diff --git a/api/bases/glance.openstack.org_glanceapis.yaml b/api/bases/glance.openstack.org_glanceapis.yaml index d06e4dcd..baa9b33f 100644 --- a/api/bases/glance.openstack.org_glanceapis.yaml +++ b/api/bases/glance.openstack.org_glanceapis.yaml @@ -55,11 +55,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: glance type: string + databaseHostname: + type: string extraMounts: items: properties: @@ -880,12 +880,8 @@ spec: type: object passwordSelectors: default: - database: GlanceDatabasePassword service: GlancePassword properties: - database: - default: GlanceDatabasePassword - type: string service: default: GlancePassword type: string diff --git a/api/bases/glance.openstack.org_glances.yaml b/api/bases/glance.openstack.org_glances.yaml index c95b9a5c..25c7c289 100644 --- a/api/bases/glance.openstack.org_glances.yaml +++ b/api/bases/glance.openstack.org_glances.yaml @@ -44,11 +44,11 @@ spec: items: type: string type: array - databaseInstance: - type: string - databaseUser: + databaseAccount: default: glance type: string + databaseInstance: + type: string dbPurge: properties: age: @@ -980,12 +980,8 @@ spec: type: object passwordSelectors: default: - database: GlanceDatabasePassword service: GlancePassword properties: - database: - default: GlanceDatabasePassword - type: string service: default: GlancePassword type: string diff --git a/api/v1beta1/glance_types.go b/api/v1beta1/glance_types.go index 9616f8be..34329fb1 100644 --- a/api/v1beta1/glance_types.go +++ b/api/v1beta1/glance_types.go @@ -52,16 +52,20 @@ type GlanceSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=glance - // DatabaseUser - optional username used for glance DB, defaults to glance - // TODO: -> implement needs work in mariadb-operator, right now only glance - DatabaseUser string `json:"databaseUser"` + // DatabaseAccount - name of MariaDBAccount which will be used to connect. + // As an interim solution, glance-controller will + // generate the MariaDBAccount object of the given name if it's not + // present in the cluster. Later, openstack-operator will perform this + // generation and also populate this field for the Glance objects it creates + DatabaseAccount string `json:"databaseAccount"` // +kubebuilder:validation:Required - // Secret containing OpenStack password information for glance GlanceDatabasePassword + // Secret containing OpenStack password information for glance's keystone + // password; no longer used for database password Secret string `json:"secret"` // +kubebuilder:validation:Optional - // +kubebuilder:default={database: GlanceDatabasePassword, service: GlancePassword} + // +kubebuilder:default={service: GlancePassword} // PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret PasswordSelectors PasswordSelector `json:"passwordSelectors"` @@ -131,11 +135,6 @@ type GlanceSpec struct { // PasswordSelector to identify the DB and AdminUser password from the Secret type PasswordSelector struct { - // +kubebuilder:validation:Optional - // +kubebuilder:default="GlanceDatabasePassword" - // Database - Selector to get the glance database user password from the Secret - // TODO: not used, need change in mariadb-operator - Database string `json:"database"` // +kubebuilder:validation:Optional // +kubebuilder:default="GlancePassword" // Service - Selector to get the glance service password from the Secret diff --git a/api/v1beta1/glanceapi_types.go b/api/v1beta1/glanceapi_types.go index 38da3332..c34b7c50 100644 --- a/api/v1beta1/glanceapi_types.go +++ b/api/v1beta1/glanceapi_types.go @@ -55,16 +55,19 @@ type GlanceAPISpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=glance - // DatabaseUser - optional username used for glance DB, defaults to glance - // TODO: -> implement needs work in mariadb-operator, right now only glance - DatabaseUser string `json:"databaseUser"` + // DatabaseAccount - name of MariaDBAccount which will be used to connect. + // As an interim