kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityGroups: recognize shared tag

This commit is contained in:
Justin Santa Barbara 2018-03-24 20:34:46 -04:00
parent d1fd74a30c
commit 32ec8d8253
2 changed files with 21 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
pkg/resources/aws/securitygroup.go
View File

@ -93,21 +93,22 @@ func DumpSecurityGroup(op *resources.DumpOperation, r *resources.Resource) error
} }
func ListSecurityGroups(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) { func ListSecurityGroups(cloud fi.Cloud, clusterName string) ([]*resources.Resource, error) {
groups, err := DescribeSecurityGroups(cloud) groups, err := DescribeSecurityGroups(cloud, clusterName)
if err != nil { if err != nil {
return nil, err return nil, err
} }
var resourceTrackers []*resources.Resource var resourceTrackers []*resources.Resource
for _, sg := range groups { for id, sg := range groups {
resourceTracker := &resources.Resource{ resourceTracker := &resources.Resource{
Name: FindName(sg.Tags), Name: FindName(sg.Tags),
ID: aws.StringValue(sg.GroupId), ID: id,
Type: "security-group", Type: ec2.ResourceTypeSecurityGroup,
Deleter: DeleteSecurityGroup, Deleter: DeleteSecurityGroup,
Dumper: DumpSecurityGroup, Dumper: DumpSecurityGroup,
Obj: sg, Obj: sg,
Shared: !HasOwnedTag(ec2.ResourceTypeSecurityGroup+":"+id, sg.Tags, clusterName),
} }
var blocks []string var blocks []string
@ -121,17 +122,24 @@ func ListSecurityGroups(cloud fi.Cloud, clusterName string) ([]*resources.Resour
return resourceTrackers, nil return resourceTrackers, nil
} }
func DescribeSecurityGroups(cloud fi.Cloud) ([]*ec2.SecurityGroup, error) { func DescribeSecurityGroups(cloud fi.Cloud, clusterName string) (map[string]*ec2.SecurityGroup, error) {
c := cloud.(awsup.AWSCloud) c := cloud.(awsup.AWSCloud)
groups := make(map[string]*ec2.SecurityGroup)
glog.V(2).Infof("Listing EC2 SecurityGroups") glog.V(2).Infof("Listing EC2 SecurityGroups")
request := &ec2.DescribeSecurityGroupsInput{ for _, filters := range buildEC2FiltersForCluster(clusterName) {
Filters: BuildEC2Filters(cloud), request := &ec2.DescribeSecurityGroupsInput{
} Filters: filters,
response, err := c.EC2().DescribeSecurityGroups(request) }
if err != nil { response, err := c.EC2().DescribeSecurityGroups(request)
return nil, fmt.Errorf("error listing SecurityGroups: %v", err) if err != nil {
return nil, fmt.Errorf("error listing VPCs: %v", err)
}
for _, group := range response.SecurityGroups {
groups[aws.StringValue(group.GroupId)] = group
}
} }
return response.SecurityGroups, nil return groups, nil
} }

2
upup/pkg/kutil/convert_kubeup_cluster.go
View File

@ -123,7 +123,7 @@ func (x *ConvertKubeupCluster) Upgrade() error {
return fmt.Errorf("error finding subnets: %v", err) return fmt.Errorf("error finding subnets: %v", err)
} }
securityGroups, err := awsresources.DescribeSecurityGroups(x.Cloud) securityGroups, err := awsresources.DescribeSecurityGroups(x.Cloud, x.OldClusterName)
if err != nil { if err != nil {
return fmt.Errorf("error finding security groups: %v", err) return fmt.Errorf("error finding security groups: %v", err)
} }