diff --git a/controllers/glance_controller.go b/controllers/glance_controller.go index b2bcca1a..bb9e3df1 100644 --- a/controllers/glance_controller.go +++ b/controllers/glance_controller.go @@ -22,6 +22,7 @@ import ( "time" "github.com/openstack-k8s-operators/lib-common/modules/common/secret" + "github.com/openstack-k8s-operators/lib-common/modules/common/tls" rbacv1 "k8s.io/api/rbac/v1" k8s_errors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/fields" @@ -363,67 +364,10 @@ func (r *GlanceReconciler) reconcileInit( ) (ctrl.Result, error) { r.Log.Info(fmt.Sprintf("Reconciling Service '%s' init", instance.Name)) - // - // create service DB instance - // - db := mariadbv1.NewDatabase( - instance.Name, - instance.Spec.DatabaseUser, - instance.Spec.Secret, - map[string]string{ - "dbName": instance.Spec.DatabaseInstance, - }, - ) - // create or patch the DB - ctrlResult, err := db.CreateOrPatchDB( - ctx, - helper, - ) - if err != nil { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.DBReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.DBReadyErrorMessage, - err.Error())) - return ctrl.Result{}, err - } - if (ctrlResult != ctrl.Result{}) { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.DBReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - condition.DBReadyRunningMessage)) - return ctrlResult, nil - } - // wait for the DB to be setup - ctrlResult, err = db.WaitForDBCreated(ctx, helper) - if err != nil { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.DBReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.DBReadyErrorMessage, - err.Error())) - return ctrlResult, err - } - if (ctrlResult != ctrl.Result{}) { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.DBReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - condition.DBReadyRunningMessage)) - return ctrlResult, nil - } - // update Status.DatabaseHostname, used to config the service - instance.Status.DatabaseHostname = db.GetDatabaseHostname() - instance.Status.Conditions.MarkTrue(condition.DBReadyCondition, condition.DBReadyMessage) - // create service DB - end - // // create Keystone service and users - https://docs.openstack.org/Glance/latest/install/install-rdo.html#configure-user-and-endpoints // - _, _, err = oko_secret.GetSecret(ctx, helper, instance.Spec.Secret, instance.Namespace) + _, _, err := oko_secret.GetSecret(ctx, helper, instance.Spec.Secret, instance.Namespace) if err != nil { if k8s_errors.IsNotFound(err) { return ctrl.Result{RequeueAfter: time.Duration(10) * time.Second}, fmt.Errorf("OpenStack secret %s not found", instance.Spec.Secret) @@ -442,7 +386,7 @@ func (r *GlanceReconciler) reconcileInit( } ksSvc := keystonev1.NewKeystoneService(ksSvcSpec, instance.Namespace, serviceLabels, time.Duration(10)*time.Second) - ctrlResult, err = ksSvc.CreateOrPatch(ctx, helper) + ctrlResult, err := ksSvc.CreateOrPatch(ctx, helper) if err != nil { return ctrlResult, err } @@ -588,12 +532,19 @@ func (r *GlanceReconciler) reconcileNormal(ctx context.Context, instance *glance instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage) // run check OpenStack secret - end + db, result, err := r.ensureDB(ctx, helper, instance) + if err != nil { + return ctrl.Result{}, err + } else if (result != ctrl.Result{}) { + return result, nil + } + // // Create Secrets required as input for the Service and calculate an overall hash of hashes // // - err = r.generateServiceConfig(ctx, helper, instance, &configVars, serviceLabels) + err = r.generateServiceConfig(ctx, helper, instance, &configVars, serviceLabels, db) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -887,6 +838,7 @@ func (r *GlanceReconciler) generateServiceConfig( instance *glancev1.Glance, envVars *map[string]env.Setter, serviceLabels map[string]string, + db *mariadbv1.Database, ) error { labels := labels.GetLabels(instance, labels.GetGroupLabel(glance.ServiceName), serviceLabels) @@ -899,7 +851,7 @@ func (r *GlanceReconciler) generateServiceConfig( // hence only passing the database related parameters templateParameters := map[string]interface{}{ "MinimalConfig": true, // This tells the template to generate a minimal config - "DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s", + "DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s?read_default_file=/etc/my.cnf", instance.Spec.DatabaseUser, string(ospSecret.Data[instance.Spec.PasswordSelectors.Database]), instance.Status.DatabaseHostname, @@ -919,7 +871,17 @@ func (r *GlanceReconciler) generateServiceConfig( templateParameters["ImageCacheDir"] = glance.ImageCacheDir } - customData := map[string]string{glance.CustomConfigFileName: instance.Spec.CustomServiceConfig} + var tlsCfg *tls.Service + for _, api := range instance.Spec.GlanceAPIs { + if api.TLS.CaBundleSecretName != "" { + tlsCfg = &tls.Service{} + break + } + } + customData := map[string]string{ + glance.CustomConfigFileName: instance.Spec.CustomServiceConfig, + "my.cnf": db.GetDatabaseClientConfig(tlsCfg), //(mschuppert) for now just get the default my.cnf + } // Generate both default 00-config.conf and -scripts return GenerateConfigsGeneric(ctx, h, instance, envVars, templateParameters, customData, labels, true) @@ -1074,3 +1036,70 @@ func (r *GlanceReconciler) glanceAPICleanup(ctx context.Context, instance *glanc } return nil } + +func (r *GlanceReconciler) ensureDB( + ctx context.Context, + h *helper.Helper, + instance *glancev1.Glance, +) (*mariadbv1.Database, ctrl.Result, error) { + // + // create service DB instance + // + db := mariadbv1.NewDatabase( + instance.Name, + instance.Spec.DatabaseUser, + instance.Spec.Secret, + map[string]string{ + "dbName": instance.Spec.DatabaseInstance, + }, + ) + + // create or patch the DB + ctrlResult, err := db.CreateOrPatchDBByName( + ctx, + h, + instance.Spec.DatabaseInstance, + ) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.DBReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.DBReadyErrorMessage, + err.Error())) + return db, ctrl.Result{}, err + } + if (ctrlResult != ctrl.Result{}) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.DBReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + condition.DBReadyRunningMessage)) + return db, ctrlResult, nil + } + // wait for the DB to be setup + // (ksambor) should we use WaitForDBCreatedWithTimeout instead? + ctrlResult, err = db.WaitForDBCreated(ctx, h) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.DBReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.DBReadyErrorMessage, + err.Error())) + return db, ctrlResult, err + } + if (ctrlResult != ctrl.Result{}) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.DBReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + condition.DBReadyRunningMessage)) + return db, ctrlResult, nil + } + + // update Status.DatabaseHostname, used to config the service + instance.Status.DatabaseHostname = db.GetDatabaseHostname() + instance.Status.Conditions.MarkTrue(condition.DBReadyCondition, condition.DBReadyMessage) + return db, ctrlResult, nil +} diff --git a/controllers/glanceapi_controller.go b/controllers/glanceapi_controller.go index 57e6a85d..0ef26b34 100644 --- a/controllers/glanceapi_controller.go +++ b/controllers/glanceapi_controller.go @@ -58,6 +58,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -791,8 +792,20 @@ func (r *GlanceAPIReconciler) generateServiceConfig( ) error { labels := labels.GetLabels(instance, labels.GetGroupLabel(glance.ServiceName), serviceLabels) + db, err := mariadbv1.GetDatabaseByName(ctx, h, glance.DatabaseName) + if err != nil { + return err + } + + var tlsCfg *tls.Service + if instance.Spec.TLS.Ca.CaBundleSecretName != "" { + tlsCfg = &tls.Service{} + } // 02-config.conf - customData := map[string]string{glance.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig} + customData := map[string]string{ + glance.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig, + "my.cnf": db.GetDatabaseClientConfig(tlsCfg), //(mschuppert) for now just get the default my.cnf + } // 03-config.conf customSecrets := "" @@ -845,7 +858,7 @@ func (r *GlanceAPIReconciler) generateServiceConfig( "ServicePassword": string(ospSecret.Data[instance.Spec.PasswordSelectors.Service]), "KeystoneInternalURL": keystoneInternalURL, "KeystonePublicURL": keystonePublicURL, - "DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s", + "DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s?read_default_file=/etc/my.cnf", instance.Spec.DatabaseUser, string(ospSecret.Data[instance.Spec.PasswordSