Fork: 0
yangyangxie / AnthosCertManager
Transfer to URL with SHA Find file
Newer
Older
AnthosCertManager / pkg / controller / certificaterequests / checks.go
@Yangyang Xie Yangyang Xie on 24 Nov 2022 1 KB add cr controller && keymanager && cr request
Raw Blame History 
package certificaterequests

import (
	"fmt"

	acmapi "gitbucket.jerxie.com/yangyangxie/AnthosCertManager/pkg/apis/anthoscertmanager/v1"
	logf "gitbucket.jerxie.com/yangyangxie/AnthosCertManager/pkg/logs"
	"k8s.io/apimachinery/pkg/labels"
)

func (c *controller) handleGenericIssuer(obj interface{}) {
	log := c.log.WithName("handleGenericIssuer")

	iss, ok := obj.(acmapi.GenericIssuer)
	if !ok {
		log.Error(nil, "object does not implement GenericIssuer")
		return
	}

	log = logf.WithResource(log, iss)
	crs, err := c.certificatesRequestsForGenericIssuer(iss)
	if err != nil {
		log.Error(err, "error looking up certificates observing issuer or clusterissuer")
		return
	}
	for _, cr := range crs {
		log := logf.WithRelatedResource(log, cr)
		key, err := keyFunc(cr)
		if err != nil {
			log.Error(err, "error computing key for resource")
			continue
		}
		c.queue.Add(key)
	}
}

func (c *controller) certificatesRequestsForGenericIssuer(iss acmapi.GenericIssuer) ([]*acmapi.CertificateRequest, error) {
	crts, err := c.certificateRequestLister.List(labels.NewSelector())

	if err != nil {
		return nil, fmt.Errorf("error listing certificates: %s", err.Error())
	}

	_, isClusterIssuer := iss.(*acmapi.ClusterIssuer)

	var affected []*acmapi.CertificateRequest
	for _, crt := range crts {
		if isClusterIssuer && crt.Spec.IssuerRef.Kind != acmapi.ClusterIssuerKind {
			continue
		}
		if !isClusterIssuer {
			if crt.Namespace != iss.GetObjectMeta().Namespace {
				continue
			}
		}
		if crt.Spec.IssuerRef.Name != iss.GetObjectMeta().Name {
			continue
		}
		affected = append(affected, crt)
	}

	return affected, nil
}