commit

5f8fb56d · qiuqunfeng · 61c9949f · 5f8fb56d · 5f8fb56d · 5f8fb56d
Commit 5f8fb56d authored Feb 08, 2025 by qiuqunfeng
6 changed files
--- a/api/router.go
+++ b/api/router.go
@@ -8,11 +8,10 @@ import (
 	"gitlab.com/security-rd/go-pkg/logging"
 	"gitlab.com/tensorsecurity-rd/waf-console/internal/config"
 	"gitlab.com/tensorsecurity-rd/waf-console/internal/utils"
-	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
 	"gorm.io/gorm"
 )

-func SetRouters(db *gorm.DB, client *versioned.Clientset) *gin.Engine {
+func SetRouters(db *gorm.DB, clusterClientManager *utils.ClusterClientManager) *gin.Engine {
 	var engine *gin.Engine

 	if !config.Conf.Debug {

--- a/api/waf.go
+++ b/api/waf.go
@@ -3,14 +3,14 @@ package api
 import (
 	"github.com/gin-gonic/gin"
 	"gitlab.com/tensorsecurity-rd/waf-console/internal/controller"
-	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
+	"gitlab.com/tensorsecurity-rd/waf-console/internal/utils"
 	"gorm.io/gorm"
 )

-func SetWafRouter(e *gin.Engine, client *versioned.Clientset, db *gorm.DB) {
+func SetWafRouter(e *gin.Engine, clusterClientManager *utils.ClusterClientManager, db *gorm.DB) {
 	v1 := e.Group("v1/api")

-	wafController := controller.NewWafController(client, db)
+	wafController := controller.NewWafController(clusterClientManager, db)
 	v1.GET("waf/:region_code/:namespace/:gateway_name", wafController.Waf)
 	v1.POST("waf", wafController.CreateWaf)
 	v1.PUT("mode", wafController.UpdateMode)

--- a/cmd/app/cmd.go
+++ b/cmd/app/cmd.go
@@ -8,6 +8,7 @@ import (
 	"github.com/spf13/cobra"
 	"gitlab.com/security-rd/go-pkg/logging"
 	"gitlab.com/tensorsecurity-rd/waf-console/api"
+	"gitlab.com/tensorsecurity-rd/waf-console/internal/utils"
 	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
 	"gorm.io/driver/mysql"
 	"gorm.io/gorm"
@@ -40,30 +41,34 @@ func NewRootCommand() *cobra.Command {
 				panic("dbConfig is nil")
 			}

-			caData, err := base64.StdEncoding.DecodeString(config.RegionConfigs[0].CAData)
-			if err != nil {
-				panic(err)
-			}
-			clientCertData, err := base64.StdEncoding.DecodeString(config.RegionConfigs[0].ClientCertData)
-			if err != nil {
-				panic(err)
-			}
-			clientKeyData, err := base64.StdEncoding.DecodeString(config.RegionConfigs[0].ClientKeyData)
-			if err != nil {
-				panic(err)
+			clusterClientManager := utils.NewClusterClientManager()
+			for _, regionConfig := range config.RegionConfigs {
+				caData, err := base64.StdEncoding.DecodeString(regionConfig.CAData)
+				if err != nil {
+					panic(err)
+				}
+				clientCertData, err := base64.StdEncoding.DecodeString(regionConfig.ClientCertData)
+				if err != nil {
+					panic(err)
+				}
+				clientKeyData, err := base64.StdEncoding.DecodeString(regionConfig.ClientKeyData)
+				if err != nil {
+					panic(err)
+				}
+				client := versioned.NewForConfigOrDie(&rest.Config{
+					Host: regionConfig.ApiServer,
+					TLSClientConfig: rest.TLSClientConfig{
+						Insecure: false,
+						CAData:   caData,
+						CertData: clientCertData,
+						KeyData:  clientKeyData,
+					},
+					// BearerToken: "1234567890",
+				})
+				clusterClientManager.AddClient(regionConfig.RegionCode, client)
 			}
-			client := versioned.NewForConfigOrDie(&rest.Config{
-				Host: config.RegionConfigs[0].ApiServer,
-				TLSClientConfig: rest.TLSClientConfig{
-					Insecure: false,
-					CAData:   caData,
-					CertData: clientCertData,
-					KeyData:  clientKeyData,
-				},
-				// BearerToken: "1234567890",
-			})

