diff --git a/pkg/controllers/certificatestore_controller.go b/pkg/controllers/certificatestore_controller.go index 2aecad5a3d..5b0922d677 100644 --- a/pkg/controllers/certificatestore_controller.go +++ b/pkg/controllers/certificatestore_controller.go @@ -64,7 +64,7 @@ func (r *CertificateStoreReconciler) Reconcile(ctx context.Context, req ctrl.Req if apierrors.IsNotFound(err) { logger.Infof("deletion detected, removing certificate store %v", resource) // TODO: pass the actual namespace once multi-tenancy is supported. - CertificatesMap.DeleteStore(constants.EmptyNamespace, resource) + NamespacedCertStores.DeleteStore(constants.EmptyNamespace, resource) } else { logger.Error(err, "unable to fetch certificate store") } @@ -96,7 +96,7 @@ func (r *CertificateStoreReconciler) Reconcile(ctx context.Context, req ctrl.Req } // TODO: pass the actual namespace once multi-tenancy is supported. - CertificatesMap.AddStore(constants.EmptyNamespace, resource, certificates) + NamespacedCertStores.AddStore(constants.EmptyNamespace, resource, certificates) isFetchSuccessful = true emptyErrorString := "" writeCertStoreStatus(ctx, r, certStore, logger, isFetchSuccessful, emptyErrorString, lastFetchedTime, certAttributes) diff --git a/pkg/controllers/policy_controller.go b/pkg/controllers/policy_controller.go index dfc2eebf91..babec48c68 100644 --- a/pkg/controllers/policy_controller.go +++ b/pkg/controllers/policy_controller.go @@ -58,7 +58,7 @@ func (r *PolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctr if apierrors.IsNotFound(err) { policyLogger.Infof("delete event detected, removing policy %s", resource) // TODO: pass the actual namespace once multi-tenancy is supported. - ActivePolicies.DeletePolicy(constants.EmptyNamespace, resource) + NamespacedPolicies.DeletePolicy(constants.EmptyNamespace, resource) } else { policyLogger.Error("failed to get Policy: ", err) } @@ -96,7 +96,7 @@ func policyAddOrReplace(spec configv1beta1.PolicySpec) error { } // TODO: pass the actual namespace once multi-tenancy is supported. - ActivePolicies.AddPolicy(constants.EmptyNamespace, constants.RatifyPolicy, policyEnforcer) + NamespacedPolicies.AddPolicy(constants.EmptyNamespace, constants.RatifyPolicy, policyEnforcer) return nil } diff --git a/pkg/controllers/resource_map.go b/pkg/controllers/resource_map.go index c47a686874..7e250322b1 100644 --- a/pkg/controllers/resource_map.go +++ b/pkg/controllers/resource_map.go @@ -21,15 +21,16 @@ import ( ) var ( - VerifierMap = verifiers.NewActiveVerifiers() + // NamespacedVerifiers is a map between namespace and verifiers. + NamespacedVerifiers = verifiers.NewActiveVerifiers() - // ActivePolicy is the active policy generated from CRD. There would be exactly + // NamespacedPolicies is the active policy generated from CRD. There would be exactly // one active policy belonging to a namespace at any given time. - ActivePolicies = policies.NewActivePolicies() + NamespacedPolicies = policies.NewActivePolicies() - // a map to track active stores - StoreMap = rs.NewActiveStores() + // NamespacedStores is a map to track active stores across namespaces. + NamespacedStores = rs.NewActiveStores() - // a map between CertificateStore name to array of x509 certificates - CertificatesMap = cs.NewActiveCertStores() + // NamespacedCertStores is a map between namespace and CertificateStores. + NamespacedCertStores = cs.NewActiveCertStores() ) diff --git a/pkg/controllers/store_controller.go b/pkg/controllers/store_controller.go index 5371e7c4c5..6349818af2 100644 --- a/pkg/controllers/store_controller.go +++ b/pkg/controllers/store_controller.go @@ -60,7 +60,7 @@ func (r *StoreReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl if apierrors.IsNotFound(err) { storeLogger.Infof("deletion detected, removing store %v", req.Name) // TODO: pass the actual namespace once multi-tenancy is supported. - StoreMap.DeleteStore(constants.EmptyNamespace, resource) + NamespacedStores.DeleteStore(constants.EmptyNamespace, resource) } else { storeLogger.Error(err, "unable to fetch store") } @@ -112,7 +112,7 @@ func storeAddOrReplace(spec configv1beta1.StoreSpec, fullname string) error { } // TODO: pass the actual namespace once multi-tenancy is supported. - StoreMap.AddStore(constants.EmptyNamespace, fullname, storeReference) + NamespacedStores.AddStore(constants.EmptyNamespace, fullname, storeReference) logrus.Infof("store '%v' added to store map", storeReference.Name()) return nil diff --git a/pkg/controllers/store_controller_test.go b/pkg/controllers/store_controller_test.go index 1897d57119..1aa4084475 100644 --- a/pkg/controllers/store_controller_test.go +++ b/pkg/controllers/store_controller_test.go @@ -48,15 +48,15 @@ func TestStoreAdd_EmptyParameter(t *testing.T) { if err := storeAddOrReplace(testStoreSpec, "oras"); err != nil { t.Fatalf("storeAddOrReplace() expected no error, actual %v", err) } - if StoreMap.GetStoreCount() != 1 { - t.Fatalf("Store map expected size 1, actual %v", StoreMap.GetStoreCount()) + if NamespacedStores.GetStoreCount() != 1 { + t.Fatalf("Store map expected size 1, actual %v", NamespacedStores.GetStoreCount()) } } func TestStoreAdd_WithParameters(t *testing.T) { resetStoreMap() - if StoreMap.GetStoreCount() != 0 { - t.Fatalf("Store map expected size 0, actual %v", StoreMap.GetStoreCount()) + if NamespacedStores.GetStoreCount() != 0 { + t.Fatalf("Store map expected size 0, actual %v", NamespacedStores.GetStoreCount()) } dirPath, err := utils.CreatePlugin(sampleName) if err != nil { @@ -69,8 +69,8 @@ func TestStoreAdd_WithParameters(t *testing.T) { if err := storeAddOrReplace(testStoreSpec, "testObject"); err != nil { t.Fatalf("storeAddOrReplace() expected no error, actual %v", err) } - if StoreMap.GetStoreCount() != 1 { - t.Fatalf("Store map expected size 1, actual %v", StoreMap.GetStoreCount()) + if NamespacedStores.GetStoreCount() != 1 { + t.Fatalf("Store map expected size 1, actual %v", NamespacedStores.GetStoreCount()) } } @@ -138,8 +138,8 @@ func TestStore_UpdateAndDelete(t *testing.T) { if err := storeAddOrReplace(testStoreSpec, sampleName); err != nil { t.Fatalf("storeAddOrReplace() expected no error, actual %v", err) } - if StoreMap.GetStoreCount() != 1 { - t.Fatalf("Store map expected size 1, actual %v", StoreMap.GetStoreCount()) + if NamespacedStores.GetStoreCount() != 1 { + t.Fatalf("Store map expected size 1, actual %v", NamespacedStores.GetStoreCount()) } // modify the Store @@ -153,19 +153,19 @@ func TestStore_UpdateAndDelete(t *testing.T) { } // validate no Store has been added - if StoreMap.GetStoreCount() != 1 { - t.Fatalf("Store map should be 1 after replacement, actual %v", StoreMap.GetStoreCount()) + if NamespacedStores.GetStoreCount() != 1 { + t.Fatalf("Store map should be 1 after replacement, actual %v", NamespacedStores.GetStoreCount()) } - StoreMap.DeleteStore(constants.EmptyNamespace, sampleName) + NamespacedStores.DeleteStore(constants.EmptyNamespace, sampleName) - if StoreMap.GetStoreCount() != 0 { - t.Fatalf("Store map should be 0 after deletion, actual %v", StoreMap.GetStoreCount()) + if NamespacedStores.GetStoreCount() != 0 { + t.Fatalf("Store map should be 0 after deletion, actual %v", NamespacedStores.GetStoreCount()) } } func resetStoreMap() { - StoreMap = rs.NewActiveStores() + NamespacedStores = rs.NewActiveStores() } func getOrasStoreSpec(pluginName, pluginPath string) configv1beta1.StoreSpec { diff --git a/pkg/controllers/utils/cert_store.go b/pkg/controllers/utils/cert_store.go index 0c643a2375..3bfb408162 100644 --- a/pkg/controllers/utils/cert_store.go +++ b/pkg/controllers/utils/cert_store.go @@ -24,5 +24,5 @@ import ( // returns the internal certificate map // TODO: returns certificates from both cluster-wide and given namespace as namespaced verifier could access both. func GetCertificatesMap(ctx context.Context) map[string][]*x509.Certificate { - return controllers.CertificatesMap.GetCertStores(ctxUtils.GetNamespace(ctx)) + return controllers.NamespacedCertStores.GetCertStores(ctxUtils.GetNamespace(ctx)) } diff --git a/pkg/controllers/utils/cert_store_test.go b/pkg/controllers/utils/cert_store_test.go index a7aa5b2276..a1fb43039f 100644 --- a/pkg/controllers/utils/cert_store_test.go +++ b/pkg/controllers/utils/cert_store_test.go @@ -25,8 +25,8 @@ import ( ) func TestGetCertificatesMap(t *testing.T) { - controllers.CertificatesMap = cs.NewActiveCertStores() - controllers.CertificatesMap.AddStore("default", "default/certStore", []*x509.Certificate{}) + controllers.NamespacedCertStores = cs.NewActiveCertStores() + controllers.NamespacedCertStores.AddStore("default", "default/certStore", []*x509.Certificate{}) ctx := ctxUtils.SetContextWithNamespace(context.Background(), "default") if certs := GetCertificatesMap(ctx); len(certs) != 1 { diff --git a/pkg/controllers/verifier_controller.go b/pkg/controllers/verifier_controller.go index 1cd8bb726b..eb9f174bc7 100644 --- a/pkg/controllers/verifier_controller.go +++ b/pkg/controllers/verifier_controller.go @@ -68,7 +68,7 @@ func (r *VerifierReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c if apierrors.IsNotFound(err) { verifierLogger.Infof("delete event detected, removing verifier %v", resource) // TODO: pass the actual namespace once multi-tenancy is supported. - VerifierMap.DeleteVerifier(constants.EmptyNamespace, resource) + NamespacedVerifiers.DeleteVerifier(constants.EmptyNamespace, resource) } else { verifierLogger.Error(err, "unable to fetch verifier") } @@ -119,7 +119,7 @@ func verifierAddOrReplace(spec configv1beta1.VerifierSpec, objectName string, na return err } // TODO: pass the actual namespace once multi-tenancy is supported. - VerifierMap.AddVerifier(constants.EmptyNamespace, objectName, referenceVerifier) + NamespacedVerifiers.AddVerifier(constants.EmptyNamespace, objectName, referenceVerifier) logrus.Infof("verifier '%v' added to verifier map", referenceVerifier.Name()) return nil diff --git a/pkg/controllers/verifier_controller_test.go b/pkg/controllers/verifier_controller_test.go index 48ceea6ec8..71d2afa0fb 100644 --- a/pkg/controllers/verifier_controller_test.go +++ b/pkg/controllers/verifier_controller_test.go @@ -34,7 +34,7 @@ const licenseChecker = "licensechecker" func TestMain(m *testing.M) { // make sure to reset verifierMap before each test run - VerifierMap = verifiers.NewActiveVerifiers() + NamespacedVerifiers = verifiers.NewActiveVerifiers() code := m.Run() os.Exit(code) } @@ -56,15 +56,15 @@ func TestVerifierAdd_EmptyParameter(t *testing.T) { if err := verifierAddOrReplace(testVerifierSpec, sampleName, constants.EmptyNamespace); err != nil { t.Fatalf("verifierAddOrReplace() expected no error, actual %v", err) } - if VerifierMap.GetVerifierCount() != 1 { - t.Fatalf("Verifier map expected size 1, actual %v", VerifierMap.GetVerifierCount()) + if NamespacedVerifiers.GetVerifierCount() != 1 { + t.Fatalf("Verifier