From 7e52613a32136f51bae51af4d152f6cd867479e9 Mon Sep 17 00:00:00 2001 From: Martin Schuppert Date: Fri, 14 Jul 2023 14:17:22 +0200 Subject: [PATCH] Allow customize route via spec.Override.Route Allows to customize the service route vie the `spec.Override.Route`. This allows e.g. to add custom labels, configure the route via annotations as in [1], or set TLS parameters. ~~~ apiVersion: keystone.openstack.org/v1beta1 kind: KeystoneAPI metadata: name: keystone namespace: openstack spec: ... override: routeOverride: metadata: annotations: haproxy.router.openshift.io/timeout: "60" labels: mylabel: boo ~~~ [1] https://docs.openshift.com/container-platform/4.13/networking/routes/route-configuration.html#nw-route-specific-annotations_route-configuration Depends-On: https://github.com/openstack-k8s-operators/lib-common/pull/293 Jira: OSP-21715 Jira: OSP-26299 --- ...placement.openstack.org_placementapis.yaml | 226 ++++++++++++++++++ api/go.mod | 6 + api/go.sum | 8 +- api/v1beta1/placementapi_types.go | 11 + api/v1beta1/zz_generated.deepcopy.go | 22 ++ ...placement.openstack.org_placementapis.yaml | 226 ++++++++++++++++++ config/rbac/role.yaml | 12 + controllers/placementapi_controller.go | 6 +- go.mod | 6 + go.sum | 8 +- 10 files changed, 522 insertions(+), 9 deletions(-) diff --git a/api/bases/placement.openstack.org_placementapis.yaml b/api/bases/placement.openstack.org_placementapis.yaml index 03948b96..c1ad679c 100644 --- a/api/bases/placement.openstack.org_placementapis.yaml +++ b/api/bases/placement.openstack.org_placementapis.yaml @@ -146,6 +146,232 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + route: + description: OverrideSpec configuration for the Route created + to serve traffic to the cluster. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. New labels/annotations + get merged with the ones created by the operator. If a privided + annotation/label is the same as one created by the service + operator, the ones provided via this override will replace + the one from the operator. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: "Spec defines the behavior of a Route. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + \n The spec will be merged using StrategicMergePatch - Provided + parameters will override the ones from the original spec. + - Required parameters of sub structs have to be named. - + For parameters which are list of struct it depends on the + patchStrategy defined on the list https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#notes-on-the-strategic-merge-patch + If `patchStrategy:\"merge\"` is set, src and dst list gets + merged, otherwise they get replaced." + properties: + alternateBackends: + description: alternateBackends allows up to 3 additional + backends to be assigned to the route. Only the Service + kind is allowed, and it will be defaulted to Service. + Use the weight field in RouteTargetReference object + to specify relative preference. + items: + description: TargetReference specifies the target that + resolve into endpoints. Only the 'Service' kind is + allowed. Use 'weight' field to emphasize one over + others. Copy of RouteTargetReference in https://github.com/openshift/api/blob/master/route/v1/types.go, + parameters set to be optional, have omitempty, and + no default. + properties: + kind: + description: The kind of target that the route is + referring to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is + being referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and + 256, default 100, that specifies the target's + relative weight against other target reference + objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + description: host is an alias/DNS that points to the service. + Optional. If not specified a route name will typically + be automatically chosen. Must follow DNS952 subdomain + conventions. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + description: path that the router watches for, to route + traffic for to the service. Optional + pattern: ^/ + type: string + port: + description: If specified, the port to be used by the + router. Most routers will use all endpoints exposed + by the service by default - set this value to instruct + routers which port to use. + properties: + targetPort: + anyOf: + - type: integer + - type: string + description: The target port on pods selected by the + service this route points to. If this is a string, + it will be looked up as a named port in the target + endpoints port list. Required + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + description: "subdomain is a DNS subdomain that is requested + within the ingress controller's domain (as a subdomain). + If host is set this field is ignored. An ingress controller + may choose to ignore this suggested name, in which case + the controller will report the assigned name in the + status.ingress array or refuse to admit the route. If + this value is set and the server does not support this + field host will be populated automatically. Otherwise + host is left empty. The field may have multiple parts + separated by a dot, but not all ingress controllers + may honor the request. This field may not be changed + after creation except by a user with the update routes/custom-host + permission. \n Example: subdomain `frontend` automatically + receives the router subdomain `apps.mycluster.com` to + have a full hostname `frontend.apps.mycluster.com`." + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + description: The tls field provides the ability to configure + certificates and termination for the route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents. + This should be a single serving certificate, not + a certificate chain. Do not include a CA certificate. + type: string + destinationCACertificate: + description: destinationCACertificate provides the + contents of the ca certificate of the final destination. When + using reencrypt termination this file should be + provided in order to have routers use it for health + checks on the secure connection. If this field is + not specified, the router may provide its own destination + CA and perform hostname validation using the short + service name (service.namespace.svc), which allows + infrastructure generated certificates to automatically + verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to + a route. While each router may make its own decisions + on which ports to expose, this is normally port + 80. \n * Allow - traffic is sent to the server on + the insecure port (default) * Disable - no traffic + is allowed on the insecure port. * Redirect - clients + are redirected to the secure port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: "termination indicates termination type. + \n * edge - TLS termination is done by the router + and http is used to communicate with the backend + (default) * passthrough - Traffic is sent straight + to the destination without the router providing + TLS termination * reencrypt - TLS termination is + done by the router and https is used to communicate + with the backend" + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + to: + description: to is an object the route should use as the + primary backend. Only the Service kind is allowed, and + it will be defaulted to Service. If the weight field + (0-256 default 100) is set to zero, no traffic will + be sent to this backend. + properties: + kind: + description: The kind of target that the route is + referring to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being + referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and 256, + default 100, that specifies the target's relative + weight against other target reference objects. 0 + suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + description: Wildcard policy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + type: object passwordSelectors: default: database: PlacementDatabasePassword diff --git a/api/go.mod b/api/go.mod index d29a4ab2..5a878baa 100644 --- a/api/go.mod +++ b/api/go.mod @@ -66,3 +66,9 @@ require ( sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) + +// map to latest commit from release-4.13 tag +// must consistent with lib-common +replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230714102603-ed87be4f924e diff --git a/api/go.sum b/api/go.sum index 25fefb14..d940cee4 100644 --- a/api/go.sum +++ b/api/go.sum @@ -221,10 +221,8 @@ github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc= github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ= -github.com/openshift/api v3.9.0+incompatible h1:fJ/KsefYuZAjmrr3+5U9yZIZbTOpVkDDLDLFresAeYs= -github.com/openshift/api v3.9.0+incompatible/go.mod h1:dh9o4Fs58gpFXGSYfnVxGR9PnV53I8TW84pQaJDdGiY= -github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230711124224-54bd95cadcf3 h1:12KkG5gLq0nL/oS1Rd7RL6maNqTm0tRz2bmWycxrcJY= -github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230711124224-54bd95cadcf3/go.mod h1:v6ZQBtTtQi7OMvOHGbScOLyyfM70is5mu0ZM0IsIJKE= +github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI= +github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -279,6 +277,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stuggi/lib-common/modules/common v0.0.0-20230714102603-ed87be4f924e h1:Sw8WG5yo+hXXbd3cG6Sa+ALVnxj2vcULnbGVs4/2Fx8= +github.com/stuggi/lib-common/modules/common v0.0.0-20230714102603-ed87be4f924e/go.mod