github.com/navikt/knorten@v0.0.0-20240419132333-1333f46ed8b6/pkg/team/k8s.go

github.com/navikt/knorten@v0.0.0-20240419132333-1333f46ed8b6/pkg/team/k8s.go (about)

     1  package team
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  
     7  	v1 "k8s.io/api/core/v1"
     8  	k8sErrors "k8s.io/apimachinery/pkg/api/errors"
     9  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    10  )
    11  
    12  func (c Client) k8sNamespaceExists(ctx context.Context, namespace string) (bool, error) {
    13  	if c.dryRun {
    14  		return false, nil
    15  	}
    16  
    17  	_, err := c.k8sClient.CoreV1().Namespaces().Get(ctx, namespace, metav1.GetOptions{})
    18  	if err != nil {
    19  		if k8sErrors.IsNotFound(err) {
    20  			return false, nil
    21  		}
    22  
    23  		return false, err
    24  	}
    25  
    26  	return true, nil
    27  }
    28  
    29  func (c Client) createK8sNamespace(ctx context.Context, name string) error {
    30  	if c.dryRun {
    31  		return nil
    32  	}
    33  
    34  	namespace := &v1.Namespace{
    35  		ObjectMeta: metav1.ObjectMeta{
    36  			Name: name,
    37  			Labels: map[string]string{
    38  				"team-namespace": "true",
    39  			},
    40  		},
    41  	}
    42  
    43  	_, err := c.k8sClient.CoreV1().Namespaces().Create(ctx, namespace, metav1.CreateOptions{})
    44  	if err != nil && !k8sErrors.IsAlreadyExists(err) {
    45  		return err
    46  	}
    47  
    48  	return nil
    49  }
    50  
    51  func (c Client) deleteK8sNamespace(ctx context.Context, namespace string) error {
    52  	if c.dryRun {
    53  		return nil
    54  	}
    55  
    56  	err := c.k8sClient.CoreV1().Namespaces().Delete(ctx, namespace, metav1.DeleteOptions{})
    57  	if err != nil && !k8sErrors.IsNotFound(err) {
    58  		return err
    59  	}
    60  
    61  	return nil
    62  }
    63  
    64  func (c Client) k8sServiceAccountExists(ctx context.Context, teamID, namespace string) (bool, error) {
    65  	if c.dryRun {
    66  		return false, nil
    67  	}
    68  
    69  	_, err := c.k8sClient.CoreV1().ServiceAccounts(namespace).Get(ctx, teamID, metav1.GetOptions{})
    70  	if err != nil {
    71  		if k8sErrors.IsNotFound(err) {
    72  			return false, nil
    73  		}
    74  
    75  		return false, err
    76  	}
    77  
    78  	return true, nil
    79  }
    80  
    81  func (c Client) createK8sServiceAccount(ctx context.Context, teamID, namespace string) error {
    82  	if c.dryRun {
    83  		return nil
    84  	}
    85  
    86  	saSpec := &v1.ServiceAccount{
    87  		ObjectMeta: metav1.ObjectMeta{
    88  			Name:      teamID,
    89  			Namespace: namespace,
    90  			Annotations: map[string]string{
    91  				"iam.gke.io/gcp-service-account": fmt.Sprintf("%v@%v.iam.gserviceaccount.com", teamID, c.gcpProject),
    92  			},
    93  		},
    94  	}
    95  
    96  	_, err := c.k8sClient.CoreV1().ServiceAccounts(namespace).Create(ctx, saSpec, metav1.CreateOptions{})
    97  	if err != nil && !k8sErrors.IsAlreadyExists(err) {
    98  		return err
    99  	}
   100  
   101  	return nil
   102  }