map expected size 1, actual %v", NamespacedVerifiers.GetVerifierCount()) } } func TestVerifierAdd_WithParameters(t *testing.T) { resetVerifierMap() - if VerifierMap.GetVerifierCount() != 0 { - t.Fatalf("Verifier map expected size 0, actual %v", VerifierMap.GetVerifierCount()) + if NamespacedVerifiers.GetVerifierCount() != 0 { + t.Fatalf("Verifier map expected size 0, actual %v", NamespacedVerifiers.GetVerifierCount()) } dirPath, err := utils.CreatePlugin(licenseChecker) @@ -78,8 +78,8 @@ func TestVerifierAdd_WithParameters(t *testing.T) { if err := verifierAddOrReplace(testVerifierSpec, "testObject", constants.EmptyNamespace); err != nil { t.Fatalf("verifierAddOrReplace() expected no error, actual %v", err) } - if VerifierMap.GetVerifierCount() != 1 { - t.Fatalf("Verifier map expected size 1, actual %v", VerifierMap.GetVerifierCount()) + if NamespacedVerifiers.GetVerifierCount() != 1 { + t.Fatalf("Verifier map expected size 1, actual %v", NamespacedVerifiers.GetVerifierCount()) } } @@ -109,8 +109,8 @@ func TestVerifier_UpdateAndDelete(t *testing.T) { if err := verifierAddOrReplace(testVerifierSpec, licenseChecker, constants.EmptyNamespace); err != nil { t.Fatalf("verifierAddOrReplace() expected no error, actual %v", err) } - if VerifierMap.GetVerifierCount() != 1 { - t.Fatalf("Verifier map expected size 1, actual %v", VerifierMap.GetVerifierCount()) + if NamespacedVerifiers.GetVerifierCount() != 1 { + t.Fatalf("Verifier map expected size 1, actual %v", NamespacedVerifiers.GetVerifierCount()) } // modify the verifier @@ -121,14 +121,14 @@ func TestVerifier_UpdateAndDelete(t *testing.T) { } // validate no verifier has been added - if VerifierMap.GetVerifierCount() != 1 { - t.Fatalf("Verifier map should be 1 after replacement, actual %v", VerifierMap.GetVerifierCount()) + if NamespacedVerifiers.GetVerifierCount() != 1 { + t.Fatalf("Verifier map should be 1 after replacement, actual %v", NamespacedVerifiers.GetVerifierCount()) } - VerifierMap.DeleteVerifier(constants.EmptyNamespace, licenseChecker) + NamespacedVerifiers.DeleteVerifier(constants.EmptyNamespace, licenseChecker) - if VerifierMap.GetVerifierCount() != 0 { - t.Fatalf("Verifier map should be 0 after deletion, actual %v", VerifierMap.GetVerifierCount()) + if NamespacedVerifiers.GetVerifierCount() != 0 { + t.Fatalf("Verifier map should be 0 after deletion, actual %v", NamespacedVerifiers.GetVerifierCount()) } } @@ -206,7 +206,7 @@ func TestGetCertStoreNamespace(t *testing.T) { } func resetVerifierMap() { - VerifierMap = verifiers.NewActiveVerifiers() + NamespacedVerifiers = verifiers.NewActiveVerifiers() } func getLicenseCheckerFromParam(parametersString, pluginPath string) configv1beta1.VerifierSpec { diff --git a/pkg/manager/manager.go b/pkg/manager/manager.go index 2527f43cee..2f1874f928 100644 --- a/pkg/manager/manager.go +++ b/pkg/manager/manager.go @@ -85,9 +85,9 @@ func StartServer(httpServerAddress, configFilePath, certDirectory, caCertFile st server, err := httpserver.NewServer(context.Background(), httpServerAddress, func(ctx context.Context) *ef.Executor { namespace := ctxUtils.GetNamespace(ctx) - activeVerifiers := controllers.VerifierMap.GetVerifiers(namespace) - activePolicyEnforcer := controllers.ActivePolicies.GetPolicy(namespace) - activeStores := controllers.StoreMap.GetStores(namespace) + activeVerifiers := controllers.NamespacedVerifiers.GetVerifiers(namespace) + activePolicyEnforcer := controllers.NamespacedPolicies.GetPolicy(namespace) + activeStores := controllers.NamespacedStores.GetStores(namespace) // return executor with latest configuration executor := ef.Executor{