public async Task <ActionResult> AddNamespace([FromBody] AddNamespaceRequest addNamespaceRequest)
{
if (!_addNamespaceRequestValidator.TryValidateAddNamespaceRequest(addNamespaceRequest,
out string validationError))
{
Log.Warning($"Add namespace called with invalid input. Validation error: {validationError}");
return(BadRequest(validationError));
}
try
{
await _namespaceRepository.CreateNamespaceAsync(
addNamespaceRequest.NamespaceName,
addNamespaceRequest.RoleName
);
await _roleRepository
.CreateNamespaceFullAccessRole(addNamespaceRequest.NamespaceName);
return(Ok());
}
catch (Exception ex)
{
Log.Error($"An error occured trying to create the namespace: {ex.Message}");
return(StatusCode(StatusCodes.Status500InternalServerError,
$"An error occured trying to create the namespace: {ex.Message}"));
}
}
private async Task CreateNameSpace(
NamespaceName namespaceName,
ContextAccountCreatedDomainEvent domainEvent
)
{
var labels = new List <Label>
{
Label.CreateSafely("capability-id", domainEvent.Payload.CapabilityId.ToString()),
Label.CreateSafely("capability-name", domainEvent.Payload.CapabilityName),
Label.CreateSafely("context-id", domainEvent.Payload.ContextId.ToString()),
Label.CreateSafely("context-name", domainEvent.Payload.ContextName)
};
try
{
await _namespaceRepository.CreateNamespaceAsync(namespaceName, labels);
}
catch (NamespaceAlreadyExistException)
{
// TODO Should we assert labels exist?
_logger.LogInformation($"Not creating namespace {namespaceName} as it already exist in kubernetes");
}
await _namespaceRepository.AddAnnotations(namespaceName, new Dictionary <string, string>
{
{
"iam.amazonaws.com/permitted",
IAM.ConstructRoleArn(domainEvent.Payload.AccountId, ".*")
},
{
"dfds-aws-account-id",
domainEvent.Payload.AccountId
}
});
}
public async Task HandleAsync(CapabilityRegisteredDomainEvent capabilityRegisteredDomainEvent)
{
var capabilityName = capabilityRegisteredDomainEvent.Payload.CapabilityName.ToLower();
var configmapRoleName = capabilityName;
await _configMapService.AddRole(
roleName : configmapRoleName,
roleArn : capabilityRegisteredDomainEvent.Payload.RoleArn
);
var namespaceName = capabilityName;
await _namespaceRepository.CreateNamespaceAsync(
namespaceName : namespaceName,
roleName : configmapRoleName
);
var namespaceRoleName = await _roleRepository
.CreateNamespaceFullAccessRole(namespaceName);
await _roleBindingRepository.BindNamespaceRoleToGroup(
namespaceName : namespaceName,
role : namespaceRoleName,
group : capabilityName
);
}
public async Task HandleAsync(CapabilityRegisteredDomainEvent capabilityRegisteredDomainEvent)
{
_logger.LogWarning($"Handling deprecated CapabilityRegisteredDomainEvent for capability {capabilityRegisteredDomainEvent.Payload.CapabilityName}");
var capabilityName = capabilityRegisteredDomainEvent.Payload.CapabilityName.ToLower();
var configmapRoleName = capabilityName;
await _configMapService.AddRole(
roleName : configmapRoleName,
roleArn : capabilityRegisteredDomainEvent.Payload.RoleArn
);
var namespaceName = capabilityName;
_logger.LogWarning($"Creating namespace with default role permisison (AccountId: 000000000000)");
await _namespaceRepository.CreateNamespaceAsync(
namespaceName : namespaceName,
accountId : "000000000000"
);
var namespaceRoleName = await _roleRepository
.CreateNamespaceFullAccessRole(namespaceName);
await _roleBindingRepository.BindNamespaceRoleToGroup(
namespaceName : namespaceName,
role : namespaceRoleName,
group : capabilityName
);
}
public async Task CreateNameSpace(
NamespaceName namespaceName,
ContextAccountCreatedDomainEvent domainEvent
)
{
var labels = new List <Label>
{
Label.CreateSafely("capability-id", domainEvent.Payload.CapabilityId.ToString()),
Label.CreateSafely("capability-name", domainEvent.Payload.CapabilityName),
Label.CreateSafely("context-id", domainEvent.Payload.ContextId.ToString()),
Label.CreateSafely("context-name", domainEvent.Payload.ContextName)
};
await _namespaceRepository.CreateNamespaceAsync(namespaceName, labels);
}
public async Task HandleAsync(ContextAddedToCapabilityDomainEvent domainEvent)
{
var namespaceName = CreateNamespaceName(
capabilityId: domainEvent.Data.CapabilityId,
capabilityName: domainEvent.Data.CapabilityName,
contextName: domainEvent.Data.ContextName
);
var labels = new Dictionary <string, string>
{
{ "capability-id", domainEvent.Data.CapabilityId.ToString() },
{ "capability-name", domainEvent.Data.CapabilityName },
{ "context-id", domainEvent.Data.ContextId.ToString() },
{ "context-name", domainEvent.Data.ContextName }
};
await _namespaceRepository.CreateNamespaceAsync(namespaceName, labels);
}
