Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: utilize secret auth headers in remoteresource #130

Merged
merged 22 commits into from
Mar 17, 2021
Merged

feat: utilize secret auth headers in remoteresource #130

Changes from 8 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
ea91a44
added secret to create remote resource method
Mar 1, 2021
d33069f
broke up methods to apply resource and secret and delete
Mar 1, 2021
2f31318
Merge branch 'master' into naod/issue126
alewitt2 Mar 2, 2021
ea48591
add function template
alewitt2 Mar 2, 2021
5d172d2
updated apply resources method, broke up delete method
Mar 2, 2021
3dd5c9d
updated delete methods and applyresource
Mar 2, 2021
f7a7ad2
Update lib/remoteResource.js
nderibe Mar 3, 2021
b2a9628
Update lib/remoteResource.js
nderibe Mar 3, 2021
0ba8b4b
Update lib/remoteResource.js
nderibe Mar 3, 2021
964bc58
Update lib/remoteResource.js
nderibe Mar 3, 2021
1243df3
Update lib/remoteResource.js
nderibe Mar 3, 2021
ee0f0fc
Update lib/remoteResource.js
nderibe Mar 3, 2021
675c1b5
Update lib/remoteResource.js
nderibe Mar 3, 2021
ca12e90
Update lib/remoteResource.js
nderibe Mar 3, 2021
1494da3
updated applyresource to take fields from json
Mar 3, 2021
c4b7d3b
Update lib/remoteResource.js
nderibe Mar 3, 2021
f3e836d
fixed error with krm being declared twice in deleteremote resources
Mar 3, 2021
37fbc3f
updated delete resources
Mar 3, 2021
3ac2900
updated delete resources
Mar 3, 2021
ebacf42
Update log.js
alewitt2 Mar 16, 2021
bce5d2c
publish release candidates
alewitt2 Mar 17, 2021
91dd2d1
Merge branch 'master' into naod/issue126
alewitt2 Mar 17, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
117 changes: 78 additions & 39 deletions lib/remoteResource.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,35 +6,39 @@ const { KubeClass, KubeApiConfig } = require('@razee/kubernetes-util');
const kubeApiConfig = KubeApiConfig();
const kc = new KubeClass(kubeApiConfig);

const API_VERSION = 'deploy.razee.io/v1alpha2';
const KIND = 'RemoteResource';
const RR_API_VERSION = 'deploy.razee.io/v1alpha2';
const NAMESPACE = process.env.NAMESPACE;

const requestsTemplate = `{
"options": {
"url": "{{{url}}}",
"headers": {
"razee-org-key": "{{orgKey}}"
"razee-org-key":
"valueFrom":
"secretKeyRef":
"name": "clustersubscription-{{subscriptionUuid}}-secret"
"namespace": {{namespace}}
"key": "razee-api-org-key"
}
}
}`;

const createRemoteResources = async (razeeApi, apiKey, subscriptions, clusterId) => {
log.info('create remote resources subscription list', { subscriptions });
try {
const krm = await kc.getKubeResourceMeta(API_VERSION, KIND, 'update');
return Promise.all(subscriptions.map(async sub => {
const url = `${razeeApi}/${sub.url}`;
const rendered = Mustache.render(requestsTemplate, { url: url, orgKey: apiKey });
const rendered = Mustache.render(requestsTemplate, { url: url, orgKey: apiKey, namespace: NAMESPACE });
const parsed = JSON.parse(rendered);
const resourceName = `clustersubscription-${sub.subscriptionUuid}`;
const remoteResourceName = `clustersubscription-${sub.subscriptionUuid}`;
const secretName = `clustersubscription-${sub.subscriptionUuid}-secret`;
const userName = (sub.kubeOwnerName && typeof sub.kubeOwnerName === 'string') ? sub.kubeOwnerName : 'razeedeploy';
const resourceTemplate = {
'apiVersion': API_VERSION,
'kind': KIND,
const remoteResourceJson = {
'apiVersion': RP_API_VERSION,
'kind': 'RemoteResource',
'metadata': {
'namespace': NAMESPACE,
'name': resourceName,
'name': remoteResourceName,
'annotations': {
'deploy.razee.io/clustersubscription': sub.subscriptionUuid,
'deploy.razee.io/clusterid': clusterId
Expand All @@ -50,46 +54,79 @@ const createRemoteResources = async (razeeApi, apiKey, subscriptions, clusterId)
'requests': []
}
};
nderibe marked this conversation as resolved.
Show resolved Hide resolved
resourceTemplate.spec.requests.push(parsed);
const secretJson = {
'apiVersion': 'v1',
'kind': 'Secret',
'metadata': {
'namespace': NAMESPACE,
'name': secretName,
'annotations': {
'deploy.razee.io/clustersubscription': sub.subscriptionUuid,
'deploy.razee.io/clusterid': clusterId
},
'labels': {
'razee/watch-resource': 'lite'
}
},
'data': {
'razee-api-org-key': apiKey
}
};

const opt = { simple: false, resolveWithFullResponse: true };
resourceTemplate.spec.requests.push(parsed);

