Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Functional tests for HSM Support #190

Open
wants to merge 15 commits into
base: main
Choose a base branch
from
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -204,7 +204,7 @@ GINKGO ?= $(LOCALBIN)/ginkgo

## Tool Versions
KUSTOMIZE_VERSION ?= v3.8.7
CONTROLLER_TOOLS_VERSION ?= v0.11.1
CONTROLLER_TOOLS_VERSION ?= v0.14.0
GOTOOLCHAIN_VERSION ?= go1.21.0

KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
Expand Down
364 changes: 182 additions & 182 deletions api/bases/barbican.openstack.org_barbicanapis.yaml

Large diffs are not rendered by default.

157 changes: 87 additions & 70 deletions api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.1
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.14.0
name: barbicankeystonelisteners.barbican.openstack.org
spec:
group: barbican.openstack.org
Expand All @@ -31,14 +30,19 @@ spec:
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
Expand All @@ -51,17 +55,16 @@ spec:
set to environmental default if empty)
type: string
customServiceConfig:
description: CustomServiceConfig - customize the service config using
this parameter to change service defaults, or overwrite rendered
information using raw OpenStack config format. The content gets
added to to /etc/<service>/<service>.conf.d directory as a custom
config file.
description: |-
CustomServiceConfig - customize the service config using this parameter to change service defaults,
or overwrite rendered information using raw OpenStack config format. The content gets added to
to /etc/<service>/<service>.conf.d directory as a custom config file.
type: string
customServiceConfigSecrets:
description: CustomServiceConfigSecrets - customize the service config
using this parameter to specify Secrets that contain sensitive service
config data. The content of each Secret gets added to the /etc/<service>/<service>.conf.d
directory as a custom config file.
description: |-
CustomServiceConfigSecrets - customize the service config using this parameter to specify Secrets
that contain sensitive service config data. The content of each Secret gets added to the
/etc/<service>/<service>.conf.d directory as a custom config file.
items:
type: string
type: array
Expand All @@ -73,17 +76,19 @@ spec:
databaseHostname:
type: string
databaseInstance:
description: 'MariaDB instance name TODO(dmendiza): Is this comment
right? Right now required by the maridb-operator to get the credentials
from the instance to create the DB Might not be required in future'
description: |-
MariaDB instance name
TODO(dmendiza): Is this comment right?
Right now required by the maridb-operator to get the credentials from the instance to create the DB
Might not be required in future
type: string
defaultConfigOverwrite:
additionalProperties:
type: string
description: 'ConfigOverwrite - interface to overwrite default config
files like e.g. policy.json. But can also be used to add additional
files. Those get added to the service config dir in /etc/<service>
. TODO: -> implement'
description: |-
ConfigOverwrite - interface to overwrite default config files like e.g. policy.json.
But can also be used to add additional files. Those get added to the service config dir in /etc/<service> .
TODO: -> implement
type: object
enabledSecretStores:
items:
Expand Down Expand Up @@ -114,9 +119,9 @@ spec:
nodeSelector:
additionalProperties:
type: string
description: NodeSelector to target subset of worker nodes running
this component. Setting here overrides any global NodeSelector settings
within the Barbican CR.
description: |-
NodeSelector to target subset of worker nodes running this component. Setting here overrides
any global NodeSelector settings within the Barbican CR.
type: object
passwordSelectors:
default:
Expand Down Expand Up @@ -214,20 +219,23 @@ spec:
description: The HSM's IPv4 address (X.Y.Z.K)
type: string
slotId:
description: One of TokenSerialNumber, TokenLabels or SlotId must
description: |-
One of TokenSerialNumber, TokenLabels or SlotId must
be defined. SlotId is used if none of the others is defined
type: string
tokenLabels:
description: Token labels used to identify the token to be used.
One of TokenSerialNumber, TokenLabels or SlotId must be specified.
TokenLabels takes priority over SlotId. This can be a comma
separated string of labels
description: |-
Token labels used to identify the token to be used.
One of TokenSerialNumber, TokenLabels or SlotId must
be specified. TokenLabels takes priority over SlotId.
This can be a comma separated string of labels
type: string
tokenSerialNumber:
description: Token serial number used to identify the token to
be used. One of TokenSerialNumber, TokenLabels or SlotId must
be defined. TokenSerialNumber takes priority over TokenLabels
and SlotId
description: |-
Token serial number used to identify the token to be used.
One of TokenSerialNumber, TokenLabels or SlotId must
be defined. TokenSerialNumber takes priority over
TokenLabels and SlotId
type: string
type:
description: 'A string containing the HSM type (currently supported:
Expand All @@ -243,8 +251,9 @@ spec:
type: object
rabbitMqClusterName:
default: rabbitmq
description: RabbitMQ instance name Needed to request a transportURL
that is created and used in Barbican
description: |-
RabbitMQ instance name
Needed to request a transportURL that is created and used in Barbican
type: string
replicas:
default: 1
Expand All @@ -254,22 +263,29 @@ spec:
minimum: 0
type: integer
resources:
description: Resources - Compute Resources required by this service
(Limits/Requests). https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
description: |-
Resources - Compute Resources required by this service (Limits/Requests).
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
properties:
claims:
description: "Claims lists the names of resources, defined in
spec.resourceClaims, that are used by this container. \n This
is an alpha field and requires enabling the DynamicResourceAllocation
feature gate. \n This field is immutable. It can only be set
for containers."
description: |-
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.


This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.


This field is immutable. It can only be set for containers.
items:
description: ResourceClaim references one entry in PodSpec.ResourceClaims.
properties:
name:
description: Name must match the name of one entry in pod.spec.resourceClaims
of the Pod where this field is used. It makes that resource
available inside a container.
description: |-
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container.
type: string
required:
- name
Expand All @@ -285,8 +301,9 @@ spec:
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Limits describes the maximum amount of compute resources
allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
description: |-
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
requests:
additionalProperties:
Expand All @@ -295,11 +312,11 @@ spec:
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified, otherwise
to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
description: |-
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
type: object
type: object
secret:
Expand Down Expand Up @@ -348,10 +365,10 @@ spec:
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
description: |-
Last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when
the API field changed is acceptable.
format: date-time
type: string
message:
Expand All @@ -363,14 +380,13 @@ spec:
in CamelCase.
type: string
severity:
description: Severity provides a classification of Reason code,
so the current situation is immediately understandable and
could act accordingly. It is meant for situations where Status=False
and it should be indicated if it is just informational, warning
(next reconciliation might fix it) or an error (e.g. DB create
issue and no actions to automatically resolve the issue can/should
be done). For conditions where Status=Unknown or Status=True
the Severity should be SeverityNone.
description: |-
Severity provides a classification of Reason code, so the current situation is immediately
understandable and could act accordingly.
It is meant for situations where Status=False and it should be indicated if it is just
informational, warning (next reconciliation might fix it) or an error (e.g. DB create issue
and no actions to automatically resolve the issue can/should be done).
For conditions where Status=Unknown or Status=True the Severity should be SeverityNone.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
Expand Down Expand Up @@ -400,9 +416,10 @@ spec:
description: NetworkAttachments status of the deployment pods
type: object
readyCount:
description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
of cluster Important: Run "make" to regenerate code after modifying
this file ReadyCount of barbican API instances'
description: |-
INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
Important: Run "make" to regenerate code after modifying this file
ReadyCount of barbican API instances
format: int32
type: integer
type: object
Expand Down
Loading
Loading