h1:UTwtKN9s/re95Fh4bLcTWOSj8UK7Hhnmv4o0EzTvDqM= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= diff --git a/api/v1beta1/placementapi_types.go b/api/v1beta1/placementapi_types.go index 1e5ba692..9672b7f2 100644 --- a/api/v1beta1/placementapi_types.go +++ b/api/v1beta1/placementapi_types.go @@ -19,6 +19,7 @@ package v1beta1 import ( condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" endpoint "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" + "github.com/openstack-k8s-operators/lib-common/modules/common/route" "github.com/openstack-k8s-operators/lib-common/modules/common/util" corev1 "k8s.io/api/core/v1" @@ -115,6 +116,16 @@ type PlacementAPISpec struct { // +kubebuilder:validation:Optional // ExternalEndpoints, expose a VIP using a pre-created IPAddressPool ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + + // +kubebuilder:validation:Optional + // Override, provides the ability to override the generated manifest of several child resources. + Override PlacementAPIOverrideSpec `json:"override,omitempty"` +} + +// PlacementAPIOverrideSpec to override the generated manifest of several child resources. +type PlacementAPIOverrideSpec struct { + // +kubebuilder:validation:Optional + Route *route.OverrideSpec `json:"route,omitempty"` } // MetalLBConfig to configure the MetalLB loadbalancer service diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index b7ffb68d..5059144e 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -23,6 +23,7 @@ package v1beta1 import ( "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + "github.com/openstack-k8s-operators/lib-common/modules/common/route" "k8s.io/apimachinery/pkg/runtime" ) @@ -150,6 +151,26 @@ func (in *PlacementAPIList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PlacementAPIOverrideSpec) DeepCopyInto(out *PlacementAPIOverrideSpec) { + *out = *in + if in.Route != nil { + in, out := &in.Route, &out.Route + *out = new(route.OverrideSpec) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlacementAPIOverrideSpec. +func (in *PlacementAPIOverrideSpec) DeepCopy() *PlacementAPIOverrideSpec { + if in == nil { + return nil + } + out := new(PlacementAPIOverrideSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PlacementAPISpec) DeepCopyInto(out *PlacementAPISpec) { *out = *in @@ -187,6 +208,7 @@ func (in *PlacementAPISpec) DeepCopyInto(out *PlacementAPISpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + in.Override.DeepCopyInto(&out.Override) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PlacementAPISpec. diff --git a/config/crd/bases/placement.openstack.org_placementapis.yaml b/config/crd/bases/placement.openstack.org_placementapis.yaml index 03948b96..c1ad679c 100644 --- a/config/crd/bases/placement.openstack.org_placementapis.yaml +++ b/config/crd/bases/placement.openstack.org_placementapis.yaml @@ -146,6 +146,232 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + route: + description: OverrideSpec configuration for the Route created + to serve traffic to the cluster. + properties: + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. New labels/annotations + get merged with the ones created by the operator. If a privided + annotation/label is the same as one created by the service + operator, the ones provided via this override will replace + the one from the operator. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: "Spec defines the behavior of a Route. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + \n The spec will be merged using StrategicMergePatch - Provided + parameters will override the ones from the original spec. + - Required parameters of sub structs have to be named. - + For parameters which are list of struct it depends on the + patchStrategy defined on the list https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/#notes-on-the-strategic-merge-patch + If `patchStrategy:\"merge\"` is set, src and dst list gets + merged, otherwise they get replaced." + properties: + alternateBackends: + description: alternateBackends allows up to 3 additional + backends to be assigned to the route. Only the Service + kind is allowed, and it will be defaulted to Service. + Use the weight field in RouteTargetReference object + to specify relative preference. + items: + description: TargetReference specifies the target that + resolve into endpoints. Only the 'Service' kind is + allowed. Use 'weight' field to emphasize one over + others. Copy of RouteTargetReference in https://github.com/openshift/api/blob/master/route/v1/types.go, + parameters set to be optional, have omitempty, and + no default. + properties: + kind: + description: The kind of target that the route is + referring to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is + being referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and + 256, default 100, that specifies the target's + relative weight against other target reference + objects. 0 suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + maxItems: 3 + type: array + host: + description: host is an alias/DNS that points to the service. + Optional. If not specified a route name will typically + be automatically chosen. Must follow DNS952 subdomain + conventions. + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + path: + description: path that the router watches for, to route + traffic for to the service. Optional + pattern: ^/ + type: string + port: + description: If specified, the port to be used by the + router. Most routers will use all endpoints exposed + by the service by default - set this value to instruct + routers which port to use. + properties: + targetPort: + anyOf: + - type: integer + - type: string + description: The target port on pods selected by the + service this route points to. If this is a string, + it will be looked up as a named port in the target + endpoints port list. Required + x-kubernetes-int-or-string: true + required: + - targetPort + type: object + subdomain: + description: "subdomain is a DNS subdomain that is requested + within the ingress controller's domain (as a subdomain). + If host is set this field is ignored. An ingress controller + may choose to ignore this suggested name, in which case + the controller will report the assigned name in the + status.ingress array or refuse to admit the route. If + this value is set and the server does not support this + field host will be populated automatically. Otherwise + host is left empty. The field may have multiple parts + separated by a dot, but not all ingress controllers + may honor the request. This field may not be changed + after creation except by a user with the update routes/custom-host + permission. \n Example: subdomain `frontend` automatically + receives the router subdomain `apps.mycluster.com` to + have a full hostname `frontend.apps.mycluster.com`." + maxLength: 253 + pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$ + type: string + tls: + description: The tls field provides the ability to configure + certificates and termination for the route. + properties: + caCertificate: + description: caCertificate provides the cert authority + certificate contents + type: string + certificate: + description: certificate provides certificate contents. + This should be a single serving certificate, not + a certificate chain. Do not include a CA certificate. + type: string + destinationCACertificate: + description: destinationCACertificate provides the + contents of the ca certificate of the final destination. When + using reencrypt termination this file should be + provided in order to have routers use it for health + checks on the secure connection. If this field is + not specified, the router may provide its own destination + CA and perform hostname validation using the short + service name (service.namespace.svc), which allows + infrastructure generated certificates to automatically + verify. + type: string + insecureEdgeTerminationPolicy: + description: "insecureEdgeTerminationPolicy indicates + the desired behavior for insecure connections to + a route. While each router may make its own decisions + on which ports to expose, this is normally port + 80. \n * Allow - traffic is sent to the server on + the insecure port (default) * Disable - no traffic + is allowed on the insecure port. * Redirect - clients + are redirected to the secure port." + type: string + key: + description: key provides key file contents + type: string + termination: + description: "termination indicates termination type. + \n * edge - TLS termination is done by the router + and http is used to communicate with the backend + (default) * passthrough - Traffic is sent straight + to the destination without the router providing + TLS termination * reencrypt - TLS termination is + done by the router and https is used to communicate + with the backend" + enum: + - edge + - reencrypt + - passthrough + type: string + required: + - termination + type: object + to: + description: to is an object the route should use as the + primary backend. Only the Service kind is allowed, and + it will be defaulted to Service. If the weight field + (0-256 default 100) is set to zero, no traffic will + be sent to this backend. + properties: + kind: + description: The kind of target that the route is + referring to. Currently, only 'Service' is allowed + enum: + - Service + - "" + type: string + name: + description: name of the service/target that is being + referred to. e.g. name of the service + type: string + weight: + description: weight as an integer between 0 and 256, + default 100, that specifies the target's relative + weight against other target reference objects. 