code cleanup for consistency (#546)

equinor · Oct 17, 2023 · 0dcba8d · 0dcba8d
1 parent f746b57
commit 0dcba8d
Showing 1 changed file with 91 additions and 51 deletions.
diff --git a/api/models/secret.go b/api/models/secret.go
@@ -28,6 +28,7 @@ func BuildSecrets(secretList []corev1.Secret, secretProviderClassList []secretss
 	secrets = append(secrets, getSecretsForVolumeMounts(secretList, rd)...)
 	secrets = append(secrets, getSecretsForAuthentication(secretList, rd)...)
 	secrets = append(secrets, getSecretsForSecretRefs(secretList, secretProviderClassList, rd)...)
+
 	return secrets
 }
 
@@ -49,17 +50,15 @@ func getSecretsForDeployment(secretList []corev1.Secret, rd *radixv1.RadixDeploy
 	componentSecretsMap := make(map[string]map[string]bool)
 	for _, component := range rd.Spec.Components {
 		secrets := getSecretsForComponent(&component)
-		if len(secrets) <= 0 {
-			continue
+		if len(secrets) > 0 {
+			componentSecretsMap[component.Name] = secrets
 		}
-		componentSecretsMap[component.Name] = secrets
 	}
 	for _, job := range rd.Spec.Jobs {
 		secrets := getSecretsForComponent(&job)
-		if len(secrets) <= 0 {
-			continue
+		if len(secrets) > 0 {
+			componentSecretsMap[job.Name] = secrets
 		}
-		componentSecretsMap[job.Name] = secrets
 	}
 
 	var secretDTOsMap []secretModels.Secret
@@ -69,8 +68,13 @@ func getSecretsForDeployment(secretList []corev1.Secret, rd *radixv1.RadixDeploy
 		if !ok {
 			// Mark secrets as Pending (exist in config, does not exist in cluster) due to no secret object in the cluster
 			for secretName := range secretNamesMap {
-				secretDTO := secretModels.Secret{Name: secretName, DisplayName: secretName, Component: componentName, Status: secretModels.Pending.String(), Type: secretModels.SecretTypeGeneric}
-				secretDTOsMap = append(secretDTOsMap, secretDTO)
+				secretDTOsMap = append(secretDTOsMap, secretModels.Secret{
+					Name:        secretName,
+					DisplayName: secretName,
+					Type:        secretModels.SecretTypeGeneric,
+					Component:   componentName,
+					Status:      secretModels.Pending.String(),
+				})
 			}
 			continue
 		}
@@ -81,20 +85,26 @@ func getSecretsForDeployment(secretList []corev1.Secret, rd *radixv1.RadixDeploy
 			if _, exists := clusterSecretEntriesMap[secretName]; !exists {
 				status = secretModels.Pending.String()
 			}
-			secretDTO := secretModels.Secret{Name: secretName, DisplayName: secretName, Component: componentName, Status: status, Type: secretModels.SecretTypeGeneric}
-			secretDTOsMap = append(secretDTOsMap, secretDTO)
+
+			secretDTOsMap = append(secretDTOsMap, secretModels.Secret{
+				Name:        secretName,
+				DisplayName: secretName,
+				Type:        secretModels.SecretTypeGeneric,
+				Component:   componentName,
+				Status:      status,
+			})
 		}
 	}
 
 	return secretDTOsMap
 }
 
 func getSecretsForTLSCertificates(secretList []corev1.Secret, rd *radixv1.RadixDeployment, tlsValidator tlsvalidator.TLSSecretValidator) []secretModels.Secret {
-	var secrets []secretModels.Secret
 	if tlsValidator == nil {
 		tlsValidator = tlsvalidator.DefaultValidator()
 	}
 
+	var secrets []secretModels.Secret
 	for _, component := range rd.Spec.Components {
 		for _, externalAlias := range component.DNSExternalAlias {
 			var certData, keyData []byte
@@ -141,23 +151,23 @@ func getSecretsForTLSCertificates(secretList []corev1.Secret, rd *radixv1.RadixD
 				secretModels.Secret{
 					Name:            externalAlias + suffix.ExternalDNSTLSCert,
 					DisplayName:     "Certificate",
-					Resource:        externalAlias,
 					Type:            secretModels.SecretTypeClientCert,
+					Resource:        externalAlias,
+					ID:              secretModels.SecretIdCert,
 					Component:       component.GetName(),
 					Status:          certStatus.String(),
-					ID:              secretModels.SecretIdCert,
 					StatusMessages:  certStatusMessages,
 					TLSCertificates: tlsCerts,
 				},
 				secretModels.Secret{
 					Name:           externalAlias + suffix.ExternalDNSTLSKey,
 					DisplayName:    "Key",
-					Resource:       externalAlias,
 					Type:           secretModels.SecretTypeClientCert,
+					Resource:       externalAlias,
 					Component:      component.GetName(),
+					ID:             secretModels.SecretIdKey,
 					Status:         keyStatus.String(),
 					StatusMessages: keyStatusMessages,
-					ID:             secretModels.SecretIdKey,
 				},
 			)
 		}
@@ -174,6 +184,7 @@ func getSecretsForVolumeMounts(secretList []corev1.Secret, rd *radixv1.RadixDepl
 	for _, job := range rd.Spec.Jobs {
 		secrets = append(secrets, getCredentialSecretsForBlobVolumes(secretList, &job)...)
 	}
+
 	return secrets
 }
 
