utils

package
v0.0.0-...-cf5b4af Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 24, 2024 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CGUControllerWorkerCountEnv     = "TALM_CGU_CTRL_WORKER_COUNT"
	DefaultCGUControllerWorkerCount = 5
)

CGU controller constants

View Source 
const (
	RemediationActionEnforce = "enforce"
	RemediationActionInform  = "inform"
)

RemediationActionEnforce - Policy remediation for policies.

View Source 
const (
	ClusterStatusNonCompliant   = "NonCompliant"
	ClusterStatusCompliant      = "Compliant"
	ClusterStatusPending        = "Pending"
	ClusterNotMatchedWithPolicy = "NotMatchedWithPolicy"
	PolicyStatusPresent         = "PolicyStatusPresent"
)

Possible status returned when checking the compliance of a cluster with a policy.

View Source 
const (
	ClusterRemediationComplete = "complete"
	ClusterRemediationTimedout = "timedout"
)

Possible status of cluster remediation progress

View Source 
const (
	// Maximum length of policy + namespace (not including extra separator dot so 63 -1 = 62)
	// this is calculated with utf8.RuneCountInString(policy.Name)+utf8.RuneCountInString+utf8.RuneCountInString(policy.Namespace)
	MaxPolicyNameLengthExcludingTheDot = 62
	MaxObjectNameLength                = 253
	NameSuffixAnnotation               = CsvNamePrefix + "/name-suffix"
	RandomNameSuffixLength             = 5
)

CR name length limits and suffix annotation

View Source 
const (
	CsvNamePrefix              = "cluster-group-upgrades-operator"
	KubeconfigSecretSuffix     = "admin-kubeconfig"
	OperatorConfigOverrides    = "cluster-group-upgrade-overrides"
	PrecacheJobNamespace       = "openshift-talo-pre-cache"
	PrecacheJobName            = "pre-cache"
	PrecacheServiceAccountName = "pre-cache-agent"
	PrecacheSpecCmName         = "pre-cache-spec"
	PrecacheSpecValidCondition = "PrecacheSpecValid"
)

Pre-cache constants

View Source 
const (
	ViewUpdateSecPerCluster = 6
	ViewUpdateSecTotalMin   = 30
	ViewUpdateSecTotalMax   = 300
)

ViewUpdateSecPerCluster defines default ManagementClusterView update periodicity When configuring managedclusterview for clusters in precache-starting state, this value is multiplied by number of clusters, then bound by min and max

View Source 
const (
	SubscriptionStateAtLatestKnown  = "AtLatestKnown"
	SubscriptionStateUpgradePending = "UpgradePending"
)

Subscription possible states

View Source 
const (
	ManagedClusterViewPrefix   = "view"
	ManagedClusterActionPrefix = "action"
)

Multicloud object types

View Source 
const (
	InstallPlanWasApproved          = 0
	InstallPlanCannotBeApproved     = 1
	NoActionForApprovingInstallPlan = 2
	MultiCloudPendingStatus         = 3
	InstallPlanAlreadyApproved      = 4

	MultiCloudWaitTimeSec = 3

	TestManagedClusterActionTimeoutMessage = `ManagedClusterAction hasn't completed in the required timeout`
	TestManagedClusterActionFailedMessage  = "ManagedClusterAction failed"
)

Constants used for working with multicloud-operators-foundation

View Source 
const (
	ReconcileNow    = 0
	StopReconciling = 1
	DontReconcile   = 2
)

Reconciling instructions.

View Source 
const (
	ObjectTemplates    = "object-templates"
	ObjectTemplatesRaw = "object-templates-raw"
)

Object template constants

View Source 
const (
	PlcMissTmplDef           = "policy is missing its spec.policy-templates.objectDefinition"
	PlcMissTmplDefMeta       = "policy is missing its spec.policy-templates.objectDefinition.metadata"
	PlcMissTmplDefSpec       = "policy is missing its spec.policy-templates.objectDefinition.spec"
	ConfigPlcFailRawMarshal  = "policy was unable to be unmmarshalled from object-templates-raw"
	ConfigPlcHasBothObjTmpl  = "" /* 145-byte string literal not displayed */
	ConfigPlcMissAnyObjTmpl  = "" /* 152-byte string literal not displayed */
	ConfigPlcMissObjTmplDef  = "policy is missing its spec.policy-templates.objectDefinition.spec.object-templates.objectDefinition"
	ConfigPlcRawObjTmplErr   = "policy defines spec.policy-templates.objectDefinition.spec.object-templates-raw but is empty"
	Placeholder              = "placeholder"
	PlcHasHubTmplErr         = "" /* 141-byte string literal not displayed */
	PlcHubTmplFmtErr         = "template format is not supported in TALM"
	PlcHubTmplFuncErr        = "template function is not supported in TALM"
	PlcHubTmplPrinfInNameErr = "printf variable is not supported in the template function Name field"
	PlcHubTmplPrinfInNsErr   = "printf variable is not supported in the template function Namespace field"
	PlcLookupFuncResErr      = "" /* 146-byte string literal not displayed */
)