solution, glance-controller will + // generate the MariaDBAccount object of the given name if it's not + // present in the cluster. Later, openstack-operator will perform this + // generation and also populate this field for the Glance objects it creates + DatabaseAccount string `json:"databaseAccount"` // +kubebuilder:validation:Required // Secret containing OpenStack password information for glance AdminPassword Secret string `json:"secret"` // +kubebuilder:validation:Optional - // +kubebuilder:default={database: GlanceDatabasePassword, service: GlancePassword} + // +kubebuilder:default={service: GlancePassword} // PasswordSelectors - Selectors to identify the DB and ServiceUser password from the Secret PasswordSelectors PasswordSelector `json:"passwordSelectors"` diff --git a/config/crd/bases/glance.openstack.org_glanceapis.yaml b/config/crd/bases/glance.openstack.org_glanceapis.yaml index d06e4dcd..baa9b33f 100644 --- a/config/crd/bases/glance.openstack.org_glanceapis.yaml +++ b/config/crd/bases/glance.openstack.org_glanceapis.yaml @@ -55,11 +55,11 @@ spec: items: type: string type: array - databaseHostname: - type: string - databaseUser: + databaseAccount: default: glance type: string + databaseHostname: + type: string extraMounts: items: properties: @@ -880,12 +880,8 @@ spec: type: object passwordSelectors: default: - database: GlanceDatabasePassword service: GlancePassword properties: - database: - default: GlanceDatabasePassword - type: string service: default: GlancePassword type: string diff --git a/config/crd/bases/glance.openstack.org_glances.yaml b/config/crd/bases/glance.openstack.org_glances.yaml index c95b9a5c..25c7c289 100644 --- a/config/crd/bases/glance.openstack.org_glances.yaml +++ b/config/crd/bases/glance.openstack.org_glances.yaml @@ -44,11 +44,11 @@ spec: items: type: string type: array - databaseInstance: - type: string - databaseUser: + databaseAccount: default: glance type: string + databaseInstance: + type: string dbPurge: properties: age: @@ -980,12 +980,8 @@ spec: type: object passwordSelectors: default: - database: GlanceDatabasePassword service: GlancePassword properties: - database: - default: GlanceDatabasePassword - type: string service: default: GlancePassword type: string diff --git a/config/manifests/bases/glance-operator.clusterserviceversion.yaml b/config/manifests/bases/glance-operator.clusterserviceversion.yaml index 05237105..76dbed7a 100644 --- a/config/manifests/bases/glance-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/glance-operator.clusterserviceversion.yaml @@ -18,11 +18,19 @@ spec: displayName: Glance API kind: GlanceAPI name: glanceapis.glance.openstack.org + specDescriptors: + - description: TLS - Parameters related to the TLS + displayName: TLS + path: tls version: v1beta1 - description: Glance is the Schema for the glances API displayName: Glance kind: Glance name: glances.glance.openstack.org + specDescriptors: + - description: TLS - Parameters related to the TLS + displayName: TLS + path: glanceAPIs.tls version: v1beta1 description: Glance Operator displayName: Glance Operator diff --git a/config/samples/backends/ceph/ceph.yaml b/config/samples/backends/ceph/ceph.yaml index c48a49b4..e159b23d 100644 --- a/config/samples/backends/ceph/ceph.yaml +++ b/config/samples/backends/ceph/ceph.yaml @@ -19,7 +19,7 @@ spec: rbd_store_pool = images rbd_store_user = openstack databaseInstance: openstack - databaseUser: glance + databaseAccount: glance secret: osp-secret storageClass: "" storageRequest: 1G diff --git a/config/samples/backends/multistore/multistore.yaml b/config/samples/backends/multistore/multistore.yaml index d571942f..7497755b 100644 --- a/config/samples/backends/multistore/multistore.yaml +++ b/config/samples/backends/multistore/multistore.yaml @@ -30,7 +30,7 @@ spec: swift_store_user = service:glance swift_store_endpoint_type = internalURL databaseInstance: openstack - databaseUser: glance + databaseAccount: glance glanceAPIs: default: debug: diff --git a/config/samples/glance_v1beta1_glance.yaml b/config/samples/glance_v1beta1_glance.yaml index ba194636..e203abbe 100644 --- a/config/samples/glance_v1beta1_glance.yaml +++ b/config/samples/glance_v1beta1_glance.yaml @@ -9,7 +9,7 @@ spec: debug = true enabled_backends=foo:bar,foo1:bar1 databaseInstance: openstack - databaseUser: glance + databaseAccount: glance secret: osp-secret storageClass: local-storage storageRequest: 10G diff --git a/config/samples/glance_v1beta1_glanceapi.yaml b/config/samples/glance_v1beta1_glanceapi.yaml index e2ff668c..aa067a5f 100644 --- a/config/samples/glance_v1beta1_glanceapi.yaml +++ b/config/samples/glance_v1beta1_glanceapi.yaml @@ -15,7 +15,7 @@ spec: here-foo-config [foo1] here-foo1-config - databaseUser: glance + databaseAccount: glance databaseHostname: glance debug: dbSync: false diff --git a/config/samples/image_cache/image-cache.yaml b/config/samples/image_cache/image-cache.yaml index 3105abab..a8886a89 100644 --- a/config/samples/image_cache/image-cache.yaml +++ b/config/samples/image_cache/image-cache.yaml @@ -21,7 +21,7 @@ spec: store_description = "RBD backend" rbd_store_pool = images rbd_store_user = openstack - databaseUser: glance + databaseAccount: glance glanceAPIs: default: debug: diff --git a/config/samples/import_plugins/image_conversion/image_conversion.yaml b/config/samples/import_plugins/image_conversion/image_conversion.yaml index fe68ea97..ed5a20ca 100644 --- a/config/samples/import_plugins/image_conversion/image_conversion.yaml +++ b/config/samples/import_plugins/image_conversion/image_conversion.yaml @@ -24,7 +24,7 @@ spec: [image_conversion] output_format = raw databaseInstance: openstack - databaseUser: glance + databaseAccount: glance glanceAPI: debug: service: false diff --git a/config/samples/import_plugins/image_decompression/image_decompression.yaml b/config/samples/import_plugins/image_decompression/image_decompression.yaml index a027eb8e..d3f57eca 100644 --- a/config/samples/import_plugins/image_decompression/image_decompression.yaml +++ b/config/samples/import_plugins/image_decompression/image_decompression.yaml @@ -21,7 +21,7 @@ spec: [image_import_opts] image_import_plugins = [image_decompression] databaseInstance: openstack - databaseUser: glance + databaseAccount: glance glanceAPI: debug: service: false diff --git a/config/samples/import_plugins/inject_metadata/inject_metadata.yaml b/config/samples/import_plugins/inject_metadata/inject_metadata.yaml index e45ce9bf..6315aa3d 100644 --- a/config/samples/import_plugins/inject_metadata/inject_metadata.yaml +++ b/config/samples/import_plugins/inject_metadata/inject_metadata.yaml @@ -24,7 +24,7 @@ spec: ignore_user_roles = admin,user1 inject = "property1":"value1","property2":"value2" databaseInstance: openstack - databaseUser: glance + databaseAccount: glance glanceAPI: debug: service: false diff --git a/config/samples/layout/base/glance_v1beta1_glance.yaml b/config/samples/layout/base/glance_v1beta1_glance.yaml index e0167f03..7291a575 100644 --- a/config/samples/layout/base/glance_v1beta1_glance.yaml +++ b/config/samples/layout/base/glance_v1beta1_glance.yaml @@ -9,7 +9,7 @@ spec: debug = true enabled_backends=foo:bar databaseInstance: openstack - databaseUser: glance + databaseAccount: glance secret: osp-secret storageClass: local-storage storageRequest: 10G diff --git a/config/samples/layout/edge/glance_v1beta1_glance.yaml b/config/samples/layout/edge/glance_v1beta1_glance.yaml index e9cb3d06..5e17c88e 100644 --- a/config/samples/layout/edge/glance_v1beta1_glance.yaml +++ b/config/samples/layout/edge/glance_v1beta1_glance.yaml @@ -8,7 +8,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: glance + databaseAccount: glance keystoneEndpoint: central glanceAPIs: central: diff --git a/config/samples/layout/multiple/glance_v1beta1_glance.yaml