Skip to content

Commit f4a42cb

Browse files
mtomaskamtomaska
committed
Use verifySecret to check for the expected password selector
1 parent 4f9bd63 commit f4a42cb

File tree

2 files changed

+48
-31
lines changed

2 files changed

+48
-31
lines changed

controllers/neutronapi_controller.go

Lines changed: 42 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -405,7 +405,6 @@ func (r *NeutronAPIReconciler) reconcileInit(
405405
helper *helper.Helper,
406406
serviceLabels map[string]string,
407407
serviceAnnotations map[string]string,
408-
ospSecret *corev1.Secret,
409408
secretVars map[string]env.Setter,
410409
) (ctrl.Result, error) {
411410
Log := r.GetLogger(ctx)
@@ -424,7 +423,7 @@ func (r *NeutronAPIReconciler) reconcileInit(
424423
//
425424
// create Secret required for neutronapi and dbsync input. It contains minimal neutron config required
426425
// to get the service up, user can add additional files to be added to the service.
427-
err = r.generateServiceSecrets(ctx, helper, instance, ospSecret, &secretVars, db)
426+
err = r.generateServiceSecrets(ctx, helper, instance, &secretVars, db)
428427
if err != nil {
429428
instance.Status.Conditions.Set(condition.FalseCondition(
430429
condition.ServiceConfigReadyCondition,
@@ -822,26 +821,31 @@ func (r *NeutronAPIReconciler) reconcileNormal(ctx context.Context, instance *ne
822821
// check for required TransportURL secret holding transport URL string
823822
//
824823

825-
transportURLSecret, hash, err := secret.GetSecret(ctx, helper, instance.Status.TransportURLSecret, instance.Namespace)
824+
transportURLSecretHash, result, err := secret.VerifySecret(
825+
ctx,
826+
types.NamespacedName{Namespace: instance.Namespace, Name: instance.Status.TransportURLSecret},
827+
[]string{"transport_url"},
828+
helper.GetClient(),
829+
time.Duration(10)*time.Second,
830+
)
826831
if err != nil {
827-
if k8s_errors.IsNotFound(err) {
828-
Log.Info(fmt.Sprintf("TransportURL secret %s not found", instance.Status.TransportURLSecret))
829-
instance.Status.Conditions.Set(condition.FalseCondition(
830-
condition.InputReadyCondition,
831-
condition.RequestedReason,
832-
condition.SeverityInfo,
833-
condition.InputReadyWaitingMessage))
834-
return ctrl.Result{RequeueAfter: time.Duration(10) * time.Second}, nil
835-
}
836832
instance.Status.Conditions.Set(condition.FalseCondition(
837833
condition.InputReadyCondition,
838834
condition.ErrorReason,
839835
condition.SeverityWarning,
840836
condition.InputReadyErrorMessage,
841837
err.Error()))
842-
return ctrl.Result{}, err
838+
return result, err
839+
} else if (result != ctrl.Result{}) {
840+
instance.Status.Conditions.Set(condition.FalseCondition(
841+
condition.InputReadyCondition,
842+
condition.RequestedReason,
843+
condition.SeverityInfo,
844+
condition.InputReadyWaitingMessage))
845+
return result, err
843846
}
844-
secretVars[transportURLSecret.Name] = env.SetValue(hash)
847+
848+
secretVars[instance.Status.TransportURLSecret] = env.SetValue(transportURLSecretHash)
845849

