Skip to content

Commit e563459

Browse files
semionshvartsi052901kerenlahav
authored
Add custom CA certificate support (#587)
* Add custom CA certificate support Co-authored-by: i052901 <semion.shvrats@sap.com> Co-authored-by: I501080 <keren.lahav@sap.com>
1 parent d9ca02a commit e563459

File tree

15 files changed

+160
-61
lines changed

15 files changed

+160
-61
lines changed

client/sm/client.go

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,6 @@ import (
2929
"strings"
3030

3131
"github.com/SAP/sap-btp-service-operator/api/common"
32-
3332
"github.com/SAP/sap-btp-service-operator/client/sm/types"
3433
"github.com/SAP/sap-btp-service-operator/internal/auth"
3534
"github.com/SAP/sap-btp-service-operator/internal/httputil"
@@ -127,12 +126,12 @@ func NewClient(ctx context.Context, config *ClientConfig, httpClient auth.HTTPCl
127126
var authClient auth.HTTPClient
128127
var err error
129128
if len(config.TLSCertKey) > 0 && len(config.TLSPrivateKey) > 0 {
130-
authClient, err = auth.NewAuthClientWithTLS(ccConfig, config.TLSCertKey, config.TLSPrivateKey)
129+
authClient, err = auth.NewAuthClientWithTLS(ctx, ccConfig, config.TLSCertKey, config.TLSPrivateKey)
131130
if err != nil {
132131
return nil, err
133132
}
134133
} else {
135-
authClient = auth.NewAuthClient(ccConfig, config.SSLDisabled)
134+
authClient = auth.NewAuthClient(ctx, ccConfig, config.SSLDisabled)
136135
}
137136
return &serviceManagerClient{Context: ctx, Config: config, HTTPClient: authClient}, nil
138137
}

controllers/secret_controller.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ import (
55
"fmt"
66
"reflect"
77

8+
"github.com/SAP/sap-btp-service-operator/internal/utils/logutils"
89
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
910

1011
"sigs.k8s.io/controller-runtime/pkg/event"
@@ -36,7 +37,7 @@ type SecretReconciler struct {
3637

3738
func (r *SecretReconciler) Reconcile(ctx context.Context, req reconcile.Request) (reconcile.Result, error) {
3839
log := r.Log.WithValues("secret", req.NamespacedName).WithValues("correlation_id", uuid.New().String())
39-
ctx = context.WithValue(ctx, utils.LogKey{}, log)
40+
ctx = context.WithValue(ctx, logutils.LogKey, log)
4041
log.Info(fmt.Sprintf("reconciling params secret %s", req.NamespacedName))
4142
// Fetch the Secret
4243
secret := &corev1.Secret{}

controllers/servicebinding_controller.go

Lines changed: 18 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ import (
2323
"time"
2424

2525
commonutils "github.com/SAP/sap-btp-service-operator/api/common/utils"
26+
"github.com/SAP/sap-btp-service-operator/internal/utils/logutils"
2627
"sigs.k8s.io/controller-runtime/pkg/reconcile"
2728

2829
"github.com/pkg/errors"
@@ -82,7 +83,7 @@ type ServiceBindingReconciler struct {
8283

8384
func (r *ServiceBindingReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
8485
log := r.Log.WithValues("servicebinding", req.NamespacedName).WithValues("correlation_id", uuid.New().String(), req.Name, req.Namespace)
85-
ctx = context.WithValue(ctx, utils.LogKey{}, log)
86+
ctx = context.WithValue(ctx, logutils.LogKey, log)
8687

8788
serviceBinding := &v1.ServiceBinding{}
8889
if err := r.Client.Get(ctx, req.NamespacedName, serviceBinding); err != nil {
@@ -213,7 +214,7 @@ func (r *ServiceBindingReconciler) SetupWithManager(mgr ctrl.Manager) error {
213214
}
214215

215216
func (r *ServiceBindingReconciler) createBinding(ctx context.Context, smClient sm.Client, serviceInstance *v1.ServiceInstance, serviceBinding *v1.ServiceBinding) (ctrl.Result, error) {
216-
log := utils.GetLogger(ctx)
217+
log := logutils.GetLogger(ctx)
217218
log.Info("Creating smBinding in SM")
218219
serviceBinding.Status.InstanceID = serviceInstance.Status.InstanceID
219220
bindingParameters, _, err := utils.BuildSMRequestParameters(serviceBinding.Namespace, serviceBinding.Spec.Parameters, serviceBinding.Spec.ParametersFrom)
@@ -277,7 +278,7 @@ func (r *ServiceBindingReconciler) createBinding(ctx context.Context, smClient s
277278
}
278279

