akillibulut
/
porter
зеркало из https://github.com/porter-dev/porter


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188
							package cluster

import (
	"context"
	"fmt"
	"net/http"

	"github.com/porter-dev/porter/api/server/authz"
	"github.com/porter-dev/porter/api/server/handlers"
	"github.com/porter-dev/porter/api/server/shared"
	"github.com/porter-dev/porter/api/server/shared/apierrors"
	"github.com/porter-dev/porter/api/server/shared/config"
	"github.com/porter-dev/porter/api/types"
	"github.com/porter-dev/porter/internal/auth/token"
	"github.com/porter-dev/porter/internal/helm"
	"github.com/porter-dev/porter/internal/helm/loader"
	"github.com/porter-dev/porter/internal/kubernetes"
	"github.com/porter-dev/porter/internal/kubernetes/nodes"
	"github.com/porter-dev/porter/internal/models"
	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

const (
	monitoringNodeLabel = "porter.run/workload-kind=monitoring"
	olderAgentLabel     = "control-plane=controller-manager"
)

type InstallAgentHandler struct {
	handlers.PorterHandlerReadWriter
	authz.KubernetesAgentGetter
}

func NewInstallAgentHandler(
	config *config.Config,
	decoderValidator shared.RequestDecoderValidator,
	writer shared.ResultWriter,
) *InstallAgentHandler {
	return &InstallAgentHandler{
		PorterHandlerReadWriter: handlers.NewDefaultPorterHandler(config, decoderValidator, writer),
		KubernetesAgentGetter:   authz.NewOutOfClusterAgentGetter(config),
	}
}

func (c *InstallAgentHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	proj, _ := r.Context().Value(types.ProjectScope).(*models.Project)
	user, _ := r.Context().Value(types.UserScope).(*models.User)
	cluster, _ := r.Context().Value(types.ClusterScope).(*models.Cluster)

	k8sAgent, err := c.GetAgent(r, cluster, "porter-agent-system")
	if err != nil {
		c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
		return
	}

	helmAgent, err := c.GetHelmAgent(r.Context(), r, cluster, "porter-agent-system")
	if err != nil {
		c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
		return
	}

	err = checkAndDeleteOlderAgent(k8sAgent, helmAgent)

	if err != nil {
		c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
		return
	}

	chart, err := loader.LoadChartPublic(context.Background(), c.Config().ServerConf.DefaultAddonHelmRepoURL, "porter-agent", "")
	if err != nil {
		c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
		return
	}

	// create namespace if not exists
	_, err = helmAgent.K8sAgent.CreateNamespace("porter-agent-system", nil)

	if err != nil {
		c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
		return
	}

	// add api token to values
	jwt, err := token.GetTokenForAPI(user.ID, proj.ID)
	if err != nil {
		c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
		return
	}

	encoded, err := jwt.EncodeToken(c.Config().TokenConf)
	if err != nil {
		c.HandleAPIError(w, r, apierrors.NewErrInternal(err))
		return
	}

	nodes, err := nodes.ListNodesByLabels(k8sAgent.Clientset, "porter.run/workload-kind=monitoring")
	hasMonitoringNodes := err == nil && len(nodes) >= 1

	porterAgentValues := map[string]interface{}{
		"agent": map[string]interface{}{
			"porterHost":  c.Config().ServerConf.ServerURL,
			"porterPort":  "443",
			"porterToken": encoded,
			"clusterID":   fmt.Sprintf("%d", cluster.ID),
			"projectID":   fmt.Sprintf("%d", proj.ID),
		},
		"loki": map[string]interface{}{},
	}

	// case on whether a node with porter.run/workload-kind=monitoring exists. If it does, we place loki in that node group.
	if hasMonitoringNodes {
		sharedNS := map[string]interface{}{
			"porter.run/workload-kind": "monitoring",
		}

		sharedTolerations := []map[string]interface{}{
			{
				"key":      "porter.run/workload-kind",
				"operator": "Equal",
				"value":    "monitoring",
				"effect":   "NoSchedule",
			},
		}

		porterAgentValues["loki"] = map[string]interface{}{
			"nodeSelector": sharedNS,
			"tolerations":  sharedTolerations,
		}

		porterAgentValues["nodeSelector"] = sharedNS
		porterAgentValues["tolerations"] = sharedTolerations
	}

	conf := &helm.InstallChartConfig{
		Chart:     chart,
		Name:      "porter-agent",
		Namespace: "porter-agent-system",
		Cluster:   cluster,
		Repo:      c.Repo(),
		Values:    porterAgentValues,
	}

	_, err = helmAgent.InstallChart(context.Background(), conf, c.Config().DOConf, c.Config().ServerConf.DisablePullSecretsInjection)

	if err != nil {
		c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(
			fmt.Errorf("error installing porter-agent: %w", err), http.StatusBadRequest,
		))

		return
	}

	w.WriteHeader(http.StatusOK)
}

func checkAndDeleteOlderAgent(k8sAgent *kubernetes.Agent, helmAgent *helm.Agent) error {
	namespaceList, err := k8sAgent.Clientset.CoreV1().Namespaces().List(context.Background(), v1.ListOptions{})
	if err != nil {
		return fmt.Errorf("error listing namespaces: %w", err)
	}

	nsExists := false

	for _, namespace := range namespaceList.Items {
		if namespace.Name == "porter-agent-system" {
			nsExists = true
			break
		}
	}

	if !nsExists {
		return nil
	}

	// detect if the `porter-agent` release is installed
	helmRelease, err := helmAgent.GetRelease(context.Background(), "porter-agent", 0, false)

	if err != nil || helmRelease == nil {
		return nil
	}

	_, err = helmAgent.UninstallChart(context.Background(), "porter-agent")

	if err != nil {
		return err
	}

	return nil
}