-
Notifications
You must be signed in to change notification settings - Fork 148
/
Copy pathactuator.go
111 lines (89 loc) · 4.1 KB
/
actuator.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
/*
Copyright 2018 The OpenShift Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package actuator
import (
"context"
log "github.com/sirupsen/logrus"
configv1 "github.com/openshift/api/config/v1"
operatorv1 "github.com/openshift/api/operator/v1"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"
minterv1 "github.com/openshift/cloud-credential-operator/pkg/apis/cloudcredential/v1"
"github.com/openshift/cloud-credential-operator/pkg/operator/constants"
)
// Actuator controls credentials on a specific infrastructure. All
// methods should be idempotent unless otherwise specified.
type Actuator interface {
// Create the credentials.
Create(context.Context, *minterv1.CredentialsRequest) error
// Delete the credentials. If no error is returned, it is assumed that all dependent resources have been cleaned up.
Delete(context.Context, *minterv1.CredentialsRequest) error
// Update the credentials to the provided definition.
Update(context.Context, *minterv1.CredentialsRequest) error
// Exists checks if the credentials currently exist.
Exists(context.Context, *minterv1.CredentialsRequest) (bool, error)
// GetCredentialsRootSecretLocation returns the namespace and name where the credentials root secret is stored.
GetCredentialsRootSecretLocation() types.NamespacedName
// IsTimedTokenCluster returns true if the cluster is capable and configured to use timed token credentials.
IsTimedTokenCluster(client.Client, context.Context, log.FieldLogger) (bool, error)
// Upgradeable returns a ClusterOperator Upgradeable condition to indicate whether or not this cluster can
// be safely upgraded to the next "minor" (4.y) Openshift release.
Upgradeable(operatorv1.CloudCredentialsMode) *configv1.ClusterOperatorStatusCondition
// GetCredentialsRootSecret returns the credentials root secret.
GetCredentialsRootSecret(ctx context.Context, cr *minterv1.CredentialsRequest) (*corev1.Secret, error)
}
type DummyActuator struct {
}
func (a *DummyActuator) Exists(ctx context.Context, cr *minterv1.CredentialsRequest) (bool, error) {
return true, nil
}
func (a *DummyActuator) Create(ctx context.Context, cr *minterv1.CredentialsRequest) error {
return nil
}
func (a *DummyActuator) Update(ctx context.Context, cr *minterv1.CredentialsRequest) error {
return nil
}
func (a *DummyActuator) Delete(ctx context.Context, cr *minterv1.CredentialsRequest) error {
return nil
}
// GetCredentialsRootSecretLocation returns the namespace and name where the parent credentials secret is stored.
func (a *DummyActuator) GetCredentialsRootSecretLocation() types.NamespacedName {
return types.NamespacedName{Namespace: constants.CloudCredSecretNamespace, Name: constants.AWSCloudCredSecretName}
}
func (a *DummyActuator) IsTimedTokenCluster(c client.Client, ctx context.Context, logger log.FieldLogger) (bool, error) {
return false, nil
}
func (a *DummyActuator) Upgradeable(mode operatorv1.CloudCredentialsMode) *configv1.ClusterOperatorStatusCondition {
upgradeableCondition := &configv1.ClusterOperatorStatusCondition{
Status: configv1.ConditionTrue,
Type: configv1.OperatorUpgradeable,
}
return upgradeableCondition
}
func (a *DummyActuator) GetCredentialsRootSecret(ctx context.Context, cr *minterv1.CredentialsRequest) (*corev1.Secret, error) {
return nil, nil
}
type ActuatorError struct {
ErrReason minterv1.CredentialsRequestConditionType
Message string
}
type ActuatorStatus interface {
Reason() minterv1.CredentialsRequestConditionType
}
func (e *ActuatorError) Error() string {
return e.Message
}
func (e *ActuatorError) Reason() minterv1.CredentialsRequestConditionType {
return e.ErrReason
}