From 968a83a0ade54d31c6e5baeb663800ac66807880 Mon Sep 17 00:00:00 2001
From: Luca Miccini <lmiccini@redhat.com>
Date: Sun, 8 Sep 2024 09:05:37 +0200
Subject: [PATCH] Watch tls certs for redis and memcached

By adding the hash of the certificate to the statefulset we react
to certificate changes.

Let's also take the chance to remove pkg/redis/deployment (unused).
---
 controllers/memcached/memcached_controller.go |  2 +-
 controllers/redis/redis_controller.go         |  2 +-
 pkg/memcached/statefulset.go                  |  8 +-
 pkg/redis/deployment.go                       | 73 -------------------
 pkg/redis/statefulset.go                      |  8 +-
 5 files changed, 16 insertions(+), 77 deletions(-)
 delete mode 100644 pkg/redis/deployment.go

diff --git a/controllers/memcached/memcached_controller.go b/controllers/memcached/memcached_controller.go
index 2761ad71..39018d73 100644
--- a/controllers/memcached/memcached_controller.go
+++ b/controllers/memcached/memcached_controller.go
@@ -342,7 +342,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (result ct
 	instance.Status.Conditions.MarkTrue(condition.ExposeServiceReadyCondition, condition.ExposeServiceReadyMessage)
 
 	// Statefulset for stable names
-	commonstatefulset := commonstatefulset.NewStatefulSet(memcached.StatefulSet(instance), time.Duration(5)*time.Second)
+	commonstatefulset := commonstatefulset.NewStatefulSet(memcached.StatefulSet(instance, hashOfHashes), time.Duration(5)*time.Second)
 	sfres, sferr := commonstatefulset.CreateOrPatch(ctx, helper)
 	if sferr != nil {
 		return sfres, sferr
diff --git a/controllers/redis/redis_controller.go b/controllers/redis/redis_controller.go
index 0d76c99e..f69e3122 100644
--- a/controllers/redis/redis_controller.go
+++ b/controllers/redis/redis_controller.go
@@ -355,7 +355,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (result ct
 	//
 
 	// Statefulset
-	commonstatefulset := commonstatefulset.NewStatefulSet(redis.StatefulSet(instance), 5)
+	commonstatefulset := commonstatefulset.NewStatefulSet(redis.StatefulSet(instance, hashOfHashes), 5)
 	sfres, sferr := commonstatefulset.CreateOrPatch(ctx, helper)
 	if sferr != nil {
 		return sfres, sferr
diff --git a/pkg/memcached/statefulset.go b/pkg/memcached/statefulset.go
index 4dbb2f59..7635cb24 100644
--- a/pkg/memcached/statefulset.go
+++ b/pkg/memcached/statefulset.go
@@ -12,7 +12,10 @@ import (
 )
 
 // StatefulSet returns a Stateful resource for the Memcached CR
-func StatefulSet(m *memcachedv1.Memcached) *appsv1.StatefulSet {
+func StatefulSet(
+	m *memcachedv1.Memcached,
+	configHash string,
+) *appsv1.StatefulSet {
 	matchls := map[string]string{
 		common.AppSelector:   m.Name,
 		"cr":                 m.Name,
@@ -75,6 +78,9 @@ func StatefulSet(m *memcachedv1.Memcached) *appsv1.StatefulSet {
 									FieldPath: "status.podIPs",
 								},
 							},
+						}, {
+							Name:  "CONFIG_HASH",
+							Value: configHash,
 						},
 						},
 						VolumeMounts: getVolumeMounts(m),
diff --git a/pkg/redis/deployment.go b/pkg/redis/deployment.go
deleted file mode 100644
index b4a9d73a..00000000
--- a/pkg/redis/deployment.go
+++ /dev/null
@@ -1,73 +0,0 @@
-package redis
-
-import (
-	redisv1 "github.com/openstack-k8s-operators/infra-operator/apis/redis/v1beta1"
-	labels "github.com/openstack-k8s-operators/lib-common/modules/common/labels"
-	appsv1 "k8s.io/api/apps/v1"
-	corev1 "k8s.io/api/core/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/util/intstr"
-)
-
-// Deployment returns a Deployment resource for the Redis CR
-func Deployment(r *redisv1.Redis) *appsv1.Deployment {
-	matchls := map[string]string{
-		"app":   "redis",
-		"cr":    "redis-" + r.Name,
-		"owner": "infra-operator",
-	}
-	ls := labels.GetLabels(r, "redis", matchls)
-
-	livenessProbe := &corev1.Probe{
-		// TODO might need tuning
-		TimeoutSeconds:      5,
-		PeriodSeconds:       3,
-		InitialDelaySeconds: 3,
-	}
-	readinessProbe := &corev1.Probe{
-		// TODO might need tuning
-		TimeoutSeconds:      5,
-		PeriodSeconds:       5,
-		InitialDelaySeconds: 5,
-	}
-
-	livenessProbe.TCPSocket = &corev1.TCPSocketAction{
-		Port: intstr.IntOrString{Type: intstr.Int, IntVal: int32(6379)},
-	}
-	readinessProbe.TCPSocket = &corev1.TCPSocketAction{
-		Port: intstr.IntOrString{Type: intstr.Int, IntVal: int32(6379)},
-	}
-
-	deployment := &appsv1.Deployment{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      r.Name,
-			Namespace: r.Namespace,
-		},
-		Spec: appsv1.DeploymentSpec{
-			Replicas: r.Spec.Replicas,
-			Selector: &metav1.LabelSelector{
-				MatchLabels: matchls,
-			},
-			Template: corev1.PodTemplateSpec{
-				ObjectMeta: metav1.ObjectMeta{
-					Labels: ls,
-				},
-				Spec: corev1.PodSpec{
-					ServiceAccountName: r.RbacResourceName(),
-					Containers: []corev1.Container{{
-						Image: r.Spec.ContainerImage,
-						Name:  "redis",
-						Ports: []corev1.ContainerPort{{
-							ContainerPort: 6379,
-							Name:          "redis",
-						}},
-						ReadinessProbe: readinessProbe,
-						LivenessProbe:  livenessProbe,
-					}},
-				},
-			},
-		},
-	}
-
-	return deployment
-}
diff --git a/pkg/redis/statefulset.go b/pkg/redis/statefulset.go
index 99bf4b64..1a99349f 100644
--- a/pkg/redis/statefulset.go
+++ b/pkg/redis/statefulset.go
@@ -13,7 +13,10 @@ import (
 )
 
 // Deployment returns a Deployment resource for the Redis CR
-func StatefulSet(r *redisv1.Redis) *appsv1.StatefulSet {
+func StatefulSet(
+	r *redisv1.Redis,
+	configHash string,
+) *appsv1.StatefulSet {
 	matchls := map[string]string{
 		common.AppSelector:   "redis",
 		common.OwnerSelector: r.Name,
@@ -68,6 +71,9 @@ func StatefulSet(r *redisv1.Redis) *appsv1.StatefulSet {
 		// Headless services only publish dns entries that include cluster domain.
 		// For the time being, assume this is .cluster.local
 		Value: name + "." + r.GetNamespace() + ".svc.cluster.local",
+	}, {
+		Name:  "CONFIG_HASH",
+		Value: configHash,
 	}}
 
 	sts := &appsv1.StatefulSet{