1 package projectinit
2
3 import (
4 "flag"
5 "fmt"
6 "time"
7
8 "github.com/peterbourgon/ff/v3"
9 "sigs.k8s.io/yaml"
10 )
11
12
13 var ControllerName = "pinitctl"
14
15 type Config struct {
16 Firewall Firewall
17 ArtifactRegistries []ArtifactRegistry
18 RetryInterval time.Duration
19 Namespace string
20 gcpRegion string
21 }
22
23 func newConfig(args []string) (Config, error) {
24 var artifactRegistryData string
25
26 c := Config{Firewall: DefaultFirewallConfig()}
27 fs := flag.NewFlagSet("pinitctl", flag.ExitOnError)
28
29 fs.StringVar(&c.Namespace, "runtime-namespace", "pinitctl",
30 "the namespace the controller is running in")
31 fs.DurationVar(&c.RetryInterval, "retry-interval", 5*time.Second,
32 "how often failed reconciles are retried")
33 fs.StringVar(&artifactRegistryData, "artifact-registries", "", "artifact registries config")
34 fs.StringVar(&c.gcpRegion, "gcp-region", "", "gcp region")
35
36 if err := ff.Parse(fs, args[1:], ff.WithEnvVarNoPrefix()); err != nil {
37 return Config{}, fmt.Errorf("failed to parse flags: %w", err)
38 }
39
40 artifactRegistries, err := getArtifactRegistries(artifactRegistryData)
41 if err != nil {
42 return Config{}, fmt.Errorf("failed to get artifact registries: %w", err)
43 }
44 c.ArtifactRegistries = artifactRegistries
45
46 for i := range c.ArtifactRegistries {
47 if err := c.ArtifactRegistries[i].Validate(); err != nil {
48 return Config{}, fmt.Errorf("invalid config: %w", err)
49 }
50 }
51
52 return c, nil
53 }
54
55 type Firewall struct {
56 DenyPriority int
57 ZScalerAllowPriority int
58 }
59
60 func DefaultFirewallConfig() Firewall {
61 return Firewall{
62 DenyPriority: 2000,
63 ZScalerAllowPriority: 1000,
64 }
65 }
66
67
68
69 type ArtifactRegistry struct {
70 ProjectID string `yaml:"projectID"`
71 Location string `yaml:"location"`
72 ResourceID string `yaml:"resourceID"`
73 }
74
75
76 func (ar *ArtifactRegistry) Validate() error {
77 if ar == nil || ar.ProjectID == "" || ar.Location == "" || ar.ResourceID == "" {
78 return fmt.Errorf("no artifact registry config provided")
79 }
80 return nil
81 }
82
83 func (ar *ArtifactRegistry) ExternalRef() string {
84 return fmt.Sprintf("projects/%s/locations/%s/repositories/%s",
85 ar.ProjectID,
86 ar.Location,
87 ar.ResourceID,
88 )
89 }
90
91 func (ar *ArtifactRegistry) ArtifactRegistryBindingName() string {
92 return fmt.Sprintf("%s-artifactregistry-reader-%s",
93 ar.ProjectID,
94 ar.ResourceID,
95 )
96 }
97
98 func (ar *ArtifactRegistry) ArtifactRegistryBindingNameCompute() string {
99 return fmt.Sprintf("%s-compute-artifactregistry-reader-%s",
100 ar.ProjectID,
101 ar.ResourceID,
102 )
103 }
104
105 func getArtifactRegistries(artifactRegistryData string) ([]ArtifactRegistry, error) {
106 var artifactRegistries []ArtifactRegistry
107 if err := yaml.Unmarshal([]byte(artifactRegistryData), &artifactRegistries); err != nil {
108 return nil, fmt.Errorf("failed to unmarshal artifact registry data: %w", err)
109 }
110
111 if len(artifactRegistries) == 0 {
112 return nil, fmt.Errorf("no artifact registry configured")
113 }
114
115 return artifactRegistries, nil
116 }
117
View as plain text