diff --git a/controllers/autoscaling_controller.go b/controllers/autoscaling_controller.go index 25af271e..5df5a916 100644 --- a/controllers/autoscaling_controller.go +++ b/controllers/autoscaling_controller.go @@ -329,7 +329,7 @@ func (r *AutoscalingReconciler) reconcileNormal( // // check for required OpenStack secret holding passwords for service/admin user and add hash to the vars map // - ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Aodh.Secret, &configMapVars) + ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Aodh.Secret, instance.Spec.Aodh.PasswordSelectors.AodhService, &configMapVars) if err != nil { return ctrlResult, err } @@ -373,7 +373,7 @@ func (r *AutoscalingReconciler) reconcileNormal( // // check for required TransportURL secret holding transport URL string // - ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Status.TransportURLSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Status.TransportURLSecret, "transport_url", &configMapVars) if err != nil { return ctrlResult, err } @@ -631,29 +631,24 @@ func (r *AutoscalingReconciler) getAutoscalingHeat( } // getSecret - get the specified secret, and add its hash to envVars -func (r *AutoscalingReconciler) getSecret(ctx context.Context, h *helper.Helper, instance *telemetryv1.Autoscaling, secretName string, envVars *map[string]env.Setter) (ctrl.Result, error) { - secret, hash, err := secret.GetSecret(ctx, h, secretName, instance.Namespace) +func (r *AutoscalingReconciler) getSecret(ctx context.Context, h *helper.Helper, instance *telemetryv1.Autoscaling, secretName string, expectedField string, envVars *map[string]env.Setter) (ctrl.Result, error) { + secretHash, result, err := ensureSecret( + ctx, + types.NamespacedName{Namespace: instance.Namespace, Name: secretName}, + []string{ + expectedField, + }, + h.GetClient(), + &instance.Status.Conditions, + time.Duration(10)*time.Second, + ) if err != nil { - if k8s_errors.IsNotFound(err) { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.InputReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - condition.InputReadyWaitingMessage)) - return ctrl.Result{RequeueAfter: time.Duration(10) * time.Second}, fmt.Errorf("secret %s not found", secretName) - } - instance.Status.Conditions.Set(condition.FalseCondition( - condition.InputReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.InputReadyErrorMessage, - err.Error())) - return ctrl.Result{}, err + return result, err } // Add a prefix to the var name to avoid accidental collision with other non-secret // vars. The secret names themselves will be unique. - (*envVars)["secret-"+secret.Name] = env.SetValue(hash) + (*envVars)["secret-"+secretName] = env.SetValue(secretHash) return ctrl.Result{}, nil } diff --git a/controllers/ceilometer_controller.go b/controllers/ceilometer_controller.go index 1f7f5ccc..44d1dccc 100644 --- a/controllers/ceilometer_controller.go +++ b/controllers/ceilometer_controller.go @@ -342,7 +342,7 @@ func (r *CeilometerReconciler) reconcileNormal(ctx context.Context, instance *te // // check for required OpenStack secret holding passwords for service/admin user and add hash to the vars map // - ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, &configMapVars) + ctrlResult, err := r.getSecret(ctx, helper, instance, instance.Spec.Secret, instance.Spec.PasswordSelectors.CeilometerService, &configMapVars) if err != nil { return ctrlResult, err } @@ -351,7 +351,7 @@ func (r *CeilometerReconciler) reconcileNormal(ctx context.Context, instance *te // // check for required TransportURL secret holding transport URL string // - ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Status.TransportURLSecret, &configMapVars) + ctrlResult, err = r.getSecret(ctx, helper, instance, instance.Status.TransportURLSecret, "transport_url", &configMapVars) if err != nil { return ctrlResult, err } @@ -558,29 +558,24 @@ func (r *CeilometerReconciler) reconcileNormal(ctx context.Context, instance *te } // getSecret - get the specified secret, and add its hash to envVars -func (r *CeilometerReconciler) getSecret(ctx context.Context, h *helper.Helper, instance *telemetryv1.Ceilometer, secretName string, envVars *map[string]env.Setter) (ctrl.Result, error) { - secret, hash, err := secret.GetSecret(ctx, h, secretName, instance.Namespace) +func (r *CeilometerReconciler) getSecret(ctx context.Context, h *helper.Helper, instance *telemetryv1.Ceilometer, secretName string, expectedField string, envVars *map[string]env.Setter) (ctrl.Result, error) { + secretHash, result, err := ensureSecret( + ctx, + types.NamespacedName{Namespace: instance.Namespace, Name: secretName}, + []string{ + expectedField, + }, + h.GetClient(), + &instance.Status.Conditions, + time.Duration(10)*time.Second, + ) if err != nil { - if k8s_errors.IsNotFound(err) { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.InputReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - condition.InputReadyWaitingMessage)) - return ctrl.Result{RequeueAfter: time.Duration(10) * time.Second}, fmt.Errorf("secret %s not found", secretName) - } - instance.Status.Conditions.Set(condition.FalseCondition( - condition.InputReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.InputReadyErrorMessage, - err.Error())) - return ctrl.Result{}, err + return result, err } // Add a prefix to the var name to avoid accidental collision with other non-secret // vars. The secret names themselves will be unique. - (*envVars)["secret-"+secret.Name] = env.SetValue(hash) + (*envVars)["secret-"+secretName] = env.SetValue(secretHash) return ctrl.Result{}, nil } diff --git a/controllers/telemetry_common.go b/controllers/telemetry_common.go new file mode 100644 index 00000000..a56d7e91 --- /dev/null +++ b/controllers/telemetry_common.go @@ -0,0 +1,68 @@ +/* +Copyright 2022. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "fmt" + "time" + + condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" + k8s_errors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +type conditionUpdater interface { + Set(c *condition.Condition) + MarkTrue(t condition.Type, messageFormat string, messageArgs ...interface{}) +} + +// ensureSecret - ensures that the Secret object exists and the expected fields +// are in the Secret. It returns a hash of the values of the expected fields +// passed as input. +func ensureSecret( + ctx context.Context, + secretName types.NamespacedName, + expectedFields []string, + reader client.Reader, + conditionUpdater conditionUpdater, + requeueTimeout time.Duration, +) (string, ctrl.Result, error) { + + hash, res, err := secret.VerifySecret(ctx, secretName, expectedFields, reader, requeueTimeout) + if err != nil { + if k8s_errors.IsNotFound(err) { + conditionUpdater.Set(condition.FalseCondition( + condition.InputReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + condition.InputReadyWaitingMessage)) + return "", ctrl.Result{RequeueAfter: time.Duration(10) * time.Second}, fmt.Errorf("OpenStack secret %s not found", secretName) + } + conditionUpdater.Set(condition.FalseCondition( + condition.InputReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.InputReadyErrorMessage, + err.Error())) + return "", res, err + } + return hash, ctrl.Result{}, nil +}