logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240
							/*
Copyright © The ESO Authors

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    https://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package addon

import (
	"os"
	"path/filepath"
	"time"

	// nolint
	. "github.com/onsi/ginkgo/v2"
)

type ESO struct {
	*HelmChart
}

const (
	installCRDsVar = "installCRDs"
	esoImage       = "ghcr.io/external-secrets/external-secrets"
)

func NewESO(mutators ...MutationFunc) *ESO {
	eso := &ESO{
		&HelmChart{
			Namespace:   "default",
			ReleaseName: "eso",
			Chart:       filepath.Join(AssetDir(), "deploy/charts/external-secrets"),
			Vars: []StringTuple{
				{
					Key:   "webhook.port",
					Value: "9443",
				},
				{
					Key:   "webhook.image.tag",
					Value: os.Getenv("VERSION"),
				},
				{
					Key:   "webhook.image.repository",
					Value: esoImage,
				},
				{
					Key:   "certController.image.tag",
					Value: os.Getenv("VERSION"),
				},
				{
					Key:   "certController.image.repository",
					Value: esoImage,
				},
				{
					Key:   "image.tag",
					Value: os.Getenv("VERSION"),
				},
				{
					Key:   "image.repository",
					Value: esoImage,
				},
				{
					Key:   "extraArgs.loglevel",
					Value: "debug",
				},
				{
					Key:   installCRDsVar,
					Value: "false",
				},
				{
					Key:   "concurrent",
					Value: "100",
				},
				{
					Key:   "extraArgs.experimental-enable-vault-token-cache",
					Value: "true",
				},
			},
		},
	}

	for _, f := range mutators {
		f(eso)
	}

	return eso
}

type MutationFunc func(eso *ESO)

func WithReleaseName(name string) MutationFunc {
	return func(eso *ESO) {
		eso.HelmChart.ReleaseName = name
	}
}

func WithNamespace(namespace string) MutationFunc {
	return func(eso *ESO) {
		eso.HelmChart.Namespace = namespace
	}
}

func WithNamespaceScope(namespace string) MutationFunc {
	return func(eso *ESO) {
		eso.HelmChart.Vars = append(eso.HelmChart.Vars, StringTuple{
			Key:   "scopedNamespace",
			Value: namespace,
		})
	}
}

func WithoutWebhook() MutationFunc {
	return func(eso *ESO) {
		eso.HelmChart.Vars = append(eso.HelmChart.Vars, StringTuple{
			Key:   "webhook.create",
			Value: "false",
		})
	}
}

func WithoutCertController() MutationFunc {
	return func(eso *ESO) {
		eso.HelmChart.Vars = append(eso.HelmChart.Vars, StringTuple{
			Key:   "certController.create",
			Value: "false",
		})
	}
}

func WithServiceAccount(saName string) MutationFunc {
	return func(eso *ESO) {
		eso.HelmChart.Vars = append(eso.HelmChart.Vars, []StringTuple{
			{
				Key:   "serviceAccount.create",
				Value: "false",
			},
			{
				Key:   "serviceAccount.name",
				Value: saName,
			},
		}...)
	}
}

func WithControllerClass(class string) MutationFunc {
	return func(eso *ESO) {
		eso.HelmChart.Vars = append(eso.HelmChart.Vars, StringTuple{
			Key:   "extraArgs.controller-class",
			Value: class,
		})
	}
}

// By default ESO is installed without CRDs
// when using WithCRDs() the CRDs will be installed before
// and uninstalled after use.
func WithCRDs() MutationFunc {
	return func(eso *ESO) {
		for i, v := range eso.HelmChart.Vars {
			if v.Key == installCRDsVar {
				eso.HelmChart.Vars[i].Value = "true"
			}
		}
	}
}

func WithAllowGenericTargets() MutationFunc {
	return func(eso *ESO) {
		eso.HelmChart.Vars = append(eso.HelmChart.Vars, StringTuple{
			Key:   "genericTargets.enabled",
			Value: "true",
		}, StringTuple{
			Key:   "genericTargets.resources[0].apiGroup",
			Value: "",
		}, StringTuple{
			Key:   "genericTargets.resources[0].resources[0]",
			Value: "configmaps",
		}, StringTuple{
			Key:   "genericTargets.resources[0].verbs[0]",
			Value: "create",
		}, StringTuple{
			Key:   "genericTargets.resources[0].verbs[1]",
			Value: "delete",
		}, StringTuple{
			Key:   "genericTargets.resources[0].verbs[2]",
			Value: "list",
		}, StringTuple{
			Key:   "genericTargets.resources[0].verbs[3]",
			Value: "get",
		}, StringTuple{
			Key:   "genericTargets.resources[0].verbs[4]",
			Value: "patch",
		}, StringTuple{
			Key:   "genericTargets.resources[0].verbs[5]",
			Value: "watch",
		})
	}
}

func (l *ESO) Install() error {
	By("Installing eso\n")
	err := l.HelmChart.Install()
	if err != nil {
		return err
	}

	return nil
}

func (l *ESO) Uninstall() error {
	// uninstalling CRDs will trigger the deletion of all CRs. They block the deletion of the CRDs if
	// a finalizer is present.
	// We must uninstall the CRDs before the eso chart,
	// otherwise ESO will not remove the finalizer.
	if l.HelmChart.HasVar(installCRDsVar, "true") {
		By("Uninstalling eso CRDs")
		err := uninstallCRDs(l.config)
		if err != nil {
			return err
		}
		// Give ESO a grace period to clean up the CRs
		<-time.After(time.Minute)
	}
	By("Uninstalling eso")
	err := l.HelmChart.Uninstall()
	if err != nil {
		return err
	}
	return nil
}