Skip to content

Commit e8cd36f

Browse files
rjeberhardrjeberhard
authored
Merge pull request #594 from oracle/owls-70100
Introspect: Remove admin secret mount from wl pods
2 parents b2c2536 + f492a22 commit e8cd36f

File tree

2 files changed

+0
-20
lines changed

2 files changed

+0
-20
lines changed

operator/src/main/java/oracle/kubernetes/operator/helpers/PodStepContext.java

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,6 @@
2424
import io.kubernetes.client.models.V1Pod;
2525
import io.kubernetes.client.models.V1PodSpec;
2626
import io.kubernetes.client.models.V1Probe;
27-
import io.kubernetes.client.models.V1SecretVolumeSource;
2827
import io.kubernetes.client.models.V1Status;
2928
import io.kubernetes.client.models.V1Volume;
3029
import io.kubernetes.client.models.V1VolumeMount;
@@ -177,10 +176,6 @@ private String getIncludeServerOutInPodLog() {
177176

178177
abstract String getServerName();
179178

180-
private String getAdminSecretName() {
181-
return getDomain().getAdminSecret().getName();
182-
}
183-
184179
private List<V1PersistentVolumeClaim> getClaims() {
185180
return info.getClaims().getItems();
186181
}
@@ -596,10 +591,6 @@ protected V1PodSpec createSpec(TuningParameters tuningParameters) {
596591
createContainer(tuningParameters)
597592
.resources(getServerSpec().getResources())
598593
.securityContext(getServerSpec().getContainerSecurityContext()))
599-
.addVolumesItem(
600-
new V1Volume()
601-
.name(SECRETS_VOLUME)
602-
.secret(new V1SecretVolumeSource().secretName(getAdminSecretName())))
603594
.addVolumesItem(
604595
new V1Volume()
605596
.name(SCRIPTS_VOLUME)
@@ -661,7 +652,6 @@ private V1Container createContainer(TuningParameters tuningParameters) {
661652
.env(getEnvironmentVariables(tuningParameters))
662653
.addPortsItem(new V1ContainerPort().containerPort(getPort()).protocol("TCP"))
663654
.lifecycle(createLifecycle())
664-
.addVolumeMountsItem(readOnlyVolumeMount(SECRETS_VOLUME, SECRETS_MOUNT_PATH))
665655
.addVolumeMountsItem(readOnlyVolumeMount(SCRIPTS_VOLUME, SCRIPTS_MOUNTS_PATH))
666656
.addVolumeMountsItem(readOnlyVolumeMount(DEBUG_CM_VOLUME, DEBUG_CM_MOUNTS_PATH))
667657
.livenessProbe(createLivenessProbe(tuningParameters.getPodTuning()));

operator/src/test/java/oracle/kubernetes/operator/helpers/PodHelperTestBase.java

Lines changed: 0 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -94,7 +94,6 @@ public abstract class PodHelperTestBase {
9494
private static final int CONFIGURED_PERIOD = 35;
9595
private static final String LOG_HOME = "/shared/logs";
9696
private static final String NODEMGR_HOME = "/u01/nodemanager";
97-
private static final String CREDENTIALS_VOLUME_NAME = "weblogic-credentials-volume";
9897
private static final String CONFIGMAP_VOLUME_NAME = "weblogic-domain-cm-volume";
9998
private static final String SIT_CONFIG_MAP_VOLUME_SUFFIX =
10099
"-weblogic-domain-introspect-cm-volume";
@@ -271,7 +270,6 @@ public void whenPodCreated_containerHasExpectedVolumeMounts() {
271270
writableVolumeMount("weblogic-domain-storage-volume", "/shared"),
272271
writableVolumeMount(
273272
UID + SIT_CONFIG_MAP_VOLUME_SUFFIX, "/weblogic-operator/introspector"),
274-
readOnlyVolumeMount("weblogic-credentials-volume", "/weblogic-operator/secrets"),
275273
readOnlyVolumeMount("weblogic-domain-debug-cm-volume", "/weblogic-operator/debug"),
276274
readOnlyVolumeMount("weblogic-domain-cm-volume", "/weblogic-operator/scripts")));
277275
}
@@ -284,7 +282,6 @@ public void whenPodCreated_withNoPVC_containerHasExpectedVolumeMounts() {
284282
containsInAnyOrder(
285283
writableVolumeMount(
286284
UID + SIT_CONFIG_MAP_VOLUME_SUFFIX, "/weblogic-operator/introspector"),
287-
readOnlyVolumeMount("weblogic-credentials-volume", "/weblogic-operator/secrets"),
288285
readOnlyVolumeMount("weblogic-domain-debug-cm-volume", "/weblogic-operator/debug"),
289286
readOnlyVolumeMount("weblogic-domain-cm-volume", "/weblogic-operator/scripts")));
290287
}
@@ -426,13 +423,6 @@ public void whenDomainSpecifiesClaimName_podSpecUsesIt() {
426423
assertThat(storageVolume.getPersistentVolumeClaim().getClaimName(), equalTo("predefined"));
427424
}
428425

429-
@Test
430-
public void createdPod_hasCredentialsVolume() {
431-
V1Volume credentialsVolume = getVolumeWithName(getCreatedPod(), CREDENTIALS_VOLUME_NAME);
432-
433-
assertThat(credentialsVolume.getSecret().getSecretName(), equalTo(ADMIN_SECRET_NAME));
434-
}
435-
436426
@Test
437427
public void createdPod_hasConfigMapVolume() {
438428
V1Volume credentialsVolume = getVolumeWithName(getCreatedPod(), CONFIGMAP_VOLUME_NAME);

0 commit comments

Comments
 (0)