diff --git a/api/bases/keystone.openstack.org_keystoneapis.yaml b/api/bases/keystone.openstack.org_keystoneapis.yaml index f7649655..878c12f1 100644 --- a/api/bases/keystone.openstack.org_keystoneapis.yaml +++ b/api/bases/keystone.openstack.org_keystoneapis.yaml @@ -162,6 +162,232 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + route: + description: OverrideSpec configuration for the Route created + to serve traffic to the cluster. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. New labels/annotations + get merged with the ones created by the operator. If a privided + annotation/label is the same as one created by the service + operator, the ones provided via this override will replace + the one from the operator. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: "Spec defines the behavior of a Route. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + \n The spec will be merged using StrategicMergePatch - Provided + parameters will override the ones from the original spec. + - Required parameters of sub structs have to be named. - + For parameters which are list of struct it depends on the + patchStrategy defined on the list https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#notes-on-the-strategic-merge-patch + If `patchStrategy:\"merge\"` is set, src and dst list gets + merged, otherwise they get replaced." + properties: + alternateBackends: + description: alternateBackends allows up to 3 additional + backends to be assigned to the route. Only the Service + kind is allowed, and it will be defaulted to Service. + Use the weight field in RouteTargetReference object + to specify relative preference. + items: + description: TargetReference specifies the target that + resolve into endpoints. Only the 'Service' kind is + allowed. Use 'weight' field to emphasize one over + others. Copy of RouteTargetReference in https://github.com/openshift/api/blob/master/route/v1/types.go, + parameters set to be optional, have omitempty, and + no default. + properties: + kind: + description: The kind of target that the route is + referring to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is + being referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and + 256, default 100, that specifies the target's + relative weight against other target reference + objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + description: host is an alias/DNS that points to the service. + Optional. If not specified a route name will typically + be automatically chosen. Must follow DNS952 subdomain + conventions. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + description: path that the router watches for, to route + traffic for to the service. Optional + pattern: ^/ + type: string + port: + description: If specified, the port to be used by the + router. Most routers will use all endpoints exposed + by the service by default - set this value to instruct + routers which port to use. + properties: + targetPort: + anyOf: + - type: integer + - type: string + description: The target port on pods selected by the + service this route points to. If this is a string, + it will be looked up as a named port in the target + endpoints port list. Required + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + description: "subdomain is a DNS subdomain that is requested + within the ingress controller's domain (as a subdomain). + If host is set this field is ignored. An ingress controller + may choose to ignore this suggested name, in which case + the controller will report the assigned name in the + status.ingress array or refuse to admit the route. If + this value is set and the server does not support this + field host will be populated automatically. Otherwise + host is left empty. The field may have multiple parts + separated by a dot, but not all ingress controllers + may honor the request. This field may not be changed + after creation except by a user with the update routes/custom-host + permission. \n Example: subdomain `frontend` automatically + receives the router subdomain `apps.mycluster.com` to + have a full hostname `frontend.apps.mycluster.com`." + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + description: The tls field provides the ability to configure + certificates and termination for the route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents. + This should be a single serving certificate, not + a certificate chain. Do not include a CA certificate. + type: string + destinationCACertificate: + description: destinationCACertificate provides the + contents of the ca certificate of the final destination. When + using reencrypt termination this file should be + provided in order to have routers use it for health + checks on the secure connection. If this field is + not specified, the router may provide its own destination + CA and perform hostname validation using the short + service name (service.namespace.svc), which allows + infrastructure generated certificates to automatically + verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to + a route. While each router may make its own decisions + on which ports to expose, this is normally port + 80. \n * Allow - traffic is sent to the server on + the insecure port (default) * Disable - no traffic + is allowed on the insecure port. * Redirect - clients + are redirected to the secure port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: "termination indicates termination type. + \n * edge - TLS termination is done by the router + and http is used to