From 59ad82d8796601768fd2d4016f73a9a0735c19c1 Mon Sep 17 00:00:00 2001 From: Mike Bayer Date: Tue, 20 Feb 2024 11:42:02 -0500 Subject: [PATCH] new API to allow services to generate MariaDBAccount --- .../cinder.openstack.org_cinderapis.yaml | 10 +-- .../cinder.openstack.org_cinderbackups.yaml | 10 +-- api/bases/cinder.openstack.org_cinders.yaml | 10 +-- ...cinder.openstack.org_cinderschedulers.yaml | 10 +-- .../cinder.openstack.org_cindervolumes.yaml | 10 +-- api/go.mod | 1 + api/go.sum | 3 +- api/v1beta1/common_types.go | 16 ++-- .../cinder.openstack.org_cinderapis.yaml | 10 +-- .../cinder.openstack.org_cinderbackups.yaml | 10 +-- .../bases/cinder.openstack.org_cinders.yaml | 10 +-- ...cinder.openstack.org_cinderschedulers.yaml | 10 +-- .../cinder.openstack.org_cindervolumes.yaml | 10 +-- config/samples/cinder_v1beta1_cinder.yaml | 2 +- config/samples/cinder_v1beta1_cinder_tls.yaml | 2 +- controllers/cinder_controller.go | 66 ++++++++++----- go.mod | 4 +- go.sum | 8 +- test/functional/cinder_controller_test.go | 84 ++++++++++++++++++- test/functional/cinder_test_data.go | 10 +-- .../common/assert_sample_deployment.yaml | 2 +- .../common/assert_tls_sample_deployment.yaml | 2 +- 22 files changed, 183 insertions(+), 117 deletions(-) diff --git a/api/bases/cinder.openstack.org_cinderapis.yaml b/api/bases/cinder.openstack.org_cinderapis.yaml index 1f51f92d8..a6878de2b 100644 --- a/api/bases/cinder.openstack.org_cinderapis.yaml +++ b/api/bases/cinder.openstack.org_cinderapis.yaml @@ -48,11 +48,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseHostname: + type: string debug: properties: service: @@ -876,12 +876,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/api/bases/cinder.openstack.org_cinderbackups.yaml b/api/bases/cinder.openstack.org_cinderbackups.yaml index d1df4a27b..278c85ced 100644 --- a/api/bases/cinder.openstack.org_cinderbackups.yaml +++ b/api/bases/cinder.openstack.org_cinderbackups.yaml @@ -48,11 +48,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseHostname: + type: string debug: properties: service: @@ -825,12 +825,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/api/bases/cinder.openstack.org_cinders.yaml b/api/bases/cinder.openstack.org_cinders.yaml index 208f7d561..810c4f686 100644 --- a/api/bases/cinder.openstack.org_cinders.yaml +++ b/api/bases/cinder.openstack.org_cinders.yaml @@ -362,11 +362,11 @@ spec: type: object customServiceConfig: type: string - databaseInstance: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseInstance: + type: string dbPurge: properties: age: @@ -1151,12 +1151,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/api/bases/cinder.openstack.org_cinderschedulers.yaml b/api/bases/cinder.openstack.org_cinderschedulers.yaml index ffbbf26d5..2b3173843 100644 --- a/api/bases/cinder.openstack.org_cinderschedulers.yaml +++ b/api/bases/cinder.openstack.org_cinderschedulers.yaml @@ -48,11 +48,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseHostname: + type: string debug: properties: service: @@ -825,12 +825,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/api/bases/cinder.openstack.org_cindervolumes.yaml b/api/bases/cinder.openstack.org_cindervolumes.yaml index 50f31a5ba..fc8777049 100644 --- a/api/bases/cinder.openstack.org_cindervolumes.yaml +++ b/api/bases/cinder.openstack.org_cindervolumes.yaml @@ -48,11 +48,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseHostname: + type: string debug: properties: service: @@ -825,12 +825,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/api/go.mod b/api/go.mod index 54740747c..a32ddcd8a 100644 --- a/api/go.mod +++ b/api/go.mod @@ -37,6 +37,7 @@ require ( github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/onsi/ginkgo/v2 v2.15.0 // indirect + github.com/onsi/gomega v1.31.1 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/prometheus/client_golang v1.16.0 // indirect github.com/prometheus/client_model v0.4.0 // indirect diff --git a/api/go.sum b/api/go.sum index 8b9f6432c..38964aa4b 100644 --- a/api/go.sum +++ b/api/go.sum @@ -73,7 +73,8 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.31.1 h1:KYppCUK+bUgAZwHOu7EXVBKyQA6ILvOESHkn/tgoqvo= +github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0= github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240216173409-86913e6d5885 h1:o7KZaxKt8Dr97ZJIBPW0P482gLyFEURKF89fizcJCBQ= github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:bQwzyQtWCR9F0+IvWZ30J9d1lB6tcX3CNJ0Ten1smDw= github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.20240216173409-86913e6d5885 h1:sMO+IYsZ91Nho0FV6y03J0NTGd8+ZWB4KmKJJU94gTU= diff --git a/api/v1beta1/common_types.go b/api/v1beta1/common_types.go index e2f6358ad..ce4a20c44 100644 --- a/api/v1beta1/common_types.go +++ b/api/v1beta1/common_types.go @@ -29,17 +29,16 @@ type CinderTemplate struct { // +kubebuilder:validation:Optional // +kubebuilder:default=cinder - // DatabaseUser - optional username used for cinder DB, defaults to cinder - // TODO: -> implement needs work in mariadb-operator, right now only cinder - DatabaseUser string `json:"databaseUser"` + // DatabaseAccount - optional MariaDBAccount used for cinder DB, defaults to cinder + DatabaseAccount string `json:"databaseAccount"` // +kubebuilder:validation:Required - // Secret containing OpenStack password information for CinderDatabasePassword + // Secret containing OpenStack password information Secret string `json:"secret"` // +kubebuilder:validation:Optional - // +kubebuilder:default={database: CinderDatabasePassword, service: CinderPassword} - // PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret + // +kubebuilder:default={service: CinderPassword} + // PasswordSelectors - Selectors to identify the ServiceUser password from the Secret PasswordSelectors PasswordSelector `json:"passwordSelectors"` } @@ -84,11 +83,6 @@ type CinderServiceTemplate struct { // PasswordSelector to identify the DB and AdminUser password from the Secret type PasswordSelector struct { - // +kubebuilder:validation:Optional - // +kubebuilder:default="CinderDatabasePassword" - // Database - Selector to get the cinder database user password from the Secret - // TODO: not used, need change in mariadb-operator - Database string `json:"database"` // +kubebuilder:validation:Optional // +kubebuilder:default="CinderPassword" // Service - Selector to get the cinder service password from the Secret diff --git a/config/crd/bases/cinder.openstack.org_cinderapis.yaml b/config/crd/bases/cinder.openstack.org_cinderapis.yaml index 1f51f92d8..a6878de2b 100644 --- a/config/crd/bases/cinder.openstack.org_cinderapis.yaml +++ b/config/crd/bases/cinder.openstack.org_cinderapis.yaml @@ -48,11 +48,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseHostname: + type: string debug: properties: service: @@ -876,12 +876,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/config/crd/bases/cinder.openstack.org_cinderbackups.yaml b/config/crd/bases/cinder.openstack.org_cinderbackups.yaml index d1df4a27b..278c85ced 100644 --- a/config/crd/bases/cinder.openstack.org_cinderbackups.yaml +++ b/config/crd/bases/cinder.openstack.org_cinderbackups.yaml @@ -48,11 +48,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseHostname: + type: string debug: properties: service: @@ -825,12 +825,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/config/crd/bases/cinder.openstack.org_cinders.yaml b/config/crd/bases/cinder.openstack.org_cinders.yaml index 208f7d561..810c4f686 100644 --- a/config/crd/bases/cinder.openstack.org_cinders.yaml +++ b/config/crd/bases/cinder.openstack.org_cinders.yaml @@ -362,11 +362,11 @@ spec: type: object customServiceConfig: type: string - databaseInstance: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseInstance: + type: string dbPurge: properties: age: @@ -1151,12 +1151,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/config/crd/bases/cinder.openstack.org_cinderschedulers.yaml b/config/crd/bases/cinder.openstack.org_cinderschedulers.yaml index ffbbf26d5..2b3173843 100644 --- a/config/crd/bases/cinder.openstack.org_cinderschedulers.yaml +++ b/config/crd/bases/cinder.openstack.org_cinderschedulers.yaml @@ -48,11 +48,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseHostname: + type: string debug: properties: service: @@ -825,12 +825,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/config/crd/bases/cinder.openstack.org_cindervolumes.yaml b/config/crd/bases/cinder.openstack.org_cindervolumes.yaml index 50f31a5ba..fc8777049 100644 --- a/config/crd/bases/cinder.openstack.org_cindervolumes.yaml +++ b/config/crd/bases/cinder.openstack.org_cindervolumes.yaml @@ -48,11 +48,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: cinder type: string + databaseHostname: + type: string debug: properties: service: @@ -825,12 +825,8 @@ spec: type: object passwordSelectors: default: - database: CinderDatabasePassword service: CinderPassword properties: - database: - default: CinderDatabasePassword - type: string service: default: CinderPassword type: string diff --git a/config/samples/cinder_v1beta1_cinder.yaml b/config/samples/cinder_v1beta1_cinder.yaml index 69b4e936a..adf895f50 100644 --- a/config/samples/cinder_v1beta1_cinder.yaml +++ b/config/samples/cinder_v1beta1_cinder.yaml @@ -9,7 +9,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: cinder + databaseAccount: cinder rabbitMqClusterName: rabbitmq cinderAPI: {} cinderScheduler: {} diff --git a/config/samples/cinder_v1beta1_cinder_tls.yaml b/config/samples/cinder_v1beta1_cinder_tls.yaml index a3a729c66..25c0bab52 100644 --- a/config/samples/cinder_v1beta1_cinder_tls.yaml +++ b/config/samples/cinder_v1beta1_cinder_tls.yaml @@ -9,7 +9,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: cinder + databaseAccount: cinder rabbitMqClusterName: rabbitmq cinderAPI: tls: diff --git a/controllers/cinder_controller.go b/controllers/cinder_controller.go index ef739bd88..b291cb1cc 100644 --- a/controllers/cinder_controller.go +++ b/controllers/cinder_controller.go @@ -349,7 +349,7 @@ func (r *CinderReconciler) reconcileDelete(ctx context.Context, instance *cinder Log.Info(fmt.Sprintf("Reconciling Service '%s' delete", instance.Name)) // remove db finalizer first - db, err := mariadbv1.GetDatabaseByName(ctx, helper, instance.Name) + db, err := mariadbv1.GetDatabaseByNameAndAccount(ctx, helper, instance.Name, instance.Spec.DatabaseAccount, instance.Namespace) if err != nil && !k8s_errors.IsNotFound(err) { return ctrl.Result{}, err } @@ -826,6 +826,11 @@ func (r *CinderReconciler) reconcileNormal(ctx context.Context, instance *cinder instance.Status.Conditions.MarkTrue(condition.CronJobReadyCondition, condition.CronJobReadyMessage) // create CronJob - end + err = mariadbv1.DeleteUnusedMariaDBAccountFinalizers(ctx, helper, instance.Name, instance.Spec.DatabaseAccount, instance.Namespace) + if err != nil { + return ctrl.Result{}, err + } + Log.Info(fmt.Sprintf("Reconciled Service '%s' successfully", instance.Name)) return ctrl.Result{}, nil } @@ -872,7 +877,7 @@ func (r *CinderReconciler) generateServiceConfigs( labels := labels.GetLabels(instance, labels.GetGroupLabel(cinder.ServiceName), serviceLabels) - db, err := mariadbv1.GetDatabaseByName(ctx, h, cinder.DatabaseName) + db, err := mariadbv1.GetDatabaseByNameAndAccount(ctx, h, instance.Name, instance.Spec.DatabaseAccount, instance.Namespace) if err != nil { return err } @@ -881,6 +886,7 @@ func (r *CinderReconciler) generateServiceConfigs( if instance.Spec.CinderAPI.TLS.Ca.CaBundleSecretName != "" { tlsCfg = &tls.Service{} } + // customData hold any customization for all cinder services. customData := map[string]string{ cinder.CustomConfigFileName: instance.Spec.CustomServiceConfig, @@ -910,6 +916,9 @@ func (r *CinderReconciler) generateServiceConfigs( return err } + databaseAccount := db.GetAccount() + dbSecret := db.GetSecret() + templateParameters := make(map[string]interface{}) templateParameters["ServiceUser"] = instance.Spec.ServiceUser templateParameters["ServicePassword"] = string(ospSecret.Data[instance.Spec.PasswordSelectors.Service]) @@ -917,8 +926,8 @@ func (r *CinderReconciler) generateServiceConfigs( templateParameters["KeystonePublicURL"] = keystonePublicURL templateParameters["TransportURL"] = string(transportURLSecret.Data["transport_url"]) templateParameters["DatabaseConnection"] = fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s?read_default_file=/etc/my.cnf", - instance.Spec.DatabaseUser, - string(ospSecret.Data[instance.Spec.PasswordSelectors.Database]), + databaseAccount.Spec.UserName, + string(dbSecret.Data[mariadbv1.DatabasePasswordSelector]), instance.Status.DatabaseHostname, cinder.DatabaseName) templateParameters["MemcachedServersWithInet"] = strings.Join(memcached.Status.ServerListWithInet, ",") @@ -1242,24 +1251,43 @@ func (r *CinderReconciler) ensureDB( h *helper.Helper, instance *cinderv1beta1.Cinder, ) (*mariadbv1.Database, ctrl.Result, error) { - // - // create service DB instance - // - db := mariadbv1.NewDatabase( - instance.Name, - instance.Spec.DatabaseUser, - instance.Spec.Secret, - map[string]string{ - "dbName": instance.Spec.DatabaseInstance, - }, + // ensure MariaDBAccount exists. This account record may be created by + // openstack-operator or the cloud operator up front without a specific + // MariaDBDatabase configured yet. Otherwise, a MariaDBAccount CR is + // created here with a generated username as well as a secret with + // generated password. The MariaDBAccount is created without being + // yet associated with any MariaDBDatabase. + _, _, err := mariadbv1.EnsureMariaDBAccount( + ctx, h, instance.Spec.DatabaseAccount, + instance.Namespace, false, "cinder", ) - // create or patch the DB - ctrlResult, err := db.CreateOrPatchDBByName( - ctx, - h, - instance.Spec.DatabaseInstance, + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + mariadbv1.MariaDBAccountReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + mariadbv1.MariaDBAccountNotReadyMessage, + err.Error())) + + return nil, ctrl.Result{}, err + } + instance.Status.Conditions.MarkTrue( + mariadbv1.MariaDBAccountReadyCondition, + mariadbv1.MariaDBAccountReadyMessage, + ) + + db := mariadbv1.NewDatabaseForAccount( + instance.Spec.DatabaseInstance, // mariadb/galera service to target + instance.Name, // name used in CREATE DATABASE in mariadb + instance.Name, // CR name for MariaDBDatabase + instance.Spec.DatabaseAccount, // CR name for MariaDBAccount + instance.Namespace, // namespace ) + // create or patch the DB + // create or patch the DB + ctrlResult, err := db.CreateOrPatchAll(ctx, h) + if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.DBReadyCondition, diff --git a/go.mod b/go.mod index dd15788cc..95b2d7b67 100644 --- a/go.mod +++ b/go.mod @@ -7,13 +7,13 @@ require ( github.com/google/uuid v1.6.0 github.com/k8snetworkplumbingwg/network-attachment-definition-client v1.4.0 github.com/onsi/ginkgo/v2 v2.15.0 - github.com/onsi/gomega v1.30.0 + github.com/onsi/gomega v1.31.1 github.com/openstack-k8s-operators/infra-operator/apis v0.3.1-0.20240219072823-a587b364203f github.com/openstack-k8s-operators/keystone-operator/api v0.3.1-0.20240219094943-9bbb46c9afba github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240216173409-86913e6d5885 github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.20240216173409-86913e6d5885 github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885 - github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240219072536-62f6b4dc7798 + github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240303091826-438dde8600d3 golang.org/x/exp v0.0.0-20240213143201-ec583247a57a k8s.io/api v0.28.7 k8s.io/apimachinery v0.28.7 diff --git a/go.sum b/go.sum index 7e6f3dacc..c169253cc 100644 --- a/go.sum +++ b/go.sum @@ -87,8 +87,8 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= -github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/gomega v1.31.1 