Skip to content

Commit

Permalink
Merge pull request #618 from stuggi/update_validatecertsecrets
Browse files Browse the repository at this point in the history
Update tls cert secret validation due VerifyCertSecrets() change
  • Loading branch information
openshift-merge-bot[bot] authored Sep 6, 2024
2 parents 3a3f49a + f593cdb commit 0dc1cb4
Show file tree
Hide file tree
Showing 6 changed files with 40 additions and 40 deletions.
3 changes: 1 addition & 2 deletions api/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ go 1.20

require (
github.com/google/go-cmp v0.6.0
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240814075458-0ae9f7f9e059
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6
github.com/openstack-k8s-operators/lib-common/modules/storage v0.4.1-0.20240814075458-0ae9f7f9e059
k8s.io/api v0.28.13
k8s.io/apimachinery v0.28.13
Expand Down Expand Up @@ -36,7 +36,6 @@ require (
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/onsi/ginkgo/v2 v2.20.1 // indirect
github.com/openshift/api v3.9.0+incompatible // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/prometheus/client_golang v1.18.0 // indirect
Expand Down
5 changes: 2 additions & 3 deletions api/go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -64,12 +64,11 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjY
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/onsi/ginkgo/v2 v2.20.1 h1:YlVIbqct+ZmnEph770q9Q7NVAz4wwIiVNahee6JyUzo=
github.com/onsi/ginkgo/v2 v2.20.1/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI=
github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI=
github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4=
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240814075458-0ae9f7f9e059 h1:AQi/mrFBLRnus+lie6GDUokC7qT0y4OpiIkT4WRmpy4=
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240814075458-0ae9f7f9e059/go.mod h1:68390qkx7+crmuqpbkTE/Am48nzO98Y9LdPT5XwOv30=
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6 h1:VSbVNzUa41hybq/lZi0L8bNv/yzYyNylc8yKSEO+ZCA=
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6/go.mod h1:6zxa5xg9uvpObVKFSJa/SA+vDDlgh0Q1aswxDB2XbxU=
github.com/openstack-k8s-operators/lib-common/modules/storage v0.4.1-0.20240814075458-0ae9f7f9e059 h1:HzvUWSO61v7RvJsteIAdyTycMIIJpr0Kk6FER6d1XAE=
github.com/openstack-k8s-operators/lib-common/modules/storage v0.4.1-0.20240814075458-0ae9f7f9e059/go.mod h1:u8JnCwm6XfPaJJrtOJFNDGI30AohRMY1gGau9m2Ruzg=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
Expand Down
44 changes: 21 additions & 23 deletions controllers/glanceapi_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -691,7 +691,7 @@ func (r *GlanceAPIReconciler) reconcileNormal(
//
// Validate the CA cert secret if provided
if instance.Spec.TLS.CaBundleSecretName != "" {
hash, ctrlResult, err := tls.ValidateCACertSecret(
hash, err := tls.ValidateCACertSecret(
ctx,
helper.GetClient(),
types.NamespacedName{
Expand All @@ -700,55 +700,53 @@ func (r *GlanceAPIReconciler) reconcileNormal(
},
)
if err != nil {
if k8s_errors.IsNotFound(err) {
instance.Status.Conditions.Set(condition.FalseCondition(
condition.TLSInputReadyCondition,
condition.RequestedReason,
condition.SeverityInfo,
fmt.Sprintf(condition.TLSInputReadyWaitingMessage, instance.Spec.TLS.CaBundleSecretName)))
return ctrl.Result{}, nil
}
instance.Status.Conditions.Set(condition.FalseCondition(
condition.TLSInputReadyCondition,
condition.ErrorReason,
condition.SeverityWarning,
condition.TLSInputErrorMessage,
err.Error()))
return ctrlResult, err
} else if (ctrlResult != ctrl.Result{}) {
// Marking the condition as Unknown because we are not returining
// an err, but comparing the ctrlResult: this represents an in
// progress operation rather than something that failed
instance.Status.Conditions.MarkUnknown(
condition.TLSInputReadyCondition,
condition.RequestedReason,
condition.InputReadyWaitingMessage)
return ctrlResult, nil
return ctrl.Result{}, err
}
if hash != "" {
configVars[tls.CABundleKey] = env.SetValue(hash)
}
}