communicate with the backend + (default) * passthrough - Traffic is sent straight + to the destination without the router providing + TLS termination * reencrypt - TLS termination is + done by the router and https is used to communicate + with the backend" + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + to: + description: to is an object the route should use as the + primary backend. Only the Service kind is allowed, and + it will be defaulted to Service. If the weight field + (0-256 default 100) is set to zero, no traffic will + be sent to this backend. + properties: + kind: + description: The kind of target that the route is + referring to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being + referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and 256, + default 100, that specifies the target's relative + weight against other target reference objects. 0 + suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + description: Wildcard policy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + type: object passwordSelectors: default: admin: AdminPassword diff --git a/api/go.mod b/api/go.mod index d6ba7e0e..4d72a29c 100644 --- a/api/go.mod +++ b/api/go.mod @@ -16,7 +16,6 @@ require ( github.com/go-logr/zapr v1.2.3 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect - github.com/rogpeppe/go-internal v1.10.0 // indirect go.uber.org/zap v1.24.0 // indirect golang.org/x/tools v0.9.3 // indirect ) @@ -79,3 +78,9 @@ require ( sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) + +// map to latest commit from release-4.13 tag +// must consistent with lib-common +replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230713142642-ad7565492dfa diff --git a/api/go.sum b/api/go.sum index 94604fd2..0d930bd9 100644 --- a/api/go.sum +++ b/api/go.sum @@ -230,10 +230,8 @@ github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc= github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ= -github.com/openshift/api v3.9.0+incompatible h1:fJ/KsefYuZAjmrr3+5U9yZIZbTOpVkDDLDLFresAeYs= -github.com/openshift/api v3.9.0+incompatible/go.mod h1:dh9o4Fs58gpFXGSYfnVxGR9PnV53I8TW84pQaJDdGiY= -github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230619102827-49e72f626a11 h1:Cst9DN3Xb6UzuamSueknPqRQlWLtgip8wMBFMUUcdLQ= -github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230619102827-49e72f626a11/go.mod h1:cAXLyeKp6TiLW8qongnw6WR63Jnsm8CeRC5y07z3TAY= +github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI= +github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.0.0-20230522113906-6f4206cbf317 h1:1gQSTk3ereXLrhb9BhqbYn5kKIemplc8tyzvonXyKGk= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.0.0-20230522113906-6f4206cbf317/go.mod h1:doFbVg0WhS++gy17cbP9/BrCySjCpuqKx7TbvmKPChY= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -271,7 +269,6 @@ github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0ua github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= @@ -293,6 +290,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stuggi/lib-common/modules/common v0.0.0-20230713142642-ad7565492dfa h1:w01lCKtNHOKNuTgQJ1D7zDPeaXcQbux6EQEBgYrmbY0= +github.com/stuggi/lib-common/modules/common v0.0.0-20230713142642-ad7565492dfa/go.mod h1:UTwtKN9s/re95Fh4bLcTWOSj8UK7Hhnmv4o0EzTvDqM= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= diff --git a/api/v1beta1/keystoneapi_types.go b/api/v1beta1/keystoneapi_types.go index 15f44c03..fb0a1dab 100644 --- a/api/v1beta1/keystoneapi_types.go +++ b/api/v1beta1/keystoneapi_types.go @@ -21,6 +21,7 @@ import ( condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" + "github.com/openstack-k8s-operators/lib-common/modules/common/route" "github.com/openstack-k8s-operators/lib-common/modules/common/util" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -152,6 +153,16 @@ type KeystoneAPISpec struct { // +kubebuilder:validation:Optional // ExternalEndpoints, expose a VIP using a pre-created IPAddressPool ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + + // +kubebuilder:validation:Optional + // Override, provides the ability to override the generated manifest of several child resources. + Override KeystoneAPIOverrideSpec `json:"override,omitempty"` +} + +// KeystoneAPIOverrideSpec to override the generated manifest of several child resources. +type KeystoneAPIOverrideSpec struct { + // +kubebuilder:validation:Optional + Route *route.OverrideSpec `json:"route,omitempty"` } // MetalLBConfig to configure the MetalLB loadbalancer service diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index 5daa63c7..a4c4439c 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -23,6 +23,7 @@ package v1beta1 import ( "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + "github.com/openstack-k8s-operators/lib-common/modules/common/route" "k8s.io/apimachinery/pkg/runtime" ) @@ -100,6 +101,26 @@ func (in *KeystoneAPIList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KeystoneAPIOverrideSpec) DeepCopyInto(out *KeystoneAPIOverrideSpec) { + *out = *in + if in.Route != nil { + in, out := &in.Route, &out.Route + *out = new(route.OverrideSpec) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoneAPIOverrideSpec. +func (in *KeystoneAPIOverrideSpec) DeepCopy() *KeystoneAPIOverrideSpec { + if in == nil { + return nil + } + out := new(KeystoneAPIOverrideSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KeystoneAPISpec) DeepCopyInto(out *KeystoneAPISpec) { *out = *in @@ -137,6 +158,7 @@ func (in *KeystoneAPISpec) DeepCopyInto(out *KeystoneAPISpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + in.Override.DeepCopyInto(&out.Override) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeystoneAPISpec. diff --git a/config/crd/bases/keystone.openstack.org_keystoneapis.yaml b/config/crd/bases/keystone.openstack.org_keystoneapis.yaml index f7649655..878c12f1 100644 --- a/config/crd/bases/keystone.openstack.org_keystoneapis.yaml +++ b/config/crd/bases/keystone.openstack.org_keystoneapis.yaml @@ -162,6 +162,232 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + route: + description: OverrideSpec configuration for the Route created + to serve traffic to the cluster. