shared_resource_loop

package
v0.0.0-...-18bafa7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 6, 2024 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	KubeconfigKey                 = "kubeconfig"
	UnableToCreateRestConfigError = "unable to create k8s client from restConfig from managed environment secret"
)

Variables

This section is empty.

Functions

func CleanRepoCredOperation 

func CleanRepoCredOperation(ctx context.Context, dbRepoCred db.RepositoryCredentials, clusterUser db.ClusterUser, operationNS string,
	dbQueries db.DatabaseQueries, client client.Client, operationDBID string, l logr.Logger) error

func DeleteManagedEnvironmentResources 

func DeleteManagedEnvironmentResources(ctx context.Context, managedEnvID string, managedEnvDB *db.ManagedEnvironment, user db.ClusterUser,
	k8sClientFactory SRLK8sClientFactory, dbQueries db.DatabaseQueries, log logr.Logger) error

func NormalizeGitURL 

func NormalizeGitURL(repo string) string

NormalizeGitURL normalizes a git URL for purposes of comparison, as well as preventing redundant local clones (by normalizing various forms of a URL to a consistent location).

func UpdateGitopsDeploymentRepositoryCredentialStatus 

func UpdateGitopsDeploymentRepositoryCredentialStatus(ctx context.Context, repositoryCredential *managedgitopsv1alpha1.GitOpsDeploymentRepositoryCredential, secret *corev1.Secret, validateRepoURL ValidateRepoURLAndCredentialsFunction, k8sClient client.Client, log logr.Logger) (bool, error)

Updates the given repository credential CR's status condition to match the given condition and additional checks. If there is an existing status condition with the exact same status, reason and message, no update is made in order to preserve the LastTransitionTime (see https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Condition.LastTransitionTime )

returns true if the RepositoryCredentials status is valid, false otherwise (for example, false if CR references a Secret that doesn't exist)

Types

type DefaultK8sClientFactory 

type DefaultK8sClientFactory struct {
}

DefaultK8sClientFactory should always be used, except when mocking for unit tests.

func (DefaultK8sClientFactory) BuildK8sClient 

func (DefaultK8sClientFactory) BuildK8sClient(restConfig *rest.Config) (client.Client, error)

func (DefaultK8sClientFactory) GetK8sClientForGitOpsEngineInstance 

func (DefaultK8sClientFactory) GetK8sClientForGitOpsEngineInstance(ctx context.Context, gitopsEngineInstance *db.GitopsEngineInstance) (client.Client, error)

func (DefaultK8sClientFactory) GetK8sClientForServiceWorkspace 

func (DefaultK8sClientFactory) GetK8sClientForServiceWorkspace() (client.Client, error)

type SRLK8sClientFactory 

type SRLK8sClientFactory interface {

	// Create a client.Client using the given restconfig
	BuildK8sClient(restConfig *rest.Config) (client.Client, error)

	// Create a client.Client which can access the cluster that Argo CD is on
	GetK8sClientForGitOpsEngineInstance(ctx context.Context, gitopsEngineInstance *db.GitopsEngineInstance) (client.Client, error)

	// Create a client.Client which can access the cluster where GitOps Service is running
	GetK8sClientForServiceWorkspace() (client.Client, error)
}

SRLK8sClientFactory abstracts out the creation of client.Client, which allows mocking by unit tests.

type SharedResourceEventLoop 

type SharedResourceEventLoop struct {
	// contains filtered or unexported fields
}

The goal of the shared resource event loop is to ensure that API-namespace-scoped resources are only created from a single thread, preventing concurrent goroutines from stepping on each others toes.

This ensures that:

  • When multiple 'application event loop' goroutines are attempting to create workspace-scoped resources, that no duplicates are created (eg it shouldn't be possible to create multiple ClusterUsers for a single user, or multiple ManagedEnvironments for a single namespace)
  • There are no race conditions on creation of namespace-scoped resources.

API-namespace-scoped resources are: - managedenv - clusteraccess - clusteruser - gitopsengineinstance - repositorycredential

Ultimately the goal of this file is to avoid this issue: - In the same moment of time, both these actions happen simultaneously:

  • thread 1: creates (for example) a managed environment DB row for environment A, while processing a GitOpsDeployment targeting A
  • thread 2: creates (for example) a managed environment DB row for environment A, while processing a different GitOpsDeployment targeting A
  • But this is bad: the database now contains _two different_ managed environment database entries for the same environment A.
  • Thus, without mutexes/locking, there is a race condition.
  • However, the shared resource event loop prevents this issue, by ensuring that threads are never able to concurrently create API-namespace-scoped database resources at the same time.

func NewSharedResourceLoop 

func NewSharedResourceLoop() *SharedResourceEventLoop

NewSharedResourceLoop creates a new SharedResourceLoop, and starts the goroutine responsible for processing channel messages. See documentation at top of this file for details.

func NewSharedResourceLoopWithCustomFuncs 

func NewSharedResourceLoopWithCustomFuncs(validateRepoURLFunction ValidateRepoURLAndCredentialsFunction) *SharedResourceEventLoop

NewSharedResourceLoopWithCustomFuncs allows override of validation functions from NewSharedResourceLoop Note: This should only be called from unit tests

func (*SharedResourceEventLoop) GetGitopsEngineInstanceById 

func (srEventLoop *SharedResourceEventLoop) GetGitopsEngineInstanceById(ctx context.Context, id string, workspaceClient client.Client,
	workspaceNamespace corev1.Namespace, l logr.Logger) (*db.GitopsEngineInstance, error)

func (*SharedResourceEventLoop) GetOrCreateClusterUserByNamespaceUID 

func (srEventLoop *SharedResourceEventLoop) GetOrCreateClusterUserByNamespaceUID(ctx context.Context, workspaceClient client.Client,
	workspaceNamespace corev1.Namespace, l logr.Logger) (*db.ClusterUser, bool, error)

The bool return value is 'true' if ClusterUser is created; 'false' if it already exists in DB or in case of failure.

func (*SharedResourceEventLoop) ReconcileAppProjectRepositories 

func (srEventLoop *SharedResourceEventLoop) ReconcileAppProjectRepositories(ctx context.Context, workspaceClient client.Client,
	workspaceNamespace corev1.Namespace, l logr.Logger) (bool, error)

ReconcileAppProjectRepositories ensures that the necessary AppProjectRepository database rows exists in the database, and that they are consistent with the GitOpsDeployment/GitOpsDeploymentRepositoryCredentials defined in the given Namespace.

parameters: - gitRepoURLUnnormalizedOfRequest is the repository URL defined in the GitOpDeployment or GitOpsDeploymentRepositoryCredential for which this function was invoked.

  • this function will only process DB rows, or K8s resources that reference this specific Git repository URL (ignoring all others)
  • If 'gitRepoURLUnnormalizedOfRequest' is empty (""), then all resources will be processed.

return value: - bool: true if one or more 'AppProject*' rows in the DB were updated, false otherwise. (If yes, ensure an Operation on the Application caused the AppProject CR to be regenerated) - error

func (*SharedResourceEventLoop) ReconcileRepositoryCredential 

func (srEventLoop *SharedResourceEventLoop) ReconcileRepositoryCredential(ctx context.Context,
	workspaceClient client.Client, workspaceNamespace corev1.Namespace,
	repositoryCredentialCRName string, k8sClientFactory SRLK8sClientFactory, l logr.Logger) (*db.RepositoryCredentials, error)

func (*SharedResourceEventLoop) ReconcileSharedManagedEnv 

func (srEventLoop *SharedResourceEventLoop) ReconcileSharedManagedEnv(ctx context.Context,
	workspaceClient client.Client, workspaceNamespace corev1.Namespace,
	managedEnvironmentCRName string, managedEnvironmentCRNamespace string, isWorkspaceTarget bool,
	k8sClientFactory SRLK8sClientFactory, l logr.Logger) (SharedResourceManagedEnvContainer, bool, error)

Ensure the user's workspace is configured, ensure a GitOpsEngineInstance exists that will target it, and ensure a cluster access exists the give the user permission to target them from the engine. Return values: - SharedResourceManagedEnvContainer: contains DB resources that were created/retrieved by the call - bool: whether or not the error param is a user error (see elsewhere for definition of user error) - error: whether an error occurred during reconciliation

type SharedResourceManagedEnvContainer 

type SharedResourceManagedEnvContainer struct {
	ClusterUser          *db.ClusterUser
	IsNewUser            bool
	ManagedEnv           *db.ManagedEnvironment
	IsNewManagedEnv      bool
	GitopsEngineInstance *db.GitopsEngineInstance
	IsNewInstance        bool
	ClusterAccess        *db.ClusterAccess
	IsNewClusterAccess   bool
	GitopsEngineCluster  *db.GitopsEngineCluster
}

SharedResourceManagedEnvContainer is the return value of ReconcileSharedManagedEnv, and contains the resources that were created by the reconciliation.

type ValidateRepoURLAndCredentialsFunction 

type ValidateRepoURLAndCredentialsFunction func(rawRepoURL string, secret corev1.Secret) error

ValidateRepoURLAndCredentialsFunction is a function signature primarily for 'validateRepositoryCredentials', but alternative functions can be provided by unit tests, in order to mock the Git repository validation. 

var (
	// DefaultValidateRepositoryCredentials refers to the default validation algorithm used everywhere (except unit tests)
	DefaultValidateRepositoryCredentials ValidateRepoURLAndCredentialsFunction = validateRepositoryCredentials
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.