Policy errors

View Source 
const (
	CannotStart = "UpgradeCannotStart"
)

Upgrade status

View Source 
const (
	ChildPolicyLabel = "policy.open-cluster-management.io/root-policy"
)

Label specific to ACM child policies.

View Source 
const (
	CleanupFinalizer = "ran.openshift.io/cleanup-finalizer"
)

Finalizers

View Source 
const (
	DesiredResourceName = CsvNamePrefix + "/rname"
)

Annotation for TALO created object names

View Source 
const ExcludeFromClusterBackup = "velero.io/exclude-from-backup"

ExcludeFromClusterBackup is a label to exclude object from cluster-backup-operator https://github.com/stolostron/cluster-backup-operator#steps-to-identify-backup-data

View Source 
const (
	PolicyTypeCatalogSource = "CatalogSource"
)

Policy types used within the operator

View Source 
const SoakAnnotation = "ran.openshift.io/soak-seconds"

SoakAnnotation is the annotation that can be set on policies, which indicates the least number of seconds which policies should be compliant before the cgu moves on from that policy

View Source 
const SpaceRequiredForPrecache = "35 GiB"

SpaceRequiredForPrecache is an env variable for precaching job that indicates the amount of space required for precaching job. This is a rough estimate. 30 GiB for OCP images and 5 GiB as a buffer for operator images and other disk allocations that can happen between the job and the actual upgrade kicked off by the CGU.

Variables

View Source 
var CompletedMessages = map[ranv1alpha1.RolloutType]string{
	ranv1alpha1.RolloutTypes.Policy:       "All clusters are compliant with all the managed policies",
	ranv1alpha1.RolloutTypes.ManifestWork: "All manifestworks rolled out successfully on all clusters",
}

CompletedMessages defines the completed messages for the conditions by rollout type

View Source 
var ConditionReasons = struct {
	Completed                     ConditionReason
	ClusterSelectionCompleted     ConditionReason
	ValidationCompleted           ConditionReason
	BackupCompleted               ConditionReason
	PrecachingCompleted           ConditionReason
	Failed                        ConditionReason
	IncompleteBlockingCR          ConditionReason
	InProgress                    ConditionReason
	InvalidPlatformImage          ConditionReason
	MissingBlockingCR             ConditionReason
	NotAllManagedPoliciesExist    ConditionReason
	AmbiguousManagedPoliciesNames ConditionReason
	NotEnabled                    ConditionReason
	NotStarted                    ConditionReason
	ClusterNotFound               ConditionReason
	NotPresent                    ConditionReason
	PartiallyDone                 ConditionReason
	PrecacheSpecIncomplete        ConditionReason
	PrecacheSpecIsWellFormed      ConditionReason
	TimedOut                      ConditionReason
	UnresolvableDenpendency       ConditionReason
}{
	Completed:                     "Completed",
	ClusterSelectionCompleted:     "ClusterSelectionCompleted",
	ValidationCompleted:           "ValidationCompleted",
	BackupCompleted:               "BackupCompleted",
	PrecachingCompleted:           "PrecachingCompleted",
	Failed:                        "Failed",
	IncompleteBlockingCR:          "IncompleteBlockingCR",
	InProgress:                    "InProgress",
	InvalidPlatformImage:          "InvalidPlatformImage",
	MissingBlockingCR:             "MissingBlockingCR",
	NotAllManagedPoliciesExist:    "NotAllManagedPoliciesExist",
	AmbiguousManagedPoliciesNames: "AmbiguousManagedPoliciesNames",
	NotEnabled:                    "NotEnabled",
	NotStarted:                    "NotStarted",
	ClusterNotFound:               "ClusterNotFound",
	NotPresent:                    "NotPresent",
	PartiallyDone:                 "PartiallyDone",
	PrecacheSpecIncomplete:        "PrecacheSpecIncomplete",
	PrecacheSpecIsWellFormed:      "PrecacheSpecIsWellFormed",
	TimedOut:                      "TimedOut",
	UnresolvableDenpendency:       "UnresolvableDenpendency",
}