@@ -184,14 +195,13 @@ func getCredentialSecretsForBlobVolumes(secretList []corev1.Secret, component ra
 		switch volumeMountType {
 		case radixv1.MountTypeBlob:
 			accountKeySecret, accountNameSecret := getBlobFuseSecrets(secretList, component, volumeMount)
-			secrets = append(secrets, accountKeySecret)
-			secrets = append(secrets, accountNameSecret)
+			secrets = append(secrets, accountKeySecret, accountNameSecret)
 		case radixv1.MountTypeBlobFuse2FuseCsiAzure, radixv1.MountTypeBlobFuse2Fuse2CsiAzure, radixv1.MountTypeBlobFuse2NfsCsiAzure, radixv1.MountTypeAzureFileCsiAzure:
 			accountKeySecret, accountNameSecret := getCsiAzureSecrets(secretList, component, volumeMount)
-			secrets = append(secrets, accountKeySecret)
-			secrets = append(secrets, accountNameSecret)
+			secrets = append(secrets, accountKeySecret, accountNameSecret)
 		}
 	}
+
 	return secrets
 }
 
@@ -203,7 +213,8 @@ func getBlobFuseSecrets(secretList []corev1.Secret, component radixv1.RadixCommo
 		defaults.BlobFuseCredsAccountKeyPart,
 		defaults.BlobFuseCredsAccountNamePartSuffix,
 		defaults.BlobFuseCredsAccountKeyPartSuffix,
-		secretModels.SecretTypeAzureBlobFuseVolume)
+		secretModels.SecretTypeAzureBlobFuseVolume,
+	)
 }
 
 func getCsiAzureSecrets(secretList []corev1.Secret, component radixv1.RadixCommonDeployComponent, volumeMount radixv1.RadixVolumeMount) (secretModels.Secret, secretModels.Secret) {
@@ -214,7 +225,8 @@ func getCsiAzureSecrets(secretList []corev1.Secret, component radixv1.RadixCommo
 		defaults.CsiAzureCredsAccountKeyPart,
 		defaults.CsiAzureCredsAccountNamePartSuffix,
 		defaults.CsiAzureCredsAccountKeyPartSuffix,
-		secretModels.SecretTypeCsiAzureBlobVolume)
+		secretModels.SecretTypeCsiAzureBlobVolume,
+	)
 }
 
 func getAzureVolumeMountSecrets(secretList []corev1.Secret, component radixv1.RadixCommonDeployComponent, secretName, volumeMountName, accountNamePart, accountKeyPart, accountNamePartSuffix, accountKeyPartSuffix string, secretType secretModels.SecretType) (secretModels.Secret, secretModels.Secret) {
@@ -226,6 +238,7 @@ func getAzureVolumeMountSecrets(secretList []corev1.Secret, component radixv1.Ra
 		if strings.EqualFold(accountkeyValue, secretDefaultData) {
 			accountkeyStatus = secretModels.Pending.String()
 		}
+
 		accountnameValue := strings.TrimSpace(string(secretValue.Data[accountNamePart]))
 		if strings.EqualFold(accountnameValue, secretDefaultData) {
 			accountnameStatus = secretModels.Pending.String()
@@ -234,30 +247,33 @@ func getAzureVolumeMountSecrets(secretList []corev1.Secret, component radixv1.Ra
 		accountkeyStatus = secretModels.Pending.String()
 		accountnameStatus = secretModels.Pending.String()
 	}
+
 	// "accountkey"
 	accountKeySecretDTO := secretModels.Secret{
 		Name:        secretName + accountKeyPartSuffix,
 		DisplayName: "Account Key",
+		Type:        secretType,
 		Resource:    volumeMountName,
+		ID:          secretModels.SecretIdAccountKey,
 		Component:   component.GetName(),
 		Status:      accountkeyStatus,
-		Type:        secretType,
-		ID:          secretModels.SecretIdAccountKey}
+	}
 	// "accountname"
 	accountNameSecretDTO := secretModels.Secret{
 		Name:        secretName + accountNamePartSuffix,
 		DisplayName: "Account Name",
+		Type:        secretType,
 		Resource:    volumeMountName,
+		ID:          secretModels.SecretIdAccountName,
 		Component:   component.GetName(),
 		Status:      accountnameStatus,
-		Type:        secretType,
-		ID:          secretModels.SecretIdAccountName}
+	}
+
 	return accountKeySecretDTO, accountNameSecretDTO
 }
 
