main.go

Documentation: edge-infra.dev/cmd/edge/edge-issuer

     1  package main
     2  
     3  import (
     4  	"context"
     5  	"flag"
     6  	"os"
     7  
     8  	// Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
     9  	// to ensure that exec-entrypoint and run can make use of them.
    10  	_ "k8s.io/client-go/plugin/pkg/client/auth"
    11  
    12  	"edge-infra.dev/pkg/lib/fog"
    13  
    14  	cmapi "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
    15  	"k8s.io/apimachinery/pkg/runtime"
    16  	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
    17  	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
    18  	ctrl "sigs.k8s.io/controller-runtime"
    19  	"sigs.k8s.io/controller-runtime/pkg/healthz"
    20  	"sigs.k8s.io/controller-runtime/pkg/metrics/server"
    21  	"sigs.k8s.io/controller-runtime/pkg/webhook"
    22  
    23  	edgeissuerv1alpha1 "edge-infra.dev/pkg/edge/edge-issuer/api/v1alpha1"
    24  	"edge-infra.dev/pkg/edge/edge-issuer/controllers"
    25  	"edge-infra.dev/pkg/edge/edge-issuer/signer"
    26  	//+kubebuilder:scaffold:imports
    27  )
    28  
    29  // const inClusterNamespacePath = "/var/run/secrets/kubernetes.io/serviceaccount/namespace"
    30  
    31  func main() {
    32  	var metricsAddr string
    33  	var probeAddr string
    34  	var enableLeaderElection bool
    35  	var disableApprovedCheck bool
    36  
    37  	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
    38  	flag.StringVar(&probeAddr, "health-probe-bind-address", ":8082", "The address the probe endpoint binds to.")
    39  	flag.BoolVar(&enableLeaderElection, "leader-elect", false,
    40  		"Enable leader election for controller manager. "+
    41  			"Enabling this will ensure there is only one active controller manager.")
    42  	flag.BoolVar(&disableApprovedCheck, "disable-approved-check", false,
    43  		"Disables waiting for CertificateRequests to have an approved condition before signing.")
    44  
    45  	// Options for configuring logging
    46  	log := fog.New()
    47  	ctrl.SetLogger(log)
    48  
    49  	setupLog := log.WithName("setup")
    50  
    51  	scheme := runtime.NewScheme()
    52  	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
    53  	utilruntime.Must(cmapi.AddToScheme(scheme))
    54  	utilruntime.Must(edgeissuerv1alpha1.AddToScheme(scheme))
    55  	// +kubebuilder:scaffold:scheme
    56  
    57  	setupLog.Info(
    58  		"starting",
    59  		"enable-leader-election", enableLeaderElection,
    60  		"metrics-addr", metricsAddr,
    61  	)
    62  
    63  	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
    64  		Scheme: scheme,
    65  		Metrics: server.Options{
    66  			BindAddress: metricsAddr,
    67  		},
    68  		WebhookServer: webhook.NewServer(webhook.Options{
    69  			Port: 9443,
    70  		}),
    71  		HealthProbeBindAddress: probeAddr,
    72  		LeaderElection:         enableLeaderElection,
    73  		LeaderElectionID:       "54c549fd.edge-issuer.edge.ncr.com",
    74  		// LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily
    75  		// when the Manager ends. This requires the binary to immediately end when the
    76  		// Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
    77  		// speeds up voluntary leader transitions as the new leader don't have to wait
    78  		// LeaseDuration time first.
    79  		//
    80  		// In the default scaffold provided, the program ends immediately after
    81  		// the manager stops, so would be fine to enable this option. However,
    82  		// if you are doing or is intended to do any operation such as perform cleanups
    83  		// after the manager stops then its usage might be unsafe.
    84  		LeaderElectionReleaseOnCancel: true,
    85  	})
    86  	if err != nil {
    87  		setupLog.Error(err, "unable to start manager")
    88  		os.Exit(1)
    89  	}
    90  
    91  	ctx, cancel := context.WithCancel(ctrl.SetupSignalHandler())
    92  	defer cancel()
    93  
    94  	cfg, err := controllers.NewConfig(os.Args)
    95  	if err != nil {
    96  		setupLog.Error(err, "an error occurred parsing config values")
    97  		os.Exit(1)
    98  	}
    99  
   100  	err = cfg.AfterParse()
   101  	if err != nil {
   102  		log.Error(err, "an error occurred processing the parsed config values")
   103  		os.Exit(1)
   104  	}
   105  
   106  	if err = (&controllers.Issuer{
   107  		SignerBuilder: signer.FromEdgeCAStore,
   108  		Config:        cfg,
   109  	}).SetupWithManager(ctx, mgr); err != nil {
   110  		setupLog.Error(err, "unable to create Signer controllers")
   111  		os.Exit(1)
   112  	}
   113  
   114  	// +kubebuilder:scaffold:builder
   115  
   116  	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {
   117  		setupLog.Error(err, "unable to set up health check")
   118  		os.Exit(1)
   119  	}
   120  	if err := mgr.AddReadyzCheck("readyz", healthz.Ping); err != nil {
   121  		setupLog.Error(err, "unable to set up ready check")
   122  		os.Exit(1)
   123  	}
   124  
   125  	setupLog.Info("starting manager")
   126  	if err := mgr.Start(ctx); err != nil {
   127  		setupLog.Error(err, "problem running manager")
   128  		os.Exit(1)
   129  	}
   130  }
   131
View as plain text