279280
func (r *ServiceBindingReconciler) delete(ctx context.Context, serviceBinding *v1.ServiceBinding, serviceInstance *v1.ServiceInstance) (ctrl.Result, error) {
280-
log := utils.GetLogger(ctx)
281+
log := logutils.GetLogger(ctx)
281282
if controllerutil.ContainsFinalizer(serviceBinding, common.FinalizerName) {
282283
smClient, err := r.GetSMClient(ctx, serviceInstance)
283284
if err != nil {
@@ -338,7 +339,7 @@ func (r *ServiceBindingReconciler) delete(ctx context.Context, serviceBinding *v
338339
}
339340

340341
func (r *ServiceBindingReconciler) poll(ctx context.Context, serviceBinding *v1.ServiceBinding, serviceInstance *v1.ServiceInstance) (ctrl.Result, error) {
341-
log := utils.GetLogger(ctx)
342+
log := logutils.GetLogger(ctx)
342343
log.Info(fmt.Sprintf("resource is in progress, found operation url %s", serviceBinding.Status.OperationURL))
343344

344345
smClient, err := r.GetSMClient(ctx, serviceInstance)
@@ -424,7 +425,7 @@ func (r *ServiceBindingReconciler) poll(ctx context.Context, serviceBinding *v1.
424425
}
425426

426427
func (r *ServiceBindingReconciler) getBindingForRecovery(ctx context.Context, smClient sm.Client, serviceBinding *v1.ServiceBinding) (*smClientTypes.ServiceBinding, error) {
427-
log := utils.GetLogger(ctx)
428+
log := logutils.GetLogger(ctx)
428429
nameQuery := fmt.Sprintf("name eq '%s'", serviceBinding.Spec.ExternalName)
429430
clusterIDQuery := fmt.Sprintf("context/clusterid eq '%s'", r.Config.ClusterID)
430431
namespaceQuery := fmt.Sprintf("context/namespace eq '%s'", serviceBinding.Namespace)
@@ -451,7 +452,7 @@ func (r *ServiceBindingReconciler) getBindingForRecovery(ctx context.Context, sm
451452
}
452453

453454
func (r *ServiceBindingReconciler) maintain(ctx context.Context, binding *v1.ServiceBinding, instance *v1.ServiceInstance) (ctrl.Result, error) {
454-
log := utils.GetLogger(ctx)
455+
log := logutils.GetLogger(ctx)
455456
if err := r.maintainSecret(ctx, binding, instance); err != nil {
456457
log.Error(err, "failed to maintain secret")
457458
return r.handleSecretError(ctx, smClientTypes.UPDATE, err, binding)
@@ -462,7 +463,7 @@ func (r *ServiceBindingReconciler) maintain(ctx context.Context, binding *v1.Ser
462463
}
463464

464465
func (r *ServiceBindingReconciler) maintainSecret(ctx context.Context, serviceBinding *v1.ServiceBinding, serviceInstance *v1.ServiceInstance) error {
465-
log := utils.GetLogger(ctx)
466+
log := logutils.GetLogger(ctx)
466467
if common.GetObservedGeneration(serviceBinding) == serviceBinding.Generation {
467468
log.Info("observed generation is up to date, checking if secret exists")
468469
if _, err := r.getSecret(ctx, serviceBinding.Namespace, serviceBinding.Spec.SecretName); err == nil {
@@ -498,7 +499,7 @@ func (r *ServiceBindingReconciler) maintainSecret(ctx context.Context, serviceBi
498499
}
499500

500501
func (r *ServiceBindingReconciler) getServiceInstanceForBinding(ctx context.Context, binding *v1.ServiceBinding) (*v1.ServiceInstance, error) {
501-
log := utils.GetLogger(ctx)
502+
log := logutils.GetLogger(ctx)
502503
serviceInstance := &v1.ServiceInstance{}
503504
namespace := binding.Namespace
504505
if len(binding.Spec.ServiceInstanceNamespace) > 0 {
@@ -543,7 +544,7 @@ func (r *ServiceBindingReconciler) resyncBindingStatus(ctx context.Context, k8sB
543544
}
544545

545546
func (r *ServiceBindingReconciler) storeBindingSecret(ctx context.Context, k8sBinding *v1.ServiceBinding, smBinding *smClientTypes.ServiceBinding) error {
546-
log := utils.GetLogger(ctx)
547+
log := logutils.GetLogger(ctx)
547548
logger := log.WithValues("bindingName", k8sBinding.Name, "secretName", k8sBinding.Spec.SecretName)
548549