0 + suppresses requests to this backend. + format: int32 + maximum: 256 + minimum: 0 + type: integer + type: object + wildcardPolicy: + description: Wildcard policy if any for the route. Currently + only 'Subdomain' or 'None' is allowed. + enum: + - None + - Subdomain + - "" + type: string + type: object + type: object + type: object passwordSelectors: default: database: PlacementDatabasePassword diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 342c17f3..b22c808e 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -204,6 +204,18 @@ rules: - patch - update - watch +- apiGroups: + - route.openshift.io + resources: + - routes/custom-host + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - security.openshift.io resourceNames: diff --git a/controllers/placementapi_controller.go b/controllers/placementapi_controller.go index 6e14c07b..c440bdbe 100644 --- a/controllers/placementapi_controller.go +++ b/controllers/placementapi_controller.go @@ -97,6 +97,7 @@ type PlacementAPIReconciler struct { // +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=get;list;watch;create;update;patch;delete; +// +kubebuilder:rbac:groups=route.openshift.io,resources=routes/custom-host,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=mariadb.openstack.org,resources=mariadbdatabases,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneapis,verbs=get;list;watch; // +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneservices,verbs=get;list;watch;create;update;patch;delete; @@ -371,7 +372,10 @@ func (r *PlacementAPIReconciler) reconcileInit( // expose the service (create service, route and return the created endpoint URLs) // var ports = map[endpoint.Endpoint]endpoint.Data{ - endpoint.EndpointPublic: {Port: placement.PlacementPublicPort}, + endpoint.EndpointPublic: { + Port: placement.PlacementPublicPort, + RouteOverride: instance.Spec.Override.Route, + }, endpoint.EndpointInternal: {Port: placement.PlacementInternalPort}, } diff --git a/go.mod b/go.mod index 28665a2a..db5ac40d 100644 --- a/go.mod +++ b/go.mod @@ -89,3 +89,9 @@ require ( ) replace github.com/openstack-k8s-operators/placement-operator/api => ./api + +// map to latest commit from release-4.13 tag +// must consistent with lib-common +replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230714102603-ed87be4f924e diff --git a/go.sum b/go.sum index c8ba7419..bf47f6ce 100644 --- a/go.sum +++ b/go.sum @@ -232,14 +232,12 @@ github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc= github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ= -github.com/openshift/api v3.9.0+incompatible h1:fJ/KsefYuZAjmrr3+5U9yZIZbTOpVkDDLDLFresAeYs= -github.com/openshift/api v3.9.0+incompatible/go.mod h1:dh9o4Fs58gpFXGSYfnVxGR9PnV53I8TW84pQaJDdGiY= +github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI= +github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/openstack-k8s-operators/infra-operator/apis v0.0.0-20230609175832-5a9a30056080 h1:wsBYp8qy5tFPKkk/nmqFUJV6cBIWfHwAPr4St/Oehr0= github.com/openstack-k8s-operators/infra-operator/apis v0.0.0-20230609175832-5a9a30056080/go.mod h1:KDC8rS9D00e4ud5iQUexUxtApmCgqTwjOKcHv2OhGiY= github.com/openstack-k8s-operators/keystone-operator/api v0.0.0-20230622141005-e9220a4b3dfe h1:NHbwjF+CqxdCKx1rY+/EjMqGr56lMoWsahzkYfTRtbk= github.com/openstack-k8s-operators/keystone-operator/api v0.0.0-20230622141005-e9220a4b3dfe/go.mod h1:LtZ8b3DYLvX0a89RKbmJgd1q8GcxcOVf7N+bH47a9HU= -github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230711124224-54bd95cadcf3 h1:12KkG5gLq0nL/oS1Rd7RL6maNqTm0tRz2bmWycxrcJY= -github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230711124224-54bd95cadcf3/go.mod h1:v6ZQBtTtQi7OMvOHGbScOLyyfM70is5mu0ZM0IsIJKE= github.com/openstack-k8s-operators/lib-common/modules/database v0.0.0-20230711124224-54bd95cadcf3 h1:KN+LMQcuhCkTeIgqHK3mfVPpo8I8hr5dKvgE4kwpJ9M= github.com/openstack-k8s-operators/lib-common/modules/database v0.0.0-20230711124224-54bd95cadcf3/go.mod h1:Ord1WrWg+dv89KFw4xqyFwXsZ35BHjn46qPu/ZTyIpw= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.0.0-20230606033311-3b01713e4d45 h1:o+q7yAQYkp5DM7Ri1kaTPtkPdLSNmoaS/joiu5l9uzU= @@ -304,6 +302,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stuggi/lib-common/modules/common v0.0.0-20230714102603-ed87be4f924e h1:Sw8WG5yo+hXXbd3cG6Sa+ALVnxj2vcULnbGVs4/2Fx8= +github.com/stuggi/lib-common/modules/common v0.0.0-20230714102603-ed87be4f924e/go.mod h1:UTwtKN9s/re95Fh4bLcTWOSj8UK7Hhnmv4o0EzTvDqM= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=