Skip to content

Commit

Permalink
Merge branch 'main' into add_tls
Browse files Browse the repository at this point in the history
  • Loading branch information
@d34dh0r53
d34dh0r53 authored Feb 9, 2024
2 parents 5c479f6 + 28e9a42 commit 4de807a
Show file tree
Hide file tree
Showing 21 changed files with 47 additions and 317 deletions.
1 change: 1 addition & 0 deletions .prow_ci.env
View file
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
export USE_IMAGE_DIGESTS=true
export FAIL_FIPS_CHECK=true
24 changes: 13 additions & 11 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
ARG GOLANG_BUILDER=golang:1.19
ARG OPERATOR_BASE_IMAGE=gcr.io/distroless/static:nonroot
ARG GOLANG_BUILDER=registry.access.redhat.com/ubi9/go-toolset:1.19
ARG OPERATOR_BASE_IMAGE=registry.access.redhat.com/ubi9/ubi-minimal:latest

# Build the manager binary
FROM $GOLANG_BUILDER AS builder
Expand All @@ -12,19 +12,21 @@ ARG REMOTE_SOURCE_DIR=/remote-source
ARG REMOTE_SOURCE_SUBDIR=
ARG DEST_ROOT=/dest-root

ARG GO_BUILD_EXTRA_ARGS=
ARG GO_BUILD_EXTRA_ARGS="-tags strictfipsruntime"
ARG GO_BUILD_EXTRA_ENV_ARGS="CGO_ENABLED=1 GO111MODULE=on"

COPY $REMOTE_SOURCE $REMOTE_SOURCE_DIR
WORKDIR $REMOTE_SOURCE_DIR/$REMOTE_SOURCE_SUBDIR

USER root
RUN mkdir -p ${DEST_ROOT}/usr/local/bin/

# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
RUN if [ ! -f $CACHITO_ENV_FILE ]; then go mod download ; fi

# Build manager
RUN if [ -f $CACHITO_ENV_FILE ] ; then source $CACHITO_ENV_FILE ; fi ; CGO_ENABLED=0 GO111MODULE=on go build ${GO_BUILD_EXTRA_ARGS} -a -o ${DEST_ROOT}/manager main.go
RUN if [ -f $CACHITO_ENV_FILE ] ; then source $CACHITO_ENV_FILE ; fi ; env ${GO_BUILD_EXTRA_ENV_ARGS} go build ${GO_BUILD_EXTRA_ARGS} -a -o ${DEST_ROOT}/manager main.go

RUN cp -r templates ${DEST_ROOT}/templates

Expand All @@ -49,16 +51,16 @@ ARG IMAGE_TAGS="cn-openstack openstack"

# Labels required by upstream and osbs build system
LABEL com.redhat.component="${IMAGE_COMPONENT}" \
name="${IMAGE_NAME}" \
version="${IMAGE_VERSION}" \
summary="${IMAGE_SUMMARY}" \
io.k8s.name="${IMAGE_NAME}" \
io.k8s.description="${IMAGE_DESC}" \
io.openshift.tags="${IMAGE_TAGS}"
name="${IMAGE_NAME}" \
version="${IMAGE_VERSION}" \
summary="${IMAGE_SUMMARY}" \
io.k8s.name="${IMAGE_NAME}" \
io.k8s.description="${IMAGE_DESC}" \
io.openshift.tags="${IMAGE_TAGS}"
### DO NOT EDIT LINES ABOVE

ENV USER_UID=$USER_ID \
OPERATOR_TEMPLATES=/usr/share/barbican-operator/templates/
OPERATOR_TEMPLATES=/usr/share/barbican-operator/templates/

WORKDIR /

Expand Down
5 changes: 4 additions & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,9 @@ endif
SHELL = /usr/bin/env bash -o pipefail
.SHELLFLAGS = -ec

# Extra vars which will be passed to the Docker-build
DOCKER_BUILD_ARGS ?=

.PHONY: all
all: build

Expand Down Expand Up @@ -138,7 +141,7 @@ run: manifests generate fmt vet ## Run a controller from your host.
# More info: https://docs.docker.com/develop/develop-images/build_enhancements/
.PHONY: docker-build
docker-build: test ## Build docker image with the manager.
podman build -t ${IMG} .
podman build -t ${IMG} . ${DOCKER_BUILD_ARGS}

.PHONY: docker-push
docker-push: ## Push docker image with the manager.
Expand Down
24 changes: 0 additions & 24 deletions api/bases/barbican.openstack.org_barbicanapis.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,30 +67,6 @@ spec:
description: DatabaseUser - optional username used for barbican DB,
defaults to barbican
type: string
debug:
description: 'Debug - enable debug for different deploy stages. If
an init container is used, it runs and the actual action pod gets
started with sleep infinity TODO(dmendiza): Do we need this?'
properties:
dbInitContainer:
default: false
description: dbInitContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
dbSync:
default: false
description: dbSync enable debug
type: boolean
initContainer:
default: false
description: initContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
service:
default: false
description: Service enable debug
type: boolean
type: object
defaultConfigOverwrite:
additionalProperties:
type: string
Expand Down
24 changes: 0 additions & 24 deletions api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,30 +68,6 @@ spec:
description: DatabaseUser - optional username used for barbican DB,
defaults to barbican
type: string
debug:
description: 'Debug - enable debug for different deploy stages. If
an init container is used, it runs and the actual action pod gets
started with sleep infinity TODO(dmendiza): Do we need this?'
properties:
dbInitContainer:
default: false
description: dbInitContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
dbSync:
default: false
description: dbSync enable debug
type: boolean
initContainer:
default: false
description: initContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
service:
default: false
description: Service enable debug
type: boolean
type: object
defaultConfigOverwrite:
additionalProperties:
type: string
Expand Down
24 changes: 0 additions & 24 deletions api/bases/barbican.openstack.org_barbicans.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -581,30 +581,6 @@ spec:
description: DatabaseUser - optional username used for barbican DB,
defaults to barbican
type: string
debug:
description: 'Debug - enable debug for different deploy stages. If
an init container is used, it runs and the actual action pod gets
started with sleep infinity TODO(dmendiza): Do we need this?'
properties:
dbInitContainer:
default: false
description: dbInitContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
dbSync:
default: false
description: dbSync enable debug
type: boolean
initContainer:
default: false
description: initContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
service:
default: false
description: Service enable debug
type: boolean
type: object
defaultConfigOverwrite:
additionalProperties:
type: string
Expand Down
24 changes: 0 additions & 24 deletions api/bases/barbican.openstack.org_barbicanworkers.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,30 +66,6 @@ spec:
description: DatabaseUser - optional username used for barbican DB,
defaults to barbican
type: string
debug:
description: 'Debug - enable debug for different deploy stages. If
an init container is used, it runs and the actual action pod gets
started with sleep infinity TODO(dmendiza): Do we need this?'
properties:
dbInitContainer:
default: false
description: dbInitContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
dbSync:
default: false
description: dbSync enable debug
type: boolean
initContainer:
default: false
description: initContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
service:
default: false
description: Service enable debug
type: boolean
type: object
defaultConfigOverwrite:
additionalProperties:
type: string
Expand Down
29 changes: 0 additions & 29 deletions api/v1beta1/common_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,6 @@ type BarbicanTemplate struct {
// PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret
PasswordSelectors PasswordSelector `json:"passwordSelectors"`

// +kubebuilder:validation:Optional
// Debug - enable debug for different deploy stages. If an init container is used, it runs and the
// actual action pod gets started with sleep infinity
// TODO(dmendiza): Do we need this?
Debug BarbicanDebug `json:"debug,omitempty"`

// +kubebuilder:validation:Optional
// CustomServiceConfig - customize the service config using this parameter to change service defaults,
// or overwrite rendered information using raw OpenStack config format. The content gets added to
Expand Down Expand Up @@ -121,26 +115,3 @@ type PasswordSelector struct {
// Service - Selector to get the barbican service user password from the Secret
Service string `json:"service"`
}

// BarbicanDebug indicates whether certain stages of deployment should be paused
type BarbicanDebug struct {
// +kubebuilder:validation:Optional
// +kubebuilder:default=false
// dbInitContainer enable debug (waits until /tmp/stop-init-container disappears)
DBInitContainer bool `json:"dbInitContainer"`

// +kubebuilder:validation:Optional
// +kubebuilder:default=false
// dbSync enable debug
DBSync bool `json:"dbSync"`

// +kubebuilder:validation:Optional
// +kubebuilder:default=false
// initContainer enable debug (waits until /tmp/stop-init-container disappears)
InitContainer bool `json:"initContainer"`

// +kubebuilder:validation:Optional
// +kubebuilder:default=false
// Service enable debug
Service bool `json:"service"`
}
16 changes: 0 additions & 16 deletions api/v1beta1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

24 changes: 0 additions & 24 deletions config/crd/bases/barbican.openstack.org_barbicanapis.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,30 +67,6 @@ spec:
description: DatabaseUser - optional username used for barbican DB,
defaults to barbican
type: string
debug:
description: 'Debug - enable debug for different deploy stages. If
an init container is used, it runs and the actual action pod gets
started with sleep infinity TODO(dmendiza): Do we need this?'
properties:
dbInitContainer:
default: false
description: dbInitContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
dbSync:
default: false
description: dbSync enable debug
type: boolean
initContainer:
default: false
description: initContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
service:
default: false
description: Service enable debug
type: boolean
type: object
defaultConfigOverwrite:
additionalProperties:
type: string
Expand Down
24 changes: 0 additions & 24 deletions config/crd/bases/barbican.openstack.org_barbicankeystonelisteners.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,30 +68,6 @@ spec:
description: DatabaseUser - optional username used for barbican DB,
defaults to barbican
type: string
debug:
description: 'Debug - enable debug for different deploy stages. If
an init container is used, it runs and the actual action pod gets
started with sleep infinity TODO(dmendiza): Do we need this?'
properties:
dbInitContainer:
default: false
description: dbInitContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
dbSync:
default: false
description: dbSync enable debug
type: boolean
initContainer:
default: false
description: initContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
service:
default: false
description: Service enable debug
type: boolean
type: object
defaultConfigOverwrite:
additionalProperties:
type: string
Expand Down
24 changes: 0 additions & 24 deletions config/crd/bases/barbican.openstack.org_barbicans.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -581,30 +581,6 @@ spec:
description: DatabaseUser - optional username used for barbican DB,
defaults to barbican
type: string
debug:
description: 'Debug - enable debug for different deploy stages. If
an init container is used, it runs and the actual action pod gets
started with sleep infinity TODO(dmendiza): Do we need this?'
properties:
dbInitContainer:
default: false
description: dbInitContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
dbSync:
default: false
description: dbSync enable debug
type: boolean
initContainer:
default: false
description: initContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
service:
default: false
description: Service enable debug
type: boolean
type: object
defaultConfigOverwrite:
additionalProperties:
type: string
Expand Down
24 changes: 0 additions & 24 deletions config/crd/bases/barbican.openstack.org_barbicanworkers.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,30 +66,6 @@ spec:
description: DatabaseUser - optional username used for barbican DB,
defaults to barbican
type: string
debug:
description: 'Debug - enable debug for different deploy stages. If
an init container is used, it runs and the actual action pod gets
started with sleep infinity TODO(dmendiza): Do we need this?'
properties:
dbInitContainer:
default: false
description: dbInitContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
dbSync:
default: false
description: dbSync enable debug
type: boolean
initContainer:
default: false
description: initContainer enable debug (waits until /tmp/stop-init-container
disappears)
type: boolean
service:
default: false
description: Service enable debug
type: boolean
type: object
defaultConfigOverwrite:
additionalProperties:
type: string
Expand Down
Loading

0 comments on commit 4de807a

Please sign in to comment.