diff --git a/go.mod b/go.mod index 5460de3e6..0ba420c75 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.18 require ( github.com/Masterminds/semver/v3 v3.2.1 + github.com/cert-manager/cert-manager v1.9.1 github.com/fatih/camelcase v1.0.0 github.com/go-sql-driver/mysql v1.6.0 github.com/spf13/cobra v1.7.0 @@ -21,11 +22,13 @@ require ( k8s.io/component-base v0.25.3 k8s.io/klog/v2 v2.80.1 k8s.io/kubectl v0.25.1 + kmodules.xyz/cert-manager-util v0.25.0 kmodules.xyz/client-go v0.25.30 kmodules.xyz/custom-resources v0.25.2 kmodules.xyz/monitoring-agent-api v0.25.1 kubedb.dev/apimachinery v0.35.1 kubedb.dev/db-client-go v0.0.8-0.20230818101900-6ddd035705ef + sigs.k8s.io/yaml v1.3.0 stash.appscode.dev/apimachinery v0.31.0 ) @@ -40,7 +43,6 @@ require ( github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/cert-manager/cert-manager v1.9.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0 // indirect @@ -143,7 +145,6 @@ require ( sigs.k8s.io/kustomize/api v0.12.1 // indirect sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect ) replace github.com/Masterminds/sprig/v3 => github.com/gomodules/sprig/v3 v3.2.3-0.20220405051441-0a8a99bac1b8 diff --git a/go.sum b/go.sum index d269ce429..1d97e822b 100644 --- a/go.sum +++ b/go.sum @@ -1350,6 +1350,8 @@ k8s.io/utils v0.0.0-20221012122500-cfd413dd9e85 h1:cTdVh7LYu82xeClmfzGtgyspNh6Ux k8s.io/utils v0.0.0-20221012122500-cfd413dd9e85/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= kmodules.xyz/apiversion v0.2.0 h1:vAQYqZFm4xu4pbB1cAdHbFEPES6EQkcR4wc06xdTOWk= kmodules.xyz/apiversion v0.2.0/go.mod h1:oPX8g8LvlPdPX3Yc5YvCzJHQnw3YF/X4/jdW0b1am80= +kmodules.xyz/cert-manager-util v0.25.0 h1:B/1sYzdrXatzDnpB+F9IIi6DdwJs2sPBm46VPAlDtxc= +kmodules.xyz/cert-manager-util v0.25.0/go.mod h1:Zi1ZLUsrzsYs6ibdZddQCn+9VUqCuO9YqAq9QLI9RNM= kmodules.xyz/client-go v0.25.30 h1:4qOhs1kX0oNl9tcY98PEtiUlD6TZqK9CRfqzfhZApsk= kmodules.xyz/client-go v0.25.30/go.mod h1:r/Va2Y6t1G8X1sPRjrQC6FWB3oh/i6rjssmlfJnbCmg= kmodules.xyz/custom-resources v0.25.2 h1:+PJgUZvbbSgyNT7EX9gUZ3PIzY2LAW03TDW8cevvXqo= diff --git a/pkg/cmds/remote_replica.go b/pkg/cmds/remote_replica.go new file mode 100644 index 000000000..d5f2401ec --- /dev/null +++ b/pkg/cmds/remote_replica.go @@ -0,0 +1,45 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the AppsCode Community License 1.0.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + https://github.com/appscode/licenses/raw/1.0.0/AppsCode-Community-1.0.0.md + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package cmds + +import ( + "kubedb.dev/cli/pkg/remote_replica" + + "github.com/spf13/cobra" + cmdutil "k8s.io/kubectl/pkg/cmd/util" +) + +var ( + desLong = "generate appbinding , secrets for remote replica" + example = "kubectl dba remote-config mysql -n -u -p$ -d " +) + +func NewCmdGenApb(f cmdutil.Factory) *cobra.Command { + cmd := &cobra.Command{ + Use: "remote-config", + Short: desLong, + Long: desLong, + Example: example, + Run: func(cmd *cobra.Command, args []string) { + }, + DisableAutoGenTag: false, + DisableFlagsInUseLine: false, + } + cmd.AddCommand(remote_replica.MysqlAPP(f)) + cmd.AddCommand(remote_replica.PostgreSQlAPP(f)) + return cmd +} diff --git a/pkg/cmds/root.go b/pkg/cmds/root.go index 2b56b83bc..f2f6ec103 100644 --- a/pkg/cmds/root.go +++ b/pkg/cmds/root.go @@ -95,6 +95,12 @@ func NewKubeDBCommand(in io.Reader, out, err io.Writer) *cobra.Command { NewCmdData(f), }, }, + { + Message: "Generate appbinding and secrets for remote Replica", + Commands: []*cobra.Command{ + NewCmdGenApb(f), + }, + }, } filters := []string{"options"} diff --git a/pkg/common/mysql.go b/pkg/common/mysql.go new file mode 100644 index 000000000..f1066f62d --- /dev/null +++ b/pkg/common/mysql.go @@ -0,0 +1,104 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the AppsCode Community License 1.0.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + https://github.com/appscode/licenses/raw/1.0.0/AppsCode-Community-1.0.0.md + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package common + +import ( + "bytes" + "context" + "fmt" + + api "kubedb.dev/apimachinery/apis/kubedb/v1alpha2" + cs "kubedb.dev/apimachinery/client/clientset/versioned" + + cm "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" + cmdutil "k8s.io/kubectl/pkg/cmd/util" + as "kmodules.xyz/custom-resources/client/clientset/versioned" +) + +type MySQLOpts struct { + DB *api.MySQL + DBImage string + Config *rest.Config + Client *kubernetes.Clientset + DBClient *cs.Clientset + AppcatClient *as.Clientset + CertManagerClient *cm.Clientset + Username string + Pass string + + ErrWriter *bytes.Buffer +} + +func NewMySQLOpts(f cmdutil.Factory, dbName, namespace string) (*MySQLOpts, error) { + config, err := f.ToRESTConfig() + if err != nil { + return nil, err + } + + client, err := kubernetes.NewForConfig(config) + if err != nil { + return nil, err + } + + dbClient, err := cs.NewForConfig(config) + if err != nil { + return nil, err + } + appCatClient, err := as.NewForConfig(config) + if err != nil { + return nil, err + } + certmanagerClient, err := cm.NewForConfig(config) + if err != nil { + return nil, err + } + db, err := dbClient.KubedbV1alpha2().MySQLs(namespace).Get(context.TODO(), dbName, metav1.GetOptions{}) + if err != nil { + return nil, err + } + + if db.Status.Phase != api.DatabasePhaseReady { + return nil, fmt.Errorf("MySQL %s/%s is not ready", namespace, dbName) + } + + dbVersion, err := dbClient.CatalogV1alpha1().MySQLVersions().Get(context.TODO(), db.Spec.Version, metav1.GetOptions{}) + if err != nil { + return nil, err + } + + secret, err := client.CoreV1().Secrets(db.Namespace).Get(context.TODO(), db.Spec.AuthSecret.Name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + + return &MySQLOpts{ + DB: db, + DBImage: dbVersion.Spec.DB.Image, + Config: config, + Client: client, + DBClient: dbClient, + AppcatClient: appCatClient, + CertManagerClient: certmanagerClient, + Username: string(secret.Data[corev1.BasicAuthUsernameKey]), + Pass: string(secret.Data[corev1.BasicAuthPasswordKey]), + ErrWriter: &bytes.Buffer{}, + }, nil +} diff --git a/pkg/common/postgres.go b/pkg/common/postgres.go new file mode 100644 index 000000000..b9bf3de12 --- /dev/null +++ b/pkg/common/postgres.go @@ -0,0 +1,106 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the AppsCode Community License 1.0.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + https://github.com/appscode/licenses/raw/1.0.0/AppsCode-Community-1.0.0.md + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package common + +import ( + "bytes" + "context" + "fmt" + + api "kubedb.dev/apimachinery/apis/kubedb/v1alpha2" + cs "kubedb.dev/apimachinery/client/clientset/versioned" + + cm "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" + cmdutil "k8s.io/kubectl/pkg/cmd/util" + as "kmodules.xyz/custom-resources/client/clientset/versioned" +) + +type PostgresOpts struct { + DB *api.Postgres + DBImage string + Config *rest.Config + Client *kubernetes.Clientset + DBClient *cs.Clientset + AppcatClient *as.Clientset + CertManagerClient *cm.Clientset + PostgresDBName string + + Username string + Pass string + + ErrWriter *bytes.Buffer +} + +func NewPostgresOpts(f cmdutil.Factory, dbName, namespace string) (*PostgresOpts, error) { + config, err := f.ToRESTConfig() + if err != nil { + return nil, err + } + + client, err := kubernetes.NewForConfig(config) + if err != nil { + return nil, err + } + + dbClient, err := cs.NewForConfig(config) + if err != nil { + return nil, err + } + appCatClient, err := as.NewForConfig(config) + if err != nil { + return nil, err + } + certmanagerClient, err := cm.NewForConfig(config) + if err != nil { + return nil, err + } + db, err := dbClient.KubedbV1alpha2().Postgreses(namespace).Get(context.TODO(), dbName, metav1.GetOptions{}) + if err != nil { + return nil, err + } + + if db.Status.Phase != api.DatabasePhaseReady { + return nil, fmt.Errorf("postgres %s/%s is not ready", namespace, dbName) + } + + dbVersion, err := dbClient.CatalogV1alpha1().PostgresVersions().Get(context.TODO(), db.Spec.Version, metav1.GetOptions{}) + if err != nil { + return nil, err + } + + secret, err := client.CoreV1().Secrets(db.Namespace).Get(context.TODO(), db.Spec.AuthSecret.Name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + + return &PostgresOpts{ + DB: db, + DBImage: dbVersion.Spec.DB.Image, + Config: config, + Client: client, + DBClient: dbClient, + AppcatClient: appCatClient, + CertManagerClient: certmanagerClient, + Username: string(secret.Data[corev1.BasicAuthUsernameKey]), + Pass: string(secret.Data[corev1.BasicAuthPasswordKey]), + ErrWriter: &bytes.Buffer{}, + }, nil +} diff --git a/pkg/remote_replica/mysql.go b/pkg/remote_replica/mysql.go new file mode 100644 index 000000000..bc778eed2 --- /dev/null +++ b/pkg/remote_replica/mysql.go @@ -0,0 +1,332 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the AppsCode Community License 1.0.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + https://github.com/appscode/licenses/raw/1.0.0/AppsCode-Community-1.0.0.md + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package remote_replica + +import ( + "context" + "fmt" + "log" + "os" + "time" + + api "kubedb.dev/apimachinery/apis/kubedb/v1alpha2" + "kubedb.dev/cli/pkg/common" + + cm_api "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + "github.com/spf13/cobra" + core "k8s.io/api/core/v1" + kerr "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apimachinery/pkg/util/wait" + cmdutil "k8s.io/kubectl/pkg/cmd/util" + cm_util "kmodules.xyz/cert-manager-util/certmanager/v1" + kutil "kmodules.xyz/client-go" + kmapi "kmodules.xyz/client-go/api/v1" + core_util "kmodules.xyz/client-go/core/v1" + exec_util "kmodules.xyz/client-go/tools/exec" + appApi "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1" + "sigs.k8s.io/yaml" +) + +var ( + desLong = "generate appbinding , secrets for remote replica" + example = "kubectl dba remote-config mysql -n -u -p$ -d \n " + + "kubectl dba remote-config mysql -n -u -p$ -d \n" +) + +const ( + AppcatApiVersion = "appcatalog.appscode.com/v1alpha1" + AppcatKind = "AppBinding" + ApiversionV1 = "v1" + KindSecret = "Secret" +) + +func MysqlAPP(f cmdutil.Factory) *cobra.Command { + var userName, password, dns, ns string + var yes bool + cmd := cobra.Command{ + Use: "mysql", + Short: desLong, + Long: desLong, + Example: example, + Args: nil, + + Run: func(cmd *cobra.Command, args []string) { + if len(args) == 0 { + log.Fatal("no database name given") + } + if err := userPrompt(yes); err != nil { + log.Fatal(err) + } + var buffer []byte + + buffer, err := generateMySQLConfig(f, userName, password, dns, ns, args[0]) + if err != nil { + log.Fatal(err) + } + directory, err := os.Getwd() + if err != nil { + log.Fatal(err) + } + + err = os.WriteFile(fmt.Sprintf(directory+"/%s-remote-config.yaml", args[0]), buffer, 0o644) + if err != nil { + log.Fatal(err) + } + fmt.Printf("kubectl apply -f %s/%s-remote-config.yaml\n", directory, args[0]) + }, + DisableAutoGenTag: false, + DisableFlagsInUseLine: false, + } + cmd.PersistentFlags().StringVarP(&userName, "user", "u", "postgres", "user name for the