mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2025-10-10 15:11:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
talos/internal/pkg/etcd/lock.go
Utku Ozdemir 84e712a9f1
feat: introduce Talos API access from Kubernetes 
We add a new CRD, `serviceaccounts.talos.dev` (with `tsa` as short name), and its controller which allows users to get a `Secret` containing a short-lived Talosconfig in their namespaces with the roles they need. Additionally, we introduce the `talosctl inject serviceaccount` command to accept a YAML file with Kubernetes manifests and inject them with Talos service accounts so that they can be directly applied to Kubernetes afterwards. If Talos API access feature is enabled on Talos side, the injected workloads will be able to talk to Talos API.

Closes siderolabs/talos#4422.

Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
2022-08-08 18:27:26 +02:00

45 lines
1.1 KiB
Go
Raw Blame History

// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
package etcd
import (
"context"
"fmt"
"go.etcd.io/etcd/client/v3/concurrency"
"go.uber.org/zap"
)
// WithLock executes the given function exclusively by acquiring an Etcd lock with the given key.
func WithLock(ctx context.Context, key string, logger *zap.Logger, f func() error) error {
etcdClient, err := NewLocalClient()
if err != nil {
return fmt.Errorf("error creating etcd client: %w", err)
}
defer etcdClient.Close() //nolint:errcheck
session, err := concurrency.NewSession(etcdClient.Client)
if err != nil {
return fmt.Errorf("error creating etcd session: %w", err)
}
defer session.Close() //nolint:errcheck
mutex := concurrency.NewMutex(session, key)
logger.Debug("waiting for mutex", zap.String("key", key))
if err = mutex.Lock(ctx); err != nil {
return fmt.Errorf("error acquiring mutex for key %s: %w", key, err)
}
logger.Debug("mutex acquired", zap.String("key", key))
defer mutex.Unlock(ctx) //nolint:errcheck
return f()
}
Reference in New Issue View Git Blame Copy Permalink