Decouple shared functions between controllers (#8829)

* Decouple shared functions between controllers * Apply suggestions from code review Co-authored-by: Jintao Zhang <tao12345666333@163.com> * Fix package names and fmt Co-authored-by: Jintao Zhang <tao12345666333@163.com>
2022-07-20 15:53:44 -03:00 · 2022-07-20 15:53:44 -03:00 · 4c6a7ee158
commit 4c6a7ee158
parent 8f9df544ea
27 changed files with 413 additions and 134 deletions
--- a/pkg/util/file/file.go
+++ b/pkg/util/file/file.go
@ -0,0 +1,38 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package file
+
+import (
+	"crypto/sha1" // #nosec
+	"encoding/hex"
+	"os"
+
+	"k8s.io/klog/v2"
+)
+
+// SHA1 returns the SHA1 of a file.
+func SHA1(filename string) string {
+	hasher := sha1.New() // #nosec
+	s, err := os.ReadFile(filename)
+	if err != nil {
+		klog.ErrorS(err, "Error reading file", "path", filename)
+		return ""
+	}
+
+	hasher.Write(s)
+	return hex.EncodeToString(hasher.Sum(nil))
+}
--- a/pkg/util/file/file_test.go
+++ b/pkg/util/file/file_test.go
@ -0,0 +1,53 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package file
+
+import (
+	"os"
+	"testing"
+)
+
+func TestSHA1(t *testing.T) {
+	tests := []struct {
+		content []byte
+		sha     string
+	}{
+		{[]byte(""), "da39a3ee5e6b4b0d3255bfef95601890afd80709"},
+		{[]byte("hello world"), "2aae6c35c94fcfb415dbe95f408b9ce91ee846ed"},
+	}
+
+	for _, test := range tests {
+		f, err := os.CreateTemp("", "sha-test")
+		if err != nil {
+			t.Fatal(err)
+		}
+		f.Write(test.content)
+		f.Sync()
+
+		sha := SHA1(f.Name())
+		f.Close()
+
+		if sha != test.sha {
+			t.Fatalf("expected %v but returned %s", test.sha, sha)
+		}
+	}
+
+	sha := SHA1("")
+	if sha != "" {
+		t.Fatalf("expected an empty sha but returned %s", sha)
+	}
+}
--- a/pkg/util/file/filesystem.go
+++ b/pkg/util/file/filesystem.go
@ -0,0 +1,20 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package file
+
+// ReadWriteByUser defines linux permission to read and write files for the owner user
+const ReadWriteByUser = 0700
--- a/pkg/util/file/structure.go
+++ b/pkg/util/file/structure.go
@ -0,0 +1,63 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package file
+
+import (
+	"fmt"
+	"os"
+)
+
+const (
+	// AuthDirectory default directory used to store files
+	// to authenticate request
+	AuthDirectory = "/etc/ingress-controller/auth"
+
+	// DefaultSSLDirectory defines the location where the SSL certificates will be generated
+	// This directory contains all the SSL certificates that are specified in Ingress rules.
+	// The name of each file is <namespace>-<secret name>.pem. The content is the concatenated
+	// certificate and key.
+	DefaultSSLDirectory = "/etc/ingress-controller/ssl"
+)
+
+var (
+	directories = []string{
+		DefaultSSLDirectory,
+		AuthDirectory,
+	}
+)
+
+// CreateRequiredDirectories verifies if the required directories to
+// start the ingress controller exist and creates the missing ones.
+func CreateRequiredDirectories() error {
+	for _, directory := range directories {
+		_, err := os.Stat(directory)
+		if err != nil {
+			if os.IsNotExist(err) {
+				err = os.MkdirAll(directory, ReadWriteByUser)
+				if err != nil {
+					return fmt.Errorf("creating directory %s: %w", directory, err)
+				}
+
+				continue
+			}
+
+			return fmt.Errorf("checking directory %s: %w", directory, err)
+		}
+	}
+
+	return nil
+}