helpers

package
v0.0.0-...-acc0b0b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 8, 2026 License: Apache-2.0 Imports: 79 Imported by: 0

Documentation

Overview

TODO add unit test for the following functions, right now they are only covered in e2e

Index

Constants

View Source 
const (
	GRPCSAName   = "grpc-server-sa"
	HubNamespace = "open-cluster-management-hub"
)

Variables

View Source 
var BootstrapSASuffix = "bootstrap-sa"
View Source 
var DeployOnOCP bool = true

DeployOnOCP is set once at the beginning

Functions

func AddManagedClusterFinalizer 

func AddManagedClusterFinalizer(modified *bool, managedCluster *clusterv1.ManagedCluster, finalizer string)

AddManagedClusterFinalizer add a finalizer to a managed cluster

func ApplyResources 

func ApplyResources(clientHolder *ClientHolder, recorder events.Recorder,
	scheme *runtime.Scheme, owner metav1.Object, objs ...runtime.Object) (bool, error)

ApplyResources apply resources, includes: serviceaccount, secret, deployment, clusterrole, clusterrolebinding, crdv1, manifestwork and klusterlet

func AssertManifestWorkFinalizer 

func AssertManifestWorkFinalizer(ctx context.Context, runtimeClient client.Client, recorder events.Recorder,
	cluster *clusterv1.ManagedCluster, works int) error

AssertManifestWorkFinalizer add/remove manifest finalizer for a managed cluster, this func will send request to api server to update managed cluster.

func ContainAuthError 

func ContainAuthError(err error) bool

func ContainInternalServerError 

func ContainInternalServerError(err error) bool

func DeleteAutoImportSecret 

func DeleteAutoImportSecret(ctx context.Context, kubeClient kubernetes.Interface,
	secret *corev1.Secret, recorder events.Recorder) error

DeleteAutoImportSecret delete the auto-import-secret if the secret does not have the keeping annotation

func DetermineKlusterletMode 

func DetermineKlusterletMode(cluster *clusterv1.ManagedCluster) operatorv1.InstallMode

DetermineKlusterletMode gets the klusterlet deploy mode for the managed cluster.

func FilesToObjects 

func FilesToObjects(files []string, config interface{}, manifestFiles *embed.FS) ([]runtime.Object, error)

func ForceDeleteAllManagedClusterAddons 

func ForceDeleteAllManagedClusterAddons(
	ctx context.Context,
	runtimeClient client.Client,
	clusterName string,
	recorder events.Recorder) error

ForceDeleteAllManagedClusterAddons delete all managed cluster addons forcefully

func ForceDeleteAllManifestWorks 

func ForceDeleteAllManifestWorks(ctx context.Context, workClient workclient.Interface, recorder events.Recorder,
	manifestWorks []workv1.ManifestWork) error

ForceDeleteAllManifestWorks delete all manifestworks forcefully

func ForceDeleteManagedClusterAddon 

func ForceDeleteManagedClusterAddon(
	ctx context.Context,
	runtimeClient client.Client,
	recorder events.Recorder,
	addonNamespace, addonName string) error

ForceDeleteManagedClusterAddon will delete the managedClusterAddon regardless of finalizers.

func ForceDeleteManifestWork 

func ForceDeleteManifestWork(ctx context.Context, workClient workclient.Interface, recorder events.Recorder,
	namespace, name string) error

ForceDeleteManifestWork will delete the manifestwork regardless of finalizers.

func ForceDeleteWorkRoleBinding 

func ForceDeleteWorkRoleBinding(ctx context.Context, kubeClient kubernetes.Interface, clusterName string,
	recorder events.Recorder) error

ForceDeleteWorkRoleBinding gets the work roleBinding in the cluster ns

func GetBootstrapSAName 

func GetBootstrapSAName(clusterName string) string

func GetClusterName 

func GetClusterName(csr *certificatesv1.CertificateSigningRequest) (clusterName string)

func GetComponentNamespace 

func GetComponentNamespace() (string, error)

func GetHostingCluster 

func GetHostingCluster(cluster *clusterv1.ManagedCluster) (string, error)

GetHostingCluster gets the hosting cluster name from the managed cluster annotation

func GetMaxConcurrentReconciles 

func GetMaxConcurrentReconciles() int

GetMaxConcurrentReconciles get the max concurrent reconciles from MAX_CONCURRENT_RECONCILES env, if the reconciles cannot be found, return 1

func GetMergedKlusterletConfigWithGlobal 

func GetMergedKlusterletConfigWithGlobal(
	klusterletconfigName string,
	kcLister listerklusterletconfigv1alpha1.KlusterletConfigLister,
) (*klusterletconfigv1alpha1.KlusterletConfig, error)

func GetNodeSelectorFromManagedClusterAnnotations 

func GetNodeSelectorFromManagedClusterAnnotations(clusterAnnotations map[string]string) (map[string]string, error)

func GetTLSConfigForServer 

func GetTLSConfigForServer(runtimeClient client.Reader) *tls.Config

GetTLSConfigForServer returns TLS config for HTTPS server based on hub's OpenShift APIServer settings. Falls back to TLS 1.2 with no specific cipher suites on vanilla Kubernetes or if fetch fails. Uses client.Reader to avoid dependency on manager's cache (can be called before manager starts). Delegates TLS profile conversion to cluster-lifecycle-api/helpers/tlsprofile.

func GetTolerationsFromManagedClusterAnnotations 

func GetTolerationsFromManagedClusterAnnotations(clusterAnnotations map[string]string) ([]corev1.Toleration, error)

func GetWorkRoleBinding 

func GetWorkRoleBinding(ctx context.Context, runtimeClient client.Client, clusterName string) (
	*rbacv1.RoleBinding, error)

GetWorkRoleBinding gets the work roleBinding in the cluster ns

func HasCertificates 

func HasCertificates(supersetCertData, subsetCertData []byte) (bool, error)

HasCertificates returns true if the supersetCertData contains all the certs in subsetCertData

func HostedKlusterletManifestWorkName 

func HostedKlusterletManifestWorkName(managedClusterName string) string

func HostedManagedKubeConfigManifestWorkName 

func HostedManagedKubeConfigManifestWorkName(managedClusterName string) string

func ImportManagedClusterFromSecret 

func ImportManagedClusterFromSecret(client *ClientHolder, restMapper meta.RESTMapper, recorder events.Recorder,
	importSecret *corev1.Secret) (bool, error)

ImportManagedClusterFromSecret use managed cluster client to import managed cluster from import-secret

func ImportingResourcesApplied 

func ImportingResourcesApplied(condition *metav1.Condition) bool

func IsClusterUnavailable 

func IsClusterUnavailable(cluster *clusterv1.ManagedCluster) bool

IsClusterUnavailable checks whether the cluster is unavailable

func IsHostedCluster 

func IsHostedCluster(cluster *clusterv1.ManagedCluster) bool

func IsImmediateImport 

func IsImmediateImport(annotations map[string]string) bool

func IsKubeVersionChanged 

func IsKubeVersionChanged(objectOld, objectNew runtime.Object) bool

func IsManifestWorksAvailable 

func IsManifestWorksAvailable(ctx context.Context, client workclient.Interface,
	namespace string, names ...string) (bool, error)

func ListManagedClusterAddons 

func ListManagedClusterAddons(ctx context.Context, runtimeClient client.Client, clusterName string) (
	*addonv1alpha1.ManagedClusterAddOnList, error)

ListManagedClusterAddons lists all managedclusteraddons for the managed cluster

func ManifestConfigsEqual 

func ManifestConfigsEqual(newConfigs, oldConfigs []workv1.ManifestConfigOption) bool

func ManifestsEqual 

func ManifestsEqual(newManifests, oldManifests []workv1.Manifest) bool

ManifestsEqual if two manifests are equal, return true

func MustCreateAssetFromTemplate 

func MustCreateAssetFromTemplate(name string, tb []byte, config interface{}) []byte

MustCreateAssetFromTemplate render a template with its configuration If it's failed, this function will panic

func MustCreateObject 

func MustCreateObject(raw []byte) runtime.Object

MustCreateObject translate object from raw bytes to runtime object

func MustCreateObjectFromTemplate 

func MustCreateObjectFromTemplate(file string, template []byte, config interface{}) runtime.Object

