hide core/v1 behind interface

2026-06-12 01:14:22 +00:00 · 2018-10-09 14:51:37 -07:00
parent 0faef46773
commit f783486057
17 changed files with 112 additions and 77 deletions
--- a/internal/k8sdeps/configmapandsecret/configmapfactory.go
+++ b/internal/k8sdeps/configmapandsecret/configmapfactory.go
@@ -0,0 +1,186 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package configmapandsecret generates configmaps and secrets per generator rules.
+package configmapandsecret
+
+import (
+	"fmt"
+	"path"
+	"strings"
+
+	"github.com/pkg/errors"
+	"k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/util/validation"
+	"sigs.k8s.io/kustomize/pkg/fs"
+	"sigs.k8s.io/kustomize/pkg/ifc"
+	"sigs.k8s.io/kustomize/pkg/types"
+)
+
+// ConfigMapFactory makes ConfigMaps.
+type ConfigMapFactory struct {
+	fSys fs.FileSystem
+	ldr  ifc.Loader
+}
+
+// NewConfigMapFactory returns a new ConfigMapFactory.
+func NewConfigMapFactory(
+	fSys fs.FileSystem, l ifc.Loader) *ConfigMapFactory {
+	return &ConfigMapFactory{fSys: fSys, ldr: l}
+}
+
+func (f *ConfigMapFactory) makeFreshConfigMap(
+	args *types.ConfigMapArgs) *corev1.ConfigMap {
+	cm := &corev1.ConfigMap{}
+	cm.APIVersion = "v1"
+	cm.Kind = "ConfigMap"
+	cm.Name = args.Name
+	cm.Data = map[string]string{}
+	return cm
+}
+
+// MakeConfigMap returns a new ConfigMap, or nil and an error.
+func (f *ConfigMapFactory) MakeConfigMap(
+	args *types.ConfigMapArgs) (*corev1.ConfigMap, error) {
+	var all []kvPair
+	var err error
+	cm := f.makeFreshConfigMap(args)
+
+	pairs, err := keyValuesFromEnvFile(f.ldr, args.EnvSource)
+	if err != nil {
+		return nil, errors.Wrap(err, fmt.Sprintf(
+			"env source file: %s",
+			args.EnvSource))
+	}
+	all = append(all, pairs...)
+
+	pairs, err = keyValuesFromLiteralSources(args.LiteralSources)
+	if err != nil {
+		return nil, errors.Wrap(err, fmt.Sprintf(
+			"literal sources %v", args.LiteralSources))
+	}
+	all = append(all, pairs...)
+
+	pairs, err = keyValuesFromFileSources(f.ldr, args.FileSources)
+	if err != nil {
+		return nil, errors.Wrap(err, fmt.Sprintf(
+			"file sources: %v", args.FileSources))
+	}
+	all = append(all, pairs...)
+
+	for _, kv := range all {
+		err = addKvToConfigMap(cm, kv.key, kv.value)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return cm, nil
+}
+
+func keyValuesFromLiteralSources(sources []string) ([]kvPair, error) {
+	var kvs []kvPair
+	for _, s := range sources {
+		k, v, err := parseLiteralSource(s)
+		if err != nil {
+			return nil, err
+		}
+		kvs = append(kvs, kvPair{key: k, value: v})
+	}
+	return kvs, nil
+}
+
+func keyValuesFromFileSources(ldr ifc.Loader, sources []string) ([]kvPair, error) {
+	var kvs []kvPair
+	for _, s := range sources {
+		k, fPath, err := parseFileSource(s)
+		if err != nil {
+			return nil, err
+		}
+		content, err := ldr.Load(fPath)
+		if err != nil {
+			return nil, err
+		}
+		kvs = append(kvs, kvPair{key: k, value: string(content)})
+	}
+	return kvs, nil
+}
+
+func keyValuesFromEnvFile(l ifc.Loader, path string) ([]kvPair, error) {
+	if path == "" {
+		return nil, nil
+	}
+	content, err := l.Load(path)
+	if err != nil {
+		return nil, err
+	}
+	return keyValuesFromLines(content)
+}
+
+// addKvToConfigMap adds the given key and data to the given config map.
