From cef82cdd60ddbda18ce3e1cc3530a89806a422c8 Mon Sep 17 00:00:00 2001 From: Jeongwoo Kim - jekim Date: Thu, 27 Jul 2023 11:33:59 +0900 Subject: [PATCH] feat: metrics watch the correct role cert --- pkg/identity/metricsd.go | 11 +++++- pkg/util/splitter_test.go | 83 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 92 insertions(+), 2 deletions(-) create mode 100644 pkg/util/splitter_test.go diff --git a/pkg/identity/metricsd.go b/pkg/identity/metricsd.go index 60ddc3c2..d75d7fd2 100644 --- a/pkg/identity/metricsd.go +++ b/pkg/identity/metricsd.go @@ -25,6 +25,7 @@ import ( // using git submodule to import internal package (special package in golang) // https://github.com/golang/go/wiki/Modules#can-a-module-depend-on-an-internal-in-another internal "github.com/AthenZ/k8s-athenz-sia/v3/pkg/metrics" + extutil "github.com/AthenZ/k8s-athenz-sia/v3/pkg/util" ) func Metricsd(idConfig *config.IdentityConfig, stopChan <-chan struct{}) (error, <-chan struct{}) { @@ -72,8 +73,14 @@ func Metricsd(idConfig *config.IdentityConfig, stopChan <-chan struct{}) (error, if idConfig.TargetDomainRoles != "" && idConfig.RoleCertDir != "" { for _, domainrole := range strings.Split(idConfig.TargetDomainRoles, ",") { - // TODO: Must split with delimiter. - exporter.Files = append(exporter.Files, strings.TrimSuffix(idConfig.RoleCertDir, "/")+"/"+domainrole+".cert.pem") + targetDomain, targetRole, err := extutil.DomainRoleSplitter(domainrole, ":role.") + if err != nil { + continue + } + // if RoleCertFilenameDelimiter = "_" then, + // fileName = your-domain_your-role.cert.pem" + fileName := targetDomain + idConfig.RoleCertFilenameDelimiter + targetRole + ".cert.pem" + exporter.Files = append(exporter.Files, strings.TrimSuffix(idConfig.RoleCertDir, "/")+"/"+fileName) } } diff --git a/pkg/util/splitter_test.go b/pkg/util/splitter_test.go new file mode 100644 index 00000000..88531b87 --- /dev/null +++ b/pkg/util/splitter_test.go @@ -0,0 +1,83 @@ +// +// Copyright The Athenz Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package util + +import "testing" + +func TestDomainRoleSplitter(test *testing.T) { + // referred to TestSplitRoleName() + // https://github.com/AthenZ/athenz/blob/73b25572656f289cce501b4c2fe78f86656082e7/libs/go/sia/util/util_test.go#L30-L69 + delimiter := ":role." + domain, role, err := DomainRoleSplitter("role", delimiter) + if err == nil { + test.Errorf("Invalid role was parsed successfully") + return + } + + if domain != "" || role != "" { + test.Errorf("Should return empty domain and role") + return + } + + domain, role, err = DomainRoleSplitter("role:role2:role3", delimiter) + if err == nil { + test.Errorf("Invalid role was parsed successfully") + return + } + + if domain != "" || role != "" { + test.Errorf("Should return empty domain and role") + return + } + + domain, role, err = DomainRoleSplitter("role:test", delimiter) + if err == nil { + test.Errorf("Invalid role was parsed successfully") + return + } + + if domain != "" || role != "" { + test.Errorf("Should return empty domain and role") + return + } + + domain, role, err = DomainRoleSplitter("role:role.", delimiter) + if err == nil { + test.Errorf("Invalid role was parsed successfully") + return + } + + if domain != "" || role != "" { + test.Errorf("Should return empty domain and role") + return + } + + domain, role, err = DomainRoleSplitter("domain:role.test.role", delimiter) + if err != nil { + test.Errorf("Unable to parse valid role name successfully") + return + } + if domain != "domain" { + test.Errorf("Domain field is not expected domain value") + return + } + if role != "test.role" { + test.Errorf("Role field is not expected test.role value") + return + } +} +