/
group_controller.go
119 lines (100 loc) · 3.2 KB
/
group_controller.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package customeradmin
import (
"context"
"io/ioutil"
"time"
"github.com/ghodss/yaml"
userv1client "github.com/openshift/client-go/user/clientset/versioned/typed/user/v1"
"github.com/prometheus/client_golang/prometheus"
"github.com/sirupsen/logrus"
"sigs.k8s.io/controller-runtime/pkg/controller"
"sigs.k8s.io/controller-runtime/pkg/event"
"sigs.k8s.io/controller-runtime/pkg/handler"
"sigs.k8s.io/controller-runtime/pkg/manager"
"sigs.k8s.io/controller-runtime/pkg/predicate"
"sigs.k8s.io/controller-runtime/pkg/reconcile"
"sigs.k8s.io/controller-runtime/pkg/source"
"github.com/openshift/openshift-azure/pkg/api"
"github.com/openshift/openshift-azure/pkg/util/azureclient/graphrbac"
)
const (
osaCustomerAdmins = "osa-customer-admins"
)
type reconcileGroup struct {
userV1 userv1client.UserV1Interface
aadClient graphrbac.GroupsClient
log *logrus.Entry
groupMap map[string]string
config api.AADIdentityProvider
}
var _ reconcile.Reconciler = &reconcileGroup{}
func addGroupController(ctx context.Context, log *logrus.Entry, m manager.Manager, stopCh <-chan struct{}) error {
r := &reconcileGroup{
log: log,
groupMap: map[string]string{},
}
err := r.load("_data/_out/aad-group-sync.yaml")
if err != nil {
return err
}
r.userV1 = userv1client.NewForConfigOrDie(m.GetConfig())
r.aadClient, err = newAADGroupsClient(ctx, log, r.config)
if err != nil {
return err
}
c, err := controller.New("customeradmin-group-controller", m, controller.Options{Reconciler: r})
if err != nil {
return err
}
events := make(chan event.GenericEvent)
timerSource := source.Channel{Source: events}
ticker := time.NewTicker(60 * time.Second)
timerSource.InjectStopChannel(stopCh)
go func() {
for {
select {
case <-ticker.C:
events <- event.GenericEvent{}
case <-stopCh:
log.Info("shutting down ticker")
ticker.Stop()
return
}
}
}()
return c.Watch(&timerSource, &handler.EnqueueRequestForObject{}, &predicate.Funcs{GenericFunc: r.pollEvent})
}
func (r *reconcileGroup) Reconcile(request reconcile.Request) (reconcile.Result, error) {
// not actually used (pollEvent is the real callback) but the controller.New() really wants it.
return reconcile.Result{}, nil
}
func (r *reconcileGroup) load(path string) error {
b, err := ioutil.ReadFile(path)
if err != nil {
return err
}
if err := yaml.Unmarshal(b, &r.config); err != nil {
return err
}
if r.config.CustomerAdminGroupID != nil {
r.groupMap[osaCustomerAdmins] = *r.config.CustomerAdminGroupID
}
return nil
}
func (r *reconcileGroup) pollEvent(event.GenericEvent) bool {
r.log.Debug("AAD Group Reconciler (poll)..")
startTime := time.Now()
metricLabels := prometheus.Labels{"controller": "customeradmin-group-controller"}
azureControllersInFlightGauge.With(metricLabels).Inc()
defer func() {
azureControllersDurationSummary.With(metricLabels).Observe(time.Now().Sub(startTime).Seconds())
azureControllersInFlightGauge.With(metricLabels).Dec()
azureControllersLastExecutedGauge.With(metricLabels).SetToCurrentTime()
}()
err := reconcileGroups(r.log, r.aadClient, r.userV1, r.groupMap)
if err != nil {
azureControllersErrorsCounter.With(metricLabels).Inc()
r.log.Error(err)
}
return err == nil
}