+// Error if key invalid, or already exists.
+func addKvToConfigMap(configMap *v1.ConfigMap, keyName, data string) error {
+	// Note, the rules for ConfigMap keys are the exact same as the ones for SecretKeys.
+	if errs := validation.IsConfigMapKey(keyName); len(errs) != 0 {
+		return fmt.Errorf("%q is not a valid key name for a ConfigMap: %s", keyName, strings.Join(errs, ";"))
+	}
+	if _, entryExists := configMap.Data[keyName]; entryExists {
+		return fmt.Errorf("cannot add key %s, another key by that name already exists: %v", keyName, configMap.Data)
+	}
+	configMap.Data[keyName] = data
+	return nil
+}
+
+// parseFileSource parses the source given.
+//
+//  Acceptable formats include:
+//   1.  source-path: the basename will become the key name
+//   2.  source-name=source-path: the source-name will become the key name and
+//       source-path is the path to the key file.
+//
+// Key names cannot include '='.
+func parseFileSource(source string) (keyName, filePath string, err error) {
+	numSeparators := strings.Count(source, "=")
+	switch {
+	case numSeparators == 0:
+		return path.Base(source), source, nil
+	case numSeparators == 1 && strings.HasPrefix(source, "="):
+		return "", "", fmt.Errorf("key name for file path %v missing", strings.TrimPrefix(source, "="))
+	case numSeparators == 1 && strings.HasSuffix(source, "="):
+		return "", "", fmt.Errorf("file path for key name %v missing", strings.TrimSuffix(source, "="))
+	case numSeparators > 1:
+		return "", "", errors.New("key names or file paths cannot contain '='")
+	default:
+		components := strings.Split(source, "=")
+		return components[0], components[1], nil
+	}
+}
+
+// parseLiteralSource parses the source key=val pair into its component pieces.
+// This functionality is distinguished from strings.SplitN(source, "=", 2) since
+// it returns an error in the case of empty keys, values, or a missing equals sign.
+func parseLiteralSource(source string) (keyName, value string, err error) {
+	// leading equal is invalid
+	if strings.Index(source, "=") == 0 {
+		return "", "", fmt.Errorf("invalid literal source %v, expected key=value", source)
+	}
+	// split after the first equal (so values can have the = character)
+	items := strings.SplitN(source, "=", 2)
+	if len(items) != 2 {
+		return "", "", fmt.Errorf("invalid literal source %v, expected key=value", source)
+	}
+	return items[0], strings.Trim(items[1], "\"'"), nil
+}
--- a/internal/k8sdeps/configmapandsecret/configmapfactory_test.go
+++ b/internal/k8sdeps/configmapandsecret/configmapfactory_test.go
@@ -0,0 +1,133 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package configmapandsecret
+
+import (
+	"reflect"
+	"testing"
+
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/kustomize/pkg/fs"
+	"sigs.k8s.io/kustomize/pkg/loader"
+	"sigs.k8s.io/kustomize/pkg/types"
+)
+
+func makeEnvConfigMap(name string) *corev1.ConfigMap {
+	return &corev1.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "ConfigMap",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string]string{
+			"DB_USERNAME": "admin",
+			"DB_PASSWORD": "somepw",
+		},
+	}
+}
+
+func makeFileConfigMap(name string) *corev1.ConfigMap {
+	return &corev1.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "ConfigMap",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string]string{
+			"app-init.ini": `FOO=bar
+BAR=baz
+`,
+		},
+	}
+}
+
+func makeLiteralConfigMap(name string) *corev1.ConfigMap {
+	return &corev1.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "ConfigMap",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+		Data: map[string]string{
+			"a": "x",
+			"b": "y",
+			"c": "Hello World",
+			"d": "true",
+		},
+	}
+}
+
+func TestConstructConfigMap(t *testing.T) {
+	type testCase struct {