 func getSecretsForAuthentication(secretList []corev1.Secret, activeDeployment *radixv1.RadixDeployment) []secretModels.Secret {
 	var secrets []secretModels.Secret
-
 	for _, component := range activeDeployment.Spec.Components {
 		authSecrets := getSecretsForComponentAuthentication(secretList, &component)
 		secrets = append(secrets, authSecrets...)
@@ -270,6 +286,7 @@ func getSecretsForComponentAuthentication(secretList []corev1.Secret, component
 	var secrets []secretModels.Secret
 	secrets = append(secrets, getSecretsForComponentAuthenticationClientCertificate(secretList, component)...)
 	secrets = append(secrets, getSecretsForComponentAuthenticationOAuth2(secretList, component)...)
+
 	return secrets
 }
 
@@ -288,9 +305,13 @@ func getSecretsForComponentAuthenticationClientCertificate(secretList []corev1.S
 			secretStatus = secretModels.Pending.String()
 		}
 
-		secrets = append(secrets, secretModels.Secret{Name: secretName,
+		secrets = append(secrets, secretModels.Secret{
+			Name:        secretName,
 			DisplayName: "",
-			Type:        secretModels.SecretTypeClientCertificateAuth, Component: component.GetName(), Status: secretStatus})
+			Type:        secretModels.SecretTypeClientCertificateAuth,
+			Component:   component.GetName(),
+			Status:      secretStatus,
+		})
 	}
 
 	return secrets
@@ -325,18 +346,29 @@ func getSecretsForComponentAuthenticationOAuth2(secretList []corev1.Secret, comp
 			redisPasswordStatus = secretModels.Pending.String()
 		}
 
-		secrets = append(secrets, secretModels.Secret{Name: component.GetName() + suffix.OAuth2ClientSecret,
+		secrets = append(secrets, secretModels.Secret{
+			Name:        component.GetName() + suffix.OAuth2ClientSecret,
 			DisplayName: "Client Secret",
-			Type:        secretModels.SecretTypeOAuth2Proxy, Component: component.GetName(),
-			Status: clientSecretStatus})
-		secrets = append(secrets, secretModels.Secret{Name: component.GetName() + suffix.OAuth2CookieSecret,
+			Type:        secretModels.SecretTypeOAuth2Proxy,
+			Component:   component.GetName(),
+			Status:      clientSecretStatus,
+		})
+		secrets = append(secrets, secretModels.Secret{
+			Name:        component.GetName() + suffix.OAuth2CookieSecret,
 			DisplayName: "Cookie Secret",
-			Type:        secretModels.SecretTypeOAuth2Proxy, Component: component.GetName(), Status: cookieSecretStatus})
+			Type:        secretModels.SecretTypeOAuth2Proxy,
+			Component:   component.GetName(),
+			Status:      cookieSecretStatus,
+		})
 
 		if oauth2.SessionStoreType == radixv1.SessionStoreRedis {
-			secrets = append(secrets, secretModels.Secret{Name: component.GetName() + suffix.OAuth2RedisPassword,
+			secrets = append(secrets, secretModels.Secret{
+				Name:        component.GetName() + suffix.OAuth2RedisPassword,
 				DisplayName: "Redis Password",
-				Type:        secretModels.SecretTypeOAuth2Proxy, Component: component.GetName(), Status: redisPasswordStatus})
+				Type:        secretModels.SecretTypeOAuth2Proxy,
+				Component:   component.GetName(),
+				Status:      redisPasswordStatus,
+			})
 		}
 	}
 
@@ -363,7 +395,6 @@ func getSecretsForSecretRefs(secretList []corev1.Secret, secretProviderClassList
 	)
 
 	var secrets []secretModels.Secret
-
 	for _, component := range rd.Spec.Components {
 		secretRefs := component.GetSecretRefs()
 		componentSecrets := getComponentSecretRefsSecrets(secretList, component.GetName(), &secretRefs, secretProviderClassMapForDeployment, csiSecretStoreSecretMap)
@@ -374,6 +405,7 @@ func getSecretsForSecretRefs(secretList []corev1.Secret, secretProviderClassList
 		jobComponentSecrets := getComponentSecretRefsSecrets(secretList, jobComponent.GetName(), &secretRefs, secretProviderClassMapForDeployment, csiSecretStoreSecretMap)
 		secrets = append(secrets, jobComponentSecrets...)
 	}
+
 	return secrets
 }
 
