
wantYAML: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
},
|
||||
"Multiple fields are correctly encoded": {
|
||||
resources: &struct {
|
||||
ConfigMap k8s.ConfigMap
|
||||
Secret k8s.Secret
|
||||
}{
|
||||
ConfigMap: k8s.ConfigMap{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string]string{
|
||||
"key": "value",
|
||||
},
|
||||
},
|
||||
Secret: k8s.Secret{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "Secret",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string][]byte{
|
||||
"key": []byte("value"),
|
||||
},
|
||||
},
|
||||
},
|
||||
wantYAML: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
key: dmFsdWU=
|
||||
kind: Secret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
},
|
||||
"Non-pointer is detected": {
|
||||
resources: "non-pointer",
|
||||
wantErr: true,
|
||||
},
|
||||
"Nil resource pointer is detected": {
|
||||
resources: nil,
|
||||
wantErr: true,
|
||||
},
|
||||
"Non-pointer field is ignored": {
|
||||
resources: &struct{ String string }{String: "somestring"},
|
||||
},
|
||||
"nil field is ignored": {
|
||||
resources: &struct {
|
||||
ConfigMap *k8s.ConfigMap
|
||||
}{
|
||||
ConfigMap: nil,
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
for name, tc := range testCases {
|
||||
t.Run(name, func(t *testing.T) {
|
||||
assert := assert.New(t)
|
||||
require := require.New(t)
|
||||
|
||||
yaml, err := MarshalK8SResources(tc.resources)
|
||||
|
||||
if tc.wantErr {
|
||||
assert.Error(err)
|
||||
return
|
||||
}
|
||||
require.NoError(err)
|
||||
|
||||
assert.Equal(tc.wantYAML, string(yaml))
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestUnmarshalK8SResources(t *testing.T) {
|
||||
testCases := map[string]struct {
|
||||
data string
|
||||
into any
|
||||
wantObj any
|
||||
wantErr bool
|
||||
}{
|
||||
"ConfigMap as only field can be unmarshaled": {
|
||||
data: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
into: &struct {
|
||||
ConfigMap k8s.ConfigMap
|
||||
}{},
|
||||
wantObj: &struct {
|
||||
ConfigMap k8s.ConfigMap
|
||||
}{
|
||||
ConfigMap: k8s.ConfigMap{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string]string{
|
||||
"key": "value",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
"Multiple fields are correctly unmarshaled": {
|
||||
data: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
key: dmFsdWU=
|
||||
kind: Secret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
into: &struct {
|
||||
ConfigMap k8s.ConfigMap
|
||||
Secret k8s.Secret
|
||||
}{},
|
||||
wantObj: &struct {
|
||||
ConfigMap k8s.ConfigMap
|
||||
Secret k8s.Secret
|
||||
}{
|
||||
ConfigMap: k8s.ConfigMap{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string]string{
|
||||
"key": "value",
|
||||
},
|
||||
},
|
||||
Secret: k8s.Secret{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "Secret",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string][]byte{
|
||||
"key": []byte("value"),
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
"Mismatching amount of fields is detected": {
|
||||
data: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
key: dmFsdWU=
|
||||
kind: Secret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
into: &struct {
|
||||
ConfigMap k8s.ConfigMap
|
||||
}{},
|
||||
wantErr: true,
|
||||
},
|
||||
"Non-struct pointer is detected": {
|
||||
into: proto.String("test"),
|
||||
wantErr: true,
|
||||
},
|
||||
"Nil into is detected": {
|
||||
into: nil,
|
||||
wantErr: true,
|
||||
},
|
||||
"Invalid yaml is detected": {
|
||||
data: `duplicateKey: value
|
||||
duplicateKey: value`,
|
||||
into: &struct {
|
||||
ConfigMap k8s.ConfigMap
|
||||
}{},
|
||||
wantErr: true,
|
||||
},
|
||||
"Struct field cannot interface with runtime.Object": {
|
||||
data: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
into: &struct {
|
||||
String string
|
||||
}{},
|
||||
wantErr: true,
|
||||
},
|
||||
"Struct field mismatch": {
|
||||
data: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
into: &struct {
|
||||
Secret k8s.Secret
|
||||
}{},
|
||||
wantErr: true,
|
||||
},
|
||||
}
|
||||
|
||||