549550
var secret *corev1.Secret
@@ -598,7 +599,7 @@ func (r *ServiceBindingReconciler) createBindingSecret(ctx context.Context, k8sB
598599
}
599600

600601
func (r *ServiceBindingReconciler) getSecretDefaultData(ctx context.Context, k8sBinding *v1.ServiceBinding, smBinding *smClientTypes.ServiceBinding) (map[string][]byte, error) {
601-
log := utils.GetLogger(ctx).WithValues("bindingName", k8sBinding.Name, "secretName", k8sBinding.Spec.SecretName)
602+
log := logutils.GetLogger(ctx).WithValues("bindingName", k8sBinding.Name, "secretName", k8sBinding.Spec.SecretName)
602603

603604
var credentialsMap map[string][]byte
604605
var credentialProperties []utils.SecretMetadataProperty
@@ -653,7 +654,7 @@ func (r *ServiceBindingReconciler) getSecretDefaultData(ctx context.Context, k8s
653654
}
654655

655656
func (r *ServiceBindingReconciler) createBindingSecretFromSecretTemplate(ctx context.Context, k8sBinding *v1.ServiceBinding, smBinding *smClientTypes.ServiceBinding) (*corev1.Secret, error) {
656-
log := utils.GetLogger(ctx)
657+
log := logutils.GetLogger(ctx)
657658
logger := log.WithValues("bindingName", k8sBinding.Name, "secretName", k8sBinding.Spec.SecretName)
658659

659660
logger.Info("Create Object using SecretTemplate from ServiceBinding Specs")
@@ -699,7 +700,7 @@ func (r *ServiceBindingReconciler) createBindingSecretFromSecretTemplate(ctx con
699700
}
700701

701702
func (r *ServiceBindingReconciler) createOrUpdateBindingSecret(ctx context.Context, binding *v1.ServiceBinding, secret *corev1.Secret) error {
702-
log := utils.GetLogger(ctx)
703+
log := logutils.GetLogger(ctx)
703704
dbSecret := &corev1.Secret{}
704705
create := false
705706
if err := r.Client.Get(ctx, types.NamespacedName{Name: binding.Spec.SecretName, Namespace: binding.Namespace}, dbSecret); err != nil {
@@ -730,7 +731,7 @@ func (r *ServiceBindingReconciler) createOrUpdateBindingSecret(ctx context.Conte
730731
}
731732

732733
func (r *ServiceBindingReconciler) deleteBindingSecret(ctx context.Context, binding *v1.ServiceBinding) error {
733-
log := utils.GetLogger(ctx)
734+
log := logutils.GetLogger(ctx)
734735
log.Info("Deleting binding secret")
735736
bindingSecret := &corev1.Secret{}
736737
if err := r.Client.Get(ctx, types.NamespacedName{
@@ -798,7 +799,7 @@ func (r *ServiceBindingReconciler) validateSecretNameIsAvailable(ctx context.Con
798799
}
799800

800801
func (r *ServiceBindingReconciler) handleSecretError(ctx context.Context, op smClientTypes.OperationCategory, err error, binding *v1.ServiceBinding) (ctrl.Result, error) {
801-
log := utils.GetLogger(ctx)
802+
log := logutils.GetLogger(ctx)
802803
log.Error(err, fmt.Sprintf("failed to store secret %s for binding %s", binding.Spec.SecretName, binding.Name))
803804
return utils.HandleOperationFailure(ctx, r.Client, binding, op, err)
804805
}
@@ -870,7 +871,7 @@ func (r *ServiceBindingReconciler) addInstanceInfo(ctx context.Context, binding
870871
}
871872

872873
func (r *ServiceBindingReconciler) rotateCredentials(ctx context.Context, binding *v1.ServiceBinding, serviceInstance *v1.ServiceInstance) (bool, error) {
873-
log := utils.GetLogger(ctx)
874+
log := logutils.GetLogger(ctx)
874875
if err := r.removeForceRotateAnnotationIfNeeded(ctx, binding, log); err != nil {
875876
log.Info("Credentials rotation - failed to delete force rotate annotation")
876877
return false, err
@@ -971,7 +972,7 @@ func (r *ServiceBindingReconciler) createOldBinding(ctx context.Context, suffix
971972
}
972973