@@ -385,34 +417,38 @@ func getComponentSecretRefsSecrets(secretList []corev1.Secret, componentName str
 			credSecrets := getCredentialSecretsForSecretRefsAzureKeyVault(secretList, componentName, azureKeyVault.Name)
 			secrets = append(secrets, credSecrets...)
 		}
+
 		secretStatus := getAzureKeyVaultSecretStatus(componentName, azureKeyVault.Name, secretProviderClassMap, csiSecretStoreSecretMap)
 		for _, item := range azureKeyVault.Items {
 			secrets = append(secrets, secretModels.Secret{
 				Name:        secret.GetSecretNameForAzureKeyVaultItem(componentName, azureKeyVault.Name, &item),
 				DisplayName: secret.GetSecretDisplayNameForAzureKeyVaultItem(&item),
 				Type:        secretModels.SecretTypeCsiAzureKeyVaultItem,
 				Resource:    azureKeyVault.Name,
+				ID:          secret.GetSecretIdForAzureKeyVaultItem(&item),
 				Component:   componentName,
 				Status:      secretStatus,
-				ID:          secret.GetSecretIdForAzureKeyVaultItem(&item),
 			})
 		}
 	}
+
 	return secrets
 }
 
 func getAzureKeyVaultSecretStatus(componentName, azureKeyVaultName string, secretProviderClassMap map[string]secretsstorev1.SecretProviderClass, csiSecretStoreSecretMap map[string]corev1.Secret) string {
-	secretStatus := secretModels.NotAvailable.String()
 	secretProviderClass := getComponentSecretProviderClassMapForAzureKeyVault(componentName, secretProviderClassMap, azureKeyVaultName)
-	if secretProviderClass != nil {
-		secretStatus = secretModels.Consistent.String()
-		for _, secretObject := range secretProviderClass.Spec.SecretObjects {
-			if _, ok := csiSecretStoreSecretMap[secretObject.SecretName]; !ok {
-				secretStatus = secretModels.NotAvailable.String() // Secrets does not exist for the secretProviderClass secret object
-				break
-			}
+	if secretProviderClass == nil {
+		return secretModels.NotAvailable.String()
+	}
+
+	secretStatus := secretModels.Consistent.String()
+	for _, secretObject := range secretProviderClass.Spec.SecretObjects {
+		if _, ok := csiSecretStoreSecretMap[secretObject.SecretName]; !ok {
+			secretStatus = secretModels.NotAvailable.String() // Secrets does not exist for the secretProviderClass secret object
+			break
 		}
 	}
+
 	return secretStatus
 }
 
@@ -423,6 +459,7 @@ func getComponentSecretProviderClassMapForAzureKeyVault(componentName string, co
 			return &secretProviderClass
 		}
 	}
+
 	return nil
 }
 
@@ -437,6 +474,7 @@ func getCredentialSecretsForSecretRefsAzureKeyVault(secretList []corev1.Secret,
 		if strings.EqualFold(clientIdValue, secretDefaultData) {
 			clientIdStatus = secretModels.Pending.String()
 		}
+
 		clientSecretValue := strings.TrimSpace(string(secretValue.Data[defaults.CsiAzureKeyVaultCredsClientSecretPart]))
 		if strings.EqualFold(clientSecretValue, secretDefaultData) {
 			clientSecretStatus = secretModels.Pending.String()
@@ -445,24 +483,26 @@ func getCredentialSecretsForSecretRefsAzureKeyVault(secretList []corev1.Secret,
 		clientIdStatus = secretModels.Pending.String()
 		clientSecretStatus = secretModels.Pending.String()
 	}
+
 	secrets = append(secrets, secretModels.Secret{
 		Name:        secretName + defaults.CsiAzureKeyVaultCredsClientIdSuffix,
 		DisplayName: "Client ID",
+		Type:        secretModels.SecretTypeCsiAzureKeyVaultCreds,
 		Resource:    azureKeyVaultName,
+		ID:          secretModels.SecretIdClientId,
 		Component:   componentName,
 		Status:      clientIdStatus,
-		Type:        secretModels.SecretTypeCsiAzureKeyVaultCreds,
-		ID:          secretModels.SecretIdClientId},
-	)
+	})
 	secrets = append(secrets, secretModels.Secret{
 		Name:        secretName + defaults.CsiAzureKeyVaultCredsClientSecretSuffix,
 		DisplayName: "Client Secret",
+		Type:        secretModels.SecretTypeCsiAzureKeyVaultCreds,
 		Resource:    azureKeyVaultName,
+		ID:          secretModels.SecretIdClientSecret,
 		Component:   componentName,
 		Status:      clientSecretStatus,
-		Type:        secretModels.SecretTypeCsiAzureKeyVaultCreds,
-		ID:          secretModels.SecretIdClientSecret},
-	)
+	})
+
 	return secrets
 }