Merge pull request #110 from PDOK/wr/remove-cm-secret-injection

remove finding blobs and postgres configmap/secret

Author: Shalucik

internal/controller/blobdownload/blob_download.go

@@ -33,7 +33,7 @@ func GetScript() string {
 	return GpkgDownloadScript
 }
 
-func GetBlobDownloadInitContainer[O pdoknlv3.WMSWFS](obj O, images types.Images, blobsConfigName, blobsSecretName string) (*corev1.Container, error) {
+func GetBlobDownloadInitContainer[O pdoknlv3.WMSWFS](obj O, images types.Images) (*corev1.Container, error) {
 	blobkeys := []string{}
 	for _, gpkg := range obj.GeoPackages() {
 		// Deduplicate blobkeys to prevent double downloads
@@ -56,10 +56,6 @@ func GetBlobDownloadInitContainer[O pdoknlv3.WMSWFS](obj O, images types.Images,
 				Value: strings.Join(blobkeys, ";"),
 			},
 		},
-		EnvFrom: []corev1.EnvFromSource{
-			utils.NewEnvFromSource(utils.EnvFromSourceTypeConfigMap, blobsConfigName),
-			utils.NewEnvFromSource(utils.EnvFromSourceTypeSecret, blobsSecretName),
-		},
 		Resources: corev1.ResourceRequirements{
 			Requests: corev1.ResourceList{
 				corev1.ResourceCPU: resource.MustParse("0.15"),

internal/controller/deployment.go

@@ -14,7 +14,6 @@ import (
 	"github.com/pdok/mapserver-operator/internal/controller/mapserver"
 	"github.com/pdok/mapserver-operator/internal/controller/ogcwebserviceproxy"
 	"github.com/pdok/mapserver-operator/internal/controller/types"
-	"github.com/pdok/smooth-operator/pkg/k8s"
 	smoothoperatorutils "github.com/pdok/smooth-operator/pkg/util"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
@@ -24,13 +23,6 @@ import (
 	ctrl "sigs.k8s.io/controller-runtime"
 )
 
-const (
-	blobsConfigPrefix   = "blobs-"
-	blobsSecretPrefix   = "blobs-"
-	postgisConfigPrefix = "postgres-"
-	postgisSecretPrefix = "postgres-"
-)
-
 var storageClassName string
 
 func SetStorageClassName(name string) {
@@ -65,19 +57,14 @@ func mutateDeployment[R Reconciler, O pdoknlv3.WMSWFS](r R, obj O, deployment *a
 		},
 	}
 
-	blobsSecret, err := k8s.GetSecret(getReconcilerClient(r), obj.GetNamespace(), blobsSecretPrefix, make(map[string]string))
-	if err != nil {
-		return err
-	}
-
 	initContainers, err := getInitContainerForDeployment(r, obj)
 	if err != nil {
 		return err
 	}
 	setTerminationMessage(initContainers)
 
 	images := getReconcilerImages(r)
-	containers, err := getContainers(obj, images, blobsSecret)
+	containers, err := getContainers(obj, images)
 	if err != nil {
 		return err
 	}
@@ -140,18 +127,9 @@ func getPodAnnotations(deployment *appsv1.Deployment) map[string]string {
 }
 
 func getInitContainerForDeployment[R Reconciler, O pdoknlv3.WMSWFS](r R, obj O) ([]corev1.Container, error) {
-	blobsConfig, err := k8s.GetConfigMap(getReconcilerClient(r), obj.GetNamespace(), blobsConfigPrefix, make(map[string]string))
-	if err != nil {
-		return nil, err
-	}
-
-	blobsSecret, err := k8s.GetSecret(getReconcilerClient(r), obj.GetNamespace(), blobsSecretPrefix, make(map[string]string))
-	if err != nil {
-		return nil, err
-	}
 
 	images := getReconcilerImages(r)
-	blobDownloadInitContainer, err := blobdownload.GetBlobDownloadInitContainer(obj, *images, blobsConfig.Name, blobsSecret.Name)
+	blobDownloadInitContainer, err := blobdownload.GetBlobDownloadInitContainer(obj, *images)
 	if err != nil {
 		return nil, err
 	}
@@ -166,16 +144,7 @@ func getInitContainerForDeployment[R Reconciler, O pdoknlv3.WMSWFS](r R, obj O)
 	}
 
 	if obj.Mapfile() == nil {
-		postgresConfig, err := k8s.GetConfigMap(getReconcilerClient(r), obj.GetNamespace(), postgisConfigPrefix, make(map[string]string))
-		if err != nil {
-			return nil, err
-		}
-
-		postgresSecret, err := k8s.GetSecret(getReconcilerClient(r), obj.GetNamespace(), postgisSecretPrefix, make(map[string]string))
-		if err != nil {
-			return nil, err
-		}
-		mapfileGeneratorInitContainer, err := mapfilegenerator.GetMapfileGeneratorInitContainer(obj, *images, postgresConfig.Name, postgresSecret.Name)
+		mapfileGeneratorInitContainer, err := mapfilegenerator.GetMapfileGeneratorInitContainer(obj, *images)
 		if err != nil {
 			return nil, err
 		}
@@ -204,8 +173,8 @@ func getInitContainerForDeployment[R Reconciler, O pdoknlv3.WMSWFS](r R, obj O)
 	return initContainers, nil
 }
 