ConditionReasons define the different reasons that conditions will be set for

View Source 
var ConditionTypes = struct {
	BackupSuceeded     ConditionType
	ClustersSelected   ConditionType
	PrecacheSpecValid  ConditionType
	PrecachingSuceeded ConditionType
	Progressing        ConditionType
	Succeeded          ConditionType
	Validated          ConditionType
}{
	BackupSuceeded:     "BackupSuceeded",
	ClustersSelected:   "ClustersSelected",
	PrecacheSpecValid:  "PrecacheSpecValid",
	PrecachingSuceeded: "PrecachingSuceeded",
	Progressing:        "Progressing",
	Succeeded:          "Succeeded",
	Validated:          "Validated",
}

ConditionTypes define the different types of conditions that will be set

View Source 
var EnsureInstallPlanIsApproved = func(
	ctx context.Context, c client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade,
	subscription operatorsv1alpha1.Subscription, clusterName string) (int, error) {

	multiCloudLog.Info("[EnsureInstallPlanIsApproved] Create MCV for InstallPlan", "InstallPlan",
		subscription.Status.Install.Name, "ns", clusterName)
	mcvForInstallPlan, err := EnsureManagedClusterView(
		ctx, c, subscription.Status.Install.Name, subscription.Status.Install.Name,
		clusterName, "InstallPlan", subscription.Status.Install.Name,
		subscription.ObjectMeta.Namespace, clusterGroupUpgrade.Name, clusterGroupUpgrade.Namespace)
	if err != nil {
		return InstallPlanCannotBeApproved, err
	}

	conditionMCVforInstallPlan := meta.FindStatusCondition(
		mcvForInstallPlan.Status.Conditions, viewv1beta1.ConditionViewProcessing)
	if conditionMCVforInstallPlan == nil {
		multiCloudLog.Info("ManagedClusterView was not (yet) ready, try again later",
			"managedclusterview", mcvForInstallPlan.ObjectMeta.Name, "namespace", mcvForInstallPlan.ObjectMeta.Namespace)
		return MultiCloudPendingStatus, nil
	}

	if conditionMCVforInstallPlan.Reason != viewv1beta1.ReasonGetResource {
		multiCloudLog.Info("ManagedClusterView was not able to retrieve the requested resource (yet), trying again later",
			"managedclusterview", mcvForInstallPlan.ObjectMeta.Name, "namespace", mcvForInstallPlan.ObjectMeta.Namespace)
		return MultiCloudPendingStatus, nil
	}

	if conditionMCVforInstallPlan.Status == "True" && conditionMCVforInstallPlan.Reason == viewv1beta1.ReasonGetResource {

		installPlan := operatorsv1alpha1.InstallPlan{}
		json.Unmarshal(mcvForInstallPlan.Status.Result.Raw, &installPlan)

		if installPlan.Spec.Approval != operatorsv1alpha1.ApprovalManual {
			multiCloudLog.Info("InstallPlan can't be approved as it's approval is not set to Manual",
				"InstallPlan", installPlan.ObjectMeta.Name, "namespace", installPlan.ObjectMeta.Namespace)
			return InstallPlanCannotBeApproved, nil
		}

		if installPlan.Spec.Approved {
			multiCloudLog.Info("InstallPlan has already been approved",
				"InstallPlan", installPlan.ObjectMeta.Name, "namespace", installPlan.ObjectMeta.Namespace)
			return InstallPlanAlreadyApproved, nil
		}

		multiCloudLog.Info("Create ManagedClusterAction for InstallPlan", "InstallPlan",
			installPlan.ObjectMeta.Name, "namespace", installPlan.ObjectMeta.Namespace)

		_, err := EnsureManagedClusterActionForInstallPlan(ctx, c, clusterName, clusterGroupUpgrade.Namespace+"-"+clusterGroupUpgrade.Name, installPlan)
		if err != nil {
			return InstallPlanCannotBeApproved, err
		}

		return InstallPlanWasApproved, nil
	}

	return InstallPlanCannotBeApproved, nil
}

EnsureInstallPlanIsApproved creates a view to get all the needed information on an InstallPlan and creates an action to approve that plan, if the plan's approval is set to Manual.