nderibe marked this conversation as resolved.
Show resolved Hide resolved

const uri = krm.uri({ name: resourceName, namespace: NAMESPACE });
log.debug(resourceName);
const get = await krm.get(resourceName, NAMESPACE, opt);
if (get.statusCode === 200) {
// the remote resource already exists so use mergePatch to apply the resource
log.info(`Attempting mergePatch for an existing resource ${uri}`);
const mergeResult = await krm.mergePatch(resourceName, NAMESPACE, resourceTemplate, opt);
if (mergeResult.statusCode === 200) {
log.info('mergePatch successful', { 'statusCode': mergeResult.statusCode, 'statusMessage': mergeResult.statusMessage });
} else {
log.error('mergePatch error', { 'statusCode': mergeResult.statusCode, 'statusMessage': mergeResult.statusMessage });
}
} else if (get.statusCode === 404) {
// the remote resource does not exist so use post to apply the resource
log.info(`Attempting post for a new resource ${uri}`);
const postResult = await krm.post(resourceTemplate, opt);
if (postResult.statusCode === 200 || postResult.statusCode === 201) {
log.info('post successful', { 'statusCode': postResult.statusCode, 'statusMessage': postResult.statusMessage });
} else {
log.error('post error', { 'statusCode': postResult.statusCode, 'statusMessage': postResult.statusMessage });
}
} else {
log.error(`Get ${get.statusCode} ${uri}`);
}
await applyResource(RR_API_VERSION, 'RemoteResource', remoteResourceName, remoteResourceJson, NAMESPACE);
await applyResource('v1', 'Secret', secretName, secretJson, NAMESPACE);
nderibe marked this conversation as resolved.
Show resolved Hide resolved
}));

} catch (error) {
log.error('There was an error creating remote resources', { error });
}

};

const applyResource = async (apiVersion, kind, resourceName, resourceJson, namespace) => {
nderibe marked this conversation as resolved.
Show resolved Hide resolved
const opt = { simple: false, resolveWithFullResponse: true };
const krm = await kc.getKubeResourceMeta(apiVersion, kind, 'update');
const uri = krm.uri({ name: resourceName, namespace: namespace });
nderibe marked this conversation as resolved.
Show resolved Hide resolved
log.debug(resourceName);
const get = await krm.get(resourceName, namespace, opt);
if (get.statusCode === 200) {
// the remote resource already exists so use mergePatch to apply the resource
log.info(`Attempting mergePatch for an existing resource ${uri}`);
const mergeResult = await krm.mergePatch(resourceName, namespace, resourceJson, opt);
if (mergeResult.statusCode === 200) {
log.info('mergePatch successful', { 'statusCode': mergeResult.statusCode, 'statusMessage': mergeResult.statusMessage });
} else {
log.error('mergePatch error', { 'statusCode': mergeResult.statusCode, 'statusMessage': mergeResult.statusMessage });
}
} else if (get.statusCode === 404) {
// the remote resource does not exist so use post to apply the resource
log.info(`Attempting post for a new resource ${uri}`);
const postResult = await krm.post(resourceJson, opt);
if (postResult.statusCode === 200 || postResult.statusCode === 201) {
log.info('post successful', { 'statusCode': postResult.statusCode, 'statusMessage': postResult.statusMessage });
} else {
log.error('post error', { 'statusCode': postResult.statusCode, 'statusMessage': postResult.statusMessage });
}
} else {
log.error(`Get ${get.statusCode} ${uri}`);
}
}


const deleteRemoteResources = async (resources) => {
const krm = await kc.getKubeResourceMeta(API_VERSION, KIND, 'update');
const krm = await kc.getKubeResourceMeta(RR_API_VERSION, 'RemoteResource', 'update');
const selfLinks = resources.map((resource) => krm.uri({ name: resource.metadata.name, namespace: resource.metadata.namespace }));
log.debug('Deleting', { selfLinks });
await deleteResource(resources, krm);
nderibe marked this conversation as resolved.
Show resolved Hide resolved
nderibe marked this conversation as resolved.
Show resolved Hide resolved
const krm = await kc.getKubeResourceMeta('v1', 'Secret', 'update');
const selfLinks = resources.map((resource) => krm.uri({ name: `${resource.metadata.name}-secret`, namespace: resource.metadata.namespace }));
log.debug('Deleting', { selfLinks });
await deleteResource(resources, krm);
alewitt2 marked this conversation as resolved.
Show resolved Hide resolved
};

const deleteResource = async(selfLinks, krm) => {
try {
selfLinks.map(async (selfLink) => {
log.info(`Delete ${selfLink}`);
Expand All @@ -108,7 +145,8 @@ const deleteRemoteResources = async (resources) => {
} catch (error) {
log.error(error);
}
};

}

const getRemoteResources = async (clusterId) => {
alewitt2 marked this conversation as resolved.
Show resolved Hide resolved
log.debug('Getting a list of clustersubscription remote resources on this cluster');
Expand Down Expand Up @@ -140,3 +178,4 @@ const getRemoteResources = async (clusterId) => {
exports.createRemoteResources = createRemoteResources;
exports.getRemoteResources = getRemoteResources;
exports.deleteRemoteResources = deleteRemoteResources;
exports.applyResource = applyResource;