973974
func (r *ServiceBindingReconciler) handleStaleServiceBinding(ctx context.Context, serviceBinding *v1.ServiceBinding) (ctrl.Result, error) {
974-
log := utils.GetLogger(ctx)
975+
log := logutils.GetLogger(ctx)
975976
originalBindingName, ok := serviceBinding.Annotations[common.StaleBindingOrigBindingNameAnnotation]
976977
if !ok {
977978
//if the user removed the "OrigBindingName" annotation and rotationOf label not exist as well
@@ -1009,7 +1010,7 @@ func (r *ServiceBindingReconciler) handleStaleServiceBinding(ctx context.Context
10091010
}
10101011

10111012
func (r *ServiceBindingReconciler) recover(ctx context.Context, serviceBinding *v1.ServiceBinding, smBinding *smClientTypes.ServiceBinding) (ctrl.Result, error) {
1012-
log := utils.GetLogger(ctx)
1013+
log := logutils.GetLogger(ctx)
10131014
log.Info(fmt.Sprintf("found existing smBinding in SM with id %s, updating status", smBinding.ID))
10141015

10151016
if smBinding.Credentials != nil {

controllers/servicebinding_controller_test.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ import (
77
"net/http"
88
"strings"
99

10+
"github.com/SAP/sap-btp-service-operator/internal/utils/logutils"
1011
"github.com/lithammer/dedent"
1112
authv1 "k8s.io/api/authentication/v1"
1213

@@ -135,7 +136,7 @@ var _ = Describe("ServiceBinding controller", func() {
135136
BeforeEach(func() {
136137
ctx = context.Background()
137138
log := ctrl.Log.WithName("bindingTest")
138-
ctx = context.WithValue(ctx, utils.LogKey{}, log)
139+
ctx = context.WithValue(ctx, logutils.LogKey, log)
139140
testUUID = uuid.New().String()
140141
instanceName = "test-instance-" + testUUID
141142
bindingName = "test-binding-" + testUUID

controllers/serviceinstance_controller.go

Lines changed: 11 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ import (
2222
"fmt"
2323
"strings"
2424

25+
"github.com/SAP/sap-btp-service-operator/internal/utils/logutils"
2526
"github.com/pkg/errors"
2627
"sigs.k8s.io/controller-runtime/pkg/reconcile"
2728

@@ -70,7 +71,7 @@ type ServiceInstanceReconciler struct {
7071

7172
func (r *ServiceInstanceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
7273
log := r.Log.WithValues("serviceinstance", req.NamespacedName).WithValues("correlation_id", uuid.New().String())
73-
ctx = context.WithValue(ctx, utils.LogKey{}, log)
74+
ctx = context.WithValue(ctx, logutils.LogKey, log)
7475

7576
serviceInstance := &v1.ServiceInstance{}
7677
if err := r.Client.Get(ctx, req.NamespacedName, serviceInstance); err != nil {
@@ -158,7 +159,7 @@ func (r *ServiceInstanceReconciler) SetupWithManager(mgr ctrl.Manager) error {
158159
}
159160

160161
func (r *ServiceInstanceReconciler) createInstance(ctx context.Context, smClient sm.Client, serviceInstance *v1.ServiceInstance) (ctrl.Result, error) {
161-
log := utils.GetLogger(ctx)
162+
log := logutils.GetLogger(ctx)
162163
log.Info("Creating instance in SM")
163164
updateHashedSpecValue(serviceInstance)
164165
instanceParameters, err := r.buildSMRequestParameters(ctx, serviceInstance)
@@ -212,7 +213,7 @@ func (r *ServiceInstanceReconciler) createInstance(ctx context.Context, smClient
212213
}
213214

214215
func (r *ServiceInstanceReconciler) updateInstance(ctx context.Context, smClient sm.Client, serviceInstance *v1.ServiceInstance) (ctrl.Result, error) {
215-
log := utils.GetLogger(ctx)
216+
log := logutils.GetLogger(ctx)
216217
log.Info(fmt.Sprintf("updating instance %s in SM", serviceInstance.Status.InstanceID))
217218

218219
instanceParameters, err := r.buildSMRequestParameters(ctx, serviceInstance)
@@ -252,7 +253,7 @@ func (r *ServiceInstanceReconciler) updateInstance(ctx context.Context, smClient
252253
}
253254

254255
func (r *ServiceInstanceReconciler) deleteInstance(ctx context.Context, serviceInstance *v1.ServiceInstance) (ctrl.Result, error) {
255-
log := utils.GetLogger(ctx)
256+
log := logutils.GetLogger(ctx)
256257

257258
log.Info("deleting instance")
258259
if controllerutil.ContainsFinalizer(serviceInstance, common.FinalizerName) {
@@ -310,7 +311,7 @@ func (r *ServiceInstanceReconciler) deleteInstance(ctx context.Context, serviceI
310311
}
311312

