#5 added another watcher for secrets to check for events regarding them. Works, but ugly and no README update yet

Author: angylada

.gitignore

@@ -2,3 +2,4 @@
 go.sum
 main
 vendor
+.env

cmd/main.go

@@ -16,14 +16,15 @@ import (
 	"k8s.io/client-go/util/homedir"
 	"os"
 	"path/filepath"
+	"strconv"
 	"time"
 )
 
 // variables: namespace, labels
 var dovecotLabels string
 var dovecotDirectorLabels string
 var dovecotDirectorContainerName string
-
+var syncFrequencyDuration int
 
 var namespace string
 var kubeconf *rest.Config
@@ -42,13 +43,23 @@ func main() {
 	dovecotDirectorLabels = os.Getenv("DOVECOT_DIRECTOR_LABELS")
 	dovecotDirectorContainerName = os.Getenv("DOVECOT_DIRECTOR_CONTAINER_NAME")
 
+	syncFrequencyDurationEnv := os.Getenv("SYNC_FREQUENCY_DURATION")
+	syncFrequencyDuration = 70
+	if syncFrequencyDurationEnv != "" {
+		syncFrequencyDuration, err = strconv.Atoi(syncFrequencyDurationEnv)
+		if err != nil {
+			syncFrequencyDuration = 70
+		}
+	}
+
 	dovecotLabels = os.Getenv("DOVECOT_LABELS")
 	namespace = os.Getenv("DOVECOT_NAMESPACE")
 
 	dovecotPods := GetPodsByLabel(clientset, namespace, dovecotLabels)
 	initialDovecotPodCount = len(dovecotPods.Items)
 
-	StartWatcher(clientset, namespace)
+	go StartWatcherSecret(clientset, namespace)
+	StartWatcherPods(clientset, namespace)
 }
 
 func GetPodsByLabel(clientset *kubernetes.Clientset, namespace string, labels string) *v1.PodList {
@@ -73,11 +84,11 @@ func ExecuteCommand(command string, podname string, namespace string, clientset
 	// THE FOLLOWING EXPECTS THE POD TO HAVE ONLY ONE CONTAINER IN WHICH THE COMMAND IS GOING TO BE EXECUTED
 	option := &v1.PodExecOptions{
 		Container: dovecotDirectorContainerName,
-		Command: cmd,
-		Stdin:   false,
-		Stdout:  true,
-		Stderr:  true,
-		TTY:     true,
+		Command:   cmd,
+		Stdin:     false,
+		Stdout:    true,
+		Stderr:    true,
+		TTY:       true,
 	}
 
 	req.VersionedParams(
@@ -116,37 +127,42 @@ func handleEvent(pod *v1.Pod, clientset *kubernetes.Clientset) {
 		containerStatusSlice := pod.Status.ContainerStatuses
 
 		for _, containerStatus := range containerStatusSlice {
-
 			if containerStatus.Ready {
-				podlist := GetPodsByLabel(clientset, namespace, dovecotDirectorLabels)
-
-				for _, dovecotDirectorPod := range podlist.Items {
-                    time := time.Now()
-                    logLevel := "info"
-                    logMessage := "success"
-                    formattedTime := time.Format("2006-01-02 15:04:05 MST")
-
-					err := ExecuteCommand(
-						"doveadm reload",
-						dovecotDirectorPod.ObjectMeta.Name,
-						namespace,
-						clientset)
-
-					if err != nil {
-					    logLevel = "error"
-					    logMessage = err.Error()
-					}
-
-					log := fmt.Sprintf("{ \"level\": \"%s\", \"timestamp\": \"%s\", \"pod\": \"%s\", \"command\": \"doveadm reload\", \"message\": \"%s\" }", logLevel, formattedTime, dovecotDirectorPod.ObjectMeta.Name, logMessage)
-					fmt.Println(log)
-				}
+				ExecuteDoveAdm(clientset, dovecotDirectorLabels, 0)
 			}
 		}
 	}
+}
 
+func ExecuteDoveAdm(clientset *kubernetes.Clientset, dovecotDirectorLabels string, sleeptime int) {
+	if sleeptime != 0 {
+		time.Sleep(time.Second * time.Duration(int64(sleeptime)))
+	}
+	podlist := GetPodsByLabel(clientset, namespace, dovecotDirectorLabels)
+
+	for _, dovecotDirectorPod := range podlist.Items {
+		curTime := time.Now()
+		logLevel := "info"
+		logMessage := "success"
+		formattedTime := curTime.Format("2006-01-02 15:04:05 MST")
+
+		err := ExecuteCommand(
+			"doveadm reload",
+			dovecotDirectorPod.ObjectMeta.Name,
+			namespace,
+			clientset)
+
+		if err != nil {
+			logLevel = "error"
+			logMessage = err.Error()
+		}
+
+		log := fmt.Sprintf("{ \"level\": \"%s\", \"timestamp\": \"%s\", \"pod\": \"%s\", \"command\": \"doveadm reload\", \"message\": \"%s\" }", logLevel, formattedTime, dovecotDirectorPod.ObjectMeta.Name, logMessage)
+		fmt.Println(log)
+	}
 }
 
-func StartWatcher(clientset *kubernetes.Clientset, namespace string) () {
+func StartWatcherPods(clientset *kubernetes.Clientset, namespace string) {
 	optionsModifierFunc := func(options *metav1.ListOptions) {
 		options.LabelSelector = dovecotLabels
 	}
@@ -178,6 +194,38 @@ func StartWatcher(clientset *kubernetes.Clientset, namespace string) () {
 	}
 }
 
+func StartWatcherSecret(clientset *kubernetes.Clientset, namespace string) {
+	watchlist := cache.NewFilteredListWatchFromClient(
+		clientset.CoreV1().RESTClient(),
+		"secrets",
+		namespace,
+		func(options *metav1.ListOptions) {})
+
+	_, controller := cache.NewInformer(
+		watchlist,
+		&v1.Secret{},
+		time.Second*0,
+		cache.ResourceEventHandlerFuncs{
+			AddFunc: func(obj interface{}) {
+				secret := obj.(*v1.Secret)
+				if secret.Type == "kubernetes.io/tls" {
+					go ExecuteDoveAdm(clientset, dovecotDirectorLabels, syncFrequencyDuration)
+				}
+			},
+			UpdateFunc: func(oldObj, newObj interface{}) {
+				secret := newObj.(*v1.Secret)
+				if secret.Type == "kubernetes.io/tls" {
+					go ExecuteDoveAdm(clientset, dovecotDirectorLabels, syncFrequencyDuration)
+				}
+			},
+		},
+	)
+
+	go controller.Run(make(chan struct{}))
+	for {
+		time.Sleep(time.Second)
+	}
+}
 
 func InClusterAuth() (*kubernetes.Clientset, error) {
 	var err error

docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.15.3-alpine3.12 as builder
+FROM golang:1.19.2-alpine as builder
 
 WORKDIR /workdir/go
 

docker/docker-compose.yaml

@@ -12,3 +12,4 @@ services:
       - DOVECOT_LABELS=app.kubernetes.io/instance=test,app.kubernetes.io/name=dovecot
       - DOVECOT_DIRECTOR_LABELS=app.kubernetes.io/instance=test,app.kubernetes.io/name=dovecot-director
       - DOVECOT_DIRECTOR_CONTAINER_NAME=dovecot-director
+      - SYNC_FREQUENCY_DURATION=80

go.mod

@@ -1,15 +1,48 @@
 module cmd/main.go
 
-go 1.15
+go 1.19
 
 require (
-	github.com/golang/protobuf v1.4.3 // indirect
-	golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 // indirect
-	golang.org/x/net v0.0.0-20201016165138-7b1cca2348c0 // indirect
-	golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43 // indirect
-	golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e // indirect
-	k8s.io/api v0.19.2
-	k8s.io/apimachinery v0.19.2
-	k8s.io/client-go v0.19.2
-	k8s.io/utils v0.0.0-20201015054608-420da100c033 // indirect
+	github.com/PuerkitoBio/purell v1.1.1 // indirect
+	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.8.0 // indirect
+	github.com/go-logr/logr v1.2.3 // indirect
+	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/go-openapi/jsonreference v0.19.5 // indirect
+	github.com/go-openapi/swag v0.19.14 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/go-cmp v0.5.8 // indirect
+	github.com/google/gofuzz v1.1.0 // indirect
+	github.com/imdario/mergo v0.3.6 // indirect
+	github.com/josharian/intern v1.0.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/moby/spdystream v0.2.0 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	golang.org/x/net v0.0.0-20220722155237-a158d28d115b // indirect
+	golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect
+	golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect
+	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
+	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
+	google.golang.org/appengine v1.6.7 // indirect
+	google.golang.org/protobuf v1.28.0 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/api v0.25.3 // indirect
+	k8s.io/apimachinery v0.25.3 // indirect
+	k8s.io/client-go v0.25.3 // indirect
+	k8s.io/klog/v2 v2.70.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
+	k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed // indirect
+	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
+	sigs.k8s.io/yaml v1.2.0 // indirect
 )