Scaffold controllers

.gitignore

@@ -12,4 +12,5 @@
 *.out
 
 # Dependency directories (remove the comment below to include it)
-# vendor/
+vendor/
+.idea

Dockerfile

@@ -14,7 +14,7 @@ RUN go mod download
 # Copy the go source
 COPY main.go main.go
 COPY api/ api/
-COPY controllers/ controllers/
+COPY internal/ internal/
 
 # Build
 # the GOARCH has not a default value to allow the binary be built according to the host where the command

go.mod

@@ -3,8 +3,9 @@ module github.com/Keyfactor/ejbca-issuer
 go 1.19
 
 require (
- github.com/onsi/ginkgo/v2 v2.6.0
- github.com/onsi/gomega v1.24.1
+ github.com/cert-manager/cert-manager v1.11.0
+ github.com/onsi/ginkgo/v2 v2.6.1
+ github.com/onsi/gomega v1.24.2
  k8s.io/apimachinery v0.26.0
  k8s.io/client-go v0.26.0
  sigs.k8s.io/controller-runtime v0.14.1
@@ -25,15 +26,15 @@ require (
  github.com/gogo/protobuf v1.3.2 // indirect
  github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
  github.com/golang/protobuf v1.5.2 // indirect
- github.com/google/gnostic v0.5.7-v3refs // indirect
+ github.com/google/gnostic v0.6.9 // indirect
  github.com/google/go-cmp v0.5.9 // indirect
- github.com/google/gofuzz v1.1.0 // indirect
- github.com/google/uuid v1.1.2 // indirect
- github.com/imdario/mergo v0.3.6 // indirect
+ github.com/google/gofuzz v1.2.0 // indirect
+ github.com/google/uuid v1.3.0 // indirect
+ github.com/imdario/mergo v0.3.12 // indirect
  github.com/josharian/intern v1.0.0 // indirect
  github.com/json-iterator/go v1.1.12 // indirect
  github.com/mailru/easyjson v0.7.6 // indirect
- github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
+ github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
  github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
  github.com/modern-go/reflect2 v1.0.2 // indirect
  github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
@@ -43,14 +44,14 @@ require (
  github.com/prometheus/common v0.37.0 // indirect
  github.com/prometheus/procfs v0.8.0 // indirect
  github.com/spf13/pflag v1.0.5 // indirect
- go.uber.org/atomic v1.7.0 // indirect
+ go.uber.org/atomic v1.9.0 // indirect
  go.uber.org/multierr v1.6.0 // indirect
  go.uber.org/zap v1.24.0 // indirect
- golang.org/x/net v0.3.1-0.20221206200815-1e63c2f08a10 // indirect
- golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
- golang.org/x/sys v0.3.0 // indirect
- golang.org/x/term v0.3.0 // indirect
- golang.org/x/text v0.5.0 // indirect
+ golang.org/x/net v0.5.0 // indirect
+ golang.org/x/oauth2 v0.4.0 // indirect
+ golang.org/x/sys v0.4.0 // indirect
+ golang.org/x/term v0.4.0 // indirect
+ golang.org/x/text v0.6.0 // indirect
  golang.org/x/time v0.3.0 // indirect
  gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
  google.golang.org/appengine v1.6.7 // indirect
@@ -62,8 +63,9 @@ require (
  k8s.io/apiextensions-apiserver v0.26.0 // indirect
  k8s.io/component-base v0.26.0 // indirect
  k8s.io/klog/v2 v2.80.1 // indirect
- k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
+ k8s.io/kube-openapi v0.0.0-20221207184640-f3cff1453715 // indirect
  k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 // indirect
+ sigs.k8s.io/gateway-api v0.6.0 // indirect
  sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
  sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
  sigs.k8s.io/yaml v1.3.0 // indirect

internal/controllers/certificaterequest_controller.go

@@ -0,0 +1 @@
+package controllers

internal/controllers/certificaterequest_controller_test.go

@@ -0,0 +1 @@
+package controllers

controllers/issuer_controller.go → internal/controllers/issuer_controller.go

@@ -19,18 +19,17 @@ package controllers
 import (
  "context"
 
+ ejbcaissuerv1alpha1 "github.com/Keyfactor/ejbca-issuer/api/v1alpha1"
  "k8s.io/apimachinery/pkg/runtime"
  ctrl "sigs.k8s.io/controller-runtime"
  "sigs.k8s.io/controller-runtime/pkg/client"
  "sigs.k8s.io/controller-runtime/pkg/log"
-
- ejbcaissuerv1alpha1 "github.com/Keyfactor/ejbca-issuer/api/v1alpha1"
 )
 
