openstack-k8s-operators · stuggi · Jan 22, 2025
diff --git a/api/bases/ironic.openstack.org_ironicapis.yaml b/api/bases/ironic.openstack.org_ironicapis.yaml
@@ -78,6 +78,20 @@ spec:
                   But can also be used to add additional files. Those get added to the service config dir in /etc/<service> .
                   TODO: -> implement
                 type: object
+              httpdCustomization:
+                description: HttpdCustomization - customize the httpd service
+                properties:
+                  customConfigSecret:
+                    description: |-
+                      CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+                      a secret that contains service config data. The content of each provided snippet gets
+                      rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+                      In the default httpd template at the end of the vhost those custom configs get
+                      included using `Include conf/httpd_custom_<endpoint>_*`.
+                      For information on how sections in httpd configuration get merged, check section
+                      "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+                    type: string
+                type: object
               keystoneEndpoints:
                 description: KeystoneEndpoints - Internally used Keystone API endpoints
                 properties:

diff --git a/api/bases/ironic.openstack.org_ironicinspectors.yaml b/api/bases/ironic.openstack.org_ironicinspectors.yaml
@@ -119,6 +119,20 @@ spec:
                   - start
                   type: object
                 type: array
+              httpdCustomization:
+                description: HttpdCustomization - customize the httpd service
+                properties:
+                  customConfigSecret:
+                    description: |-
+                      CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+                      a secret that contains service config data. The content of each provided snippet gets
+                      rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+                      In the default httpd template at the end of the vhost those custom configs get
+                      included using `Include conf/httpd_custom_<endpoint>_*`.
+                      For information on how sections in httpd configuration get merged, check section
+                      "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+                    type: string
+                type: object
               inspectionNetwork:
                 description: InspectionNetwork - Additional network to attach to expose
                   boot DHCP, TFTP, HTTP services.

diff --git a/api/bases/ironic.openstack.org_ironics.yaml b/api/bases/ironic.openstack.org_ironics.yaml
@@ -122,6 +122,20 @@ spec:
                       But can also be used to add additional files. Those get added to the service config dir in /etc/<service> .
                       TODO: -> implement
                     type: object
+                  httpdCustomization:
+                    description: HttpdCustomization - customize the httpd service
+                    properties:
+                      customConfigSecret:
+                        description: |-
+                          CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+                          a secret that contains service config data. The content of each provided snippet gets
+                          rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+                          In the default httpd template at the end of the vhost those custom configs get
+                          included using `Include conf/httpd_custom_<endpoint>_*`.
+                          For information on how sections in httpd configuration get merged, check section
+                          "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+                        type: string
+                    type: object
                   networkAttachments:
                     description: NetworkAttachments is a list of NetworkAttachment
                       resource names to expose the services to the given network
@@ -603,6 +617,20 @@ spec:
                       - start
                       type: object
                     type: array
+                  httpdCustomization:
+                    description: HttpdCustomization - customize the httpd service
+                    properties:
+                      customConfigSecret:
+                        description: |-
+                          CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+                          a secret that contains service config data. The content of each provided snippet gets
+                          rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+                          In the default httpd template at the end of the vhost those custom configs get
+                          included using `Include conf/httpd_custom_<endpoint>_*`.
+                          For information on how sections in httpd configuration get merged, check section
+                          "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+                        type: string
+                    type: object
                   inspectionNetwork:
                     description: InspectionNetwork - Additional network to attach
                       to expose boot DHCP, TFTP, HTTP services.

diff --git a/api/go.mod b/api/go.mod
@@ -5,7 +5,7 @@ go 1.21
 require (
 	github.com/onsi/ginkgo/v2 v2.20.1
 	github.com/onsi/gomega v1.34.1
-	github.com/openstack-k8s-operators/lib-common/modules/common v0.5.1-0.20241216113837-d172b3ac0f4e
+	github.com/openstack-k8s-operators/lib-common/modules/common v0.5.1-0.20250116145727-01a8948d5dd7
 	k8s.io/api v0.29.12
 	k8s.io/apimachinery v0.29.12
 	k8s.io/client-go v0.29.12