// Validate API service certs secrets
certsHash, ctrlResult, err := instance.Spec.TLS.API.ValidateCertSecrets(ctx, helper, instance.Namespace)
certsHash, err := instance.Spec.TLS.API.ValidateCertSecrets(ctx, helper, instance.Namespace)
if err != nil {
if k8s_errors.IsNotFound(err) {
instance.Status.Conditions.Set(condition.FalseCondition(
condition.TLSInputReadyCondition,
condition.RequestedReason,
condition.SeverityInfo,
fmt.Sprintf(condition.TLSInputReadyWaitingMessage, err.Error())))
return ctrl.Result{}, nil
}
instance.Status.Conditions.Set(condition.FalseCondition(
condition.TLSInputReadyCondition,
condition.ErrorReason,
condition.SeverityWarning,
condition.TLSInputErrorMessage,
err.Error()))
return ctrlResult, err
} else if (ctrlResult != ctrl.Result{}) {
// Marking the condition as Unknown because we are not returining
// an err, but comparing the ctrlResult: this represents an in
// progress operation rather than something that failed
instance.Status.Conditions.MarkUnknown(
condition.TLSInputReadyCondition,
condition.RequestedReason,
condition.InputReadyWaitingMessage)
return ctrlResult, nil
return ctrl.Result{}, err
}
configVars[tls.TLSHashName] = env.SetValue(certsHash)
// all cert input checks out so report InputReady
instance.Status.Conditions.MarkTrue(condition.TLSInputReadyCondition, condition.InputReadyMessage)

var serviceAnnotations map[string]string
// networks to attach to
serviceAnnotations, ctrlResult, err = ensureNAD(ctx, &instance.Status.Conditions, instance.Spec.NetworkAttachments, helper)
serviceAnnotations, ctrlResult, err := ensureNAD(ctx, &instance.Status.Conditions, instance.Spec.NetworkAttachments, helper)
if err != nil {
instance.Status.Conditions.MarkFalse(
condition.NetworkAttachmentsReadyCondition,
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ require (
github.com/openstack-k8s-operators/glance-operator/api v0.0.0-00010101000000-000000000000
github.com/openstack-k8s-operators/infra-operator/apis v0.4.1-0.20240813061654-72bf12d9b73e
github.com/openstack-k8s-operators/keystone-operator/api v0.4.1-0.20240812074544-7379da550fef
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240814075458-0ae9f7f9e059
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6
github.com/openstack-k8s-operators/lib-common/modules/openstack v0.4.1-0.20240814075458-0ae9f7f9e059
github.com/openstack-k8s-operators/lib-common/modules/storage v0.4.1-0.20240814075458-0ae9f7f9e059
github.com/openstack-k8s-operators/lib-common/modules/test v0.4.1-0.20240814075458-0ae9f7f9e059
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -80,8 +80,8 @@ github.com/openstack-k8s-operators/infra-operator/apis v0.4.1-0.20240813061654-7
github.com/openstack-k8s-operators/infra-operator/apis v0.4.1-0.20240813061654-72bf12d9b73e/go.mod h1:0DYz6gT2jQtQe4HvtVHB//41PpyTSpWpzcFrdxn1eww=
github.com/openstack-k8s-operators/keystone-operator/api v0.4.1-0.20240812074544-7379da550fef h1:DYmNZLkoYeT2NOoMN9XPiZS25EMXru6vMNZwwnEW5Og=
github.com/openstack-k8s-operators/keystone-operator/api v0.4.1-0.20240812074544-7379da550fef/go.mod h1:MkvxXyvpUhfeKy4QDmzPMn6YH5eRu24uOgpLo9SBlwc=
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240814075458-0ae9f7f9e059 h1:AQi/mrFBLRnus+lie6GDUokC7qT0y4OpiIkT4WRmpy4=
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240814075458-0ae9f7f9e059/go.mod h1:68390qkx7+crmuqpbkTE/Am48nzO98Y9LdPT5XwOv30=
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6 h1:VSbVNzUa41hybq/lZi0L8bNv/yzYyNylc8yKSEO+ZCA=
github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6/go.mod h1:6zxa5xg9uvpObVKFSJa/SA+vDDlgh0Q1aswxDB2XbxU=
github.com/openstack-k8s-operators/lib-common/modules/openstack v0.4.1-0.20240814075458-0ae9f7f9e059 h1:Ol1P8vPxIHWzTaL6RfENRiAxp2XrMQUYtnP5Ceek53A=
github.com/openstack-k8s-operators/lib-common/modules/openstack v0.4.1-0.20240814075458-0ae9f7f9e059/go.mod h1:CfMx4bwBVQEYMRt2dIcyqJjR3ToZxFEOPS+0Uy2Mm68=
github.com/openstack-k8s-operators/lib-common/modules/storage v0.4.1-0.20240814075458-0ae9f7f9e059 h1:HzvUWSO61v7RvJsteIAdyTycMIIJpr0Kk6FER6d1XAE=
Expand Down
22 changes: 13 additions & 9 deletions test/functional/glanceapi_controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ limitations under the License.
package functional

