Azure / aks-app-routing-operator / 16678395046

coverage: 81.41% (+0.03%) from 81.378%
16678395046

push

github

web-flow 
Merge branch 'main' into kingoliver/tls

95 of 125 new or added lines in 4 files covered. (76.0%)

44 existing lines in 2 files now uncovered.

4042 of 4965 relevant lines covered (81.41%)

22.85 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

84.47
/pkg/controller/defaultdomaincert/default_domain_cert_controller.go
1 
package defaultdomaincert
2 









3



import (










4



        "context"










5



        "errors"










6



        "fmt"










7



        "time"










8












9



        approutingv1alpha1 "github.com/Azure/aks-app-routing-operator/api/v1alpha1"










10



        "github.com/Azure/aks-app-routing-operator/pkg/config"










11



        "github.com/Azure/aks-app-routing-operator/pkg/controller/controllername"










12



        "github.com/Azure/aks-app-routing-operator/pkg/controller/metrics"










13



        "github.com/Azure/aks-app-routing-operator/pkg/manifests"










14



        "github.com/Azure/aks-app-routing-operator/pkg/store"










15



        "github.com/Azure/aks-app-routing-operator/pkg/util"










16



        corev1 "k8s.io/api/core/v1"










17



        apierrors "k8s.io/apimachinery/pkg/api/errors"










18



        metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"










19



        "k8s.io/client-go/tools/record"










20



        ctrl "sigs.k8s.io/controller-runtime"










21



        "sigs.k8s.io/controller-runtime/pkg/client"










22



        "sigs.k8s.io/controller-runtime/pkg/log"










23



)










24












25



var name = controllername.New("default", "domain", "cert", "reconciler")










26












27



type defaultDomainCertControllerReconciler struct {










28



        client client.Client










29



        events record.EventRecorder










30



        conf   *config.Config










31



        store  store.Store










32



}










33













34



func NewReconciler(conf *config.Config, mgr ctrl.Manager, store store.Store) error {




2






35



        metrics.InitControllerMetrics(name)




2






36






2






37



        if err := store.AddFile(conf.DefaultDomainCertPath); err != nil {




3






38



                return fmt.Errorf("adding default domain cert %s to store: %w", conf.DefaultDomainCertPath, err)




1






39



        }




1





40













41



        if err := store.AddFile(conf.DefaultDomainKeyPath); err != nil {




2






42



                return fmt.Errorf("adding default domain key %s to store: %w", conf.DefaultDomainKeyPath, err)




1






43



        }




1





44













NEW


45



        reconciler := &defaultDomainCertControllerReconciler{




×








NEW


46



                client: mgr.GetClient(),




×








NEW


47



                events: mgr.GetEventRecorderFor("aks-app-routing-operator"),




×








NEW


48



                conf:   conf,




×








NEW


49



                store:  store,




×








NEW


50



        }




×








NEW


51






×








NEW


52



        if err := name.AddToController(




×








NEW


53



                ctrl.NewControllerManagedBy(mgr).




×








NEW


54



                        For(&approutingv1alpha1.DefaultDomainCertificate{}).




×








NEW


55



                        Owns(&corev1.Secret{}),




×








NEW


56



                mgr.GetLogger(),




×








NEW


57



        ).Complete(reconciler); err != nil {




×








NEW


58



                return fmt.Errorf("building the controller: %w", err)




×








NEW


59



        }




×







60













NEW


61



        return nil




×







62



}










63













64



func (d *defaultDomainCertControllerReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.Result, err error) {




11






65



        start := time.Now()




11






66



        lgr := log.FromContext(ctx, "name", req.Name, "namespace", req.Namespace)




11






67



        ctx = log.IntoContext(ctx, lgr)




11






68






11






69



        lgr.Info("reconciling DefaultDomainCertificate")




11






70



        defer func() {




22






71



                lgr.Info("reconcile finished", "latency", time.Since(start))




11






72



        }()




11





73













74



        defaultDomainCertificate := &approutingv1alpha1.DefaultDomainCertificate{}




11






75



        if err := d.client.Get(ctx, req.NamespacedName, defaultDomainCertificate); err != nil {




13






76



                if apierrors.IsNotFound(err) { // object was deleted




3






77



                        lgr.Info("DefaultDomainCertificate not found")