-			e := api.SetRouters(db, client)
+			e := api.SetRouters(db, clusterClientManager)
 			return e.Run(":8080")
 		},
 	}

--- a/internal/controller/waf.go
+++ b/internal/controller/waf.go
@@ -7,7 +7,6 @@ import (
 	"github.com/gin-gonic/gin"
 	"gitlab.com/tensorsecurity-rd/waf-console/internal/service"
 	"gitlab.com/tensorsecurity-rd/waf-console/internal/utils"
-	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
 	"gorm.io/gorm"
 )

@@ -15,9 +14,9 @@ type WafController struct {
 	service service.Service
 }

-func NewWafController(client *versioned.Clientset, db *gorm.DB) *WafController {
+func NewWafController(clusterClientManager *utils.ClusterClientManager, db *gorm.DB) *WafController {
 	return &WafController{
-		service: service.NewWafService(client, db),
+		service: service.NewWafService(clusterClientManager, db),
 	}
 }


--- a/internal/service/waf.go
+++ b/internal/service/waf.go
@@ -7,20 +7,20 @@ import (
 	"slices"

 	"gitlab.com/tensorsecurity-rd/waf-console/internal/model"
+	"gitlab.com/tensorsecurity-rd/waf-console/internal/utils"
 	"gitlab.com/tensorsecurity-rd/waf-console/pkg/apis/waf.security.io/v1alpha1"
-	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
 	"gopkg.in/yaml.v3"
 	"gorm.io/gorm"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )

 type wafService struct {
-	client *versioned.Clientset
-	db     *gorm.DB
+	clusterClientManager *utils.ClusterClientManager
+	db                   *gorm.DB
 }

-func NewWafService(client *versioned.Clientset, db *gorm.DB) Service {
-	return &wafService{client: client, db: db}
+func NewWafService(clusterClientManager *utils.ClusterClientManager, db *gorm.DB) Service {
+	return &wafService{clusterClientManager: clusterClientManager, db: db}
 }

 func (s *wafService) GetWaf(ctx context.Context, regionCode, namespace, gatewayName string) (*WafService, error) {
@@ -135,7 +135,11 @@ func (s *wafService) CreateWaf(ctx context.Context, req *CreateWafReq) (*WafServ
 	}

 	// Create the WAF service in Kubernetes
-	if _, err := s.client.WafV1alpha1().Services(req.Namespace).Create(ctx, service, metav1.CreateOptions{}); err != nil {
+	client := s.clusterClientManager.GetClient(req.RegionCode)
+	if client == nil {
+		return nil, fmt.Errorf("failed to get cluster client: %v", err)
+	}
+	if _, err := client.WafV1alpha1().Services(req.Namespace).Create(ctx, service, metav1.CreateOptions{}); err != nil {
 		return nil, fmt.Errorf("failed to create WAF service: %v", err)
 	}


--- a/internal/utils/cluster.go
+++ b/internal/utils/cluster.go
+package utils
+
+import (
+	"sync"
+
+	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
+)
+
+type ClusterClientManager struct {
+	clients map[string]*versioned.Clientset
+}
+
+func NewClusterClientManager() *ClusterClientManager {
+	return &ClusterClientManager{
+		clients: make(map[string]*versioned.Clientset),
+	}
+}
+
+func (c *ClusterClientManager) GetClient(regionCode string) *versioned.Clientset {
+	return c.clients[regionCode]
+}
+
+func (c *ClusterClientManager) AddClient(regionCode string, client *versioned.Clientset) {
+	c.clients[regionCode] = client
+}
+
+func (c *ClusterClientManager) RemoveClient(regionCode string) {
+	delete(c.clients, regionCode)
+}
+
+func (c *ClusterClientManager) GetAllClients() map[string]*versioned.Clientset {
+	return c.clients
+}
+
+func (c *ClusterClientManager) GetClientByRegionCode(regionCode string) *versioned.Clientset {
+	return c.clients[regionCode]
+}
+
+func (c *ClusterClientManager) ForEach(fn func(regionCode string, client *versioned.Clientset)) {
+	wg := sync.WaitGroup{}
+	for regionCode, client := range c.clients {
+		wg.Add(1)
+		go func(regionCode string, client *versioned.Clientset) {
+			defer wg.Done()
+			fn(regionCode, client)
+		}(regionCode, client)
+	}
+	wg.Wait()
+}