7
"github.com/pkg/errors"
8
"github.com/sethvargo/go-retry"
10
"github.com/kumahq/kuma/pkg/core/resources/manager"
11
"github.com/kumahq/kuma/pkg/core/resources/store"
12
"github.com/kumahq/kuma/pkg/core/runtime/component"
13
"github.com/kumahq/kuma/pkg/core/user"
14
"github.com/kumahq/kuma/pkg/envoy/admin/tls"
15
kuma_log "github.com/kumahq/kuma/pkg/log"
18
type EnvoyAdminCaDefaultComponent struct {19
ResManager manager.ResourceManager
20
Extensions context.Context
23
var _ component.Component = &EnvoyAdminCaDefaultComponent{}25
func (e *EnvoyAdminCaDefaultComponent) Start(stop <-chan struct{}) error {26
ctx, cancelFn := context.WithCancel(user.Ctx(context.Background(), user.ControlPlane))
28
logger := kuma_log.AddFieldsFromCtx(log, ctx, e.Extensions)
29
errChan := make(chan error)
31
errChan <- retry.Do(ctx, retry.WithMaxDuration(10*time.Minute, retry.NewConstant(5*time.Second)), func(ctx context.Context) error {32
if err := EnsureEnvoyAdminCaExist(ctx, e.ResManager, e.Extensions); err != nil {33
logger.V(1).Info("could not ensure that Envoy Admin CA exists. Retrying.", "err", err)34
return retry.RetryableError(err)
42
case err := <-errChan:
47
func (e EnvoyAdminCaDefaultComponent) NeedLeaderElection() bool {51
func EnsureEnvoyAdminCaExist(
53
resManager manager.ResourceManager,
54
extensions context.Context,
56
logger := kuma_log.AddFieldsFromCtx(log, ctx, extensions)
57
_, err := tls.LoadCA(ctx, resManager)
59
logger.V(1).Info("Envoy Admin CA already exists. Skip creating Envoy Admin CA.")62
if !store.IsResourceNotFound(err) {63
return errors.Wrap(err, "error while loading envoy admin CA")
65
pair, err := tls.GenerateCA()
67
return errors.Wrap(err, "could not generate envoy admin CA")
69
if err := tls.CreateCA(ctx, *pair, resManager); err != nil {70
return errors.Wrap(err, "could not create envoy admin CA")
72
logger.Info("Envoy Admin CA created")