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. New labels/annotations + get merged with the ones created by the operator. If a privided + annotation/label is the same as one created by the service + operator, the ones provided via this override will replace + the one from the operator. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: "Spec defines the behavior of a Route. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + \n The spec will be merged using StrategicMergePatch - Provided + parameters will override the ones from the original spec. + - Required parameters of sub structs have to be named. - + For parameters which are list of struct it depends on the + patchStrategy defined on the list https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#notes-on-the-strategic-merge-patch + If `patchStrategy:\"merge\"` is set, src and dst list gets + merged, otherwise they get replaced." + properties: + alternateBackends: + description: alternateBackends allows up to 3 additional + backends to be assigned to the route. Only the Service + kind is allowed, and it will be defaulted to Service. + Use the weight field in RouteTargetReference object + to specify relative preference. + items: + description: TargetReference specifies the target that + resolve into endpoints. Only the 'Service' kind is + allowed. Use 'weight' field to emphasize one over + others. Copy of RouteTargetReference in https://github.com/openshift/api/blob/master/route/v1/types.go, + parameters set to be optional, have omitempty, and + no default. + properties: + kind: + description: The kind of target that the route is + referring to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is + being referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and + 256, default 100, that specifies the target's + relative weight against other target reference + objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + description: host is an alias/DNS that points to the service. + Optional. If not specified a route name will typically + be automatically chosen. Must follow DNS952 subdomain + conventions. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + description: path that the router watches for, to route + traffic for to the service. Optional + pattern: ^/ + type: string + port: + description: If specified, the port to be used by the + router. Most routers will use all endpoints exposed + by the service by default - set this value to instruct + routers which port to use. + properties: + targetPort: + anyOf: + - type: integer + - type: string + description: The target port on pods selected by the + service this route points to. If this is a string, + it will be looked up as a named port in the target + endpoints port list. Required + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + description: "subdomain is a DNS subdomain that is requested + within the ingress controller's domain (as a subdomain). + If host is set this field is ignored. An ingress controller + may choose to ignore this suggested name, in which case + the controller will report the assigned name in the + status.ingress array or refuse to admit the route. If + this value is set and the server does not support this + field host will be populated automatically. Otherwise + host is left empty. The field may have multiple parts + separated by a dot, but not all ingress controllers + may honor the request. This field may not be changed + after creation except by a user with the update routes/custom-host + permission. \n Example: subdomain `frontend` automatically + receives the router subdomain `apps.mycluster.com` to + have a full hostname `frontend.apps.mycluster.com`." + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + description: The tls field provides the ability to configure + certificates and termination for the route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents. + This should be a single serving certificate, not + a certificate chain. Do not include a CA certificate. + type: string + destinationCACertificate: + description: destinationCACertificate provides the + contents of the ca certificate of the final destination. When + using reencrypt termination this file should be + provided in order to have routers use it for health + checks on the secure connection. If this field is + not specified, the router may provide its own destination + CA and perform hostname validation using the short + service name (service.namespace.svc), which allows + infrastructure generated certificates to automatically + verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to + a route. While each router may make its own decisions + on which ports to expose, this is normally port + 80. \n * Allow - traffic is sent to the server on + the insecure port (default) * Disable - no traffic + is allowed on the insecure port. * Redirect - clients + are redirected to the secure