mirror of
https://github.com/tailscale/tailscale.git
synced 2025-07-29 23:33:45 +00:00
711698f5a9
Previously, the operator checked the ProxyGroup status fields for information on how many of the proxies had successfully authed. Use their state Secrets instead as a more reliable source of truth. containerboot has written device_fqdn and device_ips keys to the state Secret since inception, and pod_uid since 1.78.0, so there's no need to use the API for that data. Read it from the state Secret for consistency. However, to ensure we don't read data from a previous run of containerboot, make sure we reset containerboot's state keys on startup. One other knock-on effect of that is ProxyGroups can briefly be marked not Ready while a Pod is restarting. Introduce a new ProxyGroupAvailable condition to more accurately reflect when downstream controllers can implement flows that rely on a ProxyGroup having at least 1 proxy Pod running. Fixes #16327 Change-Id: I026c18e9d23e87109a471a87b8e4fb6271716a66 Signed-off-by: Tom Proctor <tomhjp@users.noreply.github.com>
56 lines
2.2 KiB
Go
56 lines
2.2 KiB
Go
// Copyright (c) Tailscale Inc & AUTHORS
|
|
// SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
package kubeclient
|
|
|
|
import (
|
|
"context"
|
|
"net"
|
|
|
|
"tailscale.com/kube/kubeapi"
|
|
)
|
|
|
|
var _ Client = &FakeClient{}
|
|
|
|
type FakeClient struct {
|
|
GetSecretImpl func(context.Context, string) (*kubeapi.Secret, error)
|
|
CheckSecretPermissionsImpl func(ctx context.Context, name string) (bool, bool, error)
|
|
CreateSecretImpl func(context.Context, *kubeapi.Secret) error
|
|
UpdateSecretImpl func(context.Context, *kubeapi.Secret) error
|
|
JSONPatchResourceImpl func(context.Context, string, string, []JSONPatch) error
|
|
ListSecretsImpl func(context.Context, map[string]string) (*kubeapi.SecretList, error)
|
|
StrategicMergePatchSecretImpl func(context.Context, string, *kubeapi.Secret, string) error
|
|
}
|
|
|
|
func (fc *FakeClient) CheckSecretPermissions(ctx context.Context, name string) (bool, bool, error) {
|
|
return fc.CheckSecretPermissionsImpl(ctx, name)
|
|
}
|
|
func (fc *FakeClient) GetSecret(ctx context.Context, name string) (*kubeapi.Secret, error) {
|
|
return fc.GetSecretImpl(ctx, name)
|
|
}
|
|
func (fc *FakeClient) SetURL(_ string) {}
|
|
func (fc *FakeClient) SetDialer(dialer func(ctx context.Context, network, addr string) (net.Conn, error)) {
|
|
}
|
|
func (fc *FakeClient) StrategicMergePatchSecret(ctx context.Context, name string, s *kubeapi.Secret, fieldManager string) error {
|
|
return fc.StrategicMergePatchSecretImpl(ctx, name, s, fieldManager)
|
|
}
|
|
func (fc *FakeClient) Event(context.Context, string, string, string) error {
|
|
return nil
|
|
}
|
|
|
|
func (fc *FakeClient) JSONPatchResource(ctx context.Context, resource, name string, patches []JSONPatch) error {
|
|
return fc.JSONPatchResourceImpl(ctx, resource, name, patches)
|
|
}
|
|
func (fc *FakeClient) UpdateSecret(ctx context.Context, secret *kubeapi.Secret) error {
|
|
return fc.UpdateSecretImpl(ctx, secret)
|
|
}
|
|
func (fc *FakeClient) CreateSecret(ctx context.Context, secret *kubeapi.Secret) error {
|
|
return fc.CreateSecretImpl(ctx, secret)
|
|
}
|
|
func (fc *FakeClient) ListSecrets(ctx context.Context, selector map[string]string) (*kubeapi.SecretList, error) {
|
|
if fc.ListSecretsImpl != nil {
|
|
return fc.ListSecretsImpl(ctx, selector)
|
|
}
|
|
return nil, nil
|
|
}
|