allow btpAccess credentials changes (#607)

* allow btpAccess credentials changes

* delete redundant test

Author: kerenlahav

Makefile

@@ -18,7 +18,7 @@ SED = sed -i ''
 endif
 TEST_PACKAGES=$(shell go list ./... | egrep "controllers|internal/utils|api|client" | egrep -v "client/sm/smfakes" | paste -sd " " -)
 
-GO_TEST = go test $(TEST_PACKAGES) -coverprofile=$(TEST_PROFILE) -ginkgo.flakeAttempts=3
+GO_TEST = go test $(TEST_PACKAGES) -coverprofile=$(TEST_PROFILE) -ginkgo.flakeAttempts=2
 
 all: manager
 

api/v1/serviceinstance_validating_webhook.go

@@ -45,14 +45,7 @@ func (si *ServiceInstance) ValidateCreate(_ context.Context, _ runtime.Object) (
 	return nil, nil
 }
 
-func (si *ServiceInstance) ValidateUpdate(_ context.Context, oldObj, newObj runtime.Object) (warnings admission.Warnings, err error) {
-	oldInstance := oldObj.(*ServiceInstance)
-	newInstance := newObj.(*ServiceInstance)
-	serviceinstancelog.Info("validate update", "name", newInstance.ObjectMeta.Name)
-
-	if oldInstance.Spec.BTPAccessCredentialsSecret != newInstance.Spec.BTPAccessCredentialsSecret {
-		return nil, fmt.Errorf("changing the btpAccessCredentialsSecret for an existing instance is not allowed")
-	}
+func (si *ServiceInstance) ValidateUpdate(_ context.Context, _, _ runtime.Object) (warnings admission.Warnings, err error) {
 	return nil, nil
 }
 

api/v1/serviceinstance_validating_webhook_test.go

@@ -12,20 +12,6 @@ var _ = Describe("Service Instance Webhook Test", func() {
 		instance = getInstance()
 	})
 
-	Context("Validate Update", func() {
-		When("btpAccessCredentialsSecret changed", func() {
-			It("should fail", func() {
-				instance := getInstance()
-				instance.Spec.BTPAccessCredentialsSecret = ""
-				newInstance := getInstance()
-				newInstance.Spec.BTPAccessCredentialsSecret = "new-secret"
-				_, err := newInstance.ValidateUpdate(nil, instance, newInstance)
-				Expect(err).To(HaveOccurred())
-				Expect(err.Error()).To(ContainSubstring("changing the btpAccessCredentialsSecret for an existing instance is not allowed"))
-			})
-		})
-	})
-
 	Context("Validate Delete", func() {
 		When("service instance is marked as prevent deletion", func() {
 			It("should return error from webhook", func() {

controllers/serviceinstance_controller_test.go

@@ -606,17 +606,6 @@ var _ = Describe("ServiceInstance controller", func() {
 			})
 		})
 
-		When("subaccount id changed", func() {
-			It("should fail", func() {
-				deleteInstance(ctx, serviceInstance, true)
-				serviceInstance = createInstance(ctx, fakeInstanceName, instanceSpec, nil, true)
-				serviceInstance.Spec.BTPAccessCredentialsSecret = "12345"
-				err := k8sClient.Update(ctx, serviceInstance)
-				Expect(err).To(HaveOccurred())
-				Expect(err.Error()).To(ContainSubstring("changing the btpAccessCredentialsSecret for an existing instance is not allowed"))
-			})
-		})
-
 		When("UserInfo changed", func() {
 			It("should fail", func() {
 				serviceInstance.Spec.UserInfo = &authv1.UserInfo{