package projectinit import ( "flag" "fmt" "time" "github.com/peterbourgon/ff/v3" "sigs.k8s.io/yaml" ) // p (roject) init controller var ControllerName = "pinitctl" type Config struct { Firewall Firewall ArtifactRegistries []ArtifactRegistry RetryInterval time.Duration Namespace string gcpRegion string } func newConfig(args []string) (Config, error) { var artifactRegistryData string c := Config{Firewall: DefaultFirewallConfig()} fs := flag.NewFlagSet("pinitctl", flag.ExitOnError) fs.StringVar(&c.Namespace, "runtime-namespace", "pinitctl", "the namespace the controller is running in") fs.DurationVar(&c.RetryInterval, "retry-interval", 5*time.Second, "how often failed reconciles are retried") fs.StringVar(&artifactRegistryData, "artifact-registries", "", "artifact registries config") fs.StringVar(&c.gcpRegion, "gcp-region", "", "gcp region") if err := ff.Parse(fs, args[1:], ff.WithEnvVarNoPrefix()); err != nil { return Config{}, fmt.Errorf("failed to parse flags: %w", err) } artifactRegistries, err := getArtifactRegistries(artifactRegistryData) if err != nil { return Config{}, fmt.Errorf("failed to get artifact registries: %w", err) } c.ArtifactRegistries = artifactRegistries for i := range c.ArtifactRegistries { if err := c.ArtifactRegistries[i].Validate(); err != nil { return Config{}, fmt.Errorf("invalid config: %w", err) } } return c, nil } type Firewall struct { DenyPriority int ZScalerAllowPriority int } func DefaultFirewallConfig() Firewall { return Firewall{ DenyPriority: 2000, ZScalerAllowPriority: 1000, } } // ArtifactRegistry contains information required to reference a Google // Artifact Registry resource. type ArtifactRegistry struct { ProjectID string `yaml:"projectID"` Location string `yaml:"location"` ResourceID string `yaml:"resourceID"` } // Validate checks the contents of our artifact registry configuration. func (ar *ArtifactRegistry) Validate() error { if ar == nil || ar.ProjectID == "" || ar.Location == "" || ar.ResourceID == "" { return fmt.Errorf("no artifact registry config provided") } return nil } func (ar *ArtifactRegistry) ExternalRef() string { return fmt.Sprintf("projects/%s/locations/%s/repositories/%s", ar.ProjectID, ar.Location, ar.ResourceID, ) } func (ar *ArtifactRegistry) ArtifactRegistryBindingName() string { return fmt.Sprintf("%s-artifactregistry-reader-%s", ar.ProjectID, ar.ResourceID, ) } func (ar *ArtifactRegistry) ArtifactRegistryBindingNameCompute() string { return fmt.Sprintf("%s-compute-artifactregistry-reader-%s", ar.ProjectID, ar.ResourceID, ) } func getArtifactRegistries(artifactRegistryData string) ([]ArtifactRegistry, error) { var artifactRegistries []ArtifactRegistry if err := yaml.Unmarshal([]byte(artifactRegistryData), &artifactRegistries); err != nil { return nil, fmt.Errorf("failed to unmarshal artifact registry data: %w", err) } if len(artifactRegistries) == 0 { return nil, fmt.Errorf("no artifact registry configured") } return artifactRegistries, nil }