remote replica") + if err := cmd.MarkPersistentFlagRequired("user"); err != nil { + log.Fatal(err) + } + cmd.PersistentFlags().StringVarP(&password, "pass", "p", "password", "password name for the remote replica") + if err := cmd.MarkPersistentFlagRequired("pass"); err != nil { + log.Fatal(err) + } + cmd.PersistentFlags().StringVarP(&dns, "dns", "d", "localhost", "dns name for the remote replica") + if err := cmd.MarkPersistentFlagRequired("dns"); err != nil { + log.Fatal(err) + } + cmd.PersistentFlags().StringVarP(&ns, "namespace", "n", "default", "host namespace for the remote replica") + if err := cmd.MarkPersistentFlagRequired("namespace"); err != nil { + log.Fatal(err) + } + cmd.PersistentFlags().BoolVarP(&yes, "yes", "y", false, "permission for alter password for the remote replica") + return &cmd +} + +func generateMySQLConfig(f cmdutil.Factory, userName string, password string, dns string, ns string, dbname string) ([]byte, error) { + var buffer []byte + + opts, err := common.NewMySQLOpts(f, dbname, ns) + if err != nil { + return nil, fmt.Errorf("failed to get db %s, err:%v", dbname, err) + } + + apb, err := opts.AppcatClient.AppcatalogV1alpha1().AppBindings(ns).Get(context.TODO(), dbname, metav1.GetOptions{}) + if err != nil { + return nil, fmt.Errorf("failed to get appbinding %v", err) + } + + authBuff, authSecretName, err := generateMySQLAuthSecret(userName, password, ns, opts) + if err != nil { + return nil, fmt.Errorf("failed to generate auth secret ,%v", err) + } + buffer = append(buffer, authBuff...) + + // generate secret + if apb.Spec.TLSSecret != nil { + tlsBuff, tlsSecretName, err := generateMySQLTlsSecret(userName, apb, ns, opts) + if err != nil { + return nil, fmt.Errorf("failed to generate tls secret %v", err) + } + buffer = append(buffer, tlsBuff...) + apb.Spec.TLSSecret.Name = tlsSecretName + } + + apb.APIVersion = AppcatApiVersion + apb.Kind = AppcatKind + apb.Spec.ClientConfig.Service.Name = dns + apb.Spec.Secret.Name = authSecretName + apb.ObjectMeta.Annotations = nil + apb.ObjectMeta.ManagedFields = nil + + appbindingYaml, err := yaml.Marshal(apb) + if err != nil { + return nil, fmt.Errorf("failed to marshal appbind yaml %v", err) + } + + buffer = append(buffer, appbindingYaml...) + return buffer, nil +} + +func generateMySQLTlsSecret(userName string, apb *appApi.AppBinding, ns string, opts *common.MySQLOpts) ([]byte, string, error) { + var buffer []byte + _, err := ensureMySQLClientCert(opts, apb, opts.DB, api.MySQLClientCert, userName) + if err != nil { + return nil, "", fmt.Errorf("failed to ensure client cert %v", err) + } + tlsSecret := &core.Secret{} + + err = wait.PollImmediate(300*time.Millisecond, 60*time.Minute, func() (done bool, err error) { + sercretName := opts.DB.GetCertSecretName(api.MySQLClientCert) + fmt.Sprintf("-%s", userName) + + tlsSecret, err = opts.Client.CoreV1().Secrets(ns).Get(context.TODO(), sercretName, metav1.GetOptions{}) + if kerr.IsNotFound(err) { + return false, nil + } else if err != nil { + return false, err + } + + return true, nil + }) + if err != nil { + return nil, "", fmt.Errorf("failed to get tls secret %v", err) + } + tlsSecret.APIVersion = ApiversionV1 + tlsSecret.Kind = KindSecret + tlsSecret.ObjectMeta.Annotations = nil + tlsSecret.ObjectMeta.ManagedFields = nil + tlsSecretYaml, err := yaml.Marshal(tlsSecret) + if err != nil { + return nil, "", fmt.Errorf("failed to marshal tls secret yaml %v", err) + } + + buffer = append(buffer, tlsSecretYaml...) + buffer = append(buffer, []byte("---\n")...) + + return buffer, tlsSecret.Name, nil +} + +func generateMySQLAuthSecret(userName string, password string, ns string, opts *common.MySQLOpts) ([]byte, string, error) { + var buffer []byte + if userName != opts.Username { + // generate user if not present + err := generateMySQLUser(opts, userName, password) + if err != nil { + return nil, "", fmt.Errorf("failed to generate user err:%v", err) + } + } else { + password = opts.Pass + } + // generate auth secret + AuthSecret := core.Secret{ + TypeMeta: metav1.TypeMeta{ + Kind: KindSecret, + APIVersion: ApiversionV1, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("%s-remote-replica-auth", opts.DB.Name), + Namespace: ns, + }, + StringData: map[string]string{ + "username": userName, + "password": password, + }, + Type: core.SecretTypeBasicAuth, + } + + authSecretYaml, err := yaml.Marshal(AuthSecret) + if err != nil { + return nil, "", fmt.Errorf("failed to marshal authsecret yaml %v", err) + } + buffer = append(buffer, authSecretYaml...) + buffer = append(buffer, []byte("---\n")...) + return buffer, AuthSecret.Name, nil +} + +func generateMySQLUser(opts *common.MySQLOpts, name string, password string) error { + label := opts.DB.OffshootLabels() + if *opts.DB.Spec.Replicas > 1 { + label["kubedb.com/role"] = "primary" + } + + pods, err := opts.Client.CoreV1().Pods(opts.DB.Namespace).List(context.TODO(), metav1.ListOptions{ + LabelSelector: labels.Set.String(label), + }) + if err != nil || len(pods.Items) == 0 { + return err + } + query := fmt.Sprintf("export MYSQL_PWD='%s' && mysql -uroot -e \"create user if not exists %s; alter user %s identified by '%s';"+ + "GRANT REPLICATION SLAVE, CLONE_ADMIN, BACKUP_ADMIN ON *.* TO '%s'@'%%' WITH GRANT OPTION; \"", opts.Pass, + name, name, password, name) + command := exec_util.Command("bash", "-c", query) + container := exec_util.Container("mysql") + options := []func(options *exec_util.Options){ + command, + container, + } + + _, err = exec_util.ExecIntoPod(opts.Config, &pods.Items[0], options...) + if err != nil { + return err + } + return nil +} + +func ensureMySQLClientCert(opts *common.MySQLOpts, apb *appApi.AppBinding, mysql *api.MySQL, alias api.MySQLCertificateAlias, username string) (kutil.VerbType, error) { + var duration, renewBefore *metav1.Duration + var subject *cm_api.X509Subject + var dnsNames, ipAddresses, uriSANs, emailSANs []string + if _, cert := kmapi.GetCertificate(mysql.Spec.TLS.Certificates, string(alias)); cert != nil { + dnsNames = cert.DNSNames + ipAddresses = cert.IPAddresses + duration = cert.Duration + renewBefore = cert.RenewBefore + if cert.Subject != nil { + subject = &cm_api.X509Subject{ + Organizations: cert.Subject.Organizations, + Countries: cert.Subject.Countries, + OrganizationalUnits: cert.Subject.OrganizationalUnits, + Localities: cert.Subject.Localities, + Provinces: cert.Subject.Provinces, + StreetAddresses: cert.Subject.StreetAddresses, + PostalCodes: cert.Subject.PostalCodes, + SerialNumber: cert.Subject.SerialNumber, + } + } + uriSANs = cert.URIs + emailSANs = cert.EmailAddresses + } + + ref := metav1.NewControllerRef(apb, appApi.SchemeGroupVersion.WithKind(appApi.ResourceKindApp)) + + _, vt, err := cm_util.CreateOrPatchCertificate( + context.TODO(), + opts.CertManagerClient.CertmanagerV1(), + metav1.ObjectMeta{ + Name: mysql.CertificateName(alias) + fmt.Sprintf("-%s", username), + Namespace: mysql.GetNamespace(), + }, + func(in *cm_api.Certificate) *cm_api.Certificate { + in.Labels = mysql.OffshootLabels() + core_util.EnsureOwnerReference(in, ref) + + in.Spec.CommonName = username + in.Spec.Subject = subject + in.Spec.Duration = duration + in.Spec.RenewBefore = renewBefore + in.Spec.DNSNames = sets.NewString(dnsNames...).List() + in.Spec.IPAddresses = sets.NewString(ipAddresses...).List() + in.Spec.URIs = sets.NewString(uriSANs...).List() + in.Spec.EmailAddresses = sets.NewString(emailSANs...).List() + in.Spec.SecretName = mysql.GetCertSecretName(alias) + fmt.Sprintf("-%s", username) + in.Spec.IssuerRef = GetIssuerObjectRef(mysql.Spec.TLS, string(alias)) + in.Spec.Usages = []cm_api.KeyUsage{ + cm_api.UsageDigitalSignature, + cm_api.UsageKeyEncipherment, + cm_api.UsageClientAuth, + } + pemEncodeCert := isCertMangerAdditionalOutputEnabled(opts.CertManagerClient) + if pemEncodeCert { + in.Spec.AdditionalOutputFormats = []cm_api.CertificateAdditionalOutputFormat{ + { + Type: cm_api.CertificateOutputFormatCombinedPEM, + }, + } + } + + return in + }, metav1.PatchOptions{}) + + return vt, err +} diff --git a/pkg/remote_replica/postgres.go b/pkg/remote_replica/postgres.go new file mode 100644 index 000000000..5811cc6f0 --- /dev/null +++ b/pkg/remote_replica/postgres.go @@ -0,0 +1,409 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the AppsCode Community License 1.0.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + https://github.com/appscode/licenses/raw/1.0.0/AppsCode-Community-1.0.0.md + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package remote_replica + +import ( + "context" + "errors" + "fmt" + "log" + "os" + "strings" + "time" + + api "kubedb.dev/apimachinery/apis/kubedb/v1alpha2" + "kubedb.dev/cli/pkg/common" + + cm_api "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" + cm "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" + "github.com/spf13/cobra" + "gomodules.xyz/pointer" + core "k8s.io/api/core/v1" + kerr "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/klog/v2" + cmdutil "k8s.io/kubectl/pkg/cmd/util" + cm_util "kmodules.xyz/cert-manager-util/certmanager/v1" + kutil "kmodules.xyz/client-go" + kmapi "kmodules.xyz/client-go/api/v1" + core_util "kmodules.xyz/client-go/core/v1" + "kmodules.xyz/client-go/meta" + exec_util "kmodules.xyz/client-go/tools/exec" + appApi "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1" + "sigs.k8s.io/yaml" +) + +func PostgreSQlAPP(f cmdutil.Factory) *cobra.Command { + var userName, password, dns, ns string + var yes bool + + cmd := cobra.Command{ + Use: "postgres", + Short: desLong, + Long: desLong, + Example: example, + Args: nil, + Run: func(cmd *cobra.Command, args []string) { + if len(args) == 0 { + log.Fatal("no database name given") + } + if err := userPrompt(yes); err != nil { + log.Fatal(err) + } + + var buffer []byte + buffer, err := generateConfig(f, userName, password, dns, ns, args[0]) + if err != nil { + log.Fatal(err) + } + + directory, err := os.Getwd() + if err != nil { + log.Fatal(err) + } + + err = os.WriteFile(fmt.Sprintf(directory+"/%s-remote-config.yaml", args[0]), buffer, 0o644) + if err != nil { + log.Fatal(err) + } + fmt.Printf("kubectl apply -f %s/%s-remote-config.yaml\n", directory, args[0]) + }, + DisableAutoGenTag: false, + DisableFlagsInUseLine: false, + } + + cmd.PersistentFlags().StringVarP(&userName, "user", "u", "postgres", "user name for the remote replica") + if err := cmd.MarkPersistentFlagRequired("user"); err != nil { + log.Fatal(err) + } + cmd.PersistentFlags().StringVarP(&password, "pass", "p", "password", "password name for the remote replica") + if err := cmd.MarkPersistentFlagRequired("pass"); err != nil { + log.Fatal(err) + } + cmd.PersistentFlags().StringVarP(&dns, "dns", "d", "localhost", "dns name for the remote replica") + if err := cmd.MarkPersistentFlagRequired("dns"); err != nil { + log.Fatal(err) + } + cmd.PersistentFlags().StringVarP(&ns, "namespace", "n", "default", "host namespace for the remote replica") + if err := cmd.MarkPersistentFlagRequired("namespace"); err != nil { + log.Fatal(err) + } + cmd.PersistentFlags().BoolVarP(&yes, "yes", "y", false, "permission for alter password for the remote