in pkg/service/gerrit/gerrit.go [298:424]
func (s ComponentService) ExposeConfiguration(ctx context.Context, instance *gerritApi.Gerrit) (*gerritApi.Gerrit, error) {
vLog := log.WithValues("gerrit", instance.Name)
vLog.Info("start exposing configuration")
err := s.initRestClient(instance)
if err != nil {
return instance, errors.Wrapf(err, "Failed to init Gerrit REST client")
}
err = s.initSSHClient(instance)
if err != nil {
return instance, errors.Wrapf(err, "Failed to init Gerrit SSH client")
}
ciUserSecretName := formatSecretName(instance.Name, spec.GerritDefaultCiUserSecretPostfix)
ciUserSshSecretName := fmt.Sprintf("%s-ciuser%s", instance.Name, spec.SshKeyPostfix)
if err = s.PlatformService.CreateSecret(
instance,
ciUserSecretName,
map[string][]byte{
user: []byte(spec.GerritDefaultCiUserUser),
password: []byte(uniuri.New()),
},
map[string]string{},
); err != nil {
return instance, errors.Wrapf(err, "Failed to create ci user Secret %v for Gerrit", ciUserSecretName)
}
ciUserAnnotationKey := helpers.GenerateAnnotationKey(spec.EdpCiUserSuffix)
s.setAnnotation(instance, ciUserAnnotationKey, ciUserSecretName)
ciUserCredentials, err := s.PlatformService.GetSecretData(instance.Namespace, ciUserSecretName)
if err != nil {
return nil, errors.Wrapf(err, "Failed to get Secret %s for %s/%s", ciUserSecretName,
instance.Namespace, instance.Name)
}
privateKey, publicKey, err := helpers.GenerateKeyPairs()
if err != nil {
return instance, errors.Wrapf(err, "Unable to generate SSH key pairs for Gerrit")
}
err = s.PlatformService.CreateSecret(
instance,
ciUserSshSecretName,
map[string][]byte{
"username": []byte(spec.GerritDefaultCiUserUser),
rsaID: privateKey,
rsaIDFile: publicKey,
},
map[string]string{
"app.edp.epam.com/secret-type": "repository",
},
)
if err != nil {
return instance, errors.Wrapf(err, "Failed to create Secret with SSH key pairs for Gerrit")
}
ciUserSshKeyAnnotationKey := helpers.GenerateAnnotationKey(spec.EdpCiUSerSshKeySuffix)
s.setAnnotation(instance, ciUserSshKeyAnnotationKey, ciUserSshSecretName)
err = s.gerritClient.CreateUser(spec.GerritDefaultCiUserUser, string(ciUserCredentials[password]),
"EDP CI bot", string(publicKey))
if err != nil {
return instance, errors.Wrapf(err, "Failed to create ci user %v in Gerrit", spec.GerritDefaultCiUserUser)
}
userGroups := map[string][]string{
spec.GerritDefaultCiUserUser: {spec.GerritProjectBootstrappersGroupName, spec.GerritAdministratorsGroup},
}
for _, userValue := range reflect.ValueOf(userGroups).MapKeys() {
userStrValue := userValue.String()
err = s.gerritClient.AddUserToGroups(userStrValue, userGroups[userStrValue])
if err != nil {
return instance, errors.Wrapf(err, "Failed to add user %v to groups %v", userStrValue, userGroups[userStrValue])
}
}
err = s.exposeArgoCDConfiguration(ctx, instance)
if err != nil {
return nil, err
}
err = s.client.Update(ctx, instance)
if err != nil {
return nil, errors.Wrap(err, "couldn't update project")
}
if instance.Spec.KeycloakSpec.Enabled {
var secret uuid.UUID
secret, err = uuid.NewUUID()
if err != nil {
return instance, errors.Wrap(err, "Failed to generate secret for Gerrit in Keycloak")
}
identityServiceClientCredentials := map[string][]byte{
"client_id": []byte(instance.Name),
"clientSecret": []byte(secret.String()),
}
identityServiceSecretName := formatSecretName(instance.Name, spec.IdentityServiceCredentialsSecretPostfix)
err = s.PlatformService.CreateSecret(
instance,
identityServiceSecretName,
identityServiceClientCredentials,
map[string]string{},
)
if err != nil {
return instance, errors.Wrapf(err, fmt.Sprintf("Failed to create secret %v", identityServiceSecretName))
}
annotationKey := helpers.GenerateAnnotationKey(spec.IdentityServiceCredentialsSecretPostfix)
s.setAnnotation(instance, annotationKey, formatSecretName(instance.Name, spec.IdentityServiceCredentialsSecretPostfix))
err = s.client.Update(ctx, instance)
if err != nil {
return nil, errors.Wrap(err, "couldn't update annotations")
}
}
return instance, nil
}