+		description string
+		input       types.ConfigMapArgs
+		expected    *corev1.ConfigMap
+	}
+
+	testCases := []testCase{
+		{
+			description: "construct config map from env",
+			input: types.ConfigMapArgs{
+				Name: "envConfigMap",
+				DataSources: types.DataSources{
+					EnvSource: "../../../pkg/examplelayout/simple/instances/exampleinstance/configmap/app.env",
+				},
+			},
+			expected: makeEnvConfigMap("envConfigMap"),
+		},
+		{
+			description: "construct config map from file",
+			input: types.ConfigMapArgs{
+				Name: "fileConfigMap",
+				DataSources: types.DataSources{
+					FileSources: []string{"../../../pkg/examplelayout/simple/instances/exampleinstance/configmap/app-init.ini"},
+				},
+			},
+			expected: makeFileConfigMap("fileConfigMap"),
+		},
+		{
+			description: "construct config map from literal",
+			input: types.ConfigMapArgs{
+				Name: "literalConfigMap",
+				DataSources: types.DataSources{
+					LiteralSources: []string{"a=x", "b=y", "c=\"Hello World\"", "d='true'"},
+				},
+			},
+			expected: makeLiteralConfigMap("literalConfigMap"),
+		},
+	}
+
+	// TODO: all tests should use a FakeFs
+	fSys := fs.MakeRealFS()
+	f := NewConfigMapFactory(fSys, loader.NewFileLoader(fSys))
+	for _, tc := range testCases {
+		cm, err := f.MakeConfigMap(&tc.input)
+		if err != nil {
+			t.Fatalf("unexpected error: %v", err)
+		}
+		if !reflect.DeepEqual(*cm, *tc.expected) {
+			t.Fatalf("in testcase: %q updated:\n%#v\ndoesn't match expected:\n%#v\n", tc.description, *cm, tc.expected)
+		}
+	}
+}
--- a/internal/k8sdeps/configmapandsecret/kv.go
+++ b/internal/k8sdeps/configmapandsecret/kv.go
@@ -0,0 +1,102 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package configmapandsecret
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"os"
+	"strings"
+	"unicode"
+	"unicode/utf8"
+
+	"k8s.io/apimachinery/pkg/util/validation"
+)
+
+// kvPair represents a key value pair.
+type kvPair struct {
+	key   string
+	value string
+}
+
+var utf8bom = []byte{0xEF, 0xBB, 0xBF}
+
+// keyValuesFromLines parses given content in to a list of key-value pairs.
+func keyValuesFromLines(content []byte) ([]kvPair, error) {
+	var kvs []kvPair
+
+	scanner := bufio.NewScanner(bytes.NewReader(content))
+	currentLine := 0
+	for scanner.Scan() {
+		// Process the current line, retrieving a key/value pair if
+		// possible.
+		scannedBytes := scanner.Bytes()
+		kv, err := kvFromLine(scannedBytes, currentLine)
+		if err != nil {
+			return nil, err
+		}
+		currentLine++
+
+		if len(kv.key) == 0 {
+			// no key means line was empty or a comment
+			continue
+		}
+
+		kvs = append(kvs, kv)
+	}
+	return kvs, nil
+}
+
+// kvFromLine returns a kv with blank key if the line is empty or a comment.
+// The value will be retrieved from the environment if necessary.
+func kvFromLine(line []byte, currentLine int) (kvPair, error) {
+	kv := kvPair{}
+
+	if !utf8.Valid(line) {
+		return kv, fmt.Errorf("line %d has invalid utf8 bytes : %v", line, string(line))
+	}
+
+	// We trim UTF8 BOM from the first line of the file but no others
+	if currentLine == 0 {
+		line = bytes.TrimPrefix(line, utf8bom)
+	}
+
+	// trim the line from all leading whitespace first
+	line = bytes.TrimLeftFunc(line, unicode.IsSpace)
+
+	// If the line is empty or a comment, we return a blank key/value pair.
+	if len(line) == 0 || line[0] == '#' {
+		return kv, nil
+	}
+
+	data := strings.SplitN(string(line), "=", 2)
+	key := data[0]
+	if errs := validation.IsEnvVarName(key); len(errs) != 0 {
+		return kv, fmt.Errorf("%q is not a valid key name: %s", key, strings.Join(errs, ";"))
+	}
+
+	if len(data) == 2 {
+		kv.value = data[1]
+	} else {
+		// No value (no `=` in the line) is a signal to obtain the value
+		// from the environment.