replica") + return &cmd +} + +func generateConfig(f cmdutil.Factory, userName string, password string, dns string, ns string, dbname string) ([]byte, error) { + var buffer []byte + opts, err := common.NewPostgresOpts(f, dbname, ns) + if err != nil { + return nil, fmt.Errorf("failed to get db %s, err:%v", dbname, err) + } + + apb, err := opts.AppcatClient.AppcatalogV1alpha1().AppBindings(ns).Get(context.TODO(), dbname, metav1.GetOptions{}) + if err != nil { + log.Fatal(err) + return nil, fmt.Errorf("failed to get appbinding %v", err) + } + + authBuff, authSecretName, err := generateAuthSecret(userName, password, ns, opts) + if err != nil { + return nil, fmt.Errorf("failed to generate auth secret ,%v", err) + } + buffer = append(buffer, authBuff...) + + // generate secret + if apb.Spec.TLSSecret != nil { + tlsBuff, tlsSecretName, err := generateTlsSecret(userName, apb, ns, opts) + if err != nil { + return nil, fmt.Errorf("failed to generate tls secret %v", err) + } + buffer = append(buffer, tlsBuff...) + apb.Spec.TLSSecret.Name = tlsSecretName + } + + apb.APIVersion = AppcatApiVersion + apb.Kind = AppcatKind + apb.Spec.ClientConfig.Service.Name = dns + apb.Spec.Secret.Name = authSecretName + apb.ObjectMeta.Annotations = nil + apb.ObjectMeta.ManagedFields = nil + + appbindingYaml, err := yaml.Marshal(apb) + if err != nil { + return nil, fmt.Errorf("failed to marshal appbind yaml %v", err) + } + + buffer = append(buffer, appbindingYaml...) + return buffer, nil +} + +func generateTlsSecret(userName string, apb *appApi.AppBinding, ns string, opts *common.PostgresOpts) ([]byte, string, error) { + var buffer []byte + _, err := ensureClientCert(opts, apb, opts.DB, api.PostgresClientCert, userName) + if err != nil { + return nil, "", fmt.Errorf("failed to ensure client cert %v", err) + } + tlsSecret := &core.Secret{} + + err = wait.PollImmediate(300*time.Millisecond, 60*time.Minute, func() (done bool, err error) { + sercretName := opts.DB.GetCertSecretName(api.PostgresClientCert) + fmt.Sprintf("-%s", userName) + + tlsSecret, err = opts.Client.CoreV1().Secrets(ns).Get(context.TODO(), sercretName, metav1.GetOptions{}) + if kerr.IsNotFound(err) { + return false, nil + } else if err != nil { + return false, err + } + + return true, nil + }) + if err != nil { + return nil, "", fmt.Errorf("failed to get tls secret %v", err) + } + tlsSecret.APIVersion = "v1" + tlsSecret.Kind = "Secret" + tlsSecret.ObjectMeta.Annotations = nil + tlsSecret.ObjectMeta.ManagedFields = nil + tlsSecretYaml, err := yaml.Marshal(tlsSecret) + if err != nil { + return nil, "", fmt.Errorf("failed to marshal tls secret yaml %v", err) + } + + buffer = append(buffer, tlsSecretYaml...) + buffer = append(buffer, []byte("---\n")...) + + return buffer, tlsSecret.Name, nil +} + +func generateAuthSecret(userName string, password string, ns string, opts *common.PostgresOpts) ([]byte, string, error) { + var buffer []byte + if userName != opts.Username { + // generate user if not present + err := generateUser(opts, userName, password) + if err != nil { + return nil, "", fmt.Errorf("failed to generate user err:%v", err) + } + } else { + password = opts.Pass + } + // generate auth secret + AuthSecret := core.Secret{ + TypeMeta: metav1.TypeMeta{ + Kind: KindSecret, + APIVersion: ApiversionV1, + }, + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("%s-remote-replica-auth", opts.DB.Name), + Namespace: ns, + }, + StringData: map[string]string{ + "username": userName, + "password": password, + }, + Type: core.SecretTypeBasicAuth, + } + + authSecretYaml, err := yaml.Marshal(AuthSecret) + if err != nil { + return nil, "", fmt.Errorf("failed to marshal authsecret yaml %v", err) + } + buffer = append(buffer, authSecretYaml...) + buffer = append(buffer, []byte("---\n")...) + return buffer, AuthSecret.Name, nil +} + +func generateUser(opts *common.PostgresOpts, name string, password string) error { + label := opts.DB.OffshootLabels() + label["kubedb.com/role"] = "primary" + pods, err := opts.Client.CoreV1().Pods(opts.DB.Namespace).List(context.TODO(), metav1.ListOptions{ + LabelSelector: labels.Set.String(label), + }) + if err != nil || len(pods.Items) == 0 { + return err + } + + query := fmt.Sprintf("SELECT rolname FROM pg_roles WHERE rolname='%s'", name) + + command := exec_util.Command("psql", "-c", query) + container := exec_util.Container("postgres") + options := []func(options *exec_util.Options){ + command, + container, + } + + out, err := exec_util.ExecIntoPod(opts.Config, &pods.Items[0], options...) + if err != nil { + return err + } + + query = fmt.Sprintf("create user %s with password '%s'; alter role %s with replication; GRANT execute ON function pg_read_binary_file(text) TO %s;", name, password, name, name) + if len(out) > 30 { + query = fmt.Sprintf("alter role %s with password '%s' replication; GRANT execute ON function pg_read_binary_file(text) TO %s;", name, password, name) + } + + command = exec_util.Command("psql", "-c", query) + container = exec_util.Container("postgres") + options = []func(options *exec_util.Options){ + command, + container, + } + + out, err = exec_util.ExecIntoPod(opts.Config, &pods.Items[0], options...) + if err != nil { + return err + } + fmt.Println(out) + return nil +} + +func ensureClientCert(opts *common.PostgresOpts, apb *appApi.AppBinding, postgres *api.Postgres, alias api.PostgresCertificateAlias, username string) (kutil.VerbType, error) { + var duration, renewBefore *metav1.Duration + var subject *cm_api.X509Subject + var dnsNames, ipAddresses, uriSANs, emailSANs []string + if _, cert := kmapi.GetCertificate(postgres.Spec.TLS.Certificates, string(alias)); cert != nil { + dnsNames = cert.DNSNames + ipAddresses = cert.IPAddresses + duration = cert.Duration + renewBefore = cert.RenewBefore + if cert.Subject != nil { + subject = &cm_api.X509Subject{ + Organizations: cert.Subject.Organizations, + Countries: cert.Subject.Countries, + OrganizationalUnits: cert.Subject.OrganizationalUnits, + Localities: cert.Subject.Localities, + Provinces: cert.Subject.Provinces, + StreetAddresses: cert.Subject.StreetAddresses, + PostalCodes: cert.Subject.PostalCodes, + SerialNumber: cert.Subject.SerialNumber, + } + } + uriSANs = cert.URIs + emailSANs = cert.EmailAddresses + } + + ref := metav1.NewControllerRef(apb, appApi.SchemeGroupVersion.WithKind(appApi.ResourceKindApp)) + + _, vt, err := cm_util.CreateOrPatchCertificate( + context.TODO(), + opts.CertManagerClient.CertmanagerV1(), + metav1.ObjectMeta{ + Name: postgres.CertificateName(alias) + fmt.Sprintf("-%s", username), + Namespace: postgres.GetNamespace(), + }, + func(in *cm_api.Certificate) *cm_api.Certificate { + in.Labels = postgres.OffshootLabels() + core_util.EnsureOwnerReference(in, ref) + + in.Spec.CommonName = username + in.Spec.Subject = subject + in.Spec.Duration = duration + in.Spec.RenewBefore = renewBefore + in.Spec.DNSNames = sets.NewString(dnsNames...).List() + in.Spec.IPAddresses = sets.NewString(ipAddresses...).List() + in.Spec.URIs = sets.NewString(uriSANs...).List() + in.Spec.EmailAddresses = sets.NewString(emailSANs...).List() + in.Spec.SecretName = postgres.GetCertSecretName(alias) + fmt.Sprintf("-%s", username) + in.Spec.IssuerRef = GetIssuerObjectRef(postgres.Spec.TLS, string(alias)) + in.Spec.Usages = []cm_api.KeyUsage{ + cm_api.UsageDigitalSignature, + cm_api.UsageKeyEncipherment, + cm_api.UsageClientAuth, + } + pemEncodeCert := isCertMangerAdditionalOutputEnabled(opts.CertManagerClient) + if pemEncodeCert { + in.Spec.AdditionalOutputFormats = []cm_api.CertificateAdditionalOutputFormat{ + { + Type: cm_api.CertificateOutputFormatCombinedPEM, + }, + } + } + + return in + }, metav1.PatchOptions{}) + + return vt, err +} + +func GetIssuerObjectRef(tlsConfig *kmapi.TLSConfig, alias string) cmmeta.ObjectReference { + if _, cert := kmapi.GetCertificate(tlsConfig.Certificates, alias); cert != nil { + issuer := tlsConfig.IssuerRef + if cert.IssuerRef != nil { + issuer = cert.IssuerRef + } + + return cmmeta.ObjectReference{ + Name: issuer.Name, + Kind: issuer.Kind, + Group: pointer.String(issuer.APIGroup), + } + } + + return cmmeta.ObjectReference{} +} + +func isCertMangerAdditionalOutputEnabled(certManagerClient cm.Interface) bool { + operatorNs := meta.PodNamespace() + demoCert := cm_api.Certificate{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test-cert", + Namespace: operatorNs, + }, + Spec: cm_api.CertificateSpec{ + CommonName: "example.com", + SecretName: "test-secret", + IssuerRef: cmmeta.ObjectReference{ + Name: "test-issuer", + }, + AdditionalOutputFormats: []cm_api.CertificateAdditionalOutputFormat{ + { + Type: cm_api.CertificateOutputFormatCombinedPEM, + }, + }, + }, + } + + _, err := certManagerClient.CertmanagerV1().Certificates(operatorNs).Create(context.TODO(), &demoCert, metav1.CreateOptions{ + DryRun: []string{ + "All", + }, + }) + if err != nil { + return false + } + + klog.Info("Cert-Manager feature-gate AdditionalCertificateOutputFormats is enabled, certificates will include combined PEM output") + + return true +} + +func userPrompt(yes bool) error { + fmt.Println("password will be altered with the given password if provided user exist you want to continue/Y/N?") + if yes { + return nil + } + var inp string + fmt.Scan(&inp) + inp = strings.ToLower(inp) + if inp != "y" { + return errors.New("aborting commands") + } + return nil +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/BUILD.bazel new file mode 100644 index 000000000..74662c5f4 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/BUILD.bazel @@ -0,0 +1,38 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "clientset.go", + "doc.go", + ], + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned", + visibility = ["//visibility:public"], + deps = [ + "//pkg/client/clientset/versioned/typed/acme/v1:go_default_library", + "//pkg/client/clientset/versioned/typed/certmanager/v1:go_default_library", + "@io_k8s_client_go//discovery:go_default_library", + "@io_k8s_client_go//rest:go_default_library", + "@io_k8s_client_go//util/flowcontrol:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/client/clientset/versioned/fake:all-srcs", + "//pkg/client/clientset/versioned/scheme:all-srcs", + "//pkg/client/clientset/versioned/typed/acme/v1:all-srcs", + "//pkg/client/clientset/versioned/typed/certmanager/v1:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/clientset.