func istioServiceEntries()

in appconfigmgrv2/controllers/istio_service_entries.go [67:112]

• 35 lines of code
• 6 McCabe index (conditional complexity)

func istioServiceEntries(cfg Config, t *appconfig.AppEnvConfigTemplateV2) ([]*unstructured.Unstructured, error) {
	list := make([]*unstructured.Unstructured, 0, len(t.Spec.AllowedEgress))

	gvk := istioServiceEntryGVK()

	// TODO: Validate no duplicate spec.allowedEgress.type fields.

	for i := range t.Spec.AllowedEgress {
		entry := t.Spec.AllowedEgress[i]

		ports, ok := cfg.EgressTypes[entry.Type]
		if !ok {
			return nil, fmt.Errorf("unknown allowedEgress.type: %v", entry.Type)
		}

		res := istionet.ServiceEntry_DNS
		for _, h := range entry.Hosts {
			if strings.Contains(h, "*") {
				res = istionet.ServiceEntry_NONE
				break
			}
		}

		meta := map[string]interface{}{
			"name":      istioServiceEntryName(t, i),
			"namespace": t.Namespace,
		}
		spec := &istionet.ServiceEntry{
			Hosts:    entry.Hosts,
			Location: istionet.ServiceEntry_MESH_EXTERNAL,
			// TODO: Validation on known types.
			Ports:      ports,
			Resolution: res,
			// Apply to same namespace only:
			ExportTo: []string{"."},
		}

		unst, err := unstructuredFromProto(gvk, meta, spec)
		if err != nil {
			return nil, fmt.Errorf("unstructured from proto: %v", err)
		}
		list = append(list, unst)
	}

	return list, nil
}