...

Source file src/edge-infra.dev/pkg/sds/emergencyaccess/ea_integration/v2/manifests.go

Documentation: edge-infra.dev/pkg/sds/emergencyaccess/ea_integration/v2

     1  package integrationv2
     2  
     3  import (
     4  	"bytes"
     5  	"fmt"
     6  	"io"
     7  	"io/fs"
     8  	"strings"
     9  
    10  	"edge-infra.dev/pkg/k8s/decoder"
    11  	"edge-infra.dev/pkg/k8s/unstructured"
    12  
    13  	"github.com/google/uuid"
    14  	"sigs.k8s.io/kustomize/api/filters/namespace"
    15  	"sigs.k8s.io/kustomize/api/types"
    16  	"sigs.k8s.io/kustomize/kyaml/kio"
    17  	"sigs.k8s.io/kustomize/kyaml/yaml"
    18  )
    19  
    20  const (
    21  	configMapKind string = "ConfigMap"
    22  	secretKind    string = "Secret"
    23  )
    24  
    25  const (
    26  	jwtTokenSecret string = "abcd"
    27  )
    28  
    29  func getManifests(fs fs.FS, path string) (string, error) {
    30  	file, err := fs.Open(path)
    31  	if err != nil {
    32  		return "", fmt.Errorf("error when opening file: %w", err)
    33  	}
    34  	manifestBytes, err := io.ReadAll(file)
    35  	if err != nil {
    36  		return "", fmt.Errorf("failed to read file: %w", err)
    37  	}
    38  
    39  	return string(manifestBytes), nil
    40  }
    41  
    42  func processManifests(manifests string, namespace string, filters ...kio.Filter) ([]*unstructured.Unstructured, error) {
    43  	reader := kio.ByteReader{
    44  		Reader: strings.NewReader(manifests),
    45  	}
    46  
    47  	out, err := reader.Read()
    48  	if err != nil {
    49  		return nil, err
    50  	}
    51  
    52  	_, err = processNamespace(namespace, out)
    53  	if err != nil {
    54  		return nil, err
    55  	}
    56  	for _, i := range filters {
    57  		out, err = i.Filter(out)
    58  		if err != nil {
    59  			return nil, err
    60  		}
    61  	}
    62  
    63  	buf := bytes.Buffer{}
    64  	writer := kio.ByteWriter{
    65  		Writer: &buf,
    66  	}
    67  
    68  	err = writer.Write(out)
    69  	if err != nil {
    70  		return nil, err
    71  	}
    72  
    73  	return decoder.DecodeYAML(buf.Bytes())
    74  }
    75  
    76  // processAuthProxyManifests updates the auth-proxy config map to add the
    77  // correct value for the `BFF_ENDPOINT` and `EA_GATEWAY_ENDPOINT`. It also
    78  // updates the session and auth secrets to include a random uuid and the jwt
    79  // secret respectively.
    80  func processAuthProxyManifests(ns *string) kio.FilterFunc {
    81  	return func(nodes []*yaml.RNode) ([]*yaml.RNode, error) {
    82  		var err error
    83  		for _, n := range nodes {
    84  			if n.GetKind() == configMapKind && n.GetName() == "auth-proxy" {
    85  				if err = n.LoadMapIntoConfigMapData(map[string]string{
    86  					"BFF_ENDPOINT":        fmt.Sprintf("http://ee-bff-golang.%s.svc.cluster.local:80", *ns),
    87  					"EA_GATEWAY_ENDPOINT": fmt.Sprintf("http://eagateway.%s.svc.cluster.local:80", *ns),
    88  				}); err != nil {
    89  					break
    90  				}
    91  				continue
    92  			}
    93  
    94  			if n.GetKind() == secretKind && n.GetName() == "session" {
    95  				if err = n.LoadMapIntoSecretData(map[string]string{
    96  					"SESSION_SECRET": uuid.NewString(),
    97  				}); err != nil {
    98  					break
    99  				}
   100  				continue
   101  			}
   102  
   103  			if n.GetKind() == secretKind && n.GetName() == "auth" {
   104  				if err = n.LoadMapIntoSecretData(map[string]string{
   105  					"APP_SECRET": jwtTokenSecret,
   106  				}); err != nil {
   107  					break
   108  				}
   109  				continue
   110  			}
   111  		}
   112  		return nodes, err
   113  	}
   114  }
   115  
   116  // adds the pubsub emulator host envvar to eagateway cm
   117  func processEAGatewayCM(ns *string) kio.FilterFunc {
   118  	return func(nodes []*yaml.RNode) ([]*yaml.RNode, error) {
   119  		var err error
   120  		for _, n := range nodes {
   121  			if n.GetKind() == configMapKind && n.GetName() == "eagateway" {
   122  				err = n.LoadMapIntoConfigMapData(map[string]string{"PUBSUB_EMULATOR_HOST": fmt.Sprintf("pubsub-service.%s.svc.cluster.local.:8085", *ns)})
   123  				break
   124  			}
   125  		}
   126  		return nodes, err
   127  	}
   128  }
   129  
   130  // adds local database details to a cm with a given name in the test namespace
   131  func addPostGresDetailsToCM(name string, pgConfigMapData *map[string]string) kio.FilterFunc {
   132  	return func(nodes []*yaml.RNode) ([]*yaml.RNode, error) {
   133  		var err error
   134  		for _, n := range nodes {
   135  			if n.GetKind() == configMapKind && n.GetName() == name {
   136  				err = n.LoadMapIntoConfigMapData(*pgConfigMapData)
   137  				break
   138  			}
   139  		}
   140  		return nodes, err
   141  	}
   142  }
   143  
   144  func processNamespace(ns string, nodes []*yaml.RNode) ([]*yaml.RNode, error) {
   145  	fss := types.FsSlice{
   146  		{
   147  			Path:               "metadata/namespace",
   148  			CreateIfNotPresent: true,
   149  		},
   150  	}
   151  	filter := namespace.Filter{
   152  		Namespace: ns,
   153  		FsSlice:   fss,
   154  	}
   155  	return filter.Filter(nodes)
   156  }
   157  

View as plain text