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/clientset.go new file mode 100644 index 000000000..519ef01d2 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/clientset.go @@ -0,0 +1,134 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + "net/http" + + acmev1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + AcmeV1() acmev1.AcmeV1Interface + CertmanagerV1() certmanagerv1.CertmanagerV1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + acmeV1 *acmev1.AcmeV1Client + certmanagerV1 *certmanagerv1.CertmanagerV1Client +} + +// AcmeV1 retrieves the AcmeV1Client +func (c *Clientset) AcmeV1() acmev1.AcmeV1Interface { + return c.acmeV1 +} + +// CertmanagerV1 retrieves the CertmanagerV1Client +func (c *Clientset) CertmanagerV1() certmanagerv1.CertmanagerV1Interface { + return c.certmanagerV1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + + if configShallowCopy.UserAgent == "" { + configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent() + } + + // share the transport between all clients + httpClient, err := rest.HTTPClientFor(&configShallowCopy) + if err != nil { + return nil, err + } + + return NewForConfigAndClient(&configShallowCopy, httpClient) +} + +// NewForConfigAndClient creates a new Clientset for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. +func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + + var cs Clientset + var err error + cs.acmeV1, err = acmev1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + cs.certmanagerV1, err = certmanagerv1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + cs, err := NewForConfig(c) + if err != nil { + panic(err) + } + return cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.acmeV1 = acmev1.New(c) + cs.certmanagerV1 = certmanagerv1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/doc.go new file mode 100644 index 000000000..74f45ce26 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel new file mode 100644 index 000000000..b9a2cfb18 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel @@ -0,0 +1,39 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "acme_client.go", + "challenge.go", + "doc.go", + "generated_expansion.go", + "order.go", + ], + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/acme/v1:go_default_library", + "//pkg/client/clientset/versioned/scheme:go_default_library", + "@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library", + "@io_k8s_apimachinery//pkg/types:go_default_library", + "@io_k8s_apimachinery//pkg/watch:go_default_library", + "@io_k8s_client_go//rest:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/client/clientset/versioned/typed/acme/v1/fake:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go new file mode 100644 index 000000000..ff077b660 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go @@ -0,0 +1,112 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "net/http" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type AcmeV1Interface interface { + RESTClient() rest.Interface + ChallengesGetter + OrdersGetter +} + +// AcmeV1Client is used to interact with features provided by the acme.cert-manager.io group. +type AcmeV1Client struct { + restClient rest.Interface +} + +func (c *AcmeV1Client) Challenges(namespace string) ChallengeInterface { + return newChallenges(c, namespace) +} + +func (c *AcmeV1Client) Orders(namespace string) OrderInterface { + return newOrders(c, namespace) +} + +// NewForConfig creates a new AcmeV1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*AcmeV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new AcmeV1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AcmeV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &AcmeV1Client{client}, nil +} + +// NewForConfigOrDie creates a new AcmeV1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AcmeV1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AcmeV1Client for the given RESTClient. +func New(c rest.Interface) *AcmeV1Client { + return &AcmeV1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AcmeV1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go new file mode 100644 index 000000000..225f3983f --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go @@ -0,0 +1,195 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + "time" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ChallengesGetter has a method to return a ChallengeInterface. +// A group's client should implement this interface. +type ChallengesGetter interface { + Challenges(namespace string) ChallengeInterface +} + +// ChallengeInterface has methods to work with Challenge resources. +type ChallengeInterface interface { + Create(ctx context.Context, challenge *v1.Challenge, opts metav1.CreateOptions) (*v1.Challenge, error) + Update(ctx context.Context, challenge *v1.Challenge, opts metav1.UpdateOptions) (*v1.Challenge, error) + UpdateStatus(ctx context.Context, challenge *v1.Challenge, opts metav1.UpdateOptions) (*v1.Challenge, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.Challenge, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.ChallengeList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Challenge, err error) + ChallengeExpansion +} + +// challenges implements ChallengeInterface +type challenges struct { + client rest.Interface + ns string +} + +// newChallenges returns a Challenges +func newChallenges(c *AcmeV1Client, namespace string) *challenges { + return &challenges{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the challenge, and returns the corresponding challenge object, and an error if there is any. +func (c *challenges) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.Challenge, err error) { + result = &v1.Challenge{} + err = c.client.Get(). + Namespace(c.ns). + Resource("challenges"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Challenges that match those selectors. +func (c *challenges) List(ctx context.Context, opts metav1.ListOptions) (result *v1.ChallengeList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1.ChallengeList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("challenges"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested challenges. +func (c *challenges) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("challenges"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a challenge and creates it. Returns the server's representation of the challenge, and an error, if there is any. +func (c *challenges) Create(ctx context.Context, challenge *v1.Challenge, opts metav1.CreateOptions) (result *v1.Challenge, err error) { + result = &v1.Challenge{} + err = c.client.Post(). + Namespace(c.ns). + Resource("challenges"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(challenge). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a challenge and updates it. Returns the server's representation of the challenge, and an error, if there is any. +func (c *challenges) Update(ctx context.Context, challenge *v1.Challenge, opts metav1.UpdateOptions) (result *v1.Challenge, err error) { + result = &v1.Challenge{} + err = c.client.Put(). + Namespace(c.ns). + Resource("challenges"). + Name(challenge.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(challenge). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *challenges) UpdateStatus(ctx context.Context, challenge *v1.Challenge, opts metav1.UpdateOptions) (result *v1.Challenge, err error) { + result = &v1.Challenge{} + err = c.client.Put(). + Namespace(c.ns). + Resource("challenges"). + Name(challenge.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(challenge). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the challenge and deletes it. Returns an error if one occurs. +func (c *challenges) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("challenges"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *challenges) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("challenges"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched challenge. +func (c *challenges) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Challenge, err error) { + result = &v1.Challenge{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("challenges"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/doc.go new file mode 100644 index 000000000..ec53dc912 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1 diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/generated_expansion.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/generated_expansion.go new file mode 100644 index 000000000..e7433fa63 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/generated_expansion.go @@ -0,0 +1,23 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +type ChallengeExpansion interface{} + +type OrderExpansion interface{} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go new file mode 100644 index 000000000..35f3f138b --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go @@ -0,0 +1,195 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + "time" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// OrdersGetter has a method to return a OrderInterface. +// A group's client should implement this interface. +type OrdersGetter interface { + Orders(namespace string) OrderInterface +} + +// OrderInterface has methods to work with Order resources. +type OrderInterface interface { + Create(ctx context.Context, order *v1.Order, opts metav1.CreateOptions) (*v1.Order, error) + Update(ctx context.Context, order *v1.Order, opts metav1.UpdateOptions) (*v1.Order, error) + UpdateStatus(ctx context.Context, order *v1.Order, opts metav1.UpdateOptions) (*v1.Order, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.Order, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.OrderList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Order, err error) + OrderExpansion +} + +// orders implements OrderInterface +type orders struct { + client rest.Interface + ns string +} + +// newOrders returns a Orders +func newOrders(c *AcmeV1Client, namespace string) *orders { + return &orders{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the order, and returns the corresponding order object, and an error if there is any. +func (c *orders) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.Order, err error) { + result = &v1.Order{} + err = c.client.Get(). + Namespace(c.ns). + Resource("orders"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Orders that match those selectors. +func (c *orders) List(ctx context.Context, opts metav1.ListOptions) (result *v1.OrderList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1.OrderList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("orders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested orders. +func (c *orders) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("orders"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a order and creates it. Returns the server's representation of the order, and an error, if there is any. +func (c *orders) Create(ctx context.Context, order *v1.Order, opts metav1.CreateOptions) (result *v1.Order, err error) { + result = &v1.Order{} + err = c.client.Post(). + Namespace(c.ns). + Resource("orders"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(order). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a order and updates it. Returns the server's representation of the order, and an error, if there is any. +func (c *orders) Update(ctx context.Context, order *v1.Order, opts metav1.UpdateOptions) (result *v1.Order, err error) { + result = &v1.Order{} + err = c.client.Put(). + Namespace(c.ns). + Resource("orders"). + Name(order.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(order). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *orders) UpdateStatus(ctx context.Context, order *v1.Order, opts metav1.UpdateOptions) (result *v1.Order, err error) { + result = &v1.Order{} + err = c.client.Put(). + Namespace(c.ns). + Resource("orders"). + Name(order.