Browse Source

policy sync

pull/3/head
Vladimir Smagin 1 year ago
parent
commit
131d4bb85d
2 changed files with 66 additions and 27 deletions
  1. +65
    -26
      pkg/controller/rabbitmq/rabbitmq_policies.go
  2. +1
    -1
      pkg/controller/rabbitmq/rabbitmq_users.go

+ 65
- 26
pkg/controller/rabbitmq/rabbitmq_policies.go View File

@@ -11,19 +11,21 @@ import (

// setPolicies run as go routine
func (r *ReconcileRabbitmq) setPolicies(ctx context.Context, reqLogger logr.Logger, cr *rabbitmqv1.Rabbitmq, secretNames secretResouces) error {
var secret basicAuthCredentials

// get service account credentials
var serviceAccount basicAuthCredentials

username, err := r.getSecretData(reqLogger, cr.Namespace, secretNames.ServiceAccount, "username")
secret.username = username
serviceAccount.username = username
if err != nil {
reqLogger.Info("Policies: auth username not found")
reqLogger.Info("Users: auth username not found")
return err
}

password, err := r.getSecretData(reqLogger, cr.Namespace, secretNames.ServiceAccount, "password")
secret.password = password
serviceAccount.password = password
if err != nil {
reqLogger.Info("Policies: auth password not found")
reqLogger.Info("Users: auth password not found")
return err
}

@@ -35,34 +37,29 @@ func (r *ReconcileRabbitmq) setPolicies(ctx context.Context, reqLogger logr.Logg
reqLogger.Info("Rabbitmq API service failed", "Service name", r.apiServiceHostname(cr), "Error", err.Error())
return err
}
reqLogger.Info("Using API service: "+r.apiServiceAddress(cr), "username", secret.username, "password", secret.password)
reqLogger.Info("Using API service: "+r.apiServiceAddress(cr), "username", serviceAccount.username, "password", serviceAccount.password)

var policiesCR []rabbitmqv1.RabbitmqPolicy

//clean rabbit before fulfilling policies list
reqLogger.Info("Removing all policies")
// get exiting policies
reqLogger.Info("Reading exiting policies")

policies, err := r.apiPolicyList(reqLogger, cr, secret)
policiesRabbit, err := r.apiPolicyList(reqLogger, cr, serviceAccount)
if err != nil {
reqLogger.Info("Error while receiving policies list", "Error", err.Error())
return err
}
reqLogger.Info("Removing all policies from list", "Policies", policies)
for _, policyRecord := range policies {
reqLogger.Info("Removing " + policyRecord.Name)
err = r.apiPolicyRemove(reqLogger, cr, secret, policyRecord.Vhost, policyRecord.Name)
if err != nil {
return err
}
}

reqLogger.Info("Uploading policies from CRD")
// get policies from CR
reqLogger.Info("Reading policies from CRD")

// detect default vhost for all policies
// set default vhost for all policies
policiesDefaultVhost := "%2f"
if cr.Spec.RabbitmqVhost != "" {
policiesDefaultVhost = cr.Spec.RabbitmqVhost
}

// add new policies to Rabbit
// detect vhost to use
for _, policy := range cr.Spec.RabbitmqPolicies {
// detect vhost to use
policyVhost := ""
@@ -72,13 +69,55 @@ func (r *ReconcileRabbitmq) setPolicies(ctx context.Context, reqLogger logr.Logg
policyVhost = policiesDefaultVhost
}

// send policy to api service
reqLogger.Info("Adding policy " + policy.Name + " to vhost " + policyVhost)
err = r.apiPolicyAdd(reqLogger, cr, secret, policyVhost, policy)
if err != nil {
reqLogger.Info("Error adding policy "+policy.Name+" to vhost "+policyVhost, "Error", err)
return err
policy.Vhost = policyVhost

policiesCR = append(policiesCR, policy)

}

// ok, now syncing

// add to rabbit from CR
for _, policyCR := range policiesCR {

//search
policyFound := false
for _, policyRabbit := range policiesRabbit {
if policyCR.Name == policyRabbit.Name {
policyFound =true
}
}

if !policyFound {
// send policy to api service
reqLogger.Info("Adding policy " + policyCR.Name + " to vhost " + policyCR.Vhost)
err = r.apiPolicyAdd(reqLogger, cr, serviceAccount, policyCR.Vhost, policyCR)
if err != nil {
reqLogger.Info("Error adding policy "+policyCR.Name+" to vhost "+policyCR.Vhost, "Error", err)
return err
}
}
}

// remove policies from rabbit
for _, policyRabbit := range policiesRabbit {

// search
policyFound := false
for _, policyCR := range policiesCR {
if policyCR.Name == policyRabbit.Name {
policyFound =true
}
}

if !policyFound {
reqLogger.Info("Removing " + policyRabbit.Name)
err = r.apiPolicyRemove(reqLogger, cr, serviceAccount, policyRabbit.Vhost, policyRabbit.Name)
if err != nil {
return err
}
}

}

return nil


+ 1
- 1
pkg/controller/rabbitmq/rabbitmq_users.go View File

@@ -98,7 +98,7 @@ func (r *ReconcileRabbitmq) syncUsersCredentials(ctx context.Context, reqLogger
continue
}
reqLogger.Info("Removing " + user)
//err = r.apiUserRemove(reqLogger, cr, secret, rabbitmqUserStruct{Name:user})
err = r.apiUserRemove(reqLogger, cr, secret, rabbitmqUserStruct{Name:user})
if err != nil {
return err
}


Loading…
Cancel
Save