h1:KYppCUK+bUgAZwHOu7EXVBKyQA6ILvOESHkn/tgoqvo= +github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0= github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI= github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/openstack-k8s-operators/infra-operator/apis v0.3.1-0.20240219072823-a587b364203f h1:suf/08227pC+qQRbsUPLMOSw3mJ82b0o9Hs7MO/g9BY= @@ -103,8 +103,8 @@ github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.202402161 github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:sK82mkh2UzITsbNa/y6AKTZftHQnsYigqRx+rFbfZM4= github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885 h1:ioJ2MO3vAcBkLM+0UBu5IuKW/DPXcyiNSOLq0Xvn+Nw= github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:82nzS+DbBe1tzaMvNHH8FctmZzQ14ZAJysFGsMJiivo= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240219072536-62f6b4dc7798 h1:zL4DdQ5HPXCLHeRMAWC2zI7ypbkZVYg3UkyEFSnzeow= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240219072536-62f6b4dc7798/go.mod h1:PDqfLbP4ZWqQHAu1OtbjfpOGQUKSzLqRJChvE/9pcyQ= +github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240303091826-438dde8600d3 h1:fwb+GvvnN9Mhkgg5pBksZ8W5+hLCcNOorHsUTQYA1Lg= +github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240303091826-438dde8600d3/go.mod h1:f9IIyWeoskWoeWaDFF3qmAJ2Kqyovfi0Ar/QUfk3qag= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= diff --git a/test/functional/cinder_controller_test.go b/test/functional/cinder_controller_test.go index 72f834e55..e9f5f10bd 100644 --- a/test/functional/cinder_controller_test.go +++ b/test/functional/cinder_controller_test.go @@ -22,6 +22,7 @@ import ( . "github.com/onsi/gomega" . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/types" "k8s.io/utils/ptr" cinderv1 "github.com/openstack-k8s-operators/cinder-operator/api/v1beta1" @@ -29,6 +30,7 @@ import ( memcachedv1 "github.com/openstack-k8s-operators/infra-operator/apis/memcached/v1beta1" condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadb_test "github.com/openstack-k8s-operators/mariadb-operator/api/test/helpers" ) var _ = Describe("Cinder controller", func() { @@ -63,7 +65,7 @@ var _ = Describe("Cinder controller", func() { It("should have the Spec fields initialized", func() { Cinder := GetCinder(cinderTest.Instance) Expect(Cinder.Spec.DatabaseInstance).Should(Equal("openstack")) - Expect(Cinder.Spec.DatabaseUser).Should(Equal(cinderTest.CinderDataBaseUser)) + Expect(Cinder.Spec.DatabaseAccount).Should(Equal(cinderTest.CinderDataBaseAccount)) Expect(Cinder.Spec.MemcachedInstance).Should(Equal(cinderTest.MemcachedInstance)) Expect(Cinder.Spec.RabbitMqClusterName).Should(Equal(cinderTest.RabbitmqClusterName)) Expect(Cinder.Spec.ServiceUser).Should(Equal(cinderTest.CinderServiceUser)) @@ -645,4 +647,84 @@ var _ = Describe("Cinder controller", func() { }, timeout, interval).Should(Succeed()) }) }) + + // Run MariaDBAccount suite tests. these are pre-packaged ginkgo tests + // that exercise standard account create / update patterns that should be + // common to all controllers that ensure MariaDBAccount CRs. + mariadbSuite := &mariadb_test.MariaDBTestHarness{ + PopulateHarness: func(harness *mariadb_test.MariaDBTestHarness) { + harness.Setup( + "Cinder", + cinderTest.Instance.Namespace, + cinderTest.Instance.Name, + "Cinder", + mariadb, + timeout, + interval, + ) + }, + // Generate a fully running Cinder service given an accountName + // needs to make it all the way to the end where the mariadb finalizers + // are removed from unused accounts since that's part of what we are testing + SetupCR: func(accountName types.NamespacedName) { + spec := GetTLSCinderSpec() + spec["databaseAccount"] = accountName.Name + + DeferCleanup(th.DeleteInstance, CreateCinder(cinderTest.Instance, spec)) + DeferCleanup(k8sClient.Delete, ctx, CreateCinderMessageBusSecret(cinderTest.Instance.Namespace, cinderTest.RabbitmqSecretName)) + DeferCleanup(th.DeleteInstance, CreateCinderAPI(cinderTest.Instance, GetDefaultCinderAPISpec())) + DeferCleanup(th.DeleteInstance, CreateCinderScheduler(cinderTest.Instance, GetDefaultCinderSchedulerSpec())) + DeferCleanup(th.DeleteInstance, CreateCinderVolume(cinderTest.Instance, GetDefaultCinderVolumeSpec())) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + cinderTest.Instance.Namespace, + GetCinder(cinderName).