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(order). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the order and deletes it. Returns an error if one occurs. +func (c *orders) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("orders"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *orders) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("orders"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched order. +func (c *orders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Order, err error) { + result = &v1.Order{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("orders"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel new file mode 100644 index 000000000..a40529b46 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel @@ -0,0 +1,41 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "certificate.go", + "certificaterequest.go", + "certmanager_client.go", + "clusterissuer.go", + "doc.go", + "generated_expansion.go", + "issuer.go", + ], + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1", + visibility = ["//visibility:public"], + deps = [ + "//pkg/apis/certmanager/v1:go_default_library", + "//pkg/client/clientset/versioned/scheme:go_default_library", + "@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library", + "@io_k8s_apimachinery//pkg/types:go_default_library", + "@io_k8s_apimachinery//pkg/watch:go_default_library", + "@io_k8s_client_go//rest:go_default_library", + ], +) + +filegroup( + name = "package-srcs", + srcs = glob(["**"]), + tags = ["automanaged"], + visibility = ["//visibility:private"], +) + +filegroup( + name = "all-srcs", + srcs = [ + ":package-srcs", + "//pkg/client/clientset/versioned/typed/certmanager/v1/fake:all-srcs", + ], + tags = ["automanaged"], + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go new file mode 100644 index 000000000..f7e396186 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go @@ -0,0 +1,195 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + "time" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// CertificatesGetter has a method to return a CertificateInterface. +// A group's client should implement this interface. +type CertificatesGetter interface { + Certificates(namespace string) CertificateInterface +} + +// CertificateInterface has methods to work with Certificate resources. +type CertificateInterface interface { + Create(ctx context.Context, certificate *v1.Certificate, opts metav1.CreateOptions) (*v1.Certificate, error) + Update(ctx context.Context, certificate *v1.Certificate, opts metav1.UpdateOptions) (*v1.Certificate, error) + UpdateStatus(ctx context.Context, certificate *v1.Certificate, opts metav1.UpdateOptions) (*v1.Certificate, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.Certificate, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.CertificateList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Certificate, err error) + CertificateExpansion +} + +// certificates implements CertificateInterface +type certificates struct { + client rest.Interface + ns string +} + +// newCertificates returns a Certificates +func newCertificates(c *CertmanagerV1Client, namespace string) *certificates { + return &certificates{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the certificate, and returns the corresponding certificate object, and an error if there is any. +func (c *certificates) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.Certificate, err error) { + result = &v1.Certificate{} + err = c.client.Get(). + Namespace(c.ns). + Resource("certificates"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Certificates that match those selectors. +func (c *certificates) List(ctx context.Context, opts metav1.ListOptions) (result *v1.CertificateList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1.CertificateList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("certificates"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested certificates. +func (c *certificates) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("certificates"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a certificate and creates it. Returns the server's representation of the certificate, and an error, if there is any. +func (c *certificates) Create(ctx context.Context, certificate *v1.Certificate, opts metav1.CreateOptions) (result *v1.Certificate, err error) { + result = &v1.Certificate{} + err = c.client.Post(). + Namespace(c.ns). + Resource("certificates"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(certificate). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a certificate and updates it. Returns the server's representation of the certificate, and an error, if there is any. +func (c *certificates) Update(ctx context.Context, certificate *v1.Certificate, opts metav1.UpdateOptions) (result *v1.Certificate, err error) { + result = &v1.Certificate{} + err = c.client.Put(). + Namespace(c.ns). + Resource("certificates"). + Name(certificate.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(certificate). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *certificates) UpdateStatus(ctx context.Context, certificate *v1.Certificate, opts metav1.UpdateOptions) (result *v1.Certificate, err error) { + result = &v1.Certificate{} + err = c.client.Put(). + Namespace(c.ns). + Resource("certificates"). + Name(certificate.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(certificate). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the certificate and deletes it. Returns an error if one occurs. +func (c *certificates) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("certificates"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *certificates) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("certificates"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched certificate. +func (c *certificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Certificate, err error) { + result = &v1.Certificate{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("certificates"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go new file mode 100644 index 000000000..99633aad0 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go @@ -0,0 +1,195 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + "time" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// CertificateRequestsGetter has a method to return a CertificateRequestInterface. +// A group's client should implement this interface. +type CertificateRequestsGetter interface { + CertificateRequests(namespace string) CertificateRequestInterface +} + +// CertificateRequestInterface has methods to work with CertificateRequest resources. +type CertificateRequestInterface interface { + Create(ctx context.Context, certificateRequest *v1.CertificateRequest, opts metav1.CreateOptions) (*v1.CertificateRequest, error) + Update(ctx context.Context, certificateRequest *v1.CertificateRequest, opts metav1.UpdateOptions) (*v1.CertificateRequest, error) + UpdateStatus(ctx context.Context, certificateRequest *v1.CertificateRequest, opts metav1.UpdateOptions) (*v1.CertificateRequest, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.CertificateRequest, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.CertificateRequestList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.CertificateRequest, err error) + CertificateRequestExpansion +} + +// certificateRequests implements CertificateRequestInterface +type certificateRequests struct { + client rest.Interface + ns string +} + +// newCertificateRequests returns a CertificateRequests +func newCertificateRequests(c *CertmanagerV1Client, namespace string) *certificateRequests { + return &certificateRequests{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the certificateRequest, and returns the corresponding certificateRequest object, and an error if there is any. +func (c *certificateRequests) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.CertificateRequest, err error) { + result = &v1.CertificateRequest{} + err = c.client.Get(). + Namespace(c.ns). + Resource("certificaterequests"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of CertificateRequests that match those selectors. +func (c *certificateRequests) List(ctx context.Context, opts metav1.ListOptions) (result *v1.CertificateRequestList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1.CertificateRequestList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("certificaterequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested certificateRequests. +func (c *certificateRequests) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("certificaterequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a certificateRequest and creates it. Returns the server's representation of the certificateRequest, and an error, if there is any. +func (c *certificateRequests) Create(ctx context.Context, certificateRequest *v1.CertificateRequest, opts metav1.CreateOptions) (result *v1.CertificateRequest, err error) { + result = &v1.CertificateRequest{} + err = c.client.Post(). + Namespace(c.ns). + Resource("certificaterequests"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(certificateRequest). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a certificateRequest and updates it. Returns the server's representation of the certificateRequest, and an error, if there is any. +func (c *certificateRequests) Update(ctx context.Context, certificateRequest *v1.CertificateRequest, opts metav1.UpdateOptions) (result *v1.CertificateRequest, err error) { + result = &v1.CertificateRequest{} + err = c.client.Put(). + Namespace(c.ns). + Resource("certificaterequests"). + Name(certificateRequest.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(certificateRequest). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *certificateRequests) UpdateStatus(ctx context.Context, certificateRequest *v1.CertificateRequest, opts metav1.UpdateOptions) (result *v1.CertificateRequest, err error) { + result = &v1.CertificateRequest{} + err = c.client.Put(). + Namespace(c.ns). + Resource("certificaterequests"). + Name(certificateRequest.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(certificateRequest). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the certificateRequest and deletes it. Returns an error if one occurs. +func (c *certificateRequests) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("certificaterequests"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *certificateRequests) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("certificaterequests"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched certificateRequest. +func (c *certificateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.CertificateRequest, err error) { + result = &v1.CertificateRequest{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("certificaterequests"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go new file mode 100644 index 000000000..d4c9c3800 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go @@ -0,0 +1,122 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "net/http" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type CertmanagerV1Interface interface { + RESTClient() rest.Interface + CertificatesGetter + CertificateRequestsGetter + ClusterIssuersGetter + IssuersGetter +} + +// CertmanagerV1Client is used to interact with features provided by the cert-manager.io group. +type CertmanagerV1Client struct { + restClient rest.Interface +} + +func (c *CertmanagerV1Client) Certificates(namespace string) CertificateInterface { + return newCertificates(c, namespace) +} + +func (c *CertmanagerV1Client) CertificateRequests(namespace string) CertificateRequestInterface { + return newCertificateRequests(c, namespace) +} + +func (c *CertmanagerV1Client) ClusterIssuers() ClusterIssuerInterface { + return newClusterIssuers(c) +} + +func (c *CertmanagerV1Client) Issuers(namespace string) IssuerInterface { + return newIssuers(c, namespace) +} + +// NewForConfig creates a new CertmanagerV1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*CertmanagerV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new CertmanagerV1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CertmanagerV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &CertmanagerV1Client{client}, nil +} + +// NewForConfigOrDie creates a new CertmanagerV1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *CertmanagerV1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new CertmanagerV1Client for the given RESTClient. +func New(c rest.Interface) *CertmanagerV1Client { + return &CertmanagerV1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *CertmanagerV1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go new file mode 100644 index 000000000..3e8c33984 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go @@ -0,0 +1,184 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + "time" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ClusterIssuersGetter has a method to return a ClusterIssuerInterface. +// A group's client should implement this interface. +type ClusterIssuersGetter interface { + ClusterIssuers() ClusterIssuerInterface +} + +// ClusterIssuerInterface has methods to work with ClusterIssuer resources. +type ClusterIssuerInterface interface { + Create(ctx context.Context, clusterIssuer *v1.ClusterIssuer, opts metav1.CreateOptions) (*v1.ClusterIssuer, error) + Update(ctx context.Context, clusterIssuer *v1.ClusterIssuer, opts metav1.UpdateOptions) (*v1.ClusterIssuer, error) + UpdateStatus(ctx context.Context, clusterIssuer *v1.ClusterIssuer, opts metav1.UpdateOptions) (*v1.ClusterIssuer, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.ClusterIssuer, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.ClusterIssuerList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.ClusterIssuer, err error) + ClusterIssuerExpansion +} + +// clusterIssuers implements ClusterIssuerInterface +type clusterIssuers struct { + client rest.Interface +} + +// newClusterIssuers returns a ClusterIssuers +func newClusterIssuers(c *CertmanagerV1Client) *clusterIssuers { + return &clusterIssuers{ + client: c.RESTClient(), + } +} + +// Get takes name of the clusterIssuer, and returns the corresponding clusterIssuer object, and an error if there is any. +func (c *clusterIssuers) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.ClusterIssuer, err error) { + result = &v1.ClusterIssuer{} + err = c.client.Get(). + Resource("clusterissuers"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ClusterIssuers that match those selectors. +func (c *clusterIssuers) List(ctx context.Context, opts metav1.ListOptions) (result *v1.ClusterIssuerList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1.ClusterIssuerList{} + err = c.client.Get(). + Resource("clusterissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested clusterIssuers. +func (c *clusterIssuers) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("clusterissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a clusterIssuer and creates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. +func (c *clusterIssuers) Create(ctx context.Context, clusterIssuer *v1.ClusterIssuer, opts metav1.CreateOptions) (result *v1.ClusterIssuer, err error) { + result = &v1.ClusterIssuer{} + err = c.client.Post(). + Resource("clusterissuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterIssuer). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a clusterIssuer and updates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. +func (c *clusterIssuers) Update(ctx context.Context, clusterIssuer *v1.ClusterIssuer, opts metav1.UpdateOptions) (result *v1.ClusterIssuer, err error) { + result = &v1.ClusterIssuer{} + err = c.client.Put(). + Resource("clusterissuers"). + Name(clusterIssuer.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterIssuer). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *clusterIssuers) UpdateStatus(ctx context.Context, clusterIssuer *v1.ClusterIssuer, opts metav1.UpdateOptions) (result *v1.ClusterIssuer, err error) { + result = &v1.ClusterIssuer{} + err = c.client.Put(). + Resource("clusterissuers"). + Name(clusterIssuer.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterIssuer). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the clusterIssuer and deletes it. Returns an error if one occurs. +func (c *clusterIssuers) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + return c.client.Delete(). + Resource("clusterissuers"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *clusterIssuers) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("clusterissuers"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched clusterIssuer. +func (c *clusterIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.ClusterIssuer, err error) { + result = &v1.ClusterIssuer{} + err = c.client.Patch(pt). + Resource("clusterissuers"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/doc.go new file mode 100644 index 000000000..ec53dc912 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1 diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/generated_expansion.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/generated_expansion.go new file mode 100644 index 000000000..89ff5486a --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/generated_expansion.go @@ -0,0 +1,27 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +type CertificateExpansion interface{} + +type CertificateRequestExpansion interface{} + +type ClusterIssuerExpansion interface{} + +type IssuerExpansion interface{} diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go new file mode 100644 index 000000000..2baeb107b --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go @@ -0,0 +1,195 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + "context" + "time" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// IssuersGetter has a method to return a IssuerInterface. +// A group's client should implement this interface. +type IssuersGetter interface { + Issuers(namespace string) IssuerInterface +} + +// IssuerInterface has methods to work with Issuer resources. +type IssuerInterface interface { + Create(ctx context.Context, issuer *v1.Issuer, opts metav1.CreateOptions) (*v1.Issuer, error) + Update(ctx context.Context, issuer *v1.Issuer, opts metav1.UpdateOptions) (*v1.Issuer, error) + UpdateStatus(ctx context.Context, issuer *v1.Issuer, opts metav1.UpdateOptions) (*v1.Issuer, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.Issuer, error) + List(ctx context.Context, opts metav1.ListOptions) (*v1.IssuerList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Issuer, err error) + IssuerExpansion +} + +// issuers implements IssuerInterface +type issuers struct { + client rest.Interface + ns string +} + +// newIssuers returns a Issuers +func newIssuers(c *CertmanagerV1Client, namespace string) *issuers { + return &issuers{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the issuer, and returns the corresponding issuer object, and an error if there is any. +func (c *issuers) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.Issuer, err error) { + result = &v1.Issuer{} + err = c.client.Get(). + Namespace(c.ns). + Resource("issuers"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Issuers that match those selectors. +func (c *issuers) List(ctx context.Context, opts metav1.ListOptions) (result *v1.IssuerList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1.IssuerList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("issuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested issuers. +func (c *issuers) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("issuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a issuer and creates it. Returns the server's representation of the issuer, and an error, if there is any. +func (c *issuers) Create(ctx context.Context, issuer *v1.Issuer, opts metav1.CreateOptions) (result *v1.Issuer, err error) { + result = &v1.Issuer{} + err = c.client.Post(). + Namespace(c.ns). + Resource("issuers"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(issuer). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a issuer and updates it. Returns the server's representation of the issuer, and an error, if there is any. +func (c *issuers) Update(ctx context.Context, issuer *v1.Issuer, opts metav1.UpdateOptions) (result *v1.Issuer, err error) { + result = &v1.Issuer{} + err = c.client.Put(). + Namespace(c.ns). + Resource("issuers"). + Name(issuer.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(issuer). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *issuers) UpdateStatus(ctx context.Context, issuer *v1.Issuer, opts metav1.UpdateOptions) (result *v1.Issuer, err error) { + result = &v1.Issuer{} + err = c.client.Put(). + Namespace(c.ns). + Resource("issuers"). + Name(issuer.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(issuer). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the issuer and deletes it. Returns an error if one occurs. +func (c *issuers) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("issuers"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *issuers) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("issuers"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched issuer. +func (c *issuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Issuer, err error) { + result = &v1.Issuer{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("issuers"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/vendor/kmodules.xyz/cert-manager-util/LICENSE b/vendor/kmodules.xyz/cert-manager-util/LICENSE new file mode 100644 index 000000000..261eeb9e9 --- /dev/null +++ b/vendor/kmodules.xyz/cert-manager-util/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/certificate.go b/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/certificate.go new file mode 100644 index 000000000..8c8d9e2b7 --- /dev/null +++ b/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/certificate.go @@ -0,0 +1,151 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "context" + "encoding/json" + "fmt" + + api "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + cs "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" + jsonpatch "github.com/evanphx/json-patch" + "github.com/pkg/errors" + kerr "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/klog/v2" + kutil "kmodules.xyz/client-go" +) + +func CreateOrPatchCertificate(ctx context.Context, c cs.CertmanagerV1Interface, meta metav1.ObjectMeta, transform func(alert *api.Certificate) *api.Certificate, opts metav1.PatchOptions) (*api.Certificate, kutil.VerbType, error) { + cur, err := c.Certificates(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if kerr.IsNotFound(err) { + klog.V(3).Infof("Creating Certificate %s/%s.", meta.Namespace, meta.Name) + out, err := c.Certificates(meta.Namespace).Create(ctx, transform(&api.Certificate{ + TypeMeta: metav1.TypeMeta{ + Kind: "Certificate", + APIVersion: api.SchemeGroupVersion.String(), + }, + ObjectMeta: meta, + }), metav1.CreateOptions{ + DryRun: opts.DryRun, + FieldManager: opts.FieldManager, + }) + return out, kutil.VerbCreated, err + } else if err != nil { + return nil, kutil.VerbUnchanged, err + } + return PatchCertificate(ctx, c, cur, transform, opts) +} + +func PatchCertificate(ctx context.Context, c cs.CertmanagerV1Interface, cur *api.Certificate, transform func(*api.Certificate) *api.Certificate, opts metav1.PatchOptions) (*api.Certificate, kutil.VerbType, error) { + return PatchCertificateObject(ctx, c, cur, transform(cur.DeepCopy()), opts) +} + +func PatchCertificateObject(ctx context.Context, c cs.CertmanagerV1Interface, cur, mod *api.Certificate, opts metav1.PatchOptions) (*api.Certificate, kutil.VerbType, error) { + curJson, err := json.Marshal(cur) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + + modJson, err := json.Marshal(mod) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + + patch, err := jsonpatch.CreateMergePatch(curJson, modJson) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + if len(patch) == 0 || string(patch) == "{}" { + return cur, kutil.VerbUnchanged, nil + } + klog.V(3).Infof("Patching Certificate %s/%s with %s.", cur.Namespace, cur.Name, string(patch)) + out, err := c.Certificates(cur.Namespace).Patch(ctx, cur.Name, types.MergePatchType, patch, opts) + return out, kutil.VerbPatched, err +} + +func TryUpdateCertificate(ctx context.Context, c cs.CertmanagerV1Interface, meta metav1.ObjectMeta, transform func(*api.Certificate) *api.Certificate, opts metav1.UpdateOptions) (result *api.Certificate, err error) { + attempt := 0 + err = wait.PollImmediate(kutil.RetryInterval, kutil.RetryTimeout, func() (bool, error) { + attempt++ + cur, e2 := c.Certificates(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if kerr.IsNotFound(e2) { + return false, e2 + } else if e2 == nil { + result, e2 = c.Certificates(cur.Namespace).Update(ctx, transform(cur.DeepCopy()), opts) + return e2 == nil, nil + } + klog.Errorf("Attempt %d failed to update Certificate %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) + return false, nil + }) + + if err != nil { + err = errors.Errorf("failed to update Certificate %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) + } + return +} + +func UpdateCertificateStatus( + ctx context.Context, + c cs.CertmanagerV1Interface, + meta metav1.ObjectMeta, + transform func(*api.CertificateStatus) *api.CertificateStatus, + opts metav1.UpdateOptions, +) (result *api.Certificate, err error) { + apply := func(x *api.Certificate) *api.Certificate { + return &api.Certificate{ + TypeMeta: x.TypeMeta, + ObjectMeta: x.ObjectMeta, + Spec: x.Spec, + Status: *transform(x.Status.DeepCopy()), + } + } + + attempt := 0 + cur, err := c.Certificates(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + err = wait.PollImmediate(kutil.RetryInterval, kutil.RetryTimeout, func() (bool, error) { + attempt++ + var e2 error + result, e2 = c.Certificates(meta.Namespace).UpdateStatus(ctx, apply(cur), opts) + if kerr.IsConflict(e2) { + latest, e3 := c.Certificates(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + switch { + case e3 == nil: + cur = latest + return false, nil + case kutil.IsRequestRetryable(e3): + return false, nil + default: + return false, e3 + } + } else if err != nil && !kutil.IsRequestRetryable(e2) { + return false, e2 + } + return e2 == nil, nil + }) + + if err != nil { + err = fmt.Errorf("failed to update status of Certificate %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) + } + return +} diff --git a/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/certificaterequest.go b/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/certificaterequest.go new file mode 100644 index 000000000..ae889dd8e --- /dev/null +++ b/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/certificaterequest.go @@ -0,0 +1,151 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "context" + "encoding/json" + "fmt" + + api "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + cs "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" + jsonpatch "github.com/evanphx/json-patch" + "github.com/pkg/errors" + kerr "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/klog/v2" + kutil "kmodules.xyz/client-go" +) + +func CreateOrPatchCertificateRequest(ctx context.Context, c cs.CertmanagerV1Interface, meta metav1.ObjectMeta, transform func(alert *api.CertificateRequest) *api.CertificateRequest, opts metav1.PatchOptions) (*api.CertificateRequest, kutil.VerbType, error) { + cur, err := c.CertificateRequests(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if kerr.IsNotFound(err) { + klog.V(3).Infof("Creating CertificateRequest %s/%s.", meta.Namespace, meta.Name) + out, err := c.CertificateRequests(meta.Namespace).Create(ctx, transform(&api.CertificateRequest{ + TypeMeta: metav1.TypeMeta{ + Kind: "CertificateRequest", + APIVersion: api.SchemeGroupVersion.String(), + }, + ObjectMeta: meta, + }), metav1.CreateOptions{ + DryRun: opts.DryRun, + FieldManager: opts.FieldManager, + }) + return out, kutil.VerbCreated, err + } else if err != nil { + return nil, kutil.VerbUnchanged, err + } + return PatchCertificateRequest(ctx, c, cur, transform, opts) +} + +func PatchCertificateRequest(ctx context.Context, c cs.CertmanagerV1Interface, cur *api.CertificateRequest, transform func(*api.CertificateRequest) *api.CertificateRequest, opts metav1.PatchOptions) (*api.CertificateRequest, kutil.VerbType, error) { + return PatchCertificateRequestObject(ctx, c, cur, transform(cur.DeepCopy()), opts) +} + +func PatchCertificateRequestObject(ctx context.Context, c cs.CertmanagerV1Interface, cur, mod *api.CertificateRequest, opts metav1.PatchOptions) (*api.CertificateRequest, kutil.VerbType, error) { + curJson, err := json.Marshal(cur) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + + modJson, err := json.Marshal(mod) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + + patch, err := jsonpatch.CreateMergePatch(curJson, modJson) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + if len(patch) == 0 || string(patch) == "{}" { + return cur, kutil.VerbUnchanged, nil + } + klog.V(3).Infof("Patching CertificateRequest %s/%s with %s.", cur.Namespace, cur.Name, string(patch)) + out, err := c.CertificateRequests(cur.Namespace).Patch(ctx, cur.Name, types.MergePatchType, patch, opts) + return out, kutil.VerbPatched, err +} + +func TryUpdateCertificateRequest(ctx context.Context, c cs.CertmanagerV1Interface, meta metav1.ObjectMeta, transform func(*api.CertificateRequest) *api.CertificateRequest, opts metav1.UpdateOptions) (result *api.CertificateRequest, err error) { + attempt := 0 + err = wait.PollImmediate(kutil.RetryInterval, kutil.RetryTimeout, func() (bool, error) { + attempt++ + cur, e2 := c.CertificateRequests(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if kerr.IsNotFound(e2) { + return false, e2 + } else if e2 == nil { + result, e2 = c.CertificateRequests(cur.Namespace).Update(ctx, transform(cur.DeepCopy()), opts) + return e2 == nil, nil + } + klog.Errorf("Attempt %d failed to update CertificateRequest %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) + return false, nil + }) + + if err != nil { + err = errors.Errorf("failed to update CertificateRequest %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) + } + return +} + +func UpdateCertificateRequestStatus( + ctx context.Context, + c cs.CertmanagerV1Interface, + meta metav1.ObjectMeta, + transform func(*api.CertificateRequestStatus) *api.CertificateRequestStatus, + opts metav1.UpdateOptions, +) (result *api.CertificateRequest, err error) { + apply := func(x *api.CertificateRequest) *api.CertificateRequest { + return &api.CertificateRequest{ + TypeMeta: x.TypeMeta, + ObjectMeta: x.ObjectMeta, + Spec: x.Spec, + Status: *transform(x.Status.DeepCopy()), + } + } + + attempt := 0 + cur, err := c.CertificateRequests(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + err = wait.PollImmediate(kutil.RetryInterval, kutil.RetryTimeout, func() (bool, error) { + attempt++ + var e2 error + result, e2 = c.CertificateRequests(meta.Namespace).UpdateStatus(ctx, apply(cur), opts) + if kerr.IsConflict(e2) { + latest, e3 := c.CertificateRequests(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + switch { + case e3 == nil: + cur = latest + return false, nil + case kutil.IsRequestRetryable(e3): + return false, nil + default: + return false, e3 + } + } else if err != nil && !kutil.IsRequestRetryable(e2) { + return false, e2 + } + return e2 == nil, nil + }) + + if err != nil { + err = fmt.Errorf("failed to update status of CertificateRequest %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) + } + return +} diff --git a/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/clusterissuer.go b/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/clusterissuer.go new file mode 100644 index 000000000..c7b23f021 --- /dev/null +++ b/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/clusterissuer.go @@ -0,0 +1,102 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "context" + "encoding/json" + + api "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + cs "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" + jsonpatch "github.com/evanphx/json-patch" + "github.com/pkg/errors" + kerr "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/klog/v2" + kutil "kmodules.xyz/client-go" +) + +func CreateOrPatchClusterIssuer(ctx context.Context, c cs.CertmanagerV1Interface, meta metav1.ObjectMeta, transform func(*api.ClusterIssuer) *api.ClusterIssuer, opts metav1.PatchOptions) (*api.ClusterIssuer, kutil.VerbType, error) { + cur, err := c.ClusterIssuers().Get(ctx, meta.Name, metav1.GetOptions{}) + if kerr.IsNotFound(err) { + klog.V(3).Infof("Creating ClusterIssuer %s", meta.Name) + out, err := c.ClusterIssuers().Create(ctx, transform(&api.ClusterIssuer{ + TypeMeta: metav1.TypeMeta{ + Kind: "ClusterIssuer", + APIVersion: api.SchemeGroupVersion.String(), + }, + ObjectMeta: meta, + }), metav1.CreateOptions{ + DryRun: opts.DryRun, + FieldManager: opts.FieldManager, + }) + return out, kutil.VerbCreated, err + } else if err != nil { + return nil, kutil.VerbUnchanged, err + } + return PatchClusterIssuer(ctx, c, cur, transform, opts) +} + +func PatchClusterIssuer(ctx context.Context, c cs.CertmanagerV1Interface, cur *api.ClusterIssuer, transform func(*api.ClusterIssuer) *api.ClusterIssuer, opts