-func getContainers[O pdoknlv3.WMSWFS](obj O, images *types.Images, blobsSecret *corev1.Secret) ([]corev1.Container, error) {
-	mapserverContainer, err := mapserver.GetMapserverContainer(obj, *images, blobsSecret.Name)
+func getContainers[O pdoknlv3.WMSWFS](obj O, images *types.Images) ([]corev1.Container, error) {
+	mapserverContainer, err := mapserver.GetMapserverContainer(obj, *images)
 	if err != nil {
 		return nil, err
 	}

internal/controller/mapfilegenerator/mapfile_generator.go

@@ -15,7 +15,7 @@ import (
 	corev1 "k8s.io/api/core/v1"
 )
 
-func GetMapfileGeneratorInitContainer[O pdoknlv3.WMSWFS](obj O, images types.Images, postgisConfigName, postgisSecretName string) (*corev1.Container, error) {
+func GetMapfileGeneratorInitContainer[O pdoknlv3.WMSWFS](obj O, images types.Images) (*corev1.Container, error) {
 	initContainer := corev1.Container{
 		Name:            constants.MapfileGeneratorName,
 		Image:           images.MapfileGeneratorImage,
@@ -37,13 +37,7 @@ func GetMapfileGeneratorInitContainer[O pdoknlv3.WMSWFS](obj O, images types.Ima
 		stylingFilesVolMount := corev1.VolumeMount{Name: constants.ConfigMapStylingFilesVolumeName, MountPath: "/styling", ReadOnly: true}
 		initContainer.VolumeMounts = append(initContainer.VolumeMounts, stylingFilesVolMount)
 	}
-	// Additional mapfile-generator configuration
-	if obj.HasPostgisData() {
-		initContainer.EnvFrom = []corev1.EnvFromSource{
-			utils.NewEnvFromSource(utils.EnvFromSourceTypeConfigMap, postgisConfigName),
-			utils.NewEnvFromSource(utils.EnvFromSourceTypeSecret, postgisSecretName),
-		}
-	}
+
 	return &initContainer, nil
 }
 

internal/controller/mapserver/deployment.go

@@ -17,7 +17,7 @@ import (
 
 const mimeTextXML = "text/xml"
 
-func GetMapserverContainer[O pdoknlv3.WMSWFS](obj O, images types.Images, blobsSecretName string) (*corev1.Container, error) {
+func GetMapserverContainer[O pdoknlv3.WMSWFS](obj O, images types.Images) (*corev1.Container, error) {
 	livenessProbe, readinessProbe, startupProbe, err := getProbes(obj)
 	if err != nil {
 		return nil, err
@@ -38,15 +38,6 @@ func GetMapserverContainer[O pdoknlv3.WMSWFS](obj O, images types.Images, blobsS
 				Value: "/srv/mapserver/config/default_mapserver.conf",
 			},
 			GetMapfileEnvVar(obj),
-			{
-				Name: "AZURE_STORAGE_CONNECTION_STRING",
-				ValueFrom: &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{Name: blobsSecretName},
-						Key:                  "AZURE_STORAGE_CONNECTION_STRING",
-					},
-				},
-			},
 		},
 		VolumeMounts: getVolumeMounts(obj.Mapfile() != nil),
 		Resources: corev1.ResourceRequirements{

internal/controller/suite_test.go

@@ -133,7 +133,7 @@ var _ = BeforeSuite(func() {
 	// Deploy blob configmap + secret
 	blobConfig := &corev1.ConfigMap{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      blobsConfigPrefix + "testtest",
+			Name:      "blobs-testtest",
 			Namespace: metav1.NamespaceDefault,
 		},
 	}
@@ -142,7 +142,7 @@ var _ = BeforeSuite(func() {
 
 	blobSecret := &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      blobsSecretPrefix + "testtest",
+			Name:      "blobs-testtest",
 			Namespace: metav1.NamespaceDefault,
 		},
 	}
@@ -152,7 +152,7 @@ var _ = BeforeSuite(func() {
 	// Deploy postgres configmap + secret
 	postgresConfig := &corev1.ConfigMap{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      postgisConfigPrefix + "testtest",
+			Name:      "postgres-testtest",
 			Namespace: metav1.NamespaceDefault,
 		},
 	}
@@ -161,7 +161,7 @@ var _ = BeforeSuite(func() {
 
 	postgresSecret := &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      postgisSecretPrefix + "testtest",
+			Name:      "postgres-testtest",
 			Namespace: metav1.NamespaceDefault,
 		},
 	}

