diff --git a/controllers/common.go b/controllers/common.go index 9a5c2bbf7..0ab874217 100644 --- a/controllers/common.go +++ b/controllers/common.go @@ -26,7 +26,6 @@ import ( corev1 "k8s.io/api/core/v1" k8s_errors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/kubernetes" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" @@ -43,6 +42,7 @@ import ( helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" "github.com/openstack-k8s-operators/lib-common/modules/common/secret" + common_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" "github.com/openstack-k8s-operators/lib-common/modules/openstack" ) @@ -148,84 +148,13 @@ func allSubConditionIsTrue(conditionsGetter conditionsGetter) bool { return true } -type conditionUpdater interface { - Set(c *condition.Condition) - MarkTrue(t condition.Type, messageFormat string, messageArgs ...interface{}) -} - -// ensureSecret - ensures that the Secret object exists and the expected fields -// are in the Secret. It returns a hash of the values of the expected fields. -func ensureSecret( - ctx context.Context, - secretName types.NamespacedName, - expectedFields []string, - reader client.Reader, - conditionUpdater conditionUpdater, - requeueTimeout time.Duration, -) (string, ctrl.Result, corev1.Secret, error) { - secret := &corev1.Secret{} - err := reader.Get(ctx, secretName, secret) - if err != nil { - if k8s_errors.IsNotFound(err) { - conditionUpdater.Set(condition.FalseCondition( - condition.InputReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - fmt.Sprintf(novav1.InputReadyWaitingMessage, "secret/"+secretName.Name))) - return "", - ctrl.Result{RequeueAfter: requeueTimeout}, - *secret, - fmt.Errorf("secret %s not found", secretName) - } - conditionUpdater.Set(condition.FalseCondition( - condition.InputReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.InputReadyErrorMessage, - err.Error())) - return "", ctrl.Result{}, *secret, err - } - - // collect the secret values the caller expects to exist - values := [][]byte{} - for _, field := range expectedFields { - val, ok := secret.Data[field] - if !ok { - err := fmt.Errorf("field '%s' not found in secret/%s", field, secretName.Name) - conditionUpdater.Set(condition.FalseCondition( - condition.InputReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.InputReadyErrorMessage, - err.Error())) - return "", ctrl.Result{}, *secret, err - } - values = append(values, val) - } - - // TODO(gibi): Do we need to watch the Secret for changes? - - hash, err := util.ObjectHash(values) - if err != nil { - conditionUpdater.Set(condition.FalseCondition( - condition.InputReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.InputReadyErrorMessage, - err.Error())) - return "", ctrl.Result{}, *secret, err - } - - return hash, ctrl.Result{}, *secret, nil -} - // ensureNetworkAttachments - checks the requested network attachments exists and // returns the annotation to be set on the deployment objects. func ensureNetworkAttachments( ctx context.Context, h *helper.Helper, networkAttachments []string, - conditionUpdater conditionUpdater, + conditionUpdater common_secret.ConditionUpdater, requeueTimeout time.Duration, ) (map[string]string, ctrl.Result, error) { var nadAnnotations map[string]string @@ -550,7 +479,7 @@ func ensureMemcached( h *helper.Helper, namespaceName string, memcachedName string, - conditionUpdater conditionUpdater, + conditionUpdater common_secret.ConditionUpdater, ) (*memcachedv1.Memcached, error) { memcached, err := memcachedv1.GetMemcachedByName(ctx, h, memcachedName, namespaceName) if err != nil { diff --git a/controllers/nova_controller.go b/controllers/nova_controller.go index 2f840285c..4708e86cf 100644 --- a/controllers/nova_controller.go +++ b/controllers/nova_controller.go @@ -46,7 +46,7 @@ import ( job "github.com/openstack-k8s-operators/lib-common/modules/common/job" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" common_rbac "github.com/openstack-k8s-operators/lib-common/modules/common/rbac" - "github.com/openstack-k8s-operators/lib-common/modules/common/secret" + common_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" @@ -240,7 +240,7 @@ func (r *NovaReconciler) Reconcile(ctx context.Context, req ctrl.Request) (resul instance.Spec.PasswordSelectors.MetadataSecret, } - _, result, secret, err := ensureSecret( + _, result, secret, err := common_secret.EnsureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, expectedSelectors, @@ -798,7 +798,7 @@ func (r *NovaReconciler) ensureNovaManageJobSecret( } configHash := make(map[string]env.Setter) - err = secret.EnsureSecrets(ctx, h, instance, cms, &configHash) + err = common_secret.EnsureSecrets(ctx, h, instance, cms, &configHash) return configHash, scriptName, configName, err } @@ -1662,7 +1662,7 @@ func (r *NovaReconciler) ensureCellSecret( CustomData: data, } - err := secret.EnsureSecrets(ctx, h, instance, []util.Template{template}, nil) + err := common_secret.EnsureSecrets(ctx, h, instance, []util.Template{template}, nil) return secretName, err } @@ -1702,7 +1702,7 @@ func (r *NovaReconciler) ensureTopLevelSecret( CustomData: data, } - err := secret.EnsureSecrets(ctx, h, instance, []util.Template{template}, nil) + err := common_secret.EnsureSecrets(ctx, h, instance, []util.Template{template}, nil) return secretName, err } diff --git a/controllers/novaapi_controller.go b/controllers/novaapi_controller.go index 1dbe49458..36ff302ce 100644 --- a/controllers/novaapi_controller.go +++ b/controllers/novaapi_controller.go @@ -51,6 +51,7 @@ import ( mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1" + common_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" "github.com/openstack-k8s-operators/nova-operator/pkg/nova" "github.com/openstack-k8s-operators/nova-operator/pkg/novaapi" @@ -175,7 +176,7 @@ func (r *NovaAPIReconciler) Reconcile(ctx context.Context, req ctrl.Request) (re // detect if something is changed. hashes := make(map[string]env.Setter) - secretHash, result, secret, err := ensureSecret( + secretHash, result, secret, err := common_secret.EnsureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, // TODO(gibi): add keystoneAuthURL here is that is also passed via diff --git a/controllers/novacell_controller.go b/controllers/novacell_controller.go index ae6eb53c4..fb3db13cb 100644 --- a/controllers/novacell_controller.go +++ b/controllers/novacell_controller.go @@ -42,6 +42,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/env" helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" + common_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" "github.com/openstack-k8s-operators/lib-common/modules/common/service" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" @@ -137,7 +138,7 @@ func (r *NovaCellReconciler) Reconcile(ctx context.Context, req ctrl.Request) (r }() // For the compute config generation we need to read the input secrets - _, result, secret, err := ensureSecret( + _, result, secret, err := common_secret.EnsureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, []string{ diff --git a/controllers/novacompute_controller.go b/controllers/novacompute_controller.go index 1ea078acf..a5c0c320c 100644 --- a/controllers/novacompute_controller.go +++ b/controllers/novacompute_controller.go @@ -39,6 +39,7 @@ import ( helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" + common_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" @@ -150,7 +151,7 @@ func (r *NovaComputeReconciler) Reconcile(ctx context.Context, req ctrl.Request) hashes := make(map[string]env.Setter) - secretHash, result, secret, err := ensureSecret( + secretHash, result, secret, err := common_secret.EnsureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, []string{ diff --git a/controllers/novaconductor_controller.go b/controllers/novaconductor_controller.go index 08f7a0c10..440afaeef 100644 --- a/controllers/novaconductor_controller.go +++ b/controllers/novaconductor_controller.go @@ -45,6 +45,7 @@ import ( job "github.com/openstack-k8s-operators/lib-common/modules/common/job" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" + common_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" @@ -176,7 +177,7 @@ func (r *NovaConductorReconciler) Reconcile(ctx context.Context, req ctrl.Reques TransportURLSelector, } - secretHash, result, secret, err := ensureSecret( + secretHash, result, secret, err := common_secret.EnsureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, requiredSecretFields, diff --git a/controllers/novametadata_controller.go b/controllers/novametadata_controller.go index 429790534..dd7970a50 100644 --- a/controllers/novametadata_controller.go +++ b/controllers/novametadata_controller.go @@ -174,7 +174,7 @@ func (r *NovaMetadataReconciler) Reconcile(ctx context.Context, req ctrl.Request TransportURLSelector, } - secretHash, result, secret, err := ensureSecret( + secretHash, result, secret, err := common_secret.EnsureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, expectedSelectors, diff --git a/controllers/novanovncproxy_controller.go b/controllers/novanovncproxy_controller.go index 02083b696..058c63967 100644 --- a/controllers/novanovncproxy_controller.go +++ b/controllers/novanovncproxy_controller.go @@ -41,6 +41,7 @@ import ( helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" + common_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" "github.com/openstack-k8s-operators/lib-common/modules/common/service" "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" @@ -168,7 +169,7 @@ func (r *NovaNoVNCProxyReconciler) Reconcile(ctx context.Context, req ctrl.Reque hashes := make(map[string]env.Setter) - secretHash, result, secret, err := ensureSecret( + secretHash, result, secret, err := common_secret.EnsureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, []string{ diff --git a/controllers/novascheduler_controller.go b/controllers/novascheduler_controller.go index 3c16b4fb5..740171d7e 100644 --- a/controllers/novascheduler_controller.go +++ b/controllers/novascheduler_controller.go @@ -20,6 +20,7 @@ import ( "context" "fmt" + common_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" v1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" k8s_errors "k8s.io/apimachinery/pkg/api/errors" @@ -169,7 +170,7 @@ func (r *NovaSchedulerReconciler) Reconcile(ctx context.Context, req ctrl.Reques // detect if something is changed. hashes := make(map[string]env.Setter) - secretHash, result, secret, err := ensureSecret( + secretHash, result, secret, err := common_secret.EnsureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, // TODO(gibi): add keystoneAuthURL here is that is also passed via