import (
"fmt"

. "github.com/onsi/ginkgo/v2" //revive:disable:dot-imports
. "github.com/onsi/gomega" //revive:disable:dot-imports
memcachedv1 "github.com/openstack-k8s-operators/infra-operator/apis/memcached/v1beta1"
Expand Down Expand Up @@ -761,15 +763,15 @@ var _ = Describe("Glanceapi controller", func() {
glanceTest.GlanceSingle,
ConditionGetterFunc(GlanceAPIConditionGetter),
condition.TLSInputReadyCondition,
corev1.ConditionUnknown,
corev1.ConditionFalse,
condition.RequestedReason,
condition.InputReadyWaitingMessage,
fmt.Sprintf("TLSInput is missing: %s", CABundleSecretName),
)
th.ExpectCondition(
glanceTest.GlanceSingle,
ConditionGetterFunc(GlanceAPIConditionGetter),
condition.ReadyCondition,
corev1.ConditionUnknown,
corev1.ConditionFalse,
)
})

Expand All @@ -779,15 +781,16 @@ var _ = Describe("Glanceapi controller", func() {
glanceTest.GlanceSingle,
ConditionGetterFunc(GlanceAPIConditionGetter),
condition.TLSInputReadyCondition,
corev1.ConditionUnknown,
corev1.ConditionFalse,
condition.RequestedReason,
condition.InputReadyWaitingMessage,
fmt.Sprintf("TLSInput is missing: secrets \"%s in namespace %s\" not found",
glanceTest.InternalCertSecret.Name, glanceTest.InternalCertSecret.Namespace),
)
th.ExpectCondition(
glanceTest.GlanceSingle,
ConditionGetterFunc(GlanceAPIConditionGetter),
condition.ReadyCondition,
corev1.ConditionUnknown,
corev1.ConditionFalse,
)
})

Expand All @@ -798,15 +801,16 @@ var _ = Describe("Glanceapi controller", func() {
glanceTest.GlanceSingle,
ConditionGetterFunc(GlanceAPIConditionGetter),
condition.TLSInputReadyCondition,
corev1.ConditionUnknown,
corev1.ConditionFalse,
condition.RequestedReason,
condition.InputReadyWaitingMessage,
fmt.Sprintf("TLSInput is missing: secrets \"%s in namespace %s\" not found",
glanceTest.PublicCertSecret.Name, glanceTest.PublicCertSecret.Namespace),
)
th.ExpectCondition(
glanceTest.GlanceSingle,
ConditionGetterFunc(GlanceAPIConditionGetter),
condition.ReadyCondition,
corev1.ConditionUnknown,
corev1.ConditionFalse,
)
})

Expand Down

0 comments on commit 0dc1cb4

Please sign in to comment.