MustCreateObjectFromTemplate render a template to a runtime object with its configuration If it's failed, this function will panic

func NewEventRecorder 

func NewEventRecorder(kubeClient kubernetes.Interface, controllerName string) events.Recorder

func NewManagedClusterEventRecorder 

func NewManagedClusterEventRecorder(ctx context.Context,
	kubeClient kubernetes.Interface) kevents.EventRecorder

func NewManagedClusterImportSucceededCondition 

func NewManagedClusterImportSucceededCondition(s metav1.ConditionStatus, reason, message string) metav1.Condition

func ParseKubeConfigData 

func ParseKubeConfigData(kubeConfigData []byte) (
	kubeAPIServer, proxyURL, ca string, caData []byte, token string, ctxClusterName string, err error)

func RemoveManagedClusterFinalizer 

func RemoveManagedClusterFinalizer(ctx context.Context, runtimeClient client.Client, recorder events.Recorder,
	managedCluster *clusterv1.ManagedCluster, finalizer string) error

RemoveManagedClusterFinalizer remove a finalizer from a managed cluster

func ResourceIsNotFound 

func ResourceIsNotFound(err error) bool

func SetImmediateImportCompleted 

func SetImmediateImportCompleted(client client.Client, managedClusterName string) error

func SetupTLSProfileWatcher 

func SetupTLSProfileWatcher(ctx context.Context, mgr ctrl.Manager) error

SetupTLSProfileWatcher sets up a watcher for TLS profile changes on OpenShift. When the TLS profile changes, the watcher triggers a graceful shutdown (os.Exit(0)) so the pod restarts with the new TLS configuration.

This ensures the agent-registration server picks up TLS profile changes without requiring manual pod restart.

Uses the runnable pattern to defer setup until after manager cache is ready, since SecurityProfileWatcher requires a cached client. The runnable's Start() is called after cache sync but during mgr.Start(), allowing it to safely add the watcher controller. See: https://github.com/openshift/controller-runtime-common

Returns nil on vanilla Kubernetes (no-op). On OpenShift, adds a runnable to the manager that will start the watcher after the manager's cache is started.

func SplitYamls 

func SplitYamls(yamls []byte) [][]byte

SplitYamls split yamls with sperator `---`

func SupportPriorityClass 

func SupportPriorityClass(cluster *clusterv1.ManagedCluster) (bool, error)

func UpdateManagedClusterBootstrapSecret 

func UpdateManagedClusterBootstrapSecret(client *ClientHolder, importSecret *corev1.Secret,
	recorder events.Recorder) (bool, error)

UpdateManagedClusterBootstrapSecret update the bootstrap secret on the managed cluster

func UpdateManagedClusterImportCondition 

func UpdateManagedClusterImportCondition(client client.Client, managedCluster *clusterv1.ManagedCluster,
	cond metav1.Condition, recorder kevents.EventRecorder) error

UpdateManagedClusterImportCondition update managed cluster status and record the event

func ValidateClusterImportConfigSecret 

func ValidateClusterImportConfigSecret(secret *corev1.Secret) error

func ValidateImportSecret 

func ValidateImportSecret(importSecret *corev1.Secret) error

ValidateImportSecret validate managed cluster import secret

func ValidateKlusterletMode 

func ValidateKlusterletMode(mode operatorv1.InstallMode) error

func ValidateNodeSelector 

func ValidateNodeSelector(nodeSelector map[string]string) error

refer to https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/core/validation/validation.go#L3498

func ValidateTolerations 

func ValidateTolerations(tolerations []corev1.Toleration) error

refer to https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/core/validation/validation.go#L3330

Types

type ClientHolder 

type ClientHolder struct {
	KubeClient          kubernetes.Interface
	APIExtensionsClient apiextensionsclient.Interface
	OperatorClient      operatorclient.Interface
	RuntimeClient       client.Client
	RuntimeAPIReader    client.Reader
	ImageRegistryClient imageregistry.Interface
	WorkClient          workclient.Interface
	RouteV1Client       routeclient.Interface
}

func GenerateImportClientFromKubeConfigSecret 

func GenerateImportClientFromKubeConfigSecret(secret *corev1.Secret) (reconcile.Result, *ClientHolder, meta.RESTMapper, error)