diff --git a/api/go.sum b/api/go.sum
@@ -74,8 +74,8 @@ github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
 github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY=
 github.com/openshift/api v0.0.0-20240830023148-b7d0481c9094 h1:J1wuGhVxpsHykZBa6Beb1gQ96Ptej9AE/BvwCBiRj1E=
 github.com/openshift/api v0.0.0-20240830023148-b7d0481c9094/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4=
-github.com/openstack-k8s-operators/lib-common/modules/common v0.5.1-0.20241216113837-d172b3ac0f4e h1:hf4kVQBkyG79WcHBxdQ25QrDBbGFdarebS1Tc0Xclq4=
-github.com/openstack-k8s-operators/lib-common/modules/common v0.5.1-0.20241216113837-d172b3ac0f4e/go.mod h1:YpNTuJhDWhbXM50O3qBkhO7M+OOyRmWkNVmJ4y3cyFs=
+github.com/openstack-k8s-operators/lib-common/modules/common v0.5.1-0.20250116145727-01a8948d5dd7 h1:vXHpH93PjbAgg5ZN6n5WmxkybVQOs0nhXvVw62o7aZs=
+github.com/openstack-k8s-operators/lib-common/modules/common v0.5.1-0.20250116145727-01a8948d5dd7/go.mod h1:YpNTuJhDWhbXM50O3qBkhO7M+OOyRmWkNVmJ4y3cyFs=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=

diff --git a/api/v1beta1/common_types.go b/api/v1beta1/common_types.go
@@ -70,3 +70,16 @@ type KeystoneEndpoints struct {
 	// Public endpoint URL
 	Public string `json:"public"`
 }
+
+// HttpdCustomization - customize the httpd service
+type HttpdCustomization struct {
+	// +kubebuilder:validation:Optional
+	// CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+	// a secret that contains service config data. The content of each provided snippet gets
+	// rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+	// In the default httpd template at the end of the vhost those custom configs get
+	// included using `Include conf/httpd_custom_<endpoint>_*`.
+	// For information on how sections in httpd configuration get merged, check section
+	// "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+	CustomConfigSecret *string `json:"customConfigSecret,omitempty"`
+}
diff --git a/api/v1beta1/ironicapi_types.go b/api/v1beta1/ironicapi_types.go
@@ -43,6 +43,10 @@ type IronicAPITemplate struct {
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// TLS - Parameters related to the TLS
 	TLS tls.API `json:"tls,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	// HttpdCustomization - customize the httpd service
+	HttpdCustomization HttpdCustomization `json:"httpdCustomization,omitempty"`
 }
 
 // APIOverrideSpec to override the generated manifest of several child resources.

diff --git a/api/v1beta1/ironicinspector_types.go b/api/v1beta1/ironicinspector_types.go
@@ -111,6 +111,10 @@ type IronicInspectorTemplate struct {
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// TLS - Parameters related to the TLS
 	TLS tls.API `json:"tls,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	// HttpdCustomization - customize the httpd service
+	HttpdCustomization HttpdCustomization `json:"httpdCustomization,omitempty"`
 }
 
 // InspectorOverrideSpec to override the generated manifest of several child resources.

diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
diff --git a/config/crd/bases/ironic.openstack.org_ironicapis.yaml b/config/crd/bases/ironic.openstack.org_ironicapis.yaml
@@ -78,6 +78,20 @@ spec:
                   But can also be used to add additional files. Those get added to the service config dir in /etc/<service> .
                   TODO: -> implement
                 type: object
+              httpdCustomization:
+                description: HttpdCustomization - customize the httpd service
+                properties:
+                  customConfigSecret:
+                    description: |-
+                      CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+                      a secret that contains service config data. The content of each provided snippet gets
+                      rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+                      In the default httpd template at the end of the vhost those custom configs get
+                      included using `Include conf/httpd_custom_<endpoint>_*`.
+                      For information on how sections in httpd configuration get merged, check section
+                      "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+                    type: string
+                type: object
               keystoneEndpoints:
                 description: KeystoneEndpoints - Internally used Keystone API endpoints
                 properties:

diff --git a/config/crd/bases/ironic.openstack.org_ironicinspectors.yaml b/config/crd/bases/ironic.openstack.org_ironicinspectors.yaml
@@ -119,6 +119,20 @@ spec:
                   - start
                   type: object
                 type: array
+              httpdCustomization:
+                description: HttpdCustomization - customize the httpd service
+                properties:
+                  customConfigSecret:
+                    description: |-
+                      CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+                      a secret that contains service config data. The content of each provided snippet gets
+                      rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+                      In the default httpd template at the end of the vhost those custom configs get
+                      included using `Include conf/httpd_custom_<endpoint>_*`.
+                      For information on how sections in httpd configuration get merged, check section
+                      "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+                    type: string
+                type: object
               inspectionNetwork:
                 description: InspectionNetwork - Additional network to attach to expose
                   boot DHCP, TFTP, HTTP services.

diff --git a/config/crd/bases/ironic.openstack.org_ironics.yaml b/config/crd/bases/ironic.openstack.org_ironics.yaml
@@ -122,6 +122,20 @@ spec:
                       But can also be used to add additional files. Those get added to the service config dir in /etc/<service> .
                       TODO: -> implement
                     type: object
+                  httpdCustomization:
+                    description: HttpdCustomization - customize the httpd service
+                    properties:
+                      customConfigSecret:
+                        description: |-
+                          CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+                          a secret that contains service config data. The content of each provided snippet gets
+                          rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+                          In the default httpd template at the end of the vhost those custom configs get
+                          included using `Include conf/httpd_custom_<endpoint>_*`.
+                          For information on how sections in httpd configuration get merged, check section
+                          "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+                        type: string
+                    type: object
                   networkAttachments:
                     description: NetworkAttachments is a list of NetworkAttachment
                       resource names to expose the services to the given network
@@ -603,6 +617,20 @@ spec:
                       - start
                       type: object
                     type: array
+                  httpdCustomization:
+                    description: HttpdCustomization - customize the httpd service
+                    properties:
+                      customConfigSecret:
+                        description: |-
+                          CustomConfigSecret - customize the httpd vhost config using this parameter to specify
+                          a secret that contains service config data. The content of each provided snippet gets
+                          rendered as a go template and placed into /etc/httpd/conf/httpd_custom_<key> .
+                          In the default httpd template at the end of the vhost those custom configs get
+                          included using `Include conf/httpd_custom_<endpoint>_*`.
+                          For information on how sections in httpd configuration get merged, check section
+                          "How the sections are merged" in https://httpd.apache.org/docs/current/sections.html#merging
+                        type: string
+                    type: object
                   inspectionNetwork:
                     description: InspectionNetwork - Additional network to attach
                       to expose boot DHCP, TFTP, HTTP services.

diff --git a/controllers/funcs.go b/controllers/funcs.go
@@ -22,10 +22,11 @@ import (
 
 // fields to index to reconcile when change
 const (
-	passwordSecretField     = ".spec.secret"
-	caBundleSecretNameField = ".spec.tls.caBundleSecretName"
-	tlsAPIInternalField     = ".spec.tls.api.internal.secretName"
-	tlsAPIPublicField       = ".spec.tls.api.public.secretName"
+	passwordSecretField                 = ".spec.secret"
+	caBundleSecretNameField             = ".spec.tls.caBundleSecretName"
+	tlsAPIInternalField                 = ".spec.tls.api.internal.secretName"
+	tlsAPIPublicField                   = ".spec.tls.api.public.secretName"
+	httpdCustomServiceConfigSecretField = ".spec.httpdCustomization.customServiceConfigSecret"
 )
 
 var (
@@ -34,6 +35,7 @@ var (
 		caBundleSecretNameField,
 		tlsAPIInternalField,
 		tlsAPIPublicField,
+		httpdCustomServiceConfigSecretField,
 	}
 	ironicConductorWatchFields = []string{
 		passwordSecretField,
@@ -42,6 +44,7 @@ var (
 	ironicInspectorWatchFields = []string{
 		passwordSecretField,
 		caBundleSecretNameField,
+		httpdCustomServiceConfigSecretField,
 	}
 	ironicNeutronAgentWatchFields = []string{
 		passwordSecretField,

diff --git a/controllers/ironic_controller.go b/controllers/ironic_controller.go
@@ -24,6 +24,7 @@ import (
 
 	"github.com/go-logr/logr"
 	ironic "github.com/openstack-k8s-operators/ironic-operator/pkg/ironic"
+	"gopkg.in/yaml.v2"
 
 	common "github.com/openstack-k8s-operators/lib-common/modules/common"
 	condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition"
@@ -909,6 +910,13 @@ func (r *IronicReconciler) generateServiceConfigMaps(
 		ironic.DatabaseName,
 	)
 
+	// Marshal the templateParameters map to YAML
+	yamlData, err := yaml.Marshal(templateParameters)
+	if err != nil {
+		return fmt.Errorf("Error marshalling to YAML: %w", err)
+	}
+	customData[common.TemplateParameters] = string(yamlData)
+
 	cms := []util.Template{
 		// Scripts ConfigMap
 		{