Added secret update function

Added process logic for secret update Signed-off-by: Gao Pan <gao_pan@intuit.com>
istio-ecosystem · Jan 13, 2020 · 91243aa · 91243aa
1 parent 096febb
commit 91243aa
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 34 deletions.
diff --git a/admiral/cmd/admiral/cmd/root.go b/admiral/cmd/admiral/cmd/root.go
@@ -5,6 +5,7 @@ import (
 	"flag"
 	"fmt"
 	"github.com/istio-ecosystem/admiral/admiral/pkg/clusters"
+	"github.com/istio-ecosystem/admiral/admiral/pkg/controller/common"
 	"istio.io/istio/pkg/log"
 	"os"
 	"os/signal"
@@ -25,6 +26,7 @@ func GetRootCmd(args []string) *cobra.Command {
 	var ()
 
 	params := clusters.AdmiralParams{}
+	params.LabelSet = &common.LabelSet{}
 
 	rootCmd := &cobra.Command{
 		Use:          "Admiral",

diff --git a/admiral/pkg/controller/secret/secretcontroller.go b/admiral/pkg/controller/secret/secretcontroller.go
@@ -145,6 +145,13 @@ func NewController(
 				queue.Add(key)
 			}
 		},
+		UpdateFunc: func(oldObj interface{}, newObj interface{}) {
+			key, err := cache.MetaNamespaceKeyFunc(newObj)
+			log.Infof("Processing update: %s", key)
+			if err == nil {
+				queue.Add(key)
+			}
+		},
 		DeleteFunc: func(obj interface{}) {
 			key, err := cache.DeletionHandlingMetaNamespaceKeyFunc(obj)
 			log.Infof("Processing delete: %s", key)
@@ -237,47 +244,54 @@ func (c *Controller) addMemberCluster(secretName string, s *corev1.Secret) {
 	for clusterID, kubeConfig := range s.Data {
 		// clusterID must be unique even across multiple secrets
 		if _, ok := c.cs.remoteClusters[clusterID]; !ok {
-			if len(kubeConfig) == 0 {
-				log.Infof("Data '%s' in the secret %s in namespace %s is empty, and disregarded ",
-					clusterID, secretName, s.ObjectMeta.Namespace)
-				continue
-			}
+			log.Infof("Adding new cluster member: %s", clusterID)
+			c.cs.remoteClusters[clusterID] = &RemoteCluster{}
+			c.cs.remoteClusters[clusterID].secretName = secretName
+		} else {
+			log.Infof("Cluster %s in the secret %s in namespace %s already exists. Reloading secret...",
+				clusterID, c.cs.remoteClusters[clusterID].secretName, s.ObjectMeta.Namespace)
+		}
 
-			kubeConfig, err := c.secretResolver.FetchKubeConfig(clusterID, kubeConfig)
+		if len(kubeConfig) == 0 {
+			log.Infof("Data '%s' in the secret %s in namespace %s is empty, and disregarded ",
+				clusterID, secretName, s.ObjectMeta.Namespace)
+			continue
+		}
 
-			if err != nil {
-				log.Errorf("Failed to fetch kubeconfig for cluster '%s' using secret resolver: %v, err: %v",
-					clusterID, c.secretResolver, err)
-				continue
-			}
+		kubeConfig, err := c.secretResolver.FetchKubeConfig(clusterID, kubeConfig)
 
-			clusterConfig, err := LoadKubeConfig(kubeConfig)
-			if err != nil {
-				log.Infof("Data '%s' in the secret %s in namespace %s is not a kubeconfig: %v",
-					clusterID, secretName, s.ObjectMeta.Namespace, err)
-				log.Infof("KubeConfig: '%s'", string(kubeConfig))
-				continue
-			}
+		if err != nil {
+			log.Errorf("Failed to fetch kubeconfig for cluster '%s' using secret resolver: %v, err: %v",
+				clusterID, c.secretResolver, err)
+			continue
+		}
 
-			log.Infof("Adding new cluster member: %s", clusterID)
-			c.cs.remoteClusters[clusterID] = &RemoteCluster{}
-			c.cs.remoteClusters[clusterID].secretName = secretName
-			clientConfig := clientcmd.NewDefaultClientConfig(*clusterConfig, &clientcmd.ConfigOverrides{})
+		clusterConfig, err := LoadKubeConfig(kubeConfig)
 
-			var restConfig *rest.Config
-			restConfig, err = clientConfig.ClientConfig()
+		if err != nil {
+			log.Infof("Data '%s' in the secret %s in namespace %s is not a kubeconfig: %v",
+				clusterID, secretName, s.ObjectMeta.Namespace, err)
+			log.Infof("KubeConfig: '%s'", string(kubeConfig))
+			continue
+		}
 
-			if err != nil {
-				log.Errorf("error during conversion of secret to client config: %v", err)
-			}
+		clientConfig := clientcmd.NewDefaultClientConfig(*clusterConfig, &clientcmd.ConfigOverrides{})
 
-			err = c.addCallback(restConfig, clusterID, 2 * time.Minute)
-			if err != nil {
-				log.Errorf("error during create of clusterID: %s %v", clusterID, err)
-			}
-		} else {
-			log.Infof("Cluster %s in the secret %s in namespace %s already exists",
-				clusterID, c.cs.remoteClusters[clusterID].secretName, s.ObjectMeta.Namespace)
+		var restConfig *rest.Config
+		restConfig, err = clientConfig.ClientConfig()
+
+		if err != nil {
+			log.Errorf("error during conversion of secret to client config: %v", err)
+			continue
+		}
+
+		err = c.addCallback(restConfig, clusterID, 2 * time.Minute)
+
+		if err != nil {
+			log.Errorf("error during secret loading for clusterID: %s %v", clusterID, err)
+			continue
+		}else{
+			log.Infof("Secret loaded for cluster %s in the secret %s in namespace %s.",clusterID,c.cs.remoteClusters[clusterID].secretName, s.ObjectMeta.Namespace)
 		}
 	}
 	log.Infof("Number of remote clusters: %d", len(c.cs.remoteClusters))