GenerateImportClientFromKubeConfigSecret generate a client from a given secret that contains a kubeconfig

func GenerateImportClientFromKubeTokenSecret 

func GenerateImportClientFromKubeTokenSecret(secret *corev1.Secret) (reconcile.Result, *ClientHolder, meta.RESTMapper, error)

GenerateImportClientFromKubeTokenSecret generate a client from a given secret that contains kube apiserver and token

func GenerateImportClientFromRosaCluster 

func GenerateImportClientFromRosaCluster(getter *RosaKubeConfigGetter, secret *corev1.Secret) (reconcile.Result, *ClientHolder, meta.RESTMapper, error)

GenerateImportClientFromRosaCluster generate a client from a given secret that contains rosa cluster info

type GenerateClientHolderFunc 

type GenerateClientHolderFunc func(secret *corev1.Secret) (reconcile.Result, *ClientHolder, meta.RESTMapper, error)

GenerateClientHolderFunc is a function to generate the managed cluster client holder which is used to import cluster(apply resources to the managed cluster)

type ImportControllerConfig 

type ImportControllerConfig struct {
	// contains filtered or unexported fields
}

func NewImportControllerConfig 

func NewImportControllerConfig(componentNamespace string, configMapLister corev1listers.ConfigMapLister,
	log logr.Logger) *ImportControllerConfig

func (*ImportControllerConfig) GenerateImportConfig 

func (c *ImportControllerConfig) GenerateImportConfig() (bool, error)

GenerateImportConfig to check whether to generate import config secret.

func (*ImportControllerConfig) GetAutoImportStrategy 

func (c *ImportControllerConfig) GetAutoImportStrategy() (string, error)

type ImportHelper 

type ImportHelper struct {
	// contains filtered or unexported fields
}

ImportHelper is used to helper controller to import managed cluster

func NewImportHelper 

func NewImportHelper(informerHolder *source.InformerHolder,
	recorder events.Recorder,
	log logr.Logger) *ImportHelper

func (*ImportHelper) Import 

func (i *ImportHelper) Import(backupRestore bool, cluster *clusterv1.ManagedCluster,
	managedClusterKubeClientSecret *corev1.Secret) (
	reconcile.Result, metav1.Condition, bool, error)

Import uses the managedClusterKubeClientSecret to generate a managed cluster client, then use this client to import the managed cluster, return managed cluster import condition when finished apply.

func (*ImportHelper) WithGenerateClientHolderFunc 

func (i *ImportHelper) WithGenerateClientHolderFunc(f GenerateClientHolderFunc) *ImportHelper

type RosaKubeConfigGetter 

type RosaKubeConfigGetter struct {
	// contains filtered or unexported fields
}

func NewRosaKubeConfigGetter 

func NewRosaKubeConfigGetter() *RosaKubeConfigGetter

func (*RosaKubeConfigGetter) Cleanup 

func (g *RosaKubeConfigGetter) Cleanup() error

func (*RosaKubeConfigGetter) KubeConfig 

func (g *RosaKubeConfigGetter) KubeConfig() (bool, *clientcmdapi.Config, error)

func (*RosaKubeConfigGetter) SetAPIServerURL 

func (g *RosaKubeConfigGetter) SetAPIServerURL(apiServer string)

func (*RosaKubeConfigGetter) SetAuthMethod 

func (g *RosaKubeConfigGetter) SetAuthMethod(authMethod string)

func (*RosaKubeConfigGetter) SetClientID 

func (g *RosaKubeConfigGetter) SetClientID(clientID string)

func (*RosaKubeConfigGetter) SetClientSecret 

func (g *RosaKubeConfigGetter) SetClientSecret(clientSecret string)

func (*RosaKubeConfigGetter) SetClusterID 

func (g *RosaKubeConfigGetter) SetClusterID(clusterID string)

func (*RosaKubeConfigGetter) SetRetryTimes 

func (g *RosaKubeConfigGetter) SetRetryTimes(retryTimes string)

func (*RosaKubeConfigGetter) SetToken 

func (g *RosaKubeConfigGetter) SetToken(token string)

func (*RosaKubeConfigGetter) SetTokenURL 

func (g *RosaKubeConfigGetter) SetTokenURL(tokenURL string)

type WorkSelector 

type WorkSelector func(string, workv1.ManifestWork) bool

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.