846850
// run check TransportURL secret - end
847851

@@ -852,26 +856,32 @@ func (r *NeutronAPIReconciler) reconcileNormal(ctx context.Context, instance *ne
852856
//
853857
// check for required OpenStack secret holding passwords for service/admin user and add hash to the vars map,
854858
//
855-
ospSecret, hash, err := secret.GetSecret(ctx, helper, instance.Spec.Secret, instance.Namespace)
859+
ospSecretHash, result, err := secret.VerifySecret(
860+
ctx,
861+
types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret},
862+
[]string{instance.Spec.PasswordSelectors.Service},
863+
helper.GetClient(),
864+
time.Duration(10)*time.Second,
865+
)
866+
856867
if err != nil {
857-
if k8s_errors.IsNotFound(err) {
858-
Log.Info(fmt.Sprintf("OpenStack secret %s not found", instance.Spec.Secret))
859-
instance.Status.Conditions.Set(condition.FalseCondition(
860-
condition.InputReadyCondition,
861-
condition.RequestedReason,
862-
condition.SeverityInfo,
863-
condition.InputReadyWaitingMessage))
864-
return ctrl.Result{RequeueAfter: time.Duration(10) * time.Second}, nil
865-
}
866868
instance.Status.Conditions.Set(condition.FalseCondition(
867869
condition.InputReadyCondition,
868870
condition.ErrorReason,
869871
condition.SeverityWarning,
870872
condition.InputReadyErrorMessage,
871873
err.Error()))
872-
return ctrl.Result{}, err
874+
return result, err
875+
} else if (result != ctrl.Result{}) {
876+
instance.Status.Conditions.Set(condition.FalseCondition(
877+
condition.InputReadyCondition,
878+
condition.RequestedReason,
879+
condition.SeverityInfo,
880+
condition.InputReadyWaitingMessage))
881+
return result, err
873882
}
874-
secretVars[ospSecret.Name] = env.SetValue(hash)
883+
884+
secretVars[instance.Spec.Secret] = env.SetValue(ospSecretHash)
875885

876886
instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)
877887
// run check OpenStack secret - end
@@ -953,7 +963,7 @@ func (r *NeutronAPIReconciler) reconcileNormal(ctx context.Context, instance *ne
953963
}
954964

955965
// Handle service init
956-
ctrlResult, err := r.reconcileInit(ctx, instance, helper, serviceLabels, serviceAnnotations, ospSecret, secretVars)
966+
ctrlResult, err := r.reconcileInit(ctx, instance, helper, serviceLabels, serviceAnnotations, secretVars)
957967
if err != nil {
958968
return ctrlResult, err
959969
} else if (ctrlResult != ctrl.Result{}) {
@@ -1418,7 +1428,6 @@ func (r *NeutronAPIReconciler) generateServiceSecrets(
14181428
ctx context.Context,
14191429
h *helper.Helper,
14201430
instance *neutronv1beta1.NeutronAPI,
1421-
ospSecret *corev1.Secret,
14221431
envVars *map[string]env.Setter,
14231432
db *mariadbv1.Database,
14241433
) error {
@@ -1481,6 +1490,11 @@ func (r *NeutronAPIReconciler) generateServiceSecrets(
14811490
return err
14821491
}
14831492

1493+
ospSecret, _, err := secret.GetSecret(ctx, h, instance.Spec.Secret, instance.Namespace)
1494+
if err != nil {
1495+
return err
1496+
}
1497+
14841498
templateParameters := make(map[string]interface{})
14851499
templateParameters["ServiceUser"] = instance.Spec.ServiceUser
14861500
templateParameters["KeystoneInternalURL"] = keystoneInternalURL

test/functional/neutronapi_controller_test.go

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -206,7 +206,8 @@ var _ = Describe("NeutronAPI controller", func() {
206206
Namespace: namespace,
207207
},
208208
Data: map[string][]byte{
209-
"transport_url": []byte("rabbit://user@svc:1234"),
209+
"NeutronPassword": []byte("12345678"),
210+
"transport_url": []byte("rabbit://user@svc:1234"),
210211
},
211212
}
212213
Expect(k8sClient.Create(ctx, secret)).Should(Succeed())
@@ -303,7 +304,8 @@ var _ = Describe("NeutronAPI controller", func() {
303304
Namespace: namespace,
304305
},
305306
Data: map[string][]byte{
306-
"transport_url": []byte("rabbit://user@svc:1234"),
307+
"NeutronPassword": []byte("12345678"),
308+
"transport_url": []byte("rabbit://user@svc:1234"),
307309
},
308310
}
309311
Expect(k8sClient.Create(ctx, secret)).Should(Succeed())
@@ -1293,7 +1295,8 @@ var _ = Describe("NeutronAPI controller", func() {
12931295
Namespace: GetNeutronAPI(neutronAPIName).Namespace,
12941296
},
12951297
Data: map[string][]byte{
1296-
"transport_url": []byte("rabbit://user@svc:1234"),
1298+
"NeutronPassword": []byte("12345678"),
1299+
"transport_url": []byte("rabbit://user@svc:1234"),
12971300
},
12981301
}
12991302
Expect(k8sClient.Create(ctx, secret)).Should(Succeed())

0 commit comments

Comments
 (0)