+		kv.value = os.Getenv(key)
+	}
+	kv.key = key
+	return kv, nil
+}
--- a/internal/k8sdeps/configmapandsecret/kv_test.go
+++ b/internal/k8sdeps/configmapandsecret/kv_test.go
@@ -0,0 +1,67 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+package configmapandsecret
+
+import (
+	"reflect"
+	"testing"
+)
+
+func TestKeyValuesFromLines(t *testing.T) {
+	tests := []struct {
+		desc          string
+		content       string
+		expectedPairs []kvPair
+		expectedErr   bool
+	}{
+		{
+			desc: "valid kv content parse",
+			content: `
+		k1=v1
+		k2=v2
+		`,
+			expectedPairs: []kvPair{
+				{key: "k1", value: "v1"},
+				{key: "k2", value: "v2"},
+			},
+			expectedErr: false,
+		},
+		{
+			desc: "content with comments",
+			content: `
+		k1=v1
+		#k2=v2
+		`,
+			expectedPairs: []kvPair{
+				{key: "k1", value: "v1"},
+			},
+			expectedErr: false,
+		},
+		// TODO: add negative testcases
+	}
+
+	for _, test := range tests {
+		pairs, err := keyValuesFromLines([]byte(test.content))
+		if test.expectedErr && err == nil {
+			t.Fatalf("%s should not return error", test.desc)
+		}
+
+		if !reflect.DeepEqual(pairs, test.expectedPairs) {
+			t.Errorf("%s should succeed, got:%v exptected:%v", test.desc, pairs, test.expectedPairs)
+		}
+
+	}
+}
--- a/internal/k8sdeps/configmapandsecret/secretfactory.go
+++ b/internal/k8sdeps/configmapandsecret/secretfactory.go
@@ -0,0 +1,143 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package configmapandsecret
+
+import (
+	"context"
+	"fmt"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"time"
+
+	"github.com/pkg/errors"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/util/validation"
+	"sigs.k8s.io/kustomize/pkg/fs"
+	"sigs.k8s.io/kustomize/pkg/types"
+)
+
+const (
+	defaultCommandTimeout = 5 * time.Second
+)
+
+// SecretFactory makes Secrets.
+type SecretFactory struct {
+	fSys fs.FileSystem
+	wd   string
+}
+
+// NewSecretFactory returns a new SecretFactory.
+func NewSecretFactory(fSys fs.FileSystem, wd string) *SecretFactory {
+	return &SecretFactory{fSys: fSys, wd: wd}
+}
+
+func (f *SecretFactory) makeFreshSecret(args *types.SecretArgs) *corev1.Secret {
+	s := &corev1.Secret{}
+	s.APIVersion = "v1"
+	s.Kind = "Secret"
+	s.Name = args.Name
+	s.Type = corev1.SecretType(args.Type)
+	if s.Type == "" {
+		s.Type = corev1.SecretTypeOpaque
+	}
+	s.Data = map[string][]byte{}
+	return s
+}
+
+// MakeSecret returns a new secret.
+func (f *SecretFactory) MakeSecret(args *types.SecretArgs) (*corev1.Secret, error) {
+	var all []kvPair
+	var err error
+	s := f.makeFreshSecret(args)
+
+	timeout := defaultCommandTimeout
+	if args.TimeoutSeconds != nil {
+		timeout = time.Duration(*args.TimeoutSeconds) * time.Second
+	}
+
+	pairs, err := f.keyValuesFromEnvFileCommand(args.EnvCommand, timeout)
+	if err != nil {
+		return nil, errors.Wrap(err, fmt.Sprintf(
+			"env source file: %s",
+			args.EnvCommand))
+	}
+	all = append(all, pairs...)
+
+	pairs, err = f.keyValuesFromCommands(args.Commands, timeout)
+	if err != nil {
+		return nil, errors.Wrap(err, fmt.Sprintf(
+			"commands %v", args.Commands))
+	}
+	all = append(all, pairs...)
+
+	for _, kv := range all {
+		err = addKvToSecret(s, kv.key, kv.value)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return s, nil
+}
+
+func addKvToSecret(secret *corev1.Secret, keyName, data string) error {
+	// Note, the rules for SecretKeys  keys are the exact same as the ones for ConfigMap.