b/config/samples/layout/multiple/glance_v1beta1_glance.yaml index 378b5368..aac61f1c 100644 --- a/config/samples/layout/multiple/glance_v1beta1_glance.yaml +++ b/config/samples/layout/multiple/glance_v1beta1_glance.yaml @@ -8,7 +8,7 @@ spec: [DEFAULT] debug = true databaseInstance: openstack - databaseUser: glance + databaseAccount: glance keystoneEndpoint: api1 glanceAPIs: api1: diff --git a/config/samples/layout/single/glance_v1beta1_glance.yaml b/config/samples/layout/single/glance_v1beta1_glance.yaml index 4f39130f..4c866059 100644 --- a/config/samples/layout/single/glance_v1beta1_glance.yaml +++ b/config/samples/layout/single/glance_v1beta1_glance.yaml @@ -5,7 +5,7 @@ metadata: spec: serviceUser: glance databaseInstance: openstack - databaseUser: glance + databaseAccount: glance keystoneEndpoint: default customServiceConfig: | [DEFAULT] diff --git a/config/samples/layout/single_tls/glance_v1beta1_glance.yaml b/config/samples/layout/single_tls/glance_v1beta1_glance.yaml index 6e441b8d..3d1d98c8 100644 --- a/config/samples/layout/single_tls/glance_v1beta1_glance.yaml +++ b/config/samples/layout/single_tls/glance_v1beta1_glance.yaml @@ -5,7 +5,7 @@ metadata: spec: serviceUser: glance databaseInstance: openstack - databaseUser: glance + databaseAccount: glance keystoneEndpoint: default customServiceConfig: | [DEFAULT] diff --git a/config/samples/policy/glance_v1beta_glance_apply_policy.yaml b/config/samples/policy/glance_v1beta_glance_apply_policy.yaml index 91e4d6a0..4e0e2dfc 100644 --- a/config/samples/policy/glance_v1beta_glance_apply_policy.yaml +++ b/config/samples/policy/glance_v1beta_glance_apply_policy.yaml @@ -10,7 +10,7 @@ spec: enforce_scope=true enforce_new_defaults=true databaseInstance: openstack - databaseUser: glance + databaseAccount: glance glanceAPI: preserveJobs: false replicas: 1 diff --git a/config/samples/quotas/glance_v1beta1_glance_quota.yaml b/config/samples/quotas/glance_v1beta1_glance_quota.yaml index fa783205..80ea7468 100644 --- a/config/samples/quotas/glance_v1beta1_glance_quota.yaml +++ b/config/samples/quotas/glance_v1beta1_glance_quota.yaml @@ -6,7 +6,7 @@ metadata: spec: serviceUser: glance databaseInstance: openstack - databaseUser: glance + databaseAccount: glance keystoneEndpoint: default glanceAPIs: default: diff --git a/controllers/glance_controller.go b/controllers/glance_controller.go index b2bcca1a..bf8b798f 100644 --- a/controllers/glance_controller.go +++ b/controllers/glance_controller.go @@ -21,7 +21,6 @@ import ( "fmt" "time" - "github.com/openstack-k8s-operators/lib-common/modules/common/secret" rbacv1 "k8s.io/api/rbac/v1" k8s_errors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/fields" @@ -265,7 +264,7 @@ func (r *GlanceReconciler) reconcileDelete(ctx context.Context, instance *glance r.Log.Info(fmt.Sprintf("Reconciling Service '%s' delete", instance.Name)) // remove db finalizer first - db, err := mariadbv1.GetDatabaseByName(ctx, helper, instance.Name) + db, err := mariadbv1.GetDatabaseByNameAndAccount(ctx, helper, instance.Name, instance.Spec.DatabaseAccount, instance.Namespace) if err != nil && !k8s_errors.IsNotFound(err) { return ctrl.Result{}, err } @@ -366,19 +365,21 @@ func (r *GlanceReconciler) reconcileInit( // // create service DB instance // - db := mariadbv1.NewDatabase( - instance.Name, - instance.Spec.DatabaseUser, - instance.Spec.Secret, - map[string]string{ - "dbName": instance.Spec.DatabaseInstance, - }, + db := mariadbv1.NewDatabaseForAccount( + instance.Spec.DatabaseInstance, // mariadb/galera service to target + instance.Name, // name used in CREATE DATABASE in mariadb + instance.Name, // CR name for MariaDBDatabase + instance.Spec.DatabaseAccount, // CR name for MariaDBAccount + instance.Namespace, // namespace ) + // create or patch the DB - ctrlResult, err := db.CreateOrPatchDB( + ctrlResult, err := db.CreateOrPatchDBByName( ctx, helper, + instance.Spec.DatabaseInstance, ) + if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.DBReadyCondition, @@ -657,6 +658,13 @@ func (r *GlanceReconciler) reconcileNormal(ctx context.Context, instance *glance if err != nil { return ctrl.Result{}, err } + + // remove finalizers from unused MariaDBAccount records + err = mariadbv1.DeleteUnusedMariaDBAccountFinalizers(ctx, helper, glance.DatabaseName, instance.Spec.DatabaseAccount, instance.Namespace) + if err != nil { + return ctrl.Result{}, err + } + // create CronJobs: DBPurge (always), CacheCleaner and CachePruner if image-cache // is enabled ctrlResult, err = r.ensureCronJobs(ctx, helper, instance, serviceLabels, serviceAnnotations) @@ -806,7 +814,7 @@ func (r *GlanceReconciler) apiDeploymentCreateOrUpdate( GlanceAPITemplate: apiTemplate, APIType: apiType, DatabaseHostname: instance.Status.DatabaseHostname, - DatabaseUser: instance.Spec.DatabaseUser, + DatabaseAccount: instance.Spec.DatabaseAccount, Secret: instance.Spec.Secret, ExtraMounts: instance.Spec.ExtraMounts, PasswordSelectors: instance.Spec.PasswordSelectors, @@ -890,8 +898,25 @@ func (r *GlanceReconciler) generateServiceConfig( ) error { labels := labels.GetLabels(instance, labels.GetGroupLabel(glance.ServiceName), serviceLabels) - ospSecret, _, err := secret.GetSecret(ctx, h, instance.Spec.Secret, instance.Namespace) + // ensure a MariaDBAccount CR and Secret exist. + // this mariadb API function will as an interim step actually generate a + // new MariaDBAccount and Secret if one does not exist already. in a + // future release, this function may change to emit an error if the + // MariaDBAccount was not already created ahead of time (e.g. by openstack-operator + // or end-user YAML declaration) + databaseAccount, dbSecret, err := mariadbv1.EnsureMariaDBAccount( + ctx, h, instance.Spec.DatabaseAccount, + instance.Namespace, false, + ) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + mariadbv1.MariaDBAccountReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + mariadbv1.MariaDBAccountNotReadyMessage, + err.Error())) + return err } @@ -900,8 +925,8 @@ func (r *GlanceReconciler) generateServiceConfig( templateParameters := map[string]interface{}{ "MinimalConfig": true, // This tells the template to generate a minimal config "DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s", - instance.Spec.DatabaseUser, - string(ospSecret.Data[instance.Spec.PasswordSelectors.Database]), + databaseAccount.Spec.UserName, + string(dbSecret.Data[mariadbv1.DatabasePasswordSelector]), instance.Status.DatabaseHostname, glance.DatabaseName, ), diff --git a/controllers/glanceapi_controller.go b/controllers/glanceapi_controller.go index 57e6a85d..bf4ac8a7 100644 --- a/controllers/glanceapi_controller.go +++ b/controllers/glanceapi_controller.go @@ -58,6 +58,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -826,6 +827,11 @@ func (r *GlanceAPIReconciler) generateServiceConfig( return err } + databaseAccount, dbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.DatabaseAccount, instance.Namespace) + if err != nil { + return err + } + glanceEndpoints := glanceapi.GetGlanceEndpoints(instance.Spec.APIType) httpdVhostConfig := map[string]interface{}{} for endpt := range glanceEndpoints { @@ -846,8 +852,8 @@ func (r *GlanceAPIReconciler) generateServiceConfig( "KeystoneInternalURL": keystoneInternalURL, "KeystonePublicURL": keystonePublicURL, "DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s", - instance.Spec.DatabaseUser, - string(ospSecret.Data[instance.Spec.PasswordSelectors.Database]), + databaseAccount.Spec.UserName, + string(dbSecret.Data[mariadbv1.DatabasePasswordSelector]), instance.Spec.DatabaseHostname, glance.DatabaseName, ), diff --git a/go.mod b/go.mod index 3b94a441..82c6a164 100644 --- a/go.mod +++ b/go.mod @@ -93,3 +93,5 @@ replace github.com/openstack-k8s-operators/glance-operator/api => ./api // mschuppert: map to latest commit from release-4.13 tag // must consistent within modules and