port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: "termination indicates termination type. + \n * edge - TLS termination is done by the router + and http is used to communicate with the backend + (default) * passthrough - Traffic is sent straight + to the destination without the router providing + TLS termination * reencrypt - TLS termination is + done by the router and https is used to communicate + with the backend" + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + to: + description: to is an object the route should use as the + primary backend. Only the Service kind is allowed, and + it will be defaulted to Service. If the weight field + (0-256 default 100) is set to zero, no traffic will + be sent to this backend. + properties: + kind: + description: The kind of target that the route is + referring to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being + referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and 256, + default 100, that specifies the target's relative + weight against other target reference objects. 0 + suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + description: Wildcard policy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + type: object passwordSelectors: default: admin: AdminPassword diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index cb2f5d0a..96e29055 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -244,6 +244,18 @@ rules: - patch - update - watch +- apiGroups: + - route.openshift.io + resources: + - routes/custom-host + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - security.openshift.io resourceNames: diff --git a/controllers/keystoneapi_controller.go b/controllers/keystoneapi_controller.go index d9eabaa2..42b8df97 100644 --- a/controllers/keystoneapi_controller.go +++ b/controllers/keystoneapi_controller.go @@ -100,6 +100,7 @@ type KeystoneAPIReconciler struct { // +kubebuilder:rbac:groups=batch,resources=cronjobs,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=get;list;watch;create;update;patch;delete; +// +kubebuilder:rbac:groups=route.openshift.io,resources=routes/custom-host,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=mariadb.openstack.org,resources=mariadbdatabases,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=memcached.openstack.org,resources=memcacheds,verbs=get;list;watch;update // +kubebuilder:rbac:groups=memcached.openstack.org,resources=memcacheds/finalizers,verbs=update @@ -456,7 +457,8 @@ func (r *KeystoneAPIReconciler) reconcileInit( // var keystonePorts = map[endpoint.Endpoint]endpoint.Data{ endpoint.EndpointPublic: { - Port: keystone.KeystonePublicPort, + Port: keystone.KeystonePublicPort, + RouteOverride: instance.Spec.Override.Route, }, endpoint.EndpointInternal: { Port: keystone.KeystoneInternalPort, diff --git a/go.mod b/go.mod index db02cc2e..3dd13038 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/go-logr/logr v1.2.4 github.com/onsi/ginkgo/v2 v2.11.0 github.com/onsi/gomega v1.27.8 - github.com/openshift/api v3.9.0+incompatible + github.com/openshift/api v3.9.0+incompatible // latest commit from release-4.13 tag github.com/openstack-k8s-operators/infra-operator/apis v0.0.0-20230628130307-16734cb02944 github.com/openstack-k8s-operators/keystone-operator/api v0.0.0-20230519193353-09694c267b18 github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230619102827-49e72f626a11 @@ -86,3 +86,9 @@ require ( ) replace github.com/openstack-k8s-operators/keystone-operator/api => ./api + +// map to latest commit from release-4.13 tag +// must consistent with lib-common +replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230713142642-ad7565492dfa diff --git a/go.sum b/go.sum index f2da6690..2031e1b7 100644 --- a/go.sum +++ b/go.sum @@ -232,12 +232,10 @@ github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc= github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ= -github.com/openshift/api v3.9.0+incompatible h1:fJ/KsefYuZAjmrr3+5U9yZIZbTOpVkDDLDLFresAeYs= -github.com/openshift/api v3.9.0+incompatible/go.mod h1:dh9o4Fs58gpFXGSYfnVxGR9PnV53I8TW84pQaJDdGiY= +github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI= +github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/openstack-k8s-operators/infra-operator/apis v0.0.0-20230628130307-16734cb02944 h1:bDKRzHlPbODo5d+uQu3/KOf3q98/0DzoAMrKu4S+70k= github.com/openstack-k8s-operators/infra-operator/apis v0.0.0-20230628130307-16734cb02944/go.mod h1:uuwrYRvdp5VwsWJpA47MnDT+UQjX1UWixagit7FzwV8= -github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230619102827-49e72f626a11 h1:Cst9DN3Xb6UzuamSueknPqRQlWLtgip8wMBFMUUcdLQ= -github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230619102827-49e72f626a11/go.mod h1:cAXLyeKp6TiLW8qongnw6WR63Jnsm8CeRC5y07z3TAY= github.com/openstack-k8s-operators/lib-common/modules/database v0.0.0-20230522113906-6f4206cbf317 h1:sLXPRm663pf4OtaGltEq3dD+UsY7CLsQx55tPPYPr34= github.com/openstack-k8s-operators/lib-common/modules/database v0.0.0-20230522113906-6f4206cbf317/go.mod h1:XAqqe3VVzpGbo27KXBVaOx0F1WCx0Eo0E6kXCxcaIhU= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.0.0-20230522113906-6f4206cbf317 h1:1gQSTk3ereXLrhb9BhqbYn5kKIemplc8tyzvonXyKGk= @@ -300,6 +298,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stuggi/lib-common/modules/common v0.0.0-20230713142642-ad7565492dfa h1:w01lCKtNHOKNuTgQJ1D7zDPeaXcQbux6EQEBgYrmbY0= +github.com/stuggi/lib-common/modules/common v0.0.0-20230713142642-ad7565492dfa/go.mod h1:UTwtKN9s/re95Fh4bLcTWOSj8UK7Hhnmv4o0EzTvDqM= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=