+	if errs := validation.IsConfigMapKey(keyName); len(errs) != 0 {
+		return fmt.Errorf("%q is not a valid key name for a Secret: %s", keyName, strings.Join(errs, ";"))
+	}
+	if _, entryExists := secret.Data[keyName]; entryExists {
+		return fmt.Errorf("cannot add key %s, another key by that name already exists", keyName)
+	}
+	secret.Data[keyName] = []byte(data)
+	return nil
+}
+
+func (f *SecretFactory) keyValuesFromEnvFileCommand(cmd string, timeout time.Duration) ([]kvPair, error) {
+	content, err := f.createSecretKey(cmd, timeout)
+	if err != nil {
+		return nil, err
+	}
+	return keyValuesFromLines(content)
+}
+
+func (f *SecretFactory) keyValuesFromCommands(sources map[string]string, timeout time.Duration) ([]kvPair, error) {
+	var kvs []kvPair
+	for k, cmd := range sources {
+		content, err := f.createSecretKey(cmd, timeout)
+		if err != nil {
+			return nil, err
+		}
+		kvs = append(kvs, kvPair{key: k, value: string(content)})
+	}
+	return kvs, nil
+}
+
+// Run a command, return its output as the secret.
+func (f *SecretFactory) createSecretKey(command string, timeout time.Duration) ([]byte, error) {
+	if !f.fSys.IsDir(f.wd) {
+		f.wd = filepath.Dir(f.wd)
+		if !f.fSys.IsDir(f.wd) {
+			return nil, errors.New("not a directory: " + f.wd)
+		}
+	}
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+	cmd := exec.CommandContext(ctx, "sh", "-c", command)
+	cmd.Dir = f.wd
+	return cmd.Output()
+}
--- a/internal/k8sdeps/kunstructuredfactory.go
+++ b/internal/k8sdeps/kunstructuredfactory.go
@@ -19,12 +19,17 @@ package k8sdeps
 import (
 	"io"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"sigs.k8s.io/kustomize/internal/k8sdeps/configmapandsecret"
+	"sigs.k8s.io/kustomize/pkg/fs"
 	"sigs.k8s.io/kustomize/pkg/ifc"
+	"sigs.k8s.io/kustomize/pkg/types"
 )

 // KunstructurerFactoryImpl hides construction using apimachinery types.
 type KunstructurerFactoryImpl struct {
-	decoder ifc.Decoder
+	decoder    ifc.Decoder
+	cmfactory  *configmapandsecret.ConfigMapFactory
+	secfactory *configmapandsecret.SecretFactory
 }

 var _ ifc.KunstructuredFactory = &KunstructurerFactoryImpl{}
@@ -58,3 +63,27 @@ func (kf *KunstructurerFactoryImpl) FromMap(
 	m map[string]interface{}) ifc.Kunstructured {
 	return &UnstructAdapter{Unstructured: unstructured.Unstructured{Object: m}}
 }
+
+// MakeConfigMap returns an instance of Kunstructured for ConfigMap
+func (kf *KunstructurerFactoryImpl) MakeConfigMap(args *types.ConfigMapArgs) (ifc.Kunstructured, error) {
+	cm, err := kf.cmfactory.MakeConfigMap(args)
+	if err != nil {
+		return nil, err
+	}
+	return NewKunstructuredFromObject(cm)
+}
+
+// MakeSecret returns an instance of Kunstructured for Secret
+func (kf *KunstructurerFactoryImpl) MakeSecret(args *types.SecretArgs) (ifc.Kunstructured, error) {
+	sec, err := kf.secfactory.MakeSecret(args)
+	if err != nil {
+		return nil, err
+	}
+	return NewKunstructuredFromObject(sec)
+}
+
+// Set sets loader, filesystem and workdirectory
+func (kf *KunstructurerFactoryImpl) Set(fs fs.FileSystem, ldr ifc.Loader) {
+	kf.cmfactory = configmapandsecret.NewConfigMapFactory(fs, ldr)
+	kf.secfactory = configmapandsecret.NewSecretFactory(fs, ldr.Root())
+}