service operators replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 //allow-merging + +replace github.com/openstack-k8s-operators/mariadb-operator/api => github.com/zzzeek/mariadb-operator/api v0.3.1-0.20240220154131-35c205caf022 //allow-merging diff --git a/go.sum b/go.sum index bd9bc2ba..d7c32dc0 100644 --- a/go.sum +++ b/go.sum @@ -93,8 +93,6 @@ github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.202402161 github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:sK82mkh2UzITsbNa/y6AKTZftHQnsYigqRx+rFbfZM4= github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885 h1:ioJ2MO3vAcBkLM+0UBu5IuKW/DPXcyiNSOLq0Xvn+Nw= github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:82nzS+DbBe1tzaMvNHH8FctmZzQ14ZAJysFGsMJiivo= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240215091212-cbf2ad281f43 h1:azblrnuVV8sLWihuqS7lJMrwpo1dtB1K5vvkug0agw4= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240215091212-cbf2ad281f43/go.mod h1:52Ja/B4RrrytMmKh+Kf+/BPe7Fq40Pi77vcFH4yJeoU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -117,6 +115,8 @@ github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcU github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/zzzeek/mariadb-operator/api v0.3.1-0.20240220154131-35c205caf022 h1:GYSerUlfrs77MTb9NKFdc4c+/W39HlbHCScCkVz3IJQ= +github.com/zzzeek/mariadb-operator/api v0.3.1-0.20240220154131-35c205caf022/go.mod h1:PDqfLbP4ZWqQHAu1OtbjfpOGQUKSzLqRJChvE/9pcyQ= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= diff --git a/test/functional/base_test.go b/test/functional/base_test.go index 9c807a51..a5513e4c 100644 --- a/test/functional/base_test.go +++ b/test/functional/base_test.go @@ -90,7 +90,7 @@ func GetGlanceDefaultSpec() map[string]interface{} { return map[string]interface{}{ "keystoneEndpoint": "default", "databaseInstance": "openstack", - "databaseUser": glanceTest.GlanceDatabaseUser, + "databaseAccount": glanceTest.GlanceDatabaseAccount.Name, "serviceUser": glanceName.Name, "secret": SecretName, "glanceAPIs": GetAPIList(), @@ -102,7 +102,7 @@ func GetGlanceDefaultSpecWithQuota() map[string]interface{} { return map[string]interface{}{ "keystoneEndpoint": "default", "databaseInstance": "openstack", - "databaseUser": glanceTest.GlanceDatabaseUser, + "databaseAccount": glanceTest.GlanceDatabaseAccount.Name, "serviceUser": glanceName.Name, "secret": SecretName, "glanceAPIs": GetAPIList(), @@ -160,8 +160,7 @@ func CreateGlanceSecret(namespace string, name string) *corev1.Secret { return th.CreateSecret( types.NamespacedName{Namespace: namespace, Name: name}, map[string][]byte{ - "GlancePassword": []byte(glanceTest.GlancePassword), - "GlanceDatabasePassword": []byte(glanceTest.GlancePassword), + "GlancePassword": []byte(glanceTest.GlancePassword), }, ) } diff --git a/test/functional/glance_controller_test.go b/test/functional/glance_controller_test.go index 304a57b8..0d85be6b 100644 --- a/test/functional/glance_controller_test.go +++ b/test/functional/glance_controller_test.go @@ -24,13 +24,16 @@ import ( . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/types" glancev1 "github.com/openstack-k8s-operators/glance-operator/api/v1beta1" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadb_test "github.com/openstack-k8s-operators/mariadb-operator/api/test/helpers" ) var _ = Describe("Glance controller", func() { + When("Glance is created", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceName)) @@ -56,7 +59,7 @@ var _ = Describe("Glance controller", func() { It("initializes Spec fields", func() { Glance := GetGlance(glanceTest.Instance) Expect(Glance.Spec.DatabaseInstance).Should(Equal("openstack")) - Expect(Glance.Spec.DatabaseUser).Should(Equal(glanceTest.GlanceDatabaseUser)) + Expect(Glance.Spec.DatabaseAccount).Should(Equal(glanceTest.GlanceDatabaseAccount.Name)) Expect(Glance.Spec.ServiceUser).Should(Equal(glanceTest.GlanceServiceUser)) // No Keystone Quota is present, check the default is 0 Expect(Glance.Spec.Quotas.ImageCountUpload).To(Equal(int(0))) @@ -141,8 +144,8 @@ var _ = Describe("Glance controller", func() { ) }) It("Should set DBReady Condition and set DatabaseHostname Status when DB is Created", func() { - mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.GlanceDatabaseAccount) th.SimulateJobSuccess(glanceTest.GlanceDBSync) Glance := GetGlance(glanceTest.Instance) Expect(Glance.Status.DatabaseHostname).To(Equal(fmt.Sprintf("hostname-for-openstack.