internal/controller/test_data/wfs/complete/expected/deployment.yaml

@@ -56,17 +56,17 @@ spec:
       containers:
         - name: mapserver
           env:
+            - name: AZURE_STORAGE_CONNECTION_STRING
+              valueFrom:
+                secretKeyRef:
+                  key: AZURE_STORAGE_CONNECTION_STRING
+                  name: blobs-testtest
             - name: SERVICE_TYPE
               value: WFS
             - name: MAPSERVER_CONFIG_FILE
               value: "/srv/mapserver/config/default_mapserver.conf"
             - name: MS_MAPFILE
               value: /srv/data/config/mapfile/service.map
-            - name: AZURE_STORAGE_CONNECTION_STRING
-              valueFrom:
-                secretKeyRef:
-                  key: AZURE_STORAGE_CONNECTION_STRING
-                  name: blobs-testtest
           image: test.test/image:test3
           imagePullPolicy: IfNotPresent
           terminationMessagePolicy: File

internal/controller/test_data/wfs/complete/input/wfs.yaml

@@ -28,17 +28,36 @@ spec:
     minReplicas: 1
   options: {}
   podSpecPatch:
+    initContainers:
+      - name: blob-download
+        envFrom:
+          - configMapRef:
+              name: blobs-testtest
+          - secretRef:
+              name: blobs-testtest
+      - name: mapfile-generator
+        envFrom:
+          - configMapRef:
+              name: postgres-testtest
+          - secretRef:
+              name: postgres-testtest
     containers:
-    - name: mapserver
-      resources:
-        limits:
-          cpu: "2"
-          ephemeral-storage: 11G
-          memory: 500M
-        requests:
-          cpu: "1"
-          ephemeral-storage: 11G
-          memory: 250M
+      - name: mapserver
+        env:
+          - name: AZURE_STORAGE_CONNECTION_STRING
+            valueFrom:
+              secretKeyRef:
+                key: AZURE_STORAGE_CONNECTION_STRING
+                name: blobs-testtest
+        resources:
+          limits:
+            cpu: "2"
+            ephemeral-storage: 11G
+            memory: 500M
+          requests:
+            cpu: "1"
+            ephemeral-storage: 11G
+            memory: 250M
   service:
     abstract: some "Service" abstract
     accessConstraints: http://creativecommons.org/publicdomain/zero/1.0/deed.nl

internal/controller/test_data/wfs/minimal/expected/deployment.yaml

@@ -52,17 +52,17 @@ spec:
     spec:
       containers:
         - env:
+            - name: AZURE_STORAGE_CONNECTION_STRING
+              valueFrom:
+                secretKeyRef:
+                  key: AZURE_STORAGE_CONNECTION_STRING
+                  name: blobs-testtest
             - name: SERVICE_TYPE
               value: WFS
             - name: MAPSERVER_CONFIG_FILE
               value: "/srv/mapserver/config/default_mapserver.conf"
             - name: MS_MAPFILE
               value: /srv/data/config/mapfile/service.map
-            - name: AZURE_STORAGE_CONNECTION_STRING
-              valueFrom:
-                secretKeyRef:
-                  key: AZURE_STORAGE_CONNECTION_STRING
-                  name: blobs-testtest
           image: test.test/image:test3
           imagePullPolicy: IfNotPresent
           terminationMessagePath: /dev/termination-log

internal/controller/test_data/wfs/minimal/input/wfs.yaml

@@ -11,8 +11,21 @@ metadata:
 spec:
   options: {}
   podSpecPatch:
+    initContainers:
+    - name: blob-download
+      envFrom:
+      - configMapRef:
+          name: blobs-testtest
+      - secretRef:
+          name: blobs-testtest
     containers:
     - name: mapserver
+      env:
+      - name: AZURE_STORAGE_CONNECTION_STRING
+        valueFrom:
+          secretKeyRef:
+            key: AZURE_STORAGE_CONNECTION_STRING
+            name: blobs-testtest
       resources:
         limits:
           ephemeral-storage: 100M

internal/controller/test_data/wfs/noprefetch/expected/deployment.yaml

@@ -52,17 +52,17 @@ spec:
     spec:
       containers:
         - env:
+            - name: AZURE_STORAGE_CONNECTION_STRING
+              valueFrom:
+                secretKeyRef:
+                  key: AZURE_STORAGE_CONNECTION_STRING
+                  name: blobs-testtest
             - name: SERVICE_TYPE
               value: WFS
             - name: MAPSERVER_CONFIG_FILE
               value: "/srv/mapserver/config/default_mapserver.conf"
             - name: MS_MAPFILE
               value: /srv/data/config/mapfile/service.map
-            - name: AZURE_STORAGE_CONNECTION_STRING
-              valueFrom:
-                secretKeyRef:
-                  key: AZURE_STORAGE_CONNECTION_STRING
-                  name: blobs-testtest
           image: test.test/image:test3
           imagePullPolicy: IfNotPresent
           terminationMessagePath: /dev/termination-log