예제 #1
0
        /// <summary>
        ///     Find the server's associated Secret for credentials.
        /// </summary>
        /// <returns>
        ///     The Secret, or <c>null</c> if it was not found.
        /// </returns>
        public async Task <SecretV1> FindCredentialsSecret()
        {
            RequireCurrentState();

            List <SecretV1> matchingSecrets = await KubeClient.SecretsV1().List(
                labelSelector: $"cloud.dimensiondata.daas.server-id = {State.Id}, cloud.dimensiondata.daas.secret-type = credentials",
                kubeNamespace: KubeOptions.KubeNamespace
                );

            if (matchingSecrets.Count == 0)
            {
                return(null);
            }

            return(matchingSecrets[matchingSecrets.Count - 1]);
        }
예제 #2
0
        /// <summary>
        ///     Ensure that a Secret for credentials does not exist for the specified database server.
        /// </summary>
        /// <returns>
        ///     <c>true</c>, if the controller is now absent; otherwise, <c>false</c>.
        /// </returns>
        public async Task <bool> EnsureCredentialsSecretAbsent()
        {
            RequireCurrentState();

            SecretV1 credentialsSecret = await FindCredentialsSecret();

            if (credentialsSecret == null)
            {
                return(true);
            }

            Log.LogInformation("Deleting credentials secret {SecretName} for server {ServerId}...",
                               credentialsSecret.Metadata.Name,
                               State.Id
                               );

            try
            {
                await KubeClient.SecretsV1().Delete(
                    name: credentialsSecret.Metadata.Name,
                    kubeNamespace: KubeOptions.KubeNamespace
                    );
            }
            catch (HttpRequestException <StatusV1> deleteFailed)
            {
                Log.LogError("Failed to delete credentials secret {SecretName} for server {ServerId} (Message:{FailureMessage}, Reason:{FailureReason}).",
                             credentialsSecret.Metadata.Name,
                             State.Id,
                             deleteFailed.Response.Message,
                             deleteFailed.Response.Reason
                             );

                return(false);
            }

            Log.LogInformation("Deleted credentials secret {SecretName} for server {ServerId}.",
                               credentialsSecret.Metadata.Name,
                               State.Id
                               );

            return(true);
        }
예제 #3
0
        /// <summary>
        ///     Ensure that a Secret for data exists for the specified database server.
        /// </summary>
        /// <returns>
        ///     The Secret resource, as a <see cref="SecretV1"/>.
        /// </returns>
        public async Task <SecretV1> EnsureCredentialsSecretPresent()
        {
            RequireCurrentState();

            SecretV1 existingSecret = await FindCredentialsSecret();

            if (existingSecret != null)
            {
                Log.LogInformation("Found existing credentials secret {SecretName} for server {ServerId}.",
                                   existingSecret.Metadata.Name,
                                   State.Id
                                   );

                return(existingSecret);
            }

            Log.LogInformation("Creating credentials secret for server {ServerId}...",
                               State.Id
                               );

            Log.LogInformation("Requesting X.509 certificate...");

            CertificateCredentials serverCertificate = await RequestServerCertificate();

            SecretV1 createdSecret = await KubeClient.SecretsV1().Create(
                KubeResources.CredentialsSecret(State, serverCertificate,
                                                kubeNamespace: KubeOptions.KubeNamespace
                                                )
                );

            Log.LogInformation("Successfully created credentials secret {SecretName} for server {ServerId}.",
                               createdSecret.Metadata.Name,
                               State.Id
                               );

            return(createdSecret);
        }