metav1.PatchOptions) (*api.ClusterIssuer, kutil.VerbType, error) { + return PatchClusterIssuerObject(ctx, c, cur, transform(cur.DeepCopy()), opts) +} + +func PatchClusterIssuerObject(ctx context.Context, c cs.CertmanagerV1Interface, cur, mod *api.ClusterIssuer, opts metav1.PatchOptions) (*api.ClusterIssuer, kutil.VerbType, error) { + curJson, err := json.Marshal(cur) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + + modJson, err := json.Marshal(mod) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + + patch, err := jsonpatch.CreateMergePatch(curJson, modJson) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + if len(patch) == 0 || string(patch) == "{}" { + return cur, kutil.VerbUnchanged, nil + } + klog.V(3).Infof("Patching ClusterIssuer %s with %s.", cur.Name, string(patch)) + out, err := c.ClusterIssuers().Patch(ctx, cur.Name, types.MergePatchType, patch, opts) + return out, kutil.VerbPatched, err +} + +func TryUpdateClusterIssuer(ctx context.Context, c cs.CertmanagerV1Interface, meta metav1.ObjectMeta, transform func(*api.ClusterIssuer) *api.ClusterIssuer, opts metav1.UpdateOptions) (result *api.ClusterIssuer, err error) { + attempt := 0 + err = wait.PollImmediate(kutil.RetryInterval, kutil.RetryTimeout, func() (bool, error) { + attempt++ + cur, e2 := c.ClusterIssuers().Get(ctx, meta.Name, metav1.GetOptions{}) + if kerr.IsNotFound(e2) { + return false, e2 + } else if e2 == nil { + result, e2 = c.ClusterIssuers().Update(ctx, transform(cur.DeepCopy()), opts) + return e2 == nil, nil + } + klog.Errorf("Attempt %d failed to update ClusterIssuer %s due to %v.", attempt, cur.Name, e2) + return false, nil + }) + + if err != nil { + err = errors.Errorf("failed to update ClusterIssuer %s after %d attempts due to %v", meta.Name, attempt, err) + } + return +} diff --git a/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/issuer.go b/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/issuer.go new file mode 100644 index 000000000..cb98df023 --- /dev/null +++ b/vendor/kmodules.xyz/cert-manager-util/certmanager/v1/issuer.go @@ -0,0 +1,151 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1beta1 + +import ( + "context" + "encoding/json" + "fmt" + + api "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + cs "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" + jsonpatch "github.com/evanphx/json-patch" + "github.com/pkg/errors" + kerr "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/klog/v2" + kutil "kmodules.xyz/client-go" +) + +func CreateOrPatchIssuer(ctx context.Context, c cs.CertmanagerV1Interface, meta metav1.ObjectMeta, transform func(alert *api.Issuer) *api.Issuer, opts metav1.PatchOptions) (*api.Issuer, kutil.VerbType, error) { + cur, err := c.Issuers(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if kerr.IsNotFound(err) { + klog.V(3).Infof("Creating Issuer %s/%s.", meta.Namespace, meta.Name) + out, err := c.Issuers(meta.Namespace).Create(ctx, transform(&api.Issuer{ + TypeMeta: metav1.TypeMeta{ + Kind: "Issuer", + APIVersion: api.SchemeGroupVersion.String(), + }, + ObjectMeta: meta, + }), metav1.CreateOptions{ + DryRun: opts.DryRun, + FieldManager: opts.FieldManager, + }) + return out, kutil.VerbCreated, err + } else if err != nil { + return nil, kutil.VerbUnchanged, err + } + return PatchIssuer(ctx, c, cur, transform, opts) +} + +func PatchIssuer(ctx context.Context, c cs.CertmanagerV1Interface, cur *api.Issuer, transform func(*api.Issuer) *api.Issuer, opts metav1.PatchOptions) (*api.Issuer, kutil.VerbType, error) { + return PatchIssuerObject(ctx, c, cur, transform(cur.DeepCopy()), opts) +} + +func PatchIssuerObject(ctx context.Context, c cs.CertmanagerV1Interface, cur, mod *api.Issuer, opts metav1.PatchOptions) (*api.Issuer, kutil.VerbType, error) { + curJson, err := json.Marshal(cur) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + + modJson, err := json.Marshal(mod) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + + patch, err := jsonpatch.CreateMergePatch(curJson, modJson) + if err != nil { + return nil, kutil.VerbUnchanged, err + } + if len(patch) == 0 || string(patch) == "{}" { + return cur, kutil.VerbUnchanged, nil + } + klog.V(3).Infof("Patching Issuer %s/%s with %s.", cur.Namespace, cur.Name, string(patch)) + out, err := c.Issuers(cur.Namespace).Patch(ctx, cur.Name, types.MergePatchType, patch, opts) + return out, kutil.VerbPatched, err +} + +func TryUpdateIssuer(ctx context.Context, c cs.CertmanagerV1Interface, meta metav1.ObjectMeta, transform func(*api.Issuer) *api.Issuer, opts metav1.UpdateOptions) (result *api.Issuer, err error) { + attempt := 0 + err = wait.PollImmediate(kutil.RetryInterval, kutil.RetryTimeout, func() (bool, error) { + attempt++ + cur, e2 := c.Issuers(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if kerr.IsNotFound(e2) { + return false, e2 + } else if e2 == nil { + result, e2 = c.Issuers(cur.Namespace).Update(ctx, transform(cur.DeepCopy()), opts) + return e2 == nil, nil + } + klog.Errorf("Attempt %d failed to update Issuer %s/%s due to %v.", attempt, cur.Namespace, cur.Name, e2) + return false, nil + }) + + if err != nil { + err = errors.Errorf("failed to update Issuer %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) + } + return +} + +func UpdateIssuerStatus( + ctx context.Context, + c cs.CertmanagerV1Interface, + meta metav1.ObjectMeta, + transform func(*api.IssuerStatus) *api.IssuerStatus, + opts metav1.UpdateOptions, +) (result *api.Issuer, err error) { + apply := func(x *api.Issuer) *api.Issuer { + return &api.Issuer{ + TypeMeta: x.TypeMeta, + ObjectMeta: x.ObjectMeta, + Spec: x.Spec, + Status: *transform(x.Status.DeepCopy()), + } + } + + attempt := 0 + cur, err := c.Issuers(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + err = wait.PollImmediate(kutil.RetryInterval, kutil.RetryTimeout, func() (bool, error) { + attempt++ + var e2 error + result, e2 = c.Issuers(meta.Namespace).UpdateStatus(ctx, apply(cur), opts) + if kerr.IsConflict(e2) { + latest, e3 := c.Issuers(meta.Namespace).Get(ctx, meta.Name, metav1.GetOptions{}) + switch { + case e3 == nil: + cur = latest + return false, nil + case kutil.IsRequestRetryable(e3): + return false, nil + default: + return false, e3 + } + } else if err != nil && !kutil.IsRequestRetryable(e2) { + return false, e2 + } + return e2 == nil, nil + }) + + if err != nil { + err = fmt.Errorf("failed to update status of Issuer %s/%s after %d attempts due to %v", meta.Namespace, meta.Name, attempt, err) + } + return +} diff --git a/vendor/kmodules.xyz/client-go/tools/exec/lib.go b/vendor/kmodules.xyz/client-go/tools/exec/lib.go new file mode 100644 index 000000000..c4a44ff75 --- /dev/null +++ b/vendor/kmodules.xyz/client-go/tools/exec/lib.go @@ -0,0 +1,153 @@ +/* +Copyright AppsCode Inc. and Contributors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package exec + +import ( + "bytes" + "context" + "errors" + "fmt" + "net/http" + "strings" + + core "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/kubernetes/scheme" + "k8s.io/client-go/rest" + "k8s.io/client-go/tools/remotecommand" +) + +var NotRunning = errors.New("container not running") + +type Options struct { + core.PodExecOptions + remotecommand.StreamOptions + CheckForRunningContainer bool +} + +func Container(container string) func(*Options) { + return func(opts *Options) { + opts.Container = container + } +} + +func Command(cmd ...string) func(*Options) { + return func(opts *Options) { + opts.Command = cmd + } +} + +func CheckForRunningContainer(check bool) func(*Options) { + return func(opts *Options) { + opts.CheckForRunningContainer = check + } +} + +func Input(in string) func(*Options) { + return func(opts *Options) { + opts.PodExecOptions.Stdin = true + opts.StreamOptions.Stdin = strings.NewReader(in) + } +} + +func TTY(enable bool) func(*Options) { + return func(opts *Options) { + opts.PodExecOptions.TTY = enable + } +} + +func Exec(config *rest.Config, pod types.NamespacedName, options ...func(*Options)) (string, error) { + kc, err := kubernetes.NewForConfig(config) + if err != nil { + return "", err + } + p, err := kc.CoreV1().Pods(pod.Namespace).Get(context.TODO(), pod.Name, metav1.GetOptions{}) + if err != nil { + return "", err + } + return execIntoPod(config, kc, p, options...) +} + +func ExecIntoPod(config *rest.Config, pod *core.Pod, options ...func(*Options)) (string, error) { + kc, err := kubernetes.NewForConfig(config) + if err != nil { + return "", err + } + return execIntoPod(config, kc, pod, options...) +} + +func execIntoPod(config *rest.Config, kc kubernetes.Interface, pod *core.Pod, options ...func(*Options)) (string, error) { + var ( + execOut bytes.Buffer + execErr bytes.Buffer + opts = &Options{ + PodExecOptions: core.PodExecOptions{ + Container: pod.Spec.Containers[0].Name, + Stdout: true, + Stderr: true, + }, + StreamOptions: remotecommand.StreamOptions{ + Stdout: &execOut, + Stderr: &execErr, + }, + } + ) + for _, option := range options { + option(opts) + } + + if opts.CheckForRunningContainer { + for _, status := range pod.Status.ContainerStatuses { + if status.Name == opts.PodExecOptions.Container { + if status.State.Running == nil { + return "", NotRunning + } + } + } + for _, status := range pod.Status.InitContainerStatuses { + if status.Name == opts.PodExecOptions.Container { + if status.State.Running == nil { + return "", NotRunning + } + } + } + } + + req := kc.CoreV1().RESTClient().Post(). + Resource("pods"). + Name(pod.Name). + Namespace(pod.Namespace). + SubResource("exec") + req.VersionedParams(&opts.PodExecOptions, scheme.ParameterCodec) + + exec, err := remotecommand.NewSPDYExecutor(config, http.MethodPost, req.URL()) + if err != nil { + return "", fmt.Errorf("failed to init executor: %v", err) + } + + err = exec.Stream(opts.StreamOptions) + if err != nil { + return "", fmt.Errorf("could not execute: %v", err) + } + + if execErr.Len() > 0 { + return "", fmt.Errorf("stderr: %v", execErr.String()) + } + return execOut.String(), nil +} diff --git a/vendor/modules.txt b/vendor/modules.txt index b85be9d2a..2e36774ba 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -41,7 +41,10 @@ github.com/cert-manager/cert-manager/pkg/apis/certmanager github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1 github.com/cert-manager/cert-manager/pkg/apis/meta github.com/cert-manager/cert-manager/pkg/apis/meta/v1 +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1 +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1 # github.com/cespare/xxhash/v2 v2.2.0 ## explicit; go 1.11 github.com/cespare/xxhash/v2 @@ -1421,6 +1424,9 @@ k8s.io/utils/trace # kmodules.xyz/apiversion v0.2.0 ## explicit; go 1.14 kmodules.xyz/apiversion +# kmodules.xyz/cert-manager-util v0.25.0 +## explicit; go 1.18 +kmodules.xyz/cert-manager-util/certmanager/v1 # kmodules.xyz/client-go v0.25.30 ## explicit; go 1.18 kmodules.xyz/client-go @@ -1432,6 +1438,7 @@ kmodules.xyz/client-go/conditions kmodules.xyz/client-go/core/v1 kmodules.xyz/client-go/discovery kmodules.xyz/client-go/meta +kmodules.xyz/client-go/tools/exec kmodules.xyz/client-go/tools/portforward # kmodules.xyz/custom-resources v0.25.2 ## explicit; go 1.18