storage_certificates.go

Documentation: k8s.io/kubernetes/pkg/registry/certificates/rest

     1  /*
     2  Copyright 2016 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package rest
    18  
    19  import (
    20  	certificatesapiv1 "k8s.io/api/certificates/v1"
    21  	certificatesapiv1alpha1 "k8s.io/api/certificates/v1alpha1"
    22  	"k8s.io/apiserver/pkg/registry/generic"
    23  	"k8s.io/apiserver/pkg/registry/rest"
    24  	genericapiserver "k8s.io/apiserver/pkg/server"
    25  	serverstorage "k8s.io/apiserver/pkg/server/storage"
    26  	utilfeature "k8s.io/apiserver/pkg/util/feature"
    27  	"k8s.io/klog/v2"
    28  	"k8s.io/kubernetes/pkg/api/legacyscheme"
    29  	"k8s.io/kubernetes/pkg/apis/certificates"
    30  	"k8s.io/kubernetes/pkg/features"
    31  	certificatestore "k8s.io/kubernetes/pkg/registry/certificates/certificates/storage"
    32  	clustertrustbundlestore "k8s.io/kubernetes/pkg/registry/certificates/clustertrustbundle/storage"
    33  )
    34  
    35  type RESTStorageProvider struct{}
    36  
    37  func (p RESTStorageProvider) NewRESTStorage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (genericapiserver.APIGroupInfo, error) {
    38  	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(certificates.GroupName, legacyscheme.Scheme, legacyscheme.ParameterCodec, legacyscheme.Codecs)
    39  	// If you add a version here, be sure to add an entry in `k8s.io/kubernetes/cmd/kube-apiserver/app/aggregator.go with specific priorities.
    40  	// TODO refactor the plumbing to provide the information in the APIGroupInfo
    41  
    42  	if storageMap, err := p.v1Storage(apiResourceConfigSource, restOptionsGetter); err != nil {
    43  		return genericapiserver.APIGroupInfo{}, err
    44  	} else if len(storageMap) > 0 {
    45  		apiGroupInfo.VersionedResourcesStorageMap[certificatesapiv1.SchemeGroupVersion.Version] = storageMap
    46  	}
    47  
    48  	if storageMap, err := p.v1alpha1Storage(apiResourceConfigSource, restOptionsGetter); err != nil {
    49  		return genericapiserver.APIGroupInfo{}, err
    50  	} else if len(storageMap) > 0 {
    51  		apiGroupInfo.VersionedResourcesStorageMap[certificatesapiv1alpha1.SchemeGroupVersion.Version] = storageMap
    52  	}
    53  
    54  	return apiGroupInfo, nil
    55  }
    56  
    57  func (p RESTStorageProvider) v1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (map[string]rest.Storage, error) {
    58  	storage := map[string]rest.Storage{}
    59  
    60  	if resource := "certificatesigningrequests"; apiResourceConfigSource.ResourceEnabled(certificatesapiv1.SchemeGroupVersion.WithResource(resource)) {
    61  		csrStorage, csrStatusStorage, csrApprovalStorage, err := certificatestore.NewREST(restOptionsGetter)
    62  		if err != nil {
    63  			return nil, err
    64  		}
    65  		storage[resource] = csrStorage
    66  		storage[resource+"/status"] = csrStatusStorage
    67  		storage[resource+"/approval"] = csrApprovalStorage
    68  	}
    69  
    70  	return storage, nil
    71  }
    72  
    73  func (p RESTStorageProvider) v1alpha1Storage(apiResourceConfigSource serverstorage.APIResourceConfigSource, restOptionsGetter generic.RESTOptionsGetter) (map[string]rest.Storage, error) {
    74  	storage := map[string]rest.Storage{}
    75  
    76  	if resource := "clustertrustbundles"; apiResourceConfigSource.ResourceEnabled(certificatesapiv1alpha1.SchemeGroupVersion.WithResource(resource)) {
    77  		if utilfeature.DefaultFeatureGate.Enabled(features.ClusterTrustBundle) {
    78  			bundleStorage, err := clustertrustbundlestore.NewREST(restOptionsGetter)
    79  			if err != nil {
    80  				return nil, err
    81  			}
    82  			storage[resource] = bundleStorage
    83  		} else {
    84  			klog.Warning("ClusterTrustBundle storage is disabled because the ClusterTrustBundle feature gate is disabled")
    85  		}
    86  	}
    87  
    88  	return storage, nil
    89  }
    90  
    91  func (p RESTStorageProvider) GroupName() string {
    92  	return certificates.GroupName
    93  }
    94
View as plain text