 // IssuerReconciler reconciles a Issuer object
 type IssuerReconciler struct {
- client.Client
- Scheme *runtime.Scheme
+ client.Client
+ Scheme *runtime.Scheme
 }
 
 //+kubebuilder:rbac:groups=ejbca-issuer.keyfactor.com,resources=issuers,verbs=get;list;watch;create;update;patch;delete
@@ -47,16 +46,16 @@ type IssuerReconciler struct {
 // For more details, check Reconcile and its Result here:
 // - https://pkg.go.dev/sigs.k8s.io/[email protected]/pkg/reconcile
 func (r *IssuerReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
- _ = log.FromContext(ctx)
+ _ = log.FromContext(ctx)
 
- // TODO(user): your logic here
+ // TODO(user): your logic here
 
- return ctrl.Result{}, nil
+ return ctrl.Result{}, nil
 }
 
 // SetupWithManager sets up the controller with the Manager.
 func (r *IssuerReconciler) SetupWithManager(mgr ctrl.Manager) error {
- return ctrl.NewControllerManagedBy(mgr).
- For(&ejbcaissuerv1alpha1.Issuer{}).
- Complete(r)
+ return ctrl.NewControllerManagedBy(mgr).
+ For(&ejbcaissuerv1alpha1.Issuer{}).
+ Complete(r)
 }

main.go

@@ -17,106 +17,109 @@ limitations under the License.
 package main
 
 import (
- "flag"
- "os"
-
- // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
- // to ensure that exec-entrypoint and run can make use of them.
- _ "k8s.io/client-go/plugin/pkg/client/auth"
-
- "k8s.io/apimachinery/pkg/runtime"
- utilruntime "k8s.io/apimachinery/pkg/util/runtime"
- clientgoscheme "k8s.io/client-go/kubernetes/scheme"
- ctrl "sigs.k8s.io/controller-runtime"
- "sigs.k8s.io/controller-runtime/pkg/healthz"
- "sigs.k8s.io/controller-runtime/pkg/log/zap"
-
- ejbcaissuerv1alpha1 "github.com/Keyfactor/ejbca-issuer/api/v1alpha1"
- "github.com/Keyfactor/ejbca-issuer/controllers"
- //+kubebuilder:scaffold:imports
+ "flag"
+ "github.com/Keyfactor/ejbca-issuer/internal/controllers"
+ cmapi "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
+ "os"
+
+ // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
+ // to ensure that exec-entrypoint and run can make use of them.
+ _ "k8s.io/client-go/plugin/pkg/client/auth"
+
+ "k8s.io/apimachinery/pkg/runtime"
+ utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+ clientgoscheme "k8s.io/client-go/kubernetes/scheme"
+ ctrl "sigs.k8s.io/controller-runtime"
+ "sigs.k8s.io/controller-runtime/pkg/healthz"
+ "sigs.k8s.io/controller-runtime/pkg/log/zap"
+
+ ejbcaissuerv1alpha1 "github.com/Keyfactor/ejbca-issuer/api/v1alpha1"
+ //+kubebuilder:scaffold:imports
 )
 
 var (
- scheme = runtime.NewScheme()
- setupLog = ctrl.Log.WithName("setup")
+ scheme = runtime.NewScheme()
+ setupLog = ctrl.Log.WithName("setup")
 )
 
 func init() {
- utilruntime.Must(clientgoscheme.AddToScheme(scheme))
+ utilruntime.Must(clientgoscheme.AddToScheme(scheme))
 
- utilruntime.Must(ejbcaissuerv1alpha1.AddToScheme(scheme))
- //+kubebuilder:scaffold:scheme
+ utilruntime.Must(ejbcaissuerv1alpha1.AddToScheme(scheme))
+ //+kubebuilder:scaffold:scheme
+
+ _ = cmapi.AddToScheme(scheme)
 }
 
