-
Notifications
You must be signed in to change notification settings - Fork 5
/
containerworkloadprofiles.go
142 lines (124 loc) · 4.7 KB
/
containerworkloadprofiles.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
package illumioapi
import (
"errors"
)
// ContainerWorkloadProfile is a Kubernetes namespace
type ContainerWorkloadProfile struct {
Href string `json:"href,omitempty"`
Name *string `json:"name"` // API expects null for name to remove it. Always sent.
Namespace string `json:"namespace,omitempty"`
Description *string `json:"description,omitempty"`
Labels *[]Label `json:"labels,omitempty"`
EnforcementMode *string `json:"enforcement_mode,omitempty"`
VisibilityLevel *string `json:"visibility_level,omitempty"`
Managed *bool `json:"managed,omitempty"`
Linked *bool `json:"linked,omitempty"`
ClusterName string `json:"-"`
CreatedAt string `json:"created_at,omitempty"`
CreatedBy *Href `json:"created_by,omitempty"`
UpdatedAt string `json:"updated_at,omitempty"`
UpdatedBy *Href `json:"updated_by,omitempty"`
}
// GetContainerWkldProfiles returns a slice of container workload profiles from the PCE.
// queryParameters can be used for filtering in the form of ["parameter"]="value".
// The first API call to the PCE does not use the async option.
// If the slice length is >=500, it re-runs with async.
func (p *PCE) GetContainerWkldProfiles(queryParameters map[string]string, containerClusterID string) (api APIResponse, err error) {
p.ContainerWorkloadProfilesSlice = nil
api, err = p.GetCollection("container_clusters/"+containerClusterID+"/container_workload_profiles", false, queryParameters, &p.ContainerWorkloadProfilesSlice)
if len(p.ContainerWorkloadProfilesSlice) >= 500 {
p.ContainerWorkloadProfilesSlice = nil
api, err = p.GetCollection("container_clusters/"+containerClusterID+"/container_workload_profiles", true, queryParameters, &p.ContainerWorkloadProfilesSlice)
}
p.ContainerWorkloadProfiles = make(map[string]ContainerWorkloadProfile)
for _, c := range p.ContainerWorkloadProfilesSlice {
p.ContainerWorkloadProfiles[c.Href] = c
if PtrToVal(c.Name) != "" {
p.ContainerWorkloadProfiles[*c.Name] = c
}
}
return api, err
}
// UpdateContainerWkldProfiles updates an existing container workload profile in the Illumio PCE
// The provided container workload profile struct must include an href.
// Properties that cannot be included in the PUT method will be ignored.
func (p *PCE) UpdateContainerWkldProfiles(cp ContainerWorkloadProfile) (APIResponse, error) {
cp.SanitizeContainerWorkloadProfilePut()
api, err := p.Put(&cp)
return api, err
}
// SanitizeContainerWorkloadProfilePut removes fields not acceptable to the put method.
func (c *ContainerWorkloadProfile) SanitizeContainerWorkloadProfilePut() {
c.CreatedAt = ""
c.CreatedBy = nil
c.Linked = nil
c.UpdatedAt = ""
c.UpdatedBy = nil
c.Namespace = ""
// Make sure labels are just hrefs
newLabels := []Label{}
for _, l := range *c.Labels {
var newLabel Label
if l.Assignment.Href != "" {
newLabel = Label{Assignment: &Assignment{Href: l.Assignment.Href}, Key: l.Key}
} else {
newRestrictions := []Restriction{}
for _, r := range PtrToVal(l.Restriction) {
newRestrictions = append(newRestrictions, Restriction{Href: r.Href})
}
newLabel = Label{Key: l.Key, Restriction: &newRestrictions}
}
newLabels = append(newLabels, newLabel)
}
c.Labels = &newLabels
}
// GetLabelByKey returns the value for a provided label key
func (c *ContainerWorkloadProfile) GetLabelByKey(key string) string {
for _, l := range PtrToVal(c.Labels) {
// Skip if it's not the key specified
if l.Key != key {
continue
}
if len(PtrToVal(l.Restriction)) > 0 {
return ""
}
return l.Assignment.Value
}
return ""
}
// SetLabelByKey sets the specified label
func (c *ContainerWorkloadProfile) SetLabel(label Label, pce *PCE) error {
// Confirm we have labels
if len(pce.LabelsSlice) == 0 {
return errors.New("pce is not loaded with labels")
}
// Create the new label array
newLabels := []Label{}
// Iterate through the existing labels
for _, existingLabel := range PtrToVal(c.Labels) {
// If the key isn't target, keep it
if existingLabel.Key != label.Key {
newLabels = append(newLabels, existingLabel)
}
}
// Add the new label
newLabels = append(newLabels, Label{Key: label.Key, Assignment: &Assignment{Href: label.Href, Value: label.Value}})
// Update the labels
c.Labels = &newLabels
return nil
}
// SetLabelByKey sets the specified label
func (c *ContainerWorkloadProfile) RemoveLabel(key string) error {
// Create the new label array
newLabels := []Label{}
// Iterate through the existing labels
for _, existingLabel := range *c.Labels {
// If the key isn't target, keep it
if existingLabel.Key != key {
newLabels = append(newLabels, existingLabel)
}
}
// Update the labels
c.Labels = &newLabels
return nil
}