for name, tc := range testCases {
|
||||
t.Run(name, func(t *testing.T) {
|
||||
assert := assert.New(t)
|
||||
require := require.New(t)
|
||||
|
||||
err := UnmarshalK8SResources([]byte(tc.data), tc.into)
|
||||
|
||||
if tc.wantErr {
|
||||
assert.Error(err)
|
||||
return
|
||||
}
|
||||
require.NoError(err)
|
||||
|
||||
assert.Equal(tc.wantObj, tc.into)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestMarshalK8SResourcesList(t *testing.T) {
|
||||
testCases := map[string]struct {
|
||||
resources []runtime.Object
|
||||
wantErr bool
|
||||
wantYAML string
|
||||
}{
|
||||
"ConfigMap as only element be marshaled": {
|
||||
resources: []runtime.Object{
|
||||
&k8s.ConfigMap{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string]string{
|
||||
"key": "value",
|
||||
},
|
||||
},
|
||||
},
|
||||
wantYAML: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
},
|
||||
"Multiple fields are correctly encoded": {
|
||||
resources: []runtime.Object{
|
||||
&k8s.ConfigMap{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "ConfigMap",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string]string{
|
||||
"key": "value",
|
||||
},
|
||||
},
|
||||
&k8s.Secret{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "Secret",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string][]byte{
|
||||
"key": []byte("value"),
|
||||
},
|
||||
},
|
||||
},
|
||||
wantYAML: `apiVersion: v1
|
||||
data:
|
||||
key: value
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
key: dmFsdWU=
|
||||
kind: Secret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`,
|
||||
},
|
||||
"Nil resource pointer is encodes": {
|
||||
resources: []runtime.Object{nil},
|
||||
wantYAML: "null\n",
|
||||
},
|
||||
}
|
||||
|
||||
for name, tc := range testCases {
|
||||
t.Run(name, func(t *testing.T) {
|
||||
assert := assert.New(t)
|
||||
require := require.New(t)
|
||||
|
||||
yaml, err := MarshalK8SResourcesList(tc.resources)
|
||||
|
||||
if tc.wantErr {
|
||||
assert.Error(err)
|
||||
return
|
||||
}
|
||||
require.NoError(err)
|
||||
|
||||
assert.Equal(tc.wantYAML, string(yaml))
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"time"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
operatorsv1 "github.com/operator-framework/api/pkg/operators/v1"
|
||||
operatorsv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1"
|
||||
|
|
@ -74,5 +75,5 @@ func NewNodeMaintenanceOperatorDeployment() *nodeMaintenanceOperatorDeployment {
|
|||
}
|
||||
|
||||
func (c *nodeMaintenanceOperatorDeployment) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(c)
|
||||
return kubernetes.MarshalK8SResources(c)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -16,6 +17,6 @@ func TestNodeMaintenanceOperatorMarshalUnmarshal(t *testing.T) {
|
|||
require.NoError(err)
|
||||
|
||||
var recreated nodeMaintenanceOperatorDeployment
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(nmoDepl, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ import (
|
|||
_ "embed"
|
||||
"time"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
operatorsv1 "github.com/operator-framework/api/pkg/operators/v1"
|
||||
operatorsv1alpha1 "github.com/operator-framework/api/pkg/operators/v1alpha1"
|
||||
|
|
@ -88,5 +89,5 @@ func NewNodeOperatorDeployment(cloudProvider string, uid string) *nodeOperatorDe
|
|||
}
|
||||
|
||||
func (c *nodeOperatorDeployment) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(c)
|
||||
return kubernetes.MarshalK8SResources(c)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -16,6 +17,6 @@ func TestNodeOperatorMarshalUnmarshal(t *testing.T) {
|
|||
require.NoError(err)
|
||||
|
||||
var recreated nodeOperatorDeployment
|
||||
require.NoError(UnmarshalK8SResources(data, &recreated))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(data, &recreated))
|
||||
assert.Equal(nmoDepl, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,18 +0,0 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
k8s "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/runtime"
|
||||
)
|
||||
|
||||
// Secrets represent a list of k8s Secret.