 func main() {
- var metricsAddr string
- var enableLeaderElection bool
- var probeAddr string
- flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
- flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
- flag.BoolVar(&enableLeaderElection, "leader-elect", false,
- "Enable leader election for controller manager. "+
- "Enabling this will ensure there is only one active controller manager.")
- opts := zap.Options{
- Development: true,
- }
- opts.BindFlags(flag.CommandLine)
- flag.Parse()
-
- ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
-
- mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
- Scheme: scheme,
- MetricsBindAddress: metricsAddr,
- Port: 9443,
- HealthProbeBindAddress: probeAddr,
- LeaderElection: enableLeaderElection,
- LeaderElectionID: "14a54492.keyfactor.com",
- // LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily
- // when the Manager ends. This requires the binary to immediately end when the
- // Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
- // speeds up voluntary leader transitions as the new leader don't have to wait
- // LeaseDuration time first.
- //
- // In the default scaffold provided, the program ends immediately after
- // the manager stops, so would be fine to enable this option. However,
- // if you are doing or is intended to do any operation such as perform cleanups
- // after the manager stops then its usage might be unsafe.
- // LeaderElectionReleaseOnCancel: true,
- })
- if err != nil {
- setupLog.Error(err, "unable to start manager")
- os.Exit(1)
- }
-
- if err = (&controllers.IssuerReconciler{
- Client: mgr.GetClient(),
- Scheme: mgr.GetScheme(),
- }).SetupWithManager(mgr); err != nil {
- setupLog.Error(err, "unable to create controller", "controller", "Issuer")
- os.Exit(1)
- }
- if err = (&controllers.ClusterIssuerReconciler{
- Client: mgr.GetClient(),
- Scheme: mgr.GetScheme(),
- }).SetupWithManager(mgr); err != nil {
- setupLog.Error(err, "unable to create controller", "controller", "ClusterIssuer")
- os.Exit(1)
- }
- //+kubebuilder:scaffold:builder
-
- if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {
- setupLog.Error(err, "unable to set up health check")
- os.Exit(1)
- }
- if err := mgr.AddReadyzCheck("readyz", healthz.Ping); err != nil {
- setupLog.Error(err, "unable to set up ready check")
- os.Exit(1)
- }
-
- setupLog.Info("starting manager")
- if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil {
- setupLog.Error(err, "problem running manager")
- os.Exit(1)
- }
+ var metricsAddr string
+ var enableLeaderElection bool
+ var probeAddr string
+ flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
+ flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
+ flag.BoolVar(&enableLeaderElection, "leader-elect", false,
+ "Enable leader election for controller manager. "+
+ "Enabling this will ensure there is only one active controller manager.")
+ opts := zap.Options{
+ Development: true,
+ }
+ opts.BindFlags(flag.CommandLine)
+ flag.Parse()
+
+ ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
+
+ mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
+ Scheme: scheme,
+ MetricsBindAddress: metricsAddr,
+ Port: 9443,
+ HealthProbeBindAddress: probeAddr,
+ LeaderElection: enableLeaderElection,
+ LeaderElectionID: "14a54492.keyfactor.com",
+ // LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily
+ // when the Manager ends. This requires the binary to immediately end when the
+ // Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
+ // speeds up voluntary leader transitions as the new leader don't have to wait
+ // LeaseDuration time first.
+ //
+ // In the default scaffold provided, the program ends immediately after
+ // the manager stops, so would be fine to enable this option. However,
+ // if you are doing or is intended to do any operation such as perform cleanups
+ // after the manager stops then its usage might be unsafe.
+ // LeaderElectionReleaseOnCancel: true,
+ })
+ if err != nil {
+ setupLog.Error(err, "unable to start manager")
+ os.Exit(1)
+ }
+
+ if err = (&controllers.IssuerReconciler{
+ Client: mgr.GetClient(),
+ Scheme: mgr.GetScheme(),
+ }).SetupWithManager(mgr); err != nil {
+ setupLog.Error(err, "unable to create controller", "controller", "Issuer")
+ os.Exit(1)
+ }
+ if err = (&controllers.ClusterIssuerReconciler{
+ Client: mgr.GetClient(),
+ Scheme: mgr.GetScheme(),
+ }).SetupWithManager(mgr); err != nil {
+ setupLog.Error(err, "unable to create controller", "controller", "ClusterIssuer")
+ os.Exit(1)
+ }
+ //+kubebuilder:scaffold:builder
+
+ if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {
+ setupLog.Error(err, "unable to set up health check")
+ os.Exit(1)
+ }
+ if err := mgr.AddReadyzCheck("readyz", healthz.Ping); err != nil {
+ setupLog.Error(err, "unable to set up ready check")
+ os.Exit(1)
+ }
+
+ setupLog.Info("starting manager")
+ if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil {
+ setupLog.Error(err, "problem running manager")
+ os.Exit(1)
+ }
 }