mirror of
https://gitee.com/XM-GO/PandaX.git
synced 2026-04-23 02:48:34 +08:00
146 lines
4.3 KiB
Go
146 lines
4.3 KiB
Go
package secret
|
||
|
||
import (
|
||
"context"
|
||
"fmt"
|
||
"pandax/base/global"
|
||
|
||
v1 "k8s.io/api/core/v1"
|
||
metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||
"k8s.io/client-go/kubernetes"
|
||
"pandax/apps/devops/entity/k8s"
|
||
k8scommon "pandax/apps/devops/services/k8s/common"
|
||
"pandax/apps/devops/services/k8s/dataselect"
|
||
)
|
||
|
||
// SecretSpec is a common interface for the specification of different secrets.
|
||
type SecretSpec interface {
|
||
GetName() string
|
||
GetType() v1.SecretType
|
||
GetNamespace() string
|
||
GetData() map[string][]byte
|
||
}
|
||
|
||
// ImagePullSecretSpec is a specification of an image pull secret implements SecretSpec
|
||
type ImagePullSecretSpec struct {
|
||
Name string `json:"name"`
|
||
Namespace string `json:"namespace"`
|
||
|
||
// The value of the .dockercfg property. It must be Base64 encoded.
|
||
Data []byte `json:"data"`
|
||
}
|
||
|
||
// GetName returns the name of the ImagePullSecret
|
||
func (spec *ImagePullSecretSpec) GetName() string {
|
||
return spec.Name
|
||
}
|
||
|
||
// GetType returns the type of the ImagePullSecret, which is always api.SecretTypeDockercfg
|
||
func (spec *ImagePullSecretSpec) GetType() v1.SecretType {
|
||
return v1.SecretTypeDockercfg
|
||
}
|
||
|
||
// GetNamespace returns the namespace of the ImagePullSecret
|
||
func (spec *ImagePullSecretSpec) GetNamespace() string {
|
||
return spec.Namespace
|
||
}
|
||
|
||
// GetData returns the data the secret carries, it is a single key-value pair
|
||
func (spec *ImagePullSecretSpec) GetData() map[string][]byte {
|
||
return map[string][]byte{v1.DockerConfigKey: spec.Data}
|
||
}
|
||
|
||
// Secret is a single secret returned to the frontend.
|
||
type Secret struct {
|
||
ObjectMeta k8s.ObjectMeta `json:"objectMeta"`
|
||
TypeMeta k8s.TypeMeta `json:"typeMeta"`
|
||
Type v1.SecretType `json:"type"`
|
||
}
|
||
|
||
// SecretList is a response structure for a queried secrets list.
|
||
type SecretList struct {
|
||
k8s.ListMeta `json:"listMeta"`
|
||
|
||
// Unordered list of Secrets.
|
||
Secrets []Secret `json:"secrets"`
|
||
}
|
||
|
||
// GetSecretList returns all secrets in the given namespace.
|
||
func GetSecretList(client kubernetes.Interface, namespace *k8scommon.NamespaceQuery, dsQuery *dataselect.DataSelectQuery) (*SecretList, error) {
|
||
global.Log.Info(fmt.Sprintf("Getting list of secrets in %s namespace", namespace))
|
||
secretList, err := client.CoreV1().Secrets(namespace.ToRequestParam()).List(context.TODO(), k8s.ListEverything)
|
||
if err != nil {
|
||
return nil, err
|
||
}
|
||
|
||
return ToSecretList(secretList.Items, dsQuery), nil
|
||
}
|
||
|
||
// CreateSecret creates a single secret using the cluster API client
|
||
func CreateSecret(client kubernetes.Interface, spec SecretSpec) (*Secret, error) {
|
||
namespace := spec.GetNamespace()
|
||
secret := &v1.Secret{
|
||
ObjectMeta: metaV1.ObjectMeta{
|
||
Name: spec.GetName(),
|
||
Namespace: namespace,
|
||
},
|
||
Type: spec.GetType(),
|
||
Data: spec.GetData(),
|
||
}
|
||
_, err := client.CoreV1().Secrets(namespace).Create(context.TODO(), secret, metaV1.CreateOptions{})
|
||
result := toSecret(secret)
|
||
return &result, err
|
||
}
|
||
|
||
func toSecret(secret *v1.Secret) Secret {
|
||
return Secret{
|
||
ObjectMeta: k8s.NewObjectMeta(secret.ObjectMeta),
|
||
TypeMeta: k8s.NewTypeMeta(k8s.ResourceKindSecret),
|
||
Type: secret.Type,
|
||
}
|
||
}
|
||
|
||
func ToSecretList(secrets []v1.Secret, dsQuery *dataselect.DataSelectQuery) *SecretList {
|
||
newSecretList := &SecretList{
|
||
ListMeta: k8s.ListMeta{TotalItems: len(secrets)},
|
||
Secrets: make([]Secret, 0),
|
||
}
|
||
|
||
secretCells, filteredTotal := dataselect.GenericDataSelectWithFilter(toCells(secrets), dsQuery)
|
||
secrets = fromCells(secretCells)
|
||
newSecretList.ListMeta = k8s.ListMeta{TotalItems: filteredTotal}
|
||
|
||
for _, secret := range secrets {
|
||
newSecretList.Secrets = append(newSecretList.Secrets, toSecret(&secret))
|
||
}
|
||
|
||
return newSecretList
|
||
}
|
||
|
||
func DeleteSecret(client *kubernetes.Clientset, namespace string, name string) error {
|
||
global.Log.Info(fmt.Sprintf("请求删除Secret: %v, namespace: %v", name, namespace))
|
||
return client.CoreV1().Secrets(namespace).Delete(
|
||
context.TODO(),
|
||
name,
|
||
metaV1.DeleteOptions{},
|
||
)
|
||
}
|
||
|
||
func DeleteCollectionSecret(client *kubernetes.Clientset, secretList []k8s.SecretsData) (err error) {
|
||
global.Log.Info("批量删除Secret开始")
|
||
for _, v := range secretList {
|
||
global.Log.Info(fmt.Sprintf("delete Secret:%v, ns: %v", v.Name, v.Namespace))
|
||
err := client.CoreV1().Secrets(v.Namespace).Delete(
|
||
context.TODO(),
|
||
v.Name,
|
||
metaV1.DeleteOptions{},
|
||
)
|
||
if err != nil {
|
||
global.Log.Error(err.Error())
|
||
return err
|
||
}
|
||
}
|
||
global.Log.Info("删除Secret已完成")
|
||
return nil
|
||
}
|