|
||||
type Secrets []*k8s.Secret
|
||||
|
||||
// Marshal marshals secrets into multiple YAML documents.
|
||||
func (s Secrets) Marshal() ([]byte, error) {
|
||||
objects := make([]runtime.Object, len(s))
|
||||
for i := range s {
|
||||
objects[i] = s[i]
|
||||
}
|
||||
return MarshalK8SResourcesList(objects)
|
||||
}
|
||||
|
|
@ -1,49 +0,0 @@
|
|||
package resources
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
||||
func TestSecrets(t *testing.T) {
|
||||
require := require.New(t)
|
||||
assert := assert.New(t)
|
||||
|
||||
secrets := Secrets{
|
||||
&k8s.Secret{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "Secret",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string][]byte{"key": []byte("value1")},
|
||||
},
|
||||
&k8s.Secret{
|
||||
TypeMeta: v1.TypeMeta{
|
||||
Kind: "Secret",
|
||||
APIVersion: "v1",
|
||||
},
|
||||
Data: map[string][]byte{"key": []byte("value2")},
|
||||
},
|
||||
}
|
||||
data, err := secrets.Marshal()
|
||||
require.NoError(err)
|
||||
|
||||
assert.Equal(`apiVersion: v1
|
||||
data:
|
||||
key: dmFsdWUx
|
||||
kind: Secret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
---
|
||||
apiVersion: v1
|
||||
data:
|
||||
key: dmFsdWUy
|
||||
kind: Secret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
`, string(data))
|
||||
}
|
||||
|
|
@ -4,6 +4,7 @@ import (
|
|||
"fmt"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/constants"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
apps "k8s.io/api/apps/v1"
|
||||
k8s "k8s.io/api/core/v1"
|
||||
|
|
@ -144,5 +145,5 @@ func NewVerificationDaemonSet(csp string) *verificationDaemonset {
|
|||
}
|
||||
|
||||
func (v *verificationDaemonset) Marshal() ([]byte, error) {
|
||||
return MarshalK8SResources(v)
|
||||
return kubernetes.MarshalK8SResources(v)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package resources
|
|||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
|
@ -13,6 +14,6 @@ func TestNewVerificationDaemonset(t *testing.T) {
|
|||
require.NoError(t, err)
|
||||
|
||||
var recreated verificationDaemonset
|
||||
require.NoError(t, UnmarshalK8SResources(deploymentYAML, &recreated))
|
||||
require.NoError(t, kubernetes.UnmarshalK8SResources(deploymentYAML, &recreated))
|
||||
assert.Equal(t, deployment, &recreated)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,6 +20,7 @@ import (
|
|||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubelet"
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
|
||||
"github.com/edgelesssys/constellation/internal/constants"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
kubeconstants "k8s.io/kubernetes/cmd/kubeadm/app/constants"
|
||||
|
||||
"github.com/edgelesssys/constellation/internal/crypto"
|
||||
|
|
@ -49,7 +50,7 @@ const (
|
|||
|
||||
// Client provides the functions to talk to the k8s API.
|
||||
type Client interface {
|
||||
Apply(resources resources.Marshaler, forceConflicts bool) error
|
||||
Apply(resources kubernetes.Marshaler, forceConflicts bool) error
|
||||
SetKubeconfig(kubeconfig []byte)
|
||||
CreateConfigMap(ctx context.Context, configMap corev1.ConfigMap) error
|
||||
AddTolerationsToDeployment(ctx context.Context, tolerations []corev1.Toleration, name string, namespace string) error
|
||||
|
|
@ -343,7 +344,7 @@ func (k *KubernetesUtil) deployCiliumQEMU(ctx context.Context, helmClient *actio
|
|||
}
|
||||
|
||||
// SetupAutoscaling deploys the k8s cluster autoscaler.
