-
Notifications
You must be signed in to change notification settings - Fork 88
/
dashboard.go
129 lines (109 loc) · 3.56 KB
/
dashboard.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
//
// Copyright (c) 2021 Red Hat, Inc.
// This program and the accompanying materials are made
// available under the terms of the Eclipse Public License 2.0
// which is available at https://www.eclipse.org/legal/epl-2.0/
//
// SPDX-License-Identifier: EPL-2.0
//
// Contributors:
// Red Hat, Inc. - initial API and implementation
//
package dashboard
import (
"fmt"
ctrl "sigs.k8s.io/controller-runtime"
"github.com/eclipse-che/che-operator/pkg/deploy"
"github.com/eclipse-che/che-operator/pkg/deploy/expose"
"github.com/eclipse-che/che-operator/pkg/deploy/gateway"
"github.com/eclipse-che/che-operator/pkg/util"
rbacv1 "k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/types"
)
const (
exposePath = "/dashboard/"
)
var (
log = ctrl.Log.WithName("dashboard")
)
type Dashboard struct {
deployContext *deploy.DeployContext
component string
}
func NewDashboard(deployContext *deploy.DeployContext) *Dashboard {
return &Dashboard{
deployContext: deployContext,
component: deploy.DefaultCheFlavor(deployContext.CheCluster) + "-dashboard",
}
}
func (d *Dashboard) GetComponentName() string {
return d.component
}
func (d *Dashboard) Reconcile() (done bool, err error) {
// Create a new dashboard service
done, err = deploy.SyncServiceToCluster(d.deployContext, d.component, []string{"http"}, []int32{8080}, d.component)
if !done {
return false, err
}
// Expose dashboard service with route or ingress
_, done, err = expose.ExposeWithHostPath(d.deployContext, d.component, d.deployContext.CheCluster.Spec.Server.CheHost,
exposePath,
d.deployContext.CheCluster.Spec.Server.DashboardRoute,
d.deployContext.CheCluster.Spec.Server.DashboardIngress,
d.createGatewayConfig(),
)
if !done {
return false, err
}
// we create dashboard SA in any case to keep a track on resources we access withing it
done, err = deploy.SyncServiceAccountToCluster(d.deployContext, DashboardSA)
if !done {
return done, err
}
// on Kubernetes Dashboard needs privileged SA to work with user's objects
// for time being until Kubernetes did not get authentication
if !util.IsOpenShift {
done, err = deploy.SyncClusterRoleToCluster(d.deployContext, d.getClusterRoleName(), GetPrivilegedPoliciesRulesForKubernetes())
if !done {
return false, err
}
done, err = deploy.SyncClusterRoleBindingToCluster(d.deployContext, d.getClusterRoleBindingName(), DashboardSA, d.getClusterRoleName())
if !done {
return false, err
}
err = deploy.AppendFinalizer(d.deployContext, ClusterPermissionsDashboardFinalizer)
if err != nil {
return false, err
}
}
// Deploy dashboard
spec, err := d.getDashboardDeploymentSpec()
if err != nil {
return false, err
}
return deploy.SyncDeploymentSpecToCluster(d.deployContext, spec, deploy.DefaultDeploymentDiffOpts)
}
func (d *Dashboard) Finalize() (done bool, err error) {
done, err = deploy.Delete(d.deployContext, types.NamespacedName{Name: d.getClusterRoleName()}, &rbacv1.ClusterRole{})
if !done {
return false, err
}
done, err = deploy.Delete(d.deployContext, types.NamespacedName{Name: d.getClusterRoleBindingName()}, &rbacv1.ClusterRoleBinding{})
if !done {
return false, err
}
err = deploy.DeleteFinalizer(d.deployContext, ClusterPermissionsDashboardFinalizer)
return err == nil, err
}
func (d *Dashboard) createGatewayConfig() *gateway.TraefikConfig {
cfg := gateway.CreateCommonTraefikConfig(
d.component,
fmt.Sprintf("PathPrefix(`%s`)", exposePath),
10,
"http://"+d.component+":8080",
[]string{})
if util.IsNativeUserModeEnabled(d.deployContext.CheCluster) {
cfg.AddAuthHeaderRewrite(d.component)
}
return cfg
}