View Source 
var InProgressMessages = map[ranv1alpha1.RolloutType]string{
	ranv1alpha1.RolloutTypes.Policy:       "Remediating non-compliant policies",
	ranv1alpha1.RolloutTypes.ManifestWork: "Rolling out manifestworks",
}

InProgressMessages defines the in progress messages for the conditions by rollout type

View Source 
var TimeoutMessages = map[ranv1alpha1.RolloutType]string{
	ranv1alpha1.RolloutTypes.Policy:       "Policy remediation took too long",
	ranv1alpha1.RolloutTypes.ManifestWork: "Manifestwork rollout took too long",
}

TimeoutMessages defines the timeout messages for the conditions by rollout type

Functions

func CalculateBatchTimeout 

func CalculateBatchTimeout(timeoutMinutes, numBatches, currentBatch int, currentBatchStartTime, cguStartTime time.Time) time.Duration

CalculateBatchTimeout calculates the current batch timeout for the running cgu

func CleanupManifestWorkForBatch 

func CleanupManifestWorkForBatch(ctx context.Context, c client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade, batchIndex int) error

CleanupManifestWorkForBatch deletes manifestwork instances for all clusters in the given batch

func ClusterVersionGroupVersionKind 

func ClusterVersionGroupVersionKind() schema.GroupVersionKind

ClusterVersionGroupVersionKind for monitoring and other type specific logic

func ContainsTemplates 

func ContainsTemplates(s string) bool

ContainsTemplates checks if the string contains some templatized parts

func CreateManifestWorkForCluster 

func CreateManifestWorkForCluster(ctx context.Context, client client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade,
	index int, clusterName string) error

CreateManifestWorkForCluster creates the manifest work instance for the given spoke

func DeleteManagedClusterActions 

func DeleteManagedClusterActions(
	ctx context.Context, c client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade, clusterName string) error

DeleteManagedClusterActions cleans up actions associated to a cluster. This needs to be done explicitly when the action can't be executed, e.g. cluster offline. Leaving actions behind may cause unexpected behavior if the cluster comes back online later after the CGU times out, i.e. outside of the maintenance window.

func DeleteManagedClusterViews 

func DeleteManagedClusterViews(
	ctx context.Context, c client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade, clusterName string) error

DeleteManagedClusterViews cleans up views associated to a cluster.

func DeleteMultiCloudObjects 

func DeleteMultiCloudObjects(
	ctx context.Context, c client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade, clusterName string) error

DeleteMultiCloudObjects cleans up views and actions associated to a cluster.

func DeletePlacementBindings 

func DeletePlacementBindings(ctx context.Context, c client.Client, ns string, labels map[string]string) error

DeletePlacementBindings deletes PlacementBindings

func DeletePlacementRules 

func DeletePlacementRules(ctx context.Context, c client.Client, ns string, labels map[string]string) error

DeletePlacementRules deletes PlacementRules

func DeletePolicies 

func DeletePolicies(ctx context.Context, c client.Client, ns string, labels map[string]string) error

DeletePolicies deletes Policies

func EnsureManagedClusterActionForInstallPlan 

func EnsureManagedClusterActionForInstallPlan(
	ctx context.Context, c client.Client, namespace, cguLabel string,
	installPlan operatorsv1alpha1.InstallPlan) (*actionv1beta1.ManagedClusterAction, error)

EnsureManagedClusterActionForInstallPlan creates or updates an action for an InstallPlan.

func EnsureManagedClusterView 

func EnsureManagedClusterView(
	ctx context.Context, c client.Client, safeName, name, namespace, resourceType,
	resourceName, resourceNamespace, cguName, cguNamespace string) (*viewv1beta1.ManagedClusterView, error)

EnsureManagedClusterView creates or updates a view.

func FinalMultiCloudObjectCleanup 

func FinalMultiCloudObjectCleanup(
	ctx context.Context, c client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade) error

FinalMultiCloudObjectCleanup cleans up views and actions associated to all clusters from the current batch that haven't completed If current batch is not set yet, clean up for the first batch

func FindStringInSlice 

func FindStringInSlice(a []string, s string) (int, bool)

FindStringInSlice checks if a given string is in the slice, and returns true along with its index if it's found

func GetChildPolicies 

func GetChildPolicies(ctx context.Context, c client.Client, clusters []string) ([]policiesv1.Policy, error)

GetChildPolicies gets the child policies for a list of clusters

func GetClustersListFromRemediationPlan 

func GetClustersListFromRemediationPlan(clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade) []string

GetClustersListFromRemediationPlan gets the list of clusters from the remediation plan

func GetMCVUpdateInterval 

func GetMCVUpdateInterval(totalClusters int) int

GetMCVUpdateInterval computes a reasonable value based on the number of clusters

func GetManifestWorkForCluster 

func GetManifestWorkForCluster(ctx context.Context, client client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade,
	startIndex int, clusterName string) (*mwv1.ManifestWork, error)

GetManifestWorkForCluster returns the manifest work instance for the given spoke

func GetMinOf3 

func GetMinOf3(number1, number2, number3 int) int

GetMinOf3 return the minimum of 3 numbers.

