apply

package

v2.8.1-rc.2 Latest Latest Go to latest Published: Jul 13, 2023 License: Apache-2.0 Imports: 26 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/fluxninja/aperture

Documentation ¶

Index ¶

Variables

Constants ¶

This section is empty.

Variables ¶

View Source

var ApplyCmd = &cobra.Command{
	Use:   "apply",
	Short: "Apply Aperture Policies",
	Long: `
Use this command to apply the Aperture Policies.`,
	SilenceErrors: true,
	PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
		var err error
		err = Controller.PreRunE(cmd, args)
		if err != nil {
			return fmt.Errorf("failed to run controller pre-run: %w", err)
		}

		controllerNs = utils.GetControllerNs()

		client, err = Controller.Client()
		if err != nil {
			return fmt.Errorf("failed to get controller client: %w", err)
		}

		return nil
	},
	PersistentPostRun: Controller.PostRun,
}

ApplyCmd is the command to apply a policy to the cluster.

View Source

var ApplyDynamicConfigCmd = &cobra.Command{
	Use:           "dynamic-config",
	Short:         "Apply Aperture DynamicConfig to a Policy",
	Long:          `Use this command to apply the Aperture DynamicConfig to a Policy.`,
	SilenceErrors: true,
	Example:       `aperturectl apply dynamic-config --policy=rate-limiting --file=dynamic-config.yaml`,
	PreRunE: func(_ *cobra.Command, _ []string) error {
		if policyName == "" {
			return errors.New("policy name is required")
		}
		if dynamicConfigFile == "" {
			return errors.New("dynamic config file is required")
		}
		// read the dynamic config file
		var err error
		dynamicConfigBytes, err = os.ReadFile(dynamicConfigFile)
		if err != nil {
			return err
		}
		return nil
	},
	RunE: func(_ *cobra.Command, _ []string) error {
		err := api.AddToScheme(scheme.Scheme)
		if err != nil {
			return fmt.Errorf("failed to connect to Kubernetes: %w", err)
		}

		dynamicConfigYAML := make(map[string]interface{})
		err = yaml.Unmarshal(dynamicConfigBytes, &dynamicConfigYAML)
		if err != nil {
			return fmt.Errorf("failed to parse DynamicConfig YAML: %w", err)
		}

		if Controller.IsKube() {
			var kubeClient k8sclient.Client
			kubeClient, err = k8sclient.New(Controller.GetKubeRestConfig(), k8sclient.Options{
				Scheme: scheme.Scheme,
			})
			if err != nil {
				return fmt.Errorf("failed to create Kubernetes client: %w", err)
			}

			var deployment *appsv1.Deployment
			deployment, err = utils.GetControllerDeployment(Controller.GetKubeRestConfig(), controllerNs)
			if err != nil {
				return err
			}

			dynamicConfigBytes, err = json.Marshal(dynamicConfigYAML)
			if err != nil {
				return fmt.Errorf("failed to parse DynamicConfig JSON: %w", err)
			}

			policy := &policyv1alpha1.Policy{}
			err = kubeClient.Get(context.Background(), k8sclient.ObjectKey{
				Namespace: deployment.Namespace,
				Name:      policyName,
			}, policy)
			if err != nil {
				if apimeta.IsNoMatchError(err) {
					err = applyDynamicConfigUsingAPI(dynamicConfigYAML)
					if err != nil {
						return err
					}
				} else {
					return fmt.Errorf("failed to get Policy '%s': %w", policyName, err)
				}
			} else {
				policy.DynamicConfig.Raw = dynamicConfigBytes
				err = kubeClient.Update(context.Background(), policy)
				if err != nil {
					return fmt.Errorf("failed to update DynamicConfig for policy '%s': %w", policyName, err)
				}
			}
		} else {
			err = applyDynamicConfigUsingAPI(dynamicConfigYAML)
			if err != nil {
				return err
			}
		}

		log.Info().Str("policy", policyName).Msg("Updated DynamicConfig successfully")

		return nil
	},
}

ApplyDynamicConfigCmd is the command to apply DynamicConfig to a Policy.

View Source

var ApplyPolicyCmd = &cobra.Command{
	Use:           "policy",
	Short:         "Apply Aperture Policy to the cluster",
	Long:          `Use this command to apply the Aperture Policy to the cluster.`,
	SilenceErrors: true,
	Example: `aperturectl apply policy --file=policies/rate-limiting.yaml

aperturectl apply policy --dir=policies`,
	RunE: func(_ *cobra.Command, _ []string) error {
		if file != "" {
			return applyPolicy(file)
		} else if dir != "" {
			policies, err := getPolicies(dir)
			if err != nil {
				return err
			}

			model := tui.InitialCheckboxModel(policies, "Which policies to apply?")
			if !selectAll {
				p := tea.NewProgram(model)
				if _, err := p.Run(); err != nil {
					return err
				}
			} else {
				for i := range policies {
					model.Selected[i] = struct{}{}
				}
			}

			for policyIndex := range model.Selected {
				fileName := policies[policyIndex]
				if err := applyPolicy(fileName); err != nil {
					log.Error().Err(err).Msgf("failed to apply policy '%s'.", fileName)
				}
			}
			return nil
		} else {
			return errors.New("either --file or --dir must be provided")
		}
	},
}

ApplyPolicyCmd is the command to apply a policy to the cluster.

View Source

var (
	// Controller is the controller connection object.
	Controller utils.ControllerConn
)

Functions ¶

This section is empty.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL