Struct CustomResourceDefinitionMaintainer

pub struct CustomResourceDefinitionMaintainer<'a> { /* private fields */ }

Maintains various custom resource definitions.

When running this, the following operations are done:

• Apply the CRDs when starting up
• Reconcile the CRDs when the conversion webhook certificate is rotated

Implementations

impl<'a> CustomResourceDefinitionMaintainer<'a>

pub fn new( client: Client, certificate_rx: Receiver<Certificate>, definitions: impl IntoIterator<Item = CustomResourceDefinition>, options: CustomResourceDefinitionMaintainerOptions<'a>, ) -> (Self, Receiver<()>)

Creates and returns a new CustomResourceDefinitionMaintainer which manages one or more custom resource definitions.

Parameters

This function expects four parameters:

• client: A [Client] to interact with the Kubernetes API server. It continuously patches the CRDs when the TLS certificate is rotated.
• certificate_rx: A [mpsc::Receiver] to receive newly generated TLS certificates. The certificate data sent through the channel is used to set the caBundle in the conversion section of the CRD.
• definitions: An iterator of [CustomResourceDefinition]s which should be maintained by this maintainer. If the iterator is empty, the maintainer returns early without doing any work. As such, a polling mechanism which waits for all futures should be used to prevent premature termination of the operator.
• options: Provides CustomResourceDefinitionMaintainerOptions to customize various parts of the maintainer. In the future, this will be converted to a builder, to enable a cleaner API interface.

Return Values

This function returns a 2-tuple (pair) of values:

• The CustomResourceDefinitionMaintainer itself. This is used to run the maintainer. See CustomResourceDefinitionMaintainer::run for more details.
• The [oneshot::Receiver] which will be used to send out a message once the initial CRD reconciliation ran. This signal can be used to trigger the deployment of custom resources defined by the maintained CRDs.

Example

use stackable_webhook::maintainer::{
    CustomResourceDefinitionMaintainerOptions,
    CustomResourceDefinitionMaintainer,
};

let options = CustomResourceDefinitionMaintainerOptions {
    operator_service_name: "my-service-name",
    operator_namespace: "my-namespace",
    field_manager: "my-field-manager",
    webhook_https_port: 8443,
    disabled: true,
};

let client = Client::try_default().await.unwrap();

let definitions = vec![
    S3Connection::merged_crd(S3ConnectionVersion::V1Alpha1).unwrap(),
    S3Bucket::merged_crd(S3BucketVersion::V1Alpha1).unwrap(),
];

let (maintainer, initial_reconcile_rx) = CustomResourceDefinitionMaintainer::new(
    client,
    certificate_rx,
    definitions,
    options,
);

pub async fn run(self) -> Result<(), Error>

Runs the CustomResourceDefinitionMaintainer asynchronously.

This needs to be polled in parallel with other parts of an operator, like controllers or webhook servers. If it is disabled, the returned future immediately resolves to std::task::Poll::Ready and thus doesn’t consume any resources.