func GetMultiCloudObjectName 

func GetMultiCloudObjectName(clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade, kind, objectName string) string

GetMultiCloudObjectName computes the name of a view or action

func GetParentPolicyNameAndNamespace 

func GetParentPolicyNameAndNamespace(childPolicyName string) ([]string, error)

GetParentPolicyNameAndNamespace gets the parent policy name and namespace from a given child policy returns: []string a two-element slice which the first element is policy namespace and the second one is policy name

func GetResourceName 

func GetResourceName(clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade, initialString string) string

GetResourceName constructs composite names for policy objects

func GetSafeResourceName 

func GetSafeResourceName(name, namespace string, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade, maxLength int) string

GetSafeResourceName returns the safename if already allocated in the map and creates a new one if not

func InspectPolicyObjects 

func InspectPolicyObjects(policy *unstructured.Unstructured) (bool, error)

InspectPolicyObjects validates the policy objects, checks if it contains a status section in any object templates and return error if the policy is invalid

func IsManifestWorkCompleted 

func IsManifestWorkCompleted(mw *mwv1.ManifestWork) (bool, error)

IsManifestWorkCompleted returns true if the manifestwork is applied and the field values match the expectation

func NewManagedClusterActionForInstallPlanSpec 

func NewManagedClusterActionForInstallPlanSpec(installPlan operatorsv1alpha1.InstallPlan) (*actionv1beta1.ActionSpec, error)

NewManagedClusterActionForInstallPlanSpec returns the action spec for approving an InstallPlan.

func NewSafeResourceName 

func NewSafeResourceName(name, namespace, suffix string, maxLength int) (safename string)

NewSafeResourceName creates a safe name to use with random suffix and possible truncation based on limits passed in

func PrefixNameWithNamespace 

func PrefixNameWithNamespace(namespace, name string) string

PrefixNameWithNamespace Prefixes the passed name with the passed namespace. Use '/' as a separator

func ProcessSubscriptionManagedClusterView 

func ProcessSubscriptionManagedClusterView(
	ctx context.Context, c client.Client, clusterGroupUpgrade *ranv1alpha1.ClusterGroupUpgrade,
	clusterName string, mcv *viewv1beta1.ManagedClusterView) (int, error)

ProcessSubscriptionManagedClusterView processes the content of a view that is configured to watch a Subscription type object and takes the necessary actions to approve the InstallPlan associated with that Subscription.

func SetStatusCondition 

func SetStatusCondition(existingConditions *[]metav1.Condition, conditionType ConditionType, conditionReason ConditionReason, conditionStatus metav1.ConditionStatus, message string)

SetStatusCondition is a convenience wrapper for meta.SetStatusCondition that takes in the types defined here and converts them to strings

func ShouldSoak 

func ShouldSoak(policy *unstructured.Unstructured, firstCompliantAt metav1.Time) (bool, error)

ShouldSoak returns whether the reconciler should wait for some time before moving on from a policy after it is compliant

func StringToYaml 

func StringToYaml(s string) (interface{}, error)

StringToYaml takes a string and attempts to unmarshal it into a YAML

func StripObjectTemplatesRaw 

func StripObjectTemplatesRaw(tmplStr string) string

StripObjectTemplatesRaw removes all the ACM raw templating from a string and returns an interface of what the object-templates would be if not for the raw templating

func SubscriptionGroupVersionKind 

func SubscriptionGroupVersionKind() schema.GroupVersionKind

SubscriptionGroupVersionKind for monitoring and other type specific logic

func UpdateManagedPolicyNamespaceList 

func UpdateManagedPolicyNamespaceList(policyNs map[string][]string, policyNameArr []string)

UpdateManagedPolicyNamespaceList updates policyNs with the corresponding namespaces of a managed policy as contained in the policyNameArr parameter.

Types

type ConditionReason 

type ConditionReason string

ConditionReason is a string representing the condition's reason

type ConditionType 

type ConditionType string

ConditionType is a string representing the condition's type

type ManifestWorkExpectedValues 

type ManifestWorkExpectedValues []struct {
	ManifestIndex int32  `json:"manifestIndex,omitempty"`
	Name          string `json:"name,omitempty"`
	Value         string `json:"value,omitempty"`
}

ManifestWorkExpectedValues defines the expected values for the fields synced back from the spoke through feedback rules.

type PolicyErr 

type PolicyErr struct {
	ObjName string
	ErrMsg  string
}

PolicyErr type

func (*PolicyErr) Error 

func (e *PolicyErr) Error() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.