312313
func (r *ServiceInstanceReconciler) handleInstanceSharing(ctx context.Context, serviceInstance *v1.ServiceInstance, smClient sm.Client) (ctrl.Result, error) {
313-
log := utils.GetLogger(ctx)
314+
log := logutils.GetLogger(ctx)
314315
log.Info("Handling change in instance sharing")
315316

316317
if serviceInstance.GetShared() {
@@ -344,7 +345,7 @@ func (r *ServiceInstanceReconciler) handleInstanceSharing(ctx context.Context, s
344345
}
345346

346347
func (r *ServiceInstanceReconciler) poll(ctx context.Context, serviceInstance *v1.ServiceInstance) (ctrl.Result, error) {
347-
log := utils.GetLogger(ctx)
348+
log := logutils.GetLogger(ctx)
348349
log.Info(fmt.Sprintf("resource is in progress, found operation url %s", serviceInstance.Status.OperationURL))
349350
smClient, err := r.GetSMClient(ctx, serviceInstance)
350351
if err != nil {
@@ -436,7 +437,7 @@ func (r *ServiceInstanceReconciler) handleAsyncDelete(ctx context.Context, servi
436437
}
437438

438439
func (r *ServiceInstanceReconciler) getInstanceForRecovery(ctx context.Context, smClient sm.Client, serviceInstance *v1.ServiceInstance) (*smClientTypes.ServiceInstance, error) {
439-
log := utils.GetLogger(ctx)
440+
log := logutils.GetLogger(ctx)
440441
parameters := sm.Parameters{
441442
FieldQuery: []string{
442443
fmt.Sprintf("name eq '%s'", serviceInstance.Spec.ExternalName),
@@ -461,7 +462,7 @@ func (r *ServiceInstanceReconciler) getInstanceForRecovery(ctx context.Context,
461462
}
462463

463464
func (r *ServiceInstanceReconciler) recover(ctx context.Context, smClient sm.Client, k8sInstance *v1.ServiceInstance, smInstance *smClientTypes.ServiceInstance) (ctrl.Result, error) {
464-
log := utils.GetLogger(ctx)
465+
log := logutils.GetLogger(ctx)
465466

466467
log.Info(fmt.Sprintf("found existing instance in SM with id %s, updating status", smInstance.ID))
467468
updateHashedSpecValue(k8sInstance)
@@ -510,7 +511,7 @@ func (r *ServiceInstanceReconciler) recover(ctx context.Context, smClient sm.Cli
510511
}
511512

512513
func (r *ServiceInstanceReconciler) buildSMRequestParameters(ctx context.Context, serviceInstance *v1.ServiceInstance) ([]byte, error) {
513-
log := utils.GetLogger(ctx)
514+
log := logutils.GetLogger(ctx)
514515
instanceParameters, paramSecrets, err := utils.BuildSMRequestParameters(serviceInstance.Namespace, serviceInstance.Spec.Parameters, serviceInstance.Spec.ParametersFrom)
515516
if err != nil {
516517
log.Error(err, "failed to build instance parameters")
@@ -561,7 +562,7 @@ func (r *ServiceInstanceReconciler) buildSMRequestParameters(ctx context.Context
561562
}
562563

563564
func isFinalState(ctx context.Context, serviceInstance *v1.ServiceInstance) bool {
564-
log := utils.GetLogger(ctx)
565+
log := logutils.GetLogger(ctx)
565566

566567
if serviceInstance.Status.ForceReconcile {
567568
log.Info("instance is not in final state, ForceReconcile is true")

controllers/serviceinstance_controller_test.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ import (
77
"net/http"
88
"strings"
99

10+
"github.com/SAP/sap-btp-service-operator/internal/utils/logutils"
1011
"sigs.k8s.io/controller-runtime/pkg/client"
1112

1213
authv1 "k8s.io/api/authentication/v1"
@@ -131,7 +132,7 @@ var _ = Describe("ServiceInstance controller", func() {
131132
BeforeEach(func() {
132133
ctx = context.Background()
133134
log := ctrl.Log.WithName("instanceTest")
134-
ctx = context.WithValue(ctx, utils.LogKey{}, log)
135+
ctx = context.WithValue(ctx, logutils.LogKey, log)
135136
fakeInstanceName = "ic-test-" + uuid.New().String()
136137
defaultLookupKey = types.NamespacedName{Name: fakeInstanceName, Namespace: testNamespace}
137138

0 commit comments

Comments
 (0)