1






78



                        return ctrl.Result{}, nil




1






79



                }




1





80













81



                lgr.Error(err, "unable to get DefaultDomainCertificate")




1






82



                return ctrl.Result{}, err




1





83



        }










84













85



        if defaultDomainCertificate.Spec.Target.Secret == nil {




10






86



                err := errors.New("DefaultDomainCertificate has no target secret specified")




1






87



                lgr.Error(err, "DefaultDomainCertificate has no target specified, this should be blocked by CRD CEL validation")




1






88



                return ctrl.Result{}, err




1






89



        }




1





90













91



        lgr = lgr.WithValues("secretTarget", *defaultDomainCertificate.Spec.Target.Secret)




8






92



        ctx = log.IntoContext(ctx, lgr)




8






93






8






94



        lgr.Info("upserting Secret for DefaultDomainCertificate")




8






95



        secret, err := d.generateSecret(defaultDomainCertificate)




8






96



        if err != nil {




9






97



                err := fmt.Errorf("generating Secret for DefaultDomainCertificate: %w", err)




1






98



                lgr.Error(err, "failed to generate Secret for DefaultDomainCertificate")




1






99



                return ctrl.Result{}, err




1






100



        }




1





101













102



        if err := util.Upsert(ctx, d.client, secret); err != nil {




9






103



                d.events.Eventf(defaultDomainCertificate, corev1.EventTypeWarning, "ApplyingCertificateSecretFailed", "Failed to apply Secret for DefaultDomainCertificate: %s", err.Error())




2






104



                lgr.Error(err, "failed to upsert Secret for DefaultDomainCertificate")




2






105



                return ctrl.Result{}, err




2






106



        }




2





107












108



        // Update the status of the DefaultDomainCertificate











109



        defaultDomainCertificate.SetCondition(metav1.Condition{




5






110



                Type:    approutingv1alpha1.DefaultDomainCertificateConditionTypeAvailable,




5






111



                Status:  metav1.ConditionTrue,




5






112



                Reason:  "CertificateSecretApplied",




5






113



                Message: fmt.Sprintf("Secret %s/%s successfully applied for DefaultDomainCertificate", secret.Namespace, secret.Name),




5






114



        })




5






115



        if err := d.client.Status().Update(ctx, defaultDomainCertificate); err != nil {




6






116



                lgr.Error(err, "failed to update status for DefaultDomainCertificate")




1






117



                return ctrl.Result{}, err




1






118



        }




1





119













120



        return ctrl.Result{}, nil




4





121



}










122













123



func (d *defaultDomainCertControllerReconciler) generateSecret(defaultDomainCertificate *approutingv1alpha1.DefaultDomainCertificate) (*corev1.Secret, error) {




17






124



        crt, ok := d.store.GetContent(d.conf.DefaultDomainCertPath)




17






125



        if crt == nil || !ok {




20






126



                return nil, errors.New("failed to get certificate from store")




3






127



        }




3






128



        key, ok := d.store.GetContent(d.conf.DefaultDomainKeyPath)




14






129



        if key == nil || !ok {




16






130



                return nil, errors.New("failed to get key from store")




2






131



        }




2





132













133



        secret := &corev1.Secret{




12






134



                ObjectMeta: metav1.ObjectMeta{




12






135



                        Name:      *defaultDomainCertificate.Spec.Target.Secret,




12






136



                        Namespace: defaultDomainCertificate.Namespace,




12






137



                        Labels:    manifests.GetTopLevelLabels(),




12






138



                },




12






139



                TypeMeta: metav1.TypeMeta{




12






140



                        Kind:       "Secret",




12






141



                        APIVersion: corev1.SchemeGroupVersion.String(),




12






142



                },




12






143



                Type: corev1.SecretTypeTLS,




12






144



                Data: map[string][]byte{




12






145



                        "tls.crt": crt,




12






146



                        "tls.key": key,




12






147



                },




12






148



        }




12






149






12






150



        owner := manifests.GetOwnerRefs(defaultDomainCertificate, true)




12






151



        secret.SetOwnerReferences(owner)




12






152






12






153



        return secret, nil




12





154



}
























    

  • 

    •