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + infra.SimulateTransportURLReady(cinderTest.CinderTransportURL) + DeferCleanup(infra.DeleteMemcached, infra.CreateMemcached(namespace, cinderTest.MemcachedInstance, memcachedSpec)) + infra.SimulateMemcachedReady(cinderTest.CinderMemcached) + DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(cinderTest.Instance.Namespace)) + mariadb.SimulateMariaDBAccountCompleted(accountName) + mariadb.SimulateMariaDBDatabaseCompleted(cinderTest.Instance) + th.SimulateJobSuccess(cinderTest.CinderDBSync) + + DeferCleanup(k8sClient.Delete, ctx, th.CreateCABundleSecret(cinderTest.CABundleSecret)) + DeferCleanup(k8sClient.Delete, ctx, th.CreateCertSecret(cinderTest.InternalCertSecret)) + DeferCleanup(k8sClient.Delete, ctx, th.CreateCertSecret(cinderTest.PublicCertSecret)) + keystone.SimulateKeystoneServiceReady(cinderTest.CinderKeystoneService) + keystone.SimulateKeystoneEndpointReady(cinderTest.CinderKeystoneEndpoint) + + th.AssertServiceExists(cinderTest.CinderServicePublic) + th.AssertServiceExists(cinderTest.CinderServiceInternal) + + // check keystone endpoints + keystoneEndpoint := keystone.GetKeystoneEndpoint(cinderTest.CinderKeystoneEndpoint) + endpoints := keystoneEndpoint.Spec.Endpoints + Expect(endpoints).To(HaveKeyWithValue("public", "https://cinder-public."+namespace+".svc:8776/v3")) + Expect(endpoints).To(HaveKeyWithValue("internal", "https://cinder-internal."+namespace+".svc:8776/v3")) + + }, + // Change the account name in the service to a new name + UpdateAccount: func(newAccountName types.NamespacedName) { + + Eventually(func(g Gomega) { + cinder := GetCinder(cinderName) + cinder.Spec.DatabaseAccount = newAccountName.Name + g.Expect(th.K8sClient.Update(ctx, cinder)).Should(Succeed()) + }, timeout, interval).Should(Succeed()) + + }, + // delete the instance to exercise finalizer removal + DeleteCR: func() { + th.DeleteInstance(GetCinder(cinderName)) + }, + } + + mariadbSuite.RunBasicSuite() + }) diff --git a/test/functional/cinder_test_data.go b/test/functional/cinder_test_data.go index 6f2e0204e..64dcf4558 100644 --- a/test/functional/cinder_test_data.go +++ b/test/functional/cinder_test_data.go @@ -39,7 +39,7 @@ type CinderTestData struct { RabbitmqClusterName string RabbitmqSecretName string MemcachedInstance string - CinderDataBaseUser string + CinderDataBaseAccount string CinderPassword string CinderServiceUser string DatabaseHostname string @@ -150,10 +150,10 @@ func GetCinderTestData(cinderName types.NamespacedName) CinderTestData { Namespace: cinderName.Namespace, Name: "internalapi", }, - RabbitmqClusterName: "rabbitmq", - RabbitmqSecretName: "rabbitmq-secret", - MemcachedInstance: MemcachedInstance, - CinderDataBaseUser: "cinder", + RabbitmqClusterName: "rabbitmq", + RabbitmqSecretName: "rabbitmq-secret", + MemcachedInstance: MemcachedInstance, + CinderDataBaseAccount: "cinder", // Password used for both db and service CinderPassword: "12345678", CinderServiceUser: "cinder", diff --git a/test/kuttl/common/assert_sample_deployment.yaml b/test/kuttl/common/assert_sample_deployment.yaml index 0a49beb74..61ef04ab1 100644 --- a/test/kuttl/common/assert_sample_deployment.yaml +++ b/test/kuttl/common/assert_sample_deployment.yaml @@ -8,7 +8,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: cinder + databaseAccount: cinder rabbitMqClusterName: rabbitmq cinderAPI: replicas: 1 diff --git a/test/kuttl/common/assert_tls_sample_deployment.yaml b/test/kuttl/common/assert_tls_sample_deployment.yaml index 178c48b0e..8539fc279 100644 --- a/test/kuttl/common/assert_tls_sample_deployment.yaml +++ b/test/kuttl/common/assert_tls_sample_deployment.yaml @@ -8,7 +8,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: cinder + databaseAccount: cinder rabbitMqClusterName: rabbitmq cinderAPI: replicas: 1