|
||||
func (k *KubernetesUtil) SetupAutoscaling(kubectl Client, clusterAutoscalerConfiguration resources.Marshaler, secrets resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupAutoscaling(kubectl Client, clusterAutoscalerConfiguration kubernetes.Marshaler, secrets kubernetes.Marshaler) error {
|
||||
if err := kubectl.Apply(secrets, true); err != nil {
|
||||
return fmt.Errorf("applying cluster-autoscaler Secrets: %w", err)
|
||||
}
|
||||
|
|
@ -351,17 +352,17 @@ func (k *KubernetesUtil) SetupAutoscaling(kubectl Client, clusterAutoscalerConfi
|
|||
}
|
||||
|
||||
// SetupJoinService deploys the Constellation node join service.
|
||||
func (k *KubernetesUtil) SetupJoinService(kubectl Client, joinServiceConfiguration resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupJoinService(kubectl Client, joinServiceConfiguration kubernetes.Marshaler) error {
|
||||
return kubectl.Apply(joinServiceConfiguration, true)
|
||||
}
|
||||
|
||||
// SetupGCPGuestAgent deploys the GCP guest agent daemon set.
|
||||
func (k *KubernetesUtil) SetupGCPGuestAgent(kubectl Client, guestAgentDaemonset resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupGCPGuestAgent(kubectl Client, guestAgentDaemonset kubernetes.Marshaler) error {
|
||||
return kubectl.Apply(guestAgentDaemonset, true)
|
||||
}
|
||||
|
||||
// SetupCloudControllerManager deploys the k8s cloud-controller-manager.
|
||||
func (k *KubernetesUtil) SetupCloudControllerManager(kubectl Client, cloudControllerManagerConfiguration resources.Marshaler, configMaps resources.Marshaler, secrets resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupCloudControllerManager(kubectl Client, cloudControllerManagerConfiguration kubernetes.Marshaler, configMaps kubernetes.Marshaler, secrets kubernetes.Marshaler) error {
|
||||
if err := kubectl.Apply(configMaps, true); err != nil {
|
||||
return fmt.Errorf("applying ccm ConfigMaps: %w", err)
|
||||
}
|
||||
|
|
@ -375,17 +376,17 @@ func (k *KubernetesUtil) SetupCloudControllerManager(kubectl Client, cloudContro
|
|||
}
|
||||
|
||||
// SetupCloudNodeManager deploys the k8s cloud-node-manager.
|
||||
func (k *KubernetesUtil) SetupCloudNodeManager(kubectl Client, cloudNodeManagerConfiguration resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupCloudNodeManager(kubectl Client, cloudNodeManagerConfiguration kubernetes.Marshaler) error {
|
||||
return kubectl.Apply(cloudNodeManagerConfiguration, true)
|
||||
}
|
||||
|
||||
// SetupAccessManager deploys the constellation-access-manager for deploying SSH keys on control-plane & worker nodes.
|
||||
func (k *KubernetesUtil) SetupAccessManager(kubectl Client, accessManagerConfiguration resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupAccessManager(kubectl Client, accessManagerConfiguration kubernetes.Marshaler) error {
|
||||
return kubectl.Apply(accessManagerConfiguration, true)
|
||||
}
|
||||
|
||||
// SetupKMS deploys the KMS deployment.
|
||||
func (k *KubernetesUtil) SetupKMS(kubectl Client, kmsConfiguration resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupKMS(kubectl Client, kmsConfiguration kubernetes.Marshaler) error {
|
||||
if err := kubectl.Apply(kmsConfiguration, true); err != nil {
|
||||
return fmt.Errorf("applying KMS configuration: %w", err)
|
||||
}
|
||||
|
|
@ -393,11 +394,11 @@ func (k *KubernetesUtil) SetupKMS(kubectl Client, kmsConfiguration resources.Mar
|
|||
}
|
||||
|
||||
// SetupVerificationService deploys the verification service.
