@@ -116,6 +116,7 @@ func (h *handler) AddRoutes(mux *mux.Router) {
116116
117117 mux .HandleFunc ("/api/callback" , h .handleCallback ).Methods (http .MethodGet )
118118 mux .HandleFunc ("/api/healthz" , h .handleHealthz ).Methods (http .MethodGet )
119+ mux .HandleFunc ("/api/bindable-resources" , h .handleBindableResources ).Methods (http .MethodGet )
119120
120121 if strings .HasPrefix (h .frontend , "http://" ) {
121122 spaserver , err := spaserver .NewSPAReverseProxyServer (h .frontend )
@@ -577,38 +578,54 @@ func (h *handler) handleBindPost(w http.ResponseWriter, r *http.Request) {
577578 return
578579 }
579580
580- // Create API service export requests for each resource
581- var requests []runtime.RawExtension
582- for _ , bindableResource := range bindRequest .Resources {
583- exportRequest := kubebindv1alpha2.APIServiceExportRequestResponse {
584- TypeMeta : metav1.TypeMeta {
585- APIVersion : kubebindv1alpha2 .SchemeGroupVersion .String (),
586- Kind : "APIServiceExportRequest" ,
587- },
588- ObjectMeta : kubebindv1alpha2.NameObjectMeta {
589- Name : bindableResource .Resource + "." + bindableResource .Group ,
590- },
591- Spec : kubebindv1alpha2.APIServiceExportRequestSpec {
592- Resources : []kubebindv1alpha2.APIServiceExportRequestResource {
593- {
594- GroupResource : kubebindv1alpha2.GroupResource {
595- Group : bindableResource .Group ,
596- Resource : bindableResource .Resource ,
597- },
598- Versions : []string {bindableResource .APIVersion },
599- },
600- },
581+ exportRequest := kubebindv1alpha2.APIServiceExportRequestResponse {
582+ TypeMeta : metav1.TypeMeta {
583+ APIVersion : kubebindv1alpha2 .SchemeGroupVersion .String (),
584+ Kind : "APIServiceExportRequest" ,
585+ },
586+ ObjectMeta : kubebindv1alpha2.NameObjectMeta {
587+ Name : bindRequest .Name ,
588+ },
589+ Spec : kubebindv1alpha2.APIServiceExportRequestSpec {
590+ Resources : []kubebindv1alpha2.APIServiceExportRequestResource {},
591+ PermissionClaims : []kubebindv1alpha2.PermissionClaim {},
592+ },
593+ }
594+
595+ for _ , resource := range bindRequest .Resources {
596+ exportRequest .Spec .Resources = append (exportRequest .Spec .Resources , kubebindv1alpha2.APIServiceExportRequestResource {
597+ GroupResource : kubebindv1alpha2.GroupResource {
598+ Group : resource .Group ,
599+ Resource : resource .Resource ,
601600 },
602- }
601+ Versions : []string {resource .APIVersion },
602+ })
603+ }
603604
604- requestBytes , err := json .Marshal (& exportRequest )
605+ for _ , claim := range bindRequest .PermissionClaims {
606+ _ , err := kubebindv1alpha2 .ResolveClaimableAPI (claim )
605607 if err != nil {
606- logger .Error (err , "failed to marshal export request " , "resource " , bindableResource . Resource )
607- http .Error (w , "internal error " , http .StatusInternalServerError )
608+ logger .Error (err , "invalid permission claim " , "claim " , claim )
609+ http .Error (w , fmt . Sprintf ( "invalid permission claim: %v " , err ), http .StatusBadRequest )
608610 return
609611 }
612+ exportRequest .Spec .PermissionClaims = append (exportRequest .Spec .PermissionClaims , kubebindv1alpha2.PermissionClaim {
613+ GroupResource : kubebindv1alpha2.GroupResource {
614+ Group : claim .Group ,
615+ Resource : claim .Resource ,
616+ },
617+ Selector : kubebindv1alpha2.Selector {
618+ All : claim .Selector .All ,
619+ LabelSelector : claim .Selector .LabelSelector ,
620+ },
621+ })
622+ }
610623
611- requests = append (requests , runtime.RawExtension {Raw : requestBytes })
624+ requestBytes , err := json .Marshal (& exportRequest )
625+ if err != nil {
626+ logger .Error (err , "failed to marshal export request" )
627+ http .Error (w , "internal error" , http .StatusInternalServerError )
628+ return
612629 }
613630
614631 // Create binding response
@@ -624,7 +641,7 @@ func (h *handler) handleBindPost(w http.ResponseWriter, r *http.Request) {
624641 },
625642 },
626643 Kubeconfig : kfg ,
627- Requests : requests ,
644+ Requests : []runtime. RawExtension {{ Raw : requestBytes }} ,
628645 }
629646
630647 payload , err := json .Marshal (& response )
@@ -683,3 +700,18 @@ func (h *handler) getBackendDynamicResource(ctx context.Context, cluster string)
683700 }
684701 return h .kubeManager .ListDynamicResources (ctx , cluster , gvk , labelSelector .AsSelector ())
685702}
703+
704+ // handleBindableResources returns a static list of resources that can be claimed/bound by users.
705+ func (h * handler ) handleBindableResources (w http.ResponseWriter , r * http.Request ) {
706+ logger := getLogger (r )
707+
708+ bs , err := json .Marshal (& kubebindv1alpha2 .ClaimableAPIsData )
709+ if err != nil {
710+ logger .Error (err , "failed to marshal resources" )
711+ http .Error (w , "internal error" , http .StatusInternalServerError )
712+ return
713+ }
714+
715+ w .Header ().Set ("Content-Type" , "application/json" )
716+ w .Write (bs ) //nolint:errcheck
717+ }
0 commit comments