%s.svc", namespace))) @@ -160,8 +163,8 @@ var _ = Describe("Glance controller", func() { ) }) It("Should fail if db-sync job fails when DB is Created", func() { - mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.GlanceDatabaseAccount) th.SimulateJobFailure(glanceTest.GlanceDBSync) th.ExpectCondition( glanceTest.Instance, @@ -193,8 +196,8 @@ var _ = Describe("Glance controller", func() { }, ), ) - mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.GlanceDatabaseAccount) th.SimulateJobSuccess(glanceTest.GlanceDBSync) keystoneAPI := keystone.CreateKeystoneAPI(glanceTest.Instance.Namespace) DeferCleanup(keystone.DeleteKeystoneAPI, keystoneAPI) @@ -251,8 +254,8 @@ var _ = Describe("Glance controller", func() { ), ) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.Instance.Namespace)) - mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.GlanceDatabaseAccount) th.SimulateJobSuccess(glanceTest.GlanceDBSync) keystone.SimulateKeystoneServiceReady(glanceTest.Instance) keystone.SimulateKeystoneEndpointReady(glanceTest.GlanceSingle) @@ -284,8 +287,8 @@ var _ = Describe("Glance controller", func() { ), ) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.Instance.Namespace)) - mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.GlanceDatabaseAccount) th.SimulateJobSuccess(glanceTest.GlanceDBSync) keystone.SimulateKeystoneServiceReady(glanceTest.Instance) keystone.SimulateKeystoneEndpointReady(glanceTest.GlanceSingle) @@ -345,8 +348,8 @@ var _ = Describe("Glance controller", func() { }, ), ) - mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.GlanceDatabaseAccount) th.SimulateJobSuccess(glanceTest.GlanceDBSync) keystoneAPI := keystone.CreateKeystoneAPI(glanceTest.Instance.Namespace) DeferCleanup(keystone.DeleteKeystoneAPI, keystoneAPI) @@ -380,4 +383,65 @@ var _ = Describe("Glance controller", func() { } }) }) + + // Run MariaDBAccount suite tests. these are pre-packaged ginkgo tests + // that exercise standard account create / update patterns that should be + // common to all controllers that ensure MariaDBAccount CRs. + mariadb_test.MariaDBAccountSuiteTests( + "Glance", + // Populate test variables which will run inside of BeforeEach + func(harness *mariadb_test.MariaDBTestHarness) { + harness.PopulateHarness( + glanceName.Namespace, + glanceTest.Instance.Name, + "Glance", + mariadb, + timeout, + interval, + ) + }, + // Generate a fully running Glance service given an accountName + // needs to make it all the way to the end where the mariadb finalizers + // are removed from unused accounts since that's part of what we are testing + func(accountName types.NamespacedName) { + + spec := GetGlanceDefaultSpec() + spec["databaseAccount"] = accountName.Name + + DeferCleanup(th.DeleteInstance, CreateGlance(glanceTest.Instance, spec)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + + DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.Instance.Namespace)) + mariadb.SimulateMariaDBAccountCompleted(accountName) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) + th.SimulateJobSuccess(glanceTest.GlanceDBSync) + keystone.SimulateKeystoneServiceReady(glanceTest.Instance) + keystone.SimulateKeystoneEndpointReady(glanceTest.GlanceSingle) + GlanceAPIExists(glanceTest.GlanceSingle) + }, + // Change the account name in the service to a new name + func(newAccountName types.NamespacedName) { + + Eventually(func(g Gomega) { + glance := GetGlance(glanceTest.Instance) + glance.Spec.DatabaseAccount = newAccountName.Name + g.Expect(th.K8sClient.Update(ctx, glance)).Should(Succeed()) + }, timeout, interval).Should(Succeed()) + + }, + // delete the service, allowing finalizer removal tests + func() { + th.DeleteInstance(GetGlance(glanceTest.Instance)) + }, + ) + }) diff --git a/test/functional/glance_test_data.go b/test/functional/glance_test_data.go index 6439e49f..61d04776 100644 --- a/test/functional/glance_test_data.go +++ b/test/functional/glance_test_data.go @@ -43,7 +43,7 @@ const ( // GlanceTestData is the data structure used to provide input data to envTest type GlanceTestData struct { ContainerImage string - GlanceDatabaseUser string + GlanceDatabaseAccount types.NamespacedName GlancePassword string GlanceServiceUser string GlancePVCSize string @@ -161,7 +161,10 @@ func GetGlanceTestData(glanceName types.NamespacedName) GlanceTestData { Namespace: glanceName.Namespace, Name: "internalapi", }, - GlanceDatabaseUser: "glance", + GlanceDatabaseAccount: types.NamespacedName{ + Namespace: glanceName.Namespace, + Name: "glance", + }, // Password used for both db and service GlancePassword: "12345678", GlanceServiceUser: "glance", diff --git a/test/functional/glanceapi_controller_test.go b/test/functional/glanceapi_controller_test.go index 2acd925f..219c33c2 100644 --- a/test/functional/glanceapi_controller_test.go +++ b/test/functional/glanceapi_controller_test.go @@ -28,6 +28,13 @@ import ( ) var _ = Describe("Glanceapi controller", func() { + + BeforeEach(func() { + acc, acc_secret := mariadb.CreateMariaDBAccount(glanceTest.GlanceDatabaseAccount) + DeferCleanup(k8sClient.Delete, ctx, acc_secret) + DeferCleanup(k8sClient.Delete, ctx, acc) + }) + When("GlanceAPI CR is created", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceSingle, GetDefaultGlanceAPISpec(GlanceAPITypeSingle))) diff --git a/test/functional/suite_test.go b/test/functional/suite_test.go index 69b7f2f7..aca48676 100644 --- a/test/functional/suite_test.go +++ b/test/functional/suite_test.go @@ -247,4 +247,5 @@ var _ = BeforeEach(func() { DeferCleanup(th.DeleteNamespace, namespace) // Let's create the osp-secret in advance (in common to all the test cases) DeferCleanup(k8sClient.Delete, ctx, CreateGlanceSecret(glanceName.Namespace, SecretName)) + }) diff --git a/test/kuttl/tests/glance_single/01-assert.yaml b/test/kuttl/tests/glance_single/01-assert.yaml index 3afecb9a..621e840f 100644 --- a/test/kuttl/tests/glance_single/01-assert.yaml +++ b/test/kuttl/tests/glance_single/01-assert.yaml @@ -15,7 +15,7 @@ metadata: spec: serviceUser: glance databaseInstance: openstack - databaseUser: glance + databaseAccount: glance glanceAPIs: default: replicas: 1 @@ -31,10 +31,9 @@ metadata: name: glance-default-single spec: apiType: single - databaseUser: glance + databaseAccount: glance databaseHostname: openstack.glance-kuttl-tests.svc passwordSelectors: - database: GlanceDatabasePassword service: GlancePassword replicas: 1 --- diff --git a/test/kuttl/tests/glance_split/01-assert.yaml b/test/kuttl/tests/glance_split/01-assert.yaml index 406fb4ea..dc301aa4 100644 --- a/test/kuttl/tests/glance_split/01-assert.yaml +++ b/test/kuttl/tests/glance_split/01-assert.yaml @@ -18,7 +18,7 @@ metadata: spec: serviceUser: glance databaseInstance: openstack - databaseUser: glance + databaseAccount: glance glanceAPIs: default: replicas: 1 @@ -33,10 +33,9 @@ metadata: name: glance-default-external spec: apiType: external - databaseUser: glance + databaseAccount: glance databaseHostname: openstack.glance-kuttl-tests.svc passwordSelectors: - database: GlanceDatabasePassword service: GlancePassword replicas: 1 --- @@ -46,10 +45,9 @@ metadata: name: glance-default-internal spec: apiType: internal - databaseUser: glance + databaseAccount: glance databaseHostname: openstack.glance-kuttl-tests.svc passwordSelectors: - database: GlanceDatabasePassword service: GlancePassword replicas: 1 ---