|
||||
func (k *KubernetesUtil) SetupVerificationService(kubectl Client, verificationServiceConfiguration resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupVerificationService(kubectl Client, verificationServiceConfiguration kubernetes.Marshaler) error {
|
||||
return kubectl.Apply(verificationServiceConfiguration, true)
|
||||
}
|
||||
|
||||
func (k *KubernetesUtil) SetupOperatorLifecycleManager(ctx context.Context, kubectl Client, olmCRDs, olmConfiguration resources.Marshaler, crdNames []string) error {
|
||||
func (k *KubernetesUtil) SetupOperatorLifecycleManager(ctx context.Context, kubectl Client, olmCRDs, olmConfiguration kubernetes.Marshaler, crdNames []string) error {
|
||||
if err := kubectl.Apply(olmCRDs, true); err != nil {
|
||||
return fmt.Errorf("applying OLM CRDs: %w", err)
|
||||
}
|
||||
|
|
@ -409,11 +410,11 @@ func (k *KubernetesUtil) SetupOperatorLifecycleManager(ctx context.Context, kube
|
|||
return kubectl.Apply(olmConfiguration, true)
|
||||
}
|
||||
|
||||
func (k *KubernetesUtil) SetupNodeMaintenanceOperator(kubectl Client, nodeMaintenanceOperatorConfiguration resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupNodeMaintenanceOperator(kubectl Client, nodeMaintenanceOperatorConfiguration kubernetes.Marshaler) error {
|
||||
return kubectl.Apply(nodeMaintenanceOperatorConfiguration, true)
|
||||
}
|
||||
|
||||
func (k *KubernetesUtil) SetupNodeOperator(ctx context.Context, kubectl Client, nodeOperatorConfiguration resources.Marshaler) error {
|
||||
func (k *KubernetesUtil) SetupNodeOperator(ctx context.Context, kubectl Client, nodeOperatorConfiguration kubernetes.Marshaler) error {
|
||||
return kubectl.Apply(nodeOperatorConfiguration, true)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import (
|
|||
"net"
|
||||
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi"
|
||||
"github.com/edgelesssys/constellation/bootstrapper/internal/kubernetes/k8sapi/resources"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/logger"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
)
|
||||
|
|
@ -15,17 +15,17 @@ type clusterUtil interface {
|
|||
InitCluster(ctx context.Context, initConfig []byte, nodeName string, ips []net.IP, log *logger.Logger) error
|
||||
JoinCluster(ctx context.Context, joinConfig []byte, log *logger.Logger) error
|
||||
SetupHelmDeployments(ctx context.Context, client k8sapi.Client, helmDeployments []byte, in k8sapi.SetupPodNetworkInput, log *logger.Logger) error
|
||||
SetupAccessManager(kubectl k8sapi.Client, sshUsers resources.Marshaler) error
|
||||
SetupAutoscaling(kubectl k8sapi.Client, clusterAutoscalerConfiguration resources.Marshaler, secrets resources.Marshaler) error
|
||||
SetupJoinService(kubectl k8sapi.Client, joinServiceConfiguration resources.Marshaler) error
|
||||
SetupCloudControllerManager(kubectl k8sapi.Client, cloudControllerManagerConfiguration resources.Marshaler, configMaps resources.Marshaler, secrets resources.Marshaler) error
|
||||
SetupCloudNodeManager(kubectl k8sapi.Client, cloudNodeManagerConfiguration resources.Marshaler) error
|
||||
SetupKMS(kubectl k8sapi.Client, kmsConfiguration resources.Marshaler) error
|
||||
SetupVerificationService(kubectl k8sapi.Client, verificationServiceConfiguration resources.Marshaler) error
|
||||
SetupGCPGuestAgent(kubectl k8sapi.Client, gcpGuestAgentConfiguration resources.Marshaler) error
|
||||
SetupOperatorLifecycleManager(ctx context.Context, kubectl k8sapi.Client, olmCRDs, olmConfiguration resources.Marshaler, crdNames []string) error
|
||||
SetupNodeMaintenanceOperator(kubectl k8sapi.Client, nodeMaintenanceOperatorConfiguration resources.Marshaler) error
|
||||
SetupNodeOperator(ctx context.Context, kubectl k8sapi.Client, nodeOperatorConfiguration resources.Marshaler) error
|
||||
SetupAccessManager(kubectl k8sapi.Client, sshUsers kubernetes.Marshaler) error
|
||||
SetupAutoscaling(kubectl k8sapi.Client, clusterAutoscalerConfiguration kubernetes.Marshaler, secrets kubernetes.Marshaler) error
|
||||
SetupJoinService(kubectl k8sapi.Client, joinServiceConfiguration kubernetes.Marshaler) error
|
||||
SetupCloudControllerManager(kubectl k8sapi.Client, cloudControllerManagerConfiguration kubernetes.Marshaler, configMaps kubernetes.Marshaler, secrets kubernetes.Marshaler) error
|
||||
SetupCloudNodeManager(kubectl k8sapi.Client, cloudNodeManagerConfiguration kubernetes.Marshaler) error
|
||||
SetupKMS(kubectl k8sapi.Client, kmsConfiguration kubernetes.Marshaler) error
|
||||
SetupVerificationService(kubectl k8sapi.Client, verificationServiceConfiguration kubernetes.Marshaler) error
|
||||
SetupGCPGuestAgent(kubectl k8sapi.Client, gcpGuestAgentConfiguration kubernetes.Marshaler) error
|
||||
SetupOperatorLifecycleManager(ctx context.Context, kubectl k8sapi.Client, olmCRDs, olmConfiguration kubernetes.Marshaler, crdNames []string) error
|
||||
SetupNodeMaintenanceOperator(kubectl k8sapi.Client, nodeMaintenanceOperatorConfiguration kubernetes.Marshaler) error
|
||||
SetupNodeOperator(ctx context.Context, kubectl k8sapi.Client, nodeOperatorConfiguration kubernetes.Marshaler) error
|
||||
StartKubelet() error
|
||||
RestartKubelet() error
|
||||
FixCilium(nodeNameK8s string, log *logger.Logger)
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ import (
|
|||
"github.com/edgelesssys/constellation/bootstrapper/role"
|
||||
"github.com/edgelesssys/constellation/internal/cloud/metadata"
|
||||
"github.com/edgelesssys/constellation/internal/constants"
|
||||
"github.com/edgelesssys/constellation/internal/kubernetes"
|
||||
"github.com/edgelesssys/constellation/internal/logger"
|
||||
"github.com/edgelesssys/constellation/internal/versions"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
|
@ -311,7 +312,7 @@ func TestInitCluster(t *testing.T) {
|
|||
require.NoError(err)
|
||||
|
||||
var kubeadmConfig k8sapi.KubeadmInitYAML
|
||||
require.NoError(resources.UnmarshalK8SResources(tc.clusterUtil.initConfigs[0], &kubeadmConfig))
|
||||
require.NoError(kubernetes.UnmarshalK8SResources(tc.clusterUtil.initConfigs[0], &kubeadmConfig))
|
||||
require.Equal(tc.wantConfig.ClusterConfiguration, kubeadmConfig.ClusterConfiguration)
|
||||
require.Equal(tc.wantConfig.InitConfiguration, kubeadmConfig.InitConfiguration)
|
||||
})
|
||||
|
|
@ -543,47 +544,47 @@ func (s *stubClusterUtil) SetupHelmDeployments(context.Context, k8sapi.Client, [
|
|||
return s.setupHelmDeploymentsErr
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupAutoscaling(kubectl k8sapi.Client, clusterAutoscalerConfiguration resources.Marshaler, secrets resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupAutoscaling(kubectl k8sapi.Client, clusterAutoscalerConfiguration kubernetes.Marshaler, secrets kubernetes.Marshaler) error {
|
||||
return s.setupAutoscalingError
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupJoinService(kubectl k8sapi.Client, joinServiceConfiguration resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupJoinService(kubectl k8sapi.Client, joinServiceConfiguration kubernetes.Marshaler) error {
|
||||
return s.setupJoinServiceError
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupGCPGuestAgent(kubectl k8sapi.Client, gcpGuestAgentConfiguration resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupGCPGuestAgent(kubectl k8sapi.Client, gcpGuestAgentConfiguration kubernetes.Marshaler) error {
|
||||
return s.setupGCPGuestAgentErr
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupCloudControllerManager(kubectl k8sapi.Client, cloudControllerManagerConfiguration resources.Marshaler, configMaps resources.Marshaler, secrets resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupCloudControllerManager(kubectl k8sapi.Client, cloudControllerManagerConfiguration kubernetes.Marshaler, configMaps kubernetes.Marshaler, secrets kubernetes.Marshaler) error {
|
||||
return s.setupCloudControllerManagerError
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupKMS(kubectl k8sapi.Client, kmsDeployment resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupKMS(kubectl k8sapi.Client, kmsDeployment kubernetes.Marshaler) error {
|
||||
return s.setupKMSError
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupAccessManager(kubectl k8sapi.Client, accessManagerConfiguration resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupAccessManager(kubectl k8sapi.Client, accessManagerConfiguration kubernetes.Marshaler) error {
|
||||
return s.setupAccessManagerError
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupCloudNodeManager(kubectl k8sapi.Client, cloudNodeManagerConfiguration resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupCloudNodeManager(kubectl k8sapi.Client, cloudNodeManagerConfiguration kubernetes.Marshaler) error {
|
||||
return s.setupCloudNodeManagerError
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupVerificationService(kubectl k8sapi.Client, verificationServiceConfiguration resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupVerificationService(kubectl k8sapi.Client, verificationServiceConfiguration kubernetes.Marshaler) error {
|
||||
return s.setupVerificationServiceErr
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupOperatorLifecycleManager(ctx context.Context, kubectl k8sapi.Client, olmCRDs, olmConfiguration resources.Marshaler, crdNames []string) error {
|
||||
func (s *stubClusterUtil) SetupOperatorLifecycleManager(ctx context.Context, kubectl k8sapi.Client, olmCRDs, olmConfiguration kubernetes.Marshaler, crdNames []string) error {
|
||||
return s.setupOLMErr
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupNodeMaintenanceOperator(kubectl k8sapi.Client, nodeMaintenanceOperatorConfiguration resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupNodeMaintenanceOperator(kubectl k8sapi.Client, nodeMaintenanceOperatorConfiguration kubernetes.Marshaler) error {
|
||||
return s.setupNMOErr
|
||||
}
|
||||
|
||||
func (s *stubClusterUtil) SetupNodeOperator(ctx context.Context, kubectl k8sapi.Client, nodeOperatorConfiguration resources.Marshaler) error {
|
||||
func (s *stubClusterUtil) SetupNodeOperator(ctx context.Context, kubectl k8sapi.Client, nodeOperatorConfiguration kubernetes.Marshaler) error {
|
||||
return s.setupNodeOperatorErr
|
||||
}
|
||||
|
||||
|
|
@ -630,11 +631,11 @@ type stubKubectl struct {
|
|||
AddTNodeSelectorsToDeploymentErr error
|
||||
waitForCRDsErr error
|
||||
|
||||
resources []resources.Marshaler
|
||||
resources []kubernetes.Marshaler
|
||||
kubeconfigs [][]byte
|
||||
}
|
||||
|
||||
func (s *stubKubectl) Apply(resources resources.Marshaler, forceConflicts bool) error {
|
||||
func (s *stubKubectl) Apply(resources kubernetes.Marshaler, forceConflicts bool) error {
|
||||
s.resources = append(s.resources, resources)
|
||||
return s.ApplyErr
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue