From 47f9dc18aa9229dbeec93f4c0bcb002c107b598c Mon Sep 17 00:00:00 2001 From: Alan Bishop Date: Fri, 26 May 2023 12:11:13 -0400 Subject: [PATCH] Clean up code after switching from configmaps to secrets This is a purely cosmetic change (nothing functional) to update and/or remove all references to configmaps now that everything is stored in secrets. --- config/rbac/role.yaml | 12 ------ controllers/cinder_controller.go | 45 +++++++------------- controllers/cinderapi_controller.go | 51 +++++++++-------------- controllers/cinderbackup_controller.go | 50 +++++++++------------- controllers/cinderscheduler_controller.go | 49 +++++++++------------- controllers/cindervolume_controller.go | 49 +++++++++------------- 6 files changed, 94 insertions(+), 162 deletions(-) diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 457e45a6..79bd14d7 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -193,18 +193,6 @@ rules: - get - patch - update -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - "" resources: diff --git a/controllers/cinder_controller.go b/controllers/cinder_controller.go index de8c9c2c..a4be0d20 100644 --- a/controllers/cinder_controller.go +++ b/controllers/cinder_controller.go @@ -100,7 +100,6 @@ type CinderReconciler struct { // +kubebuilder:rbac:groups=cinder.openstack.org,resources=cindervolumes,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=cinder.openstack.org,resources=cindervolumes/status,verbs=get;update;patch // +kubebuilder:rbac:groups=cinder.openstack.org,resources=cindervolumes/finalizers,verbs=update -// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;create;update;patch;delete;watch // +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;create;update;patch;delete;watch // +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;create;update;patch;delete;watch // +kubebuilder:rbac:groups=mariadb.openstack.org,resources=mariadbdatabases,verbs=get;list;watch;create;update;patch;delete @@ -268,7 +267,7 @@ func (r *CinderReconciler) SetupWithManager(mgr ctrl.Manager) error { Owns(&cinderv1beta1.CinderVolume{}). Owns(&rabbitmqv1.TransportURL{}). Owns(&batchv1.Job{}). - Owns(&corev1.ConfigMap{}). + Owns(&corev1.Secret{}). // Watch for TransportURL Secrets which belong to any TransportURLs created by Cinder CRs Watches(&source.Kind{Type: &corev1.Secret{}}, handler.EnqueueRequestsFromMapFunc(transportURLSecretFn)). @@ -443,8 +442,7 @@ func (r *CinderReconciler) reconcileNormal(ctx context.Context, instance *cinder common.AppSelector: cinder.ServiceName, } - // ConfigMap - configMapVars := make(map[string]env.Setter) + configVars := make(map[string]env.Setter) // // create RabbitMQ transportURL CR and get the actual URL from the associated secret that is created @@ -504,22 +502,15 @@ func (r *CinderReconciler) reconcileNormal(ctx context.Context, instance *cinder return ctrl.Result{}, err } // Add a prefix to the var name to avoid accidental collision with other non-secret vars. - configMapVars["secret-"+ospSecret.Name] = env.SetValue(hash) + configVars["secret-"+ospSecret.Name] = env.SetValue(hash) instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage) // run check OpenStack secret - end // - // Create ConfigMaps and Secrets required as input for the Service and calculate an overall hash of hashes + // Create Secrets required as input for the Service and calculate an overall hash of hashes // - - // - // create Configmap required for cinder input - // - %-scripts configmap holding scripts to e.g. bootstrap the service - // - %-config configmap holding minimal cinder config required to get the service up, user can add additional files to be added to the service - // - parameters which has passwords gets added from the OpenStack secret via the init container - // - err = r.generateServiceConfigMaps(ctx, helper, instance, &configMapVars, serviceLabels) + err = r.generateServiceConfigs(ctx, helper, instance, &configVars, serviceLabels) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -534,7 +525,7 @@ func (r *CinderReconciler) reconcileNormal(ctx context.Context, instance *cinder // create hash over all the different input resources to identify if any those changed // and a restart/recreate is required. // - _, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configMapVars) + _, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configVars) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -548,7 +539,6 @@ func (r *CinderReconciler) reconcileNormal(ctx context.Context, instance *cinder // so we need to return and reconcile again return ctrl.Result{}, nil } - // Create ConfigMaps and Secrets - end instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage) @@ -762,9 +752,9 @@ func (r *CinderReconciler) reconcileUpgrade(ctx context.Context, instance *cinde return ctrl.Result{}, nil } -// generateServiceConfigMaps - create create configmaps which hold scripts and service configuration +// generateServiceConfigs - create Secret which hold scripts and service configuration // TODO add DefaultConfigOverwrite -func (r *CinderReconciler) generateServiceConfigMaps( +func (r *CinderReconciler) generateServiceConfigs( ctx context.Context, h *helper.Helper, instance *cinderv1beta1.Cinder, @@ -772,13 +762,12 @@ func (r *CinderReconciler) generateServiceConfigMaps( serviceLabels map[string]string, ) error { // - // create Configmap/Secret required for cinder input - // - %-scripts configmap holding scripts to e.g. bootstrap the service - // - %-config configmap holding minimal cinder config required to get the service up, user can add additional files to be added to the service - // - parameters which has passwords gets added from the ospSecret via the init container + // create Secret required for cinder input + // - %-scripts holds scripts to e.g. bootstrap the service + // - %-config holds minimal cinder config required to get the service up // - cmLabels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) + labels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) // customData hold any customization for all cinder services. customData := map[string]string{cinder.CustomConfigFileName: instance.Spec.CustomServiceConfig} @@ -822,16 +811,14 @@ func (r *CinderReconciler) generateServiceConfigMaps( instance.Status.DatabaseHostname, cinder.DatabaseName) - cms := []util.Template{ - // ScriptsConfigMap + configTemplates := []util.Template{ { Name: fmt.Sprintf("%s-scripts", instance.Name), Namespace: instance.Namespace, Type: util.TemplateTypeScripts, InstanceType: instance.Kind, - Labels: cmLabels, + Labels: labels, }, - // ConfigMap { Name: fmt.Sprintf("%s-config-data", instance.Name), Namespace: instance.Namespace, @@ -839,11 +826,11 @@ func (r *CinderReconciler) generateServiceConfigMaps( InstanceType: instance.Kind, CustomData: customData, ConfigOptions: templateParameters, - Labels: cmLabels, + Labels: labels, }, } - return secret.EnsureSecrets(ctx, h, instance, cms, envVars) + return secret.EnsureSecrets(ctx, h, instance, configTemplates, envVars) } // createHashOfInputHashes - creates a hash of hashes which gets added to the resources which requires a restart diff --git a/controllers/cinderapi_controller.go b/controllers/cinderapi_controller.go index 6c949432..85d6dace 100644 --- a/controllers/cinderapi_controller.go +++ b/controllers/cinderapi_controller.go @@ -93,7 +93,6 @@ var ( //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderapis,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderapis/status,verbs=get;update;patch //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderapis/finalizers,verbs=update -// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;create;update;patch;delete;watch // +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;create;update;patch;delete;watch // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; @@ -462,70 +461,63 @@ func (r *CinderAPIReconciler) reconcileInit( func (r *CinderAPIReconciler) reconcileNormal(ctx context.Context, instance *cinderv1beta1.CinderAPI, helper *helper.Helper) (ctrl.Result, error) { r.Log.Info(fmt.Sprintf("Reconciling Service '%s'", instance.Name)) - // ConfigMap - configMapVars := make(map[string]env.Setter) + configVars := make(map[string]env.Setter) // // check for required OpenStack secret holding passwords for service/admin user and add hash to the vars map // - ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configMapVars) + ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configVars) if err != nil { return ctrlResult, err } - // run check OpenStack secret - end // // check for required TransportURL secret holding transport URL string // - ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Spec.TransportURLSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Spec.TransportURLSecret, &configVars) if err != nil { return ctrlResult, err } - // run check TransportURL secret - end // // check for required service secrets // for _, secretName := range instance.Spec.CustomServiceConfigSecrets { - ctrlResult, err = r.getSecret(ctx, helper, instance, secretName, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, secretName, &configVars) if err != nil { return ctrlResult, err } } - // run check service secrets - end // - // check for required Cinder config maps that should have been created by parent Cinder CR + // check for required Cinder secrets that should have been created by parent Cinder CR // - parentCinderName := cinder.GetOwningCinderName(instance) parentSecrets := []string{ - fmt.Sprintf("%s-scripts", parentCinderName), //ScriptsConfigMap - fmt.Sprintf("%s-config-data", parentCinderName), //ConfigMap + fmt.Sprintf("%s-scripts", parentCinderName), + fmt.Sprintf("%s-config-data", parentCinderName), } for _, parentSecret := range parentSecrets { - ctrlResult, err = r.getSecret(ctx, helper, instance, parentSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, parentSecret, &configVars) if err != nil { return ctrlResult, err } } instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage) - // run check parent Cinder CR config maps - end // - // Create ConfigMaps required as input for the Service and calculate an overall hash of hashes + // Create secrets required as input for the Service and calculate an overall hash of hashes // - serviceLabels := map[string]string{ common.AppSelector: cinder.ServiceName, common.ComponentSelector: cinderapi.Component, } // - // create custom Configmap for this cinder volume service + // create custom config for this cinder service // - err = r.generateServiceConfigMaps(ctx, helper, instance, &configMapVars, serviceLabels) + err = r.generateServiceConfigs(ctx, helper, instance, &configVars, serviceLabels) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -535,13 +527,12 @@ func (r *CinderAPIReconciler) reconcileNormal(ctx context.Context, instance *cin err.Error())) return ctrl.Result{}, err } - // Create ConfigMaps - end // // create hash over all the different input resources to identify if any those changed // and a restart/recreate is required. // - inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configMapVars) + inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configVars) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -556,7 +547,6 @@ func (r *CinderAPIReconciler) reconcileNormal(ctx context.Context, instance *cin return ctrl.Result{}, nil } instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage) - // Create ConfigMaps and Secrets - end // // TODO check when/if Init, Update, or Upgrade should/could be skipped @@ -741,9 +731,9 @@ func (r *CinderAPIReconciler) getSecret( return ctrl.Result{}, nil } -// generateServiceConfigMaps - create custom configmap to hold service-specific config +// generateServiceConfigs - create Secret which holds the service configuration // TODO add DefaultConfigOverwrite -func (r *CinderAPIReconciler) generateServiceConfigMaps( +func (r *CinderAPIReconciler) generateServiceConfigs( ctx context.Context, h *helper.Helper, instance *cinderv1beta1.CinderAPI, @@ -751,11 +741,11 @@ func (r *CinderAPIReconciler) generateServiceConfigMaps( serviceLabels map[string]string, ) error { // - // create custom Configmap for cinder-api-specific config input - // - %-config-data configmap holding custom config for the service's cinder.conf + // create custom Secret for cinder service-specific config input + // - %-config-data holds custom config for the service // - cmLabels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) + labels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) // customData hold any customization for the service. customData := map[string]string{cinder.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig} @@ -789,19 +779,18 @@ func (r *CinderAPIReconciler) generateServiceConfigMaps( } customData[cinder.CustomServiceConfigSecretsFileName] = customSecrets - cms := []util.Template{ - // Custom ConfigMap + configTemplates := []util.Template{ { Name: fmt.Sprintf("%s-config-data", instance.Name), Namespace: instance.Namespace, Type: util.TemplateTypeConfig, InstanceType: instance.Kind, CustomData: customData, - Labels: cmLabels, + Labels: labels, }, } - return secret.EnsureSecrets(ctx, h, instance, cms, envVars) + return secret.EnsureSecrets(ctx, h, instance, configTemplates, envVars) } // createHashOfInputHashes - creates a hash of hashes which gets added to the resources which requires a restart diff --git a/controllers/cinderbackup_controller.go b/controllers/cinderbackup_controller.go index 719a6a98..e14eccdf 100644 --- a/controllers/cinderbackup_controller.go +++ b/controllers/cinderbackup_controller.go @@ -80,7 +80,6 @@ type CinderBackupReconciler struct { //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderbackups,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderbackups/status,verbs=get;update;patch //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderbackups/finalizers,verbs=update -// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch // +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; // +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;create;update;patch;delete;watch @@ -259,69 +258,63 @@ func (r *CinderBackupReconciler) reconcileNormal(ctx context.Context, instance * r.Log.Info(fmt.Sprintf("Reconciling Service '%s'", instance.Name)) // ConfigMap - configMapVars := make(map[string]env.Setter) + configVars := make(map[string]env.Setter) // // check for required OpenStack secret holding passwords for service/admin user and add hash to the vars map // - ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configMapVars) + ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configVars) if err != nil { return ctrlResult, err } - // run check OpenStack secret - end // // check for required TransportURL secret holding transport URL string // - ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Spec.TransportURLSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Spec.TransportURLSecret, &configVars) if err != nil { return ctrlResult, err } - // run check TransportURL secret - end // // check for required service secrets // for _, secretName := range instance.Spec.CustomServiceConfigSecrets { - ctrlResult, err = r.getSecret(ctx, helper, instance, secretName, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, secretName, &configVars) if err != nil { return ctrlResult, err } } - // run check service secrets - end // - // check for required Cinder config maps that should have been created by parent Cinder CR + // check for required Cinder secrets that should have been created by parent Cinder CR // - parentCinderName := cinder.GetOwningCinderName(instance) parentSecrets := []string{ - fmt.Sprintf("%s-scripts", parentCinderName), //ScriptsConfigMap - fmt.Sprintf("%s-config-data", parentCinderName), //ConfigMap + fmt.Sprintf("%s-scripts", parentCinderName), + fmt.Sprintf("%s-config-data", parentCinderName), } for _, parentSecret := range parentSecrets { - ctrlResult, err = r.getSecret(ctx, helper, instance, parentSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, parentSecret, &configVars) if err != nil { return ctrlResult, err } } instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage) - // run check parent Cinder CR config maps - end // - // Create ConfigMaps required as input for the Service and calculate an overall hash of hashes + // Create secrets required as input for the Service and calculate an overall hash of hashes // - serviceLabels := map[string]string{ common.AppSelector: cinder.ServiceName, common.ComponentSelector: cinderbackup.Component, } // - // create custom Configmap for this cinder backup service + // create custom config for this cinder service // - err = r.generateServiceConfigMaps(ctx, helper, instance, &configMapVars, serviceLabels) + err = r.generateServiceConfigs(ctx, helper, instance, &configVars, serviceLabels) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -331,13 +324,12 @@ func (r *CinderBackupReconciler) reconcileNormal(ctx context.Context, instance * err.Error())) return ctrl.Result{}, err } - // Create ConfigMaps - end // // create hash over all the different input resources to identify if any those changed // and a restart/recreate is required. // - inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configMapVars) + inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configVars) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -352,7 +344,6 @@ func (r *CinderBackupReconciler) reconcileNormal(ctx context.Context, instance * return ctrl.Result{}, nil } instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage) - // Create ConfigMaps and Secrets - end // // TODO check when/if Init, Update, or Upgrade should/could be skipped @@ -537,9 +528,9 @@ func (r *CinderBackupReconciler) getSecret( return ctrl.Result{}, nil } -// generateServiceConfigMaps - create custom configmap to hold service-specific config +// generateServiceConfigs - create Secret which holds the service configuration // TODO add DefaultConfigOverwrite -func (r *CinderBackupReconciler) generateServiceConfigMaps( +func (r *CinderBackupReconciler) generateServiceConfigs( ctx context.Context, h *helper.Helper, instance *cinderv1beta1.CinderBackup, @@ -547,11 +538,11 @@ func (r *CinderBackupReconciler) generateServiceConfigMaps( serviceLabels map[string]string, ) error { // - // create custom Configmap for cinder-backup-specific config input - // - %-config-data configmap holding custom config for the service's cinder.conf + // create custom Secret for cinder service-specific config input + // - %-config-data holds custom config for the service // - cmLabels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) + labels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) // customData hold any customization for the service. customData := map[string]string{cinder.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig} @@ -585,19 +576,18 @@ func (r *CinderBackupReconciler) generateServiceConfigMaps( } customData[cinder.CustomServiceConfigSecretsFileName] = customSecrets - cms := []util.Template{ - // Custom ConfigMap + configTemplates := []util.Template{ { Name: fmt.Sprintf("%s-config-data", instance.Name), Namespace: instance.Namespace, Type: util.TemplateTypeConfig, InstanceType: instance.Kind, CustomData: customData, - Labels: cmLabels, + Labels: labels, }, } - return secret.EnsureSecrets(ctx, h, instance, cms, envVars) + return secret.EnsureSecrets(ctx, h, instance, configTemplates, envVars) } // createHashOfInputHashes - creates a hash of hashes which gets added to the resources which requires a restart diff --git a/controllers/cinderscheduler_controller.go b/controllers/cinderscheduler_controller.go index 26ad96ba..1f5b88a3 100644 --- a/controllers/cinderscheduler_controller.go +++ b/controllers/cinderscheduler_controller.go @@ -80,7 +80,6 @@ type CinderSchedulerReconciler struct { //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderschedulers,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderschedulers/status,verbs=get;update;patch //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cinderschedulers/finalizers,verbs=update -// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; // +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;create;update;patch;delete;watch @@ -258,70 +257,63 @@ func (r *CinderSchedulerReconciler) reconcileInit( func (r *CinderSchedulerReconciler) reconcileNormal(ctx context.Context, instance *cinderv1beta1.CinderScheduler, helper *helper.Helper) (ctrl.Result, error) { r.Log.Info(fmt.Sprintf("Reconciling Service '%s'", instance.Name)) - // ConfigMap - configMapVars := make(map[string]env.Setter) + configVars := make(map[string]env.Setter) // // check for required OpenStack secret holding passwords for service/admin user and add hash to the vars map // - ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configMapVars) + ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configVars) if err != nil { return ctrlResult, err } - // run check OpenStack secret - end // // check for required TransportURL secret holding transport URL string // - ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Spec.TransportURLSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Spec.TransportURLSecret, &configVars) if err != nil { return ctrlResult, err } - // run check TransportURL secret - end // // check for required service secrets // for _, secretName := range instance.Spec.CustomServiceConfigSecrets { - ctrlResult, err = r.getSecret(ctx, helper, instance, secretName, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, secretName, &configVars) if err != nil { return ctrlResult, err } } - // run check service secrets - end // - // check for required Cinder config maps that should have been created by parent Cinder CR + // check for required Cinder secrets that should have been created by parent Cinder CR // - parentCinderName := cinder.GetOwningCinderName(instance) parentSecrets := []string{ - fmt.Sprintf("%s-scripts", parentCinderName), //ScriptsConfigMap - fmt.Sprintf("%s-config-data", parentCinderName), //ConfigMap + fmt.Sprintf("%s-scripts", parentCinderName), + fmt.Sprintf("%s-config-data", parentCinderName), } for _, parentSecret := range parentSecrets { - ctrlResult, err = r.getSecret(ctx, helper, instance, parentSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, parentSecret, &configVars) if err != nil { return ctrlResult, err } } instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage) - // run check parent Cinder CR config maps - end // // Create ConfigMaps required as input for the Service and calculate an overall hash of hashes // - serviceLabels := map[string]string{ common.AppSelector: cinder.ServiceName, common.ComponentSelector: cinderscheduler.Component, } // - // create custom Configmap for this cinder scheduler service + // create custom config for this cinder service // - err = r.generateServiceConfigMaps(ctx, helper, instance, &configMapVars, serviceLabels) + err = r.generateServiceConfigs(ctx, helper, instance, &configVars, serviceLabels) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -331,13 +323,12 @@ func (r *CinderSchedulerReconciler) reconcileNormal(ctx context.Context, instanc err.Error())) return ctrl.Result{}, err } - // Create ConfigMaps - end // // create hash over all the different input resources to identify if any those changed // and a restart/recreate is required. // - inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configMapVars) + inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configVars) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -352,7 +343,6 @@ func (r *CinderSchedulerReconciler) reconcileNormal(ctx context.Context, instanc return ctrl.Result{}, nil } instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage) - // Create ConfigMaps and Secrets - end // // TODO check when/if Init, Update, or Upgrade should/could be skipped @@ -537,9 +527,9 @@ func (r *CinderSchedulerReconciler) getSecret( return ctrl.Result{}, nil } -// generateServiceConfigMaps - create custom configmap to hold service-specific config +// generateServiceConfigs - create Secret which holds the service configuration // TODO add DefaultConfigOverwrite -func (r *CinderSchedulerReconciler) generateServiceConfigMaps( +func (r *CinderSchedulerReconciler) generateServiceConfigs( ctx context.Context, h *helper.Helper, instance *cinderv1beta1.CinderScheduler, @@ -547,11 +537,11 @@ func (r *CinderSchedulerReconciler) generateServiceConfigMaps( serviceLabels map[string]string, ) error { // - // create custom Configmap for cinder-scheduler-specific config input - // - %-config-data configmap holding custom config for the service's cinder.conf + // create custom Secret for cinder service-specific config input + // - %-config-data holds custom config for the service // - cmLabels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) + labels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) // customData hold any customization for the service. customData := map[string]string{cinder.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig} @@ -585,19 +575,18 @@ func (r *CinderSchedulerReconciler) generateServiceConfigMaps( } customData[cinder.CustomServiceConfigSecretsFileName] = customSecrets - cms := []util.Template{ - // Custom ConfigMap + configTemplates := []util.Template{ { Name: fmt.Sprintf("%s-config-data", instance.Name), Namespace: instance.Namespace, Type: util.TemplateTypeConfig, InstanceType: instance.Kind, CustomData: customData, - Labels: cmLabels, + Labels: labels, }, } - return secret.EnsureSecrets(ctx, h, instance, cms, envVars) + return secret.EnsureSecrets(ctx, h, instance, configTemplates, envVars) } // createHashOfInputHashes - creates a hash of hashes which gets added to the resources which requires a restart diff --git a/controllers/cindervolume_controller.go b/controllers/cindervolume_controller.go index c4d93f39..c49a81e9 100644 --- a/controllers/cindervolume_controller.go +++ b/controllers/cindervolume_controller.go @@ -81,7 +81,6 @@ type CinderVolumeReconciler struct { //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cindervolumes,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cindervolumes/status,verbs=get;update;patch //+kubebuilder:rbac:groups=cinder.openstack.org,resources=cindervolumes/finalizers,verbs=update -// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; // +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;create;update;patch;delete;watch @@ -260,61 +259,54 @@ func (r *CinderVolumeReconciler) reconcileInit( func (r *CinderVolumeReconciler) reconcileNormal(ctx context.Context, instance *cinderv1beta1.CinderVolume, helper *helper.Helper) (ctrl.Result, error) { r.Log.Info(fmt.Sprintf("Reconciling Service '%s'", instance.Name)) - // ConfigMap - configMapVars := make(map[string]env.Setter) + configVars := make(map[string]env.Setter) // // check for required OpenStack secret holding passwords for service/admin user and add hash to the vars map // - ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configMapVars) + ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configVars) if err != nil { return ctrlResult, err } - // run check OpenStack secret - end // // check for required TransportURL secret holding transport URL string // - ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Spec.TransportURLSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Spec.TransportURLSecret, &configVars) if err != nil { return ctrlResult, err } - // run check TransportURL secret - end // // check for required service secrets // for _, secretName := range instance.Spec.CustomServiceConfigSecrets { - ctrlResult, err = r.getSecret(ctx, helper, instance, secretName, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, secretName, &configVars) if err != nil { return ctrlResult, err } } - // run check service secrets - end // - // check for required Cinder config maps that should have been created by parent Cinder CR + // check for required Cinder secrets that should have been created by parent Cinder CR // - parentCinderName := cinder.GetOwningCinderName(instance) parentSecrets := []string{ - fmt.Sprintf("%s-scripts", parentCinderName), //ScriptsConfigMap - fmt.Sprintf("%s-config-data", parentCinderName), //ConfigMap + fmt.Sprintf("%s-scripts", parentCinderName), + fmt.Sprintf("%s-config-data", parentCinderName), } for _, parentSecret := range parentSecrets { - ctrlResult, err = r.getSecret(ctx, helper, instance, parentSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, parentSecret, &configVars) if err != nil { return ctrlResult, err } } instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage) - // run check parent Cinder CR config maps - end // - // Create ConfigMaps required as input for the Service and calculate an overall hash of hashes + // Create secrets required as input for the Service and calculate an overall hash of hashes // - serviceLabels := map[string]string{ common.AppSelector: cinder.ServiceName, common.ComponentSelector: cindervolume.Component, @@ -323,7 +315,7 @@ func (r *CinderVolumeReconciler) reconcileNormal(ctx context.Context, instance * // // create custom Configmap for this cinder volume service // - err = r.generateServiceConfigMaps(ctx, helper, instance, &configMapVars, serviceLabels) + err = r.generateServiceConfigs(ctx, helper, instance, &configVars, serviceLabels) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -333,13 +325,12 @@ func (r *CinderVolumeReconciler) reconcileNormal(ctx context.Context, instance * err.Error())) return ctrl.Result{}, err } - // Create ConfigMaps - end // // create hash over all the different input resources to identify if any those changed // and a restart/recreate is required. // - inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configMapVars) + inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configVars) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -354,7 +345,6 @@ func (r *CinderVolumeReconciler) reconcileNormal(ctx context.Context, instance * return ctrl.Result{}, nil } instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage) - // Create ConfigMaps and Secrets - end // // TODO check when/if Init, Update, or Upgrade should/could be skipped @@ -539,9 +529,9 @@ func (r *CinderVolumeReconciler) getSecret( return ctrl.Result{}, nil } -// generateServiceConfigMaps - create custom configmap to hold service-specific config +// generateServiceConfigs - create Secret which holds the service configuration // TODO add DefaultConfigOverwrite -func (r *CinderVolumeReconciler) generateServiceConfigMaps( +func (r *CinderVolumeReconciler) generateServiceConfigs( ctx context.Context, h *helper.Helper, instance *cinderv1beta1.CinderVolume, @@ -549,11 +539,11 @@ func (r *CinderVolumeReconciler) generateServiceConfigMaps( serviceLabels map[string]string, ) error { // - // create custom Configmap for cinder-volume-specific config input - // - %-config-data configmap holding custom config for the service's cinder.conf + // create custom Secret for cinder service-specific config input + // - %-config-data holds custom config for the service // - cmLabels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) + labels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) // customData hold any customization for the service. customData := map[string]string{cinder.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig} @@ -589,19 +579,18 @@ func (r *CinderVolumeReconciler) generateServiceConfigMaps( } customData[cinder.CustomServiceConfigSecretsFileName] = customSecrets - cms := []util.Template{ - // Custom ConfigMap + configTemplates := []util.Template{ { Name: fmt.Sprintf("%s-config-data", instance.Name), Namespace: instance.Namespace, Type: util.TemplateTypeConfig, InstanceType: instance.Kind, CustomData: customData, - Labels: cmLabels, + Labels: labels, }, } - return secret.EnsureSecrets(ctx, h, instance, cms, envVars) + return secret.EnsureSecrets(ctx, h, instance, configTemplates, envVars) } // createHashOfInputHashes - creates a hash of hashes which gets added to the resources which requires a restart