-
-
Notifications
You must be signed in to change notification settings - Fork 325
/
Copy pathcert_check.rs
88 lines (74 loc) · 2.41 KB
/
cert_check.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
use std::borrow::Cow;
use k8s_openapi::{
api::core::v1::{ConfigMap, Namespace as Ns},
NamespaceResourceScope,
};
use kube::{
api::ObjectMeta,
client::scope::{Cluster, Namespace},
Client, Resource,
};
use serde::{Deserialize, Serialize};
use tracing::*;
// Our own way of representing data - partially typed in 2 ways
// For a ConfigMap variant that only accepts CA certificates
#[derive(Serialize, Deserialize, Debug, Clone)]
struct CaConfigMapData {
#[serde(rename = "ca.crt")]
ca_crt: String,
}
// Method 1 :: inherit resource implementation from k8s_openapi's ConfigMap
#[derive(Resource, Serialize, Deserialize, Debug, Clone)]
#[resource(inherit = ConfigMap)]
struct CaConfigMap {
metadata: ObjectMeta,
data: CaConfigMapData,
}
// Method 2 :: manual Resource implementation
#[derive(Serialize, Deserialize, Debug, Clone)]
struct CaConfigMapManual {
metadata: ObjectMeta,
data: CaConfigMapData,
}
// Method 2 :: manual Resource implementation
impl Resource for CaConfigMapManual {
type DynamicType = ();
type Scope = NamespaceResourceScope;
fn kind(&(): &Self::DynamicType) -> Cow<'_, str> {
Cow::Borrowed("ConfigMap")
}
fn group(&(): &Self::DynamicType) -> Cow<'_, str> {
Cow::Borrowed("")
}
fn version(&(): &Self::DynamicType) -> Cow<'_, str> {
Cow::Borrowed("v1")
}
fn plural(&(): &Self::DynamicType) -> Cow<'_, str> {
Cow::Borrowed("configmaps")
}
fn meta(&self) -> &ObjectMeta {
&self.metadata
}
fn meta_mut(&mut self) -> &mut ObjectMeta {
&mut self.metadata
}
}
#[tokio::main]
async fn main() -> anyhow::Result<()> {
tracing_subscriber::fmt::init();
let client = Client::try_default().await?;
let namespaces = client.list::<Ns>(&Default::default(), &Cluster).await?;
let kube_root = "kube-root-ca.crt";
for ns in namespaces {
let ns = Namespace::try_from(&ns)?;
// Equivalent ways to GET using different structs and different Resource impls, with added field validation on top.
let ca1: ConfigMap = client.get(kube_root, &ns).await?;
let ca2: CaConfigMapManual = client.get(kube_root, &ns).await?;
let ca3: CaConfigMap = client.get(kube_root, &ns).await?;
info!("Found {kube_root} in {ns:?} with all 3 methods");
debug!("ca1: {ca1:?}");
debug!("ca2: {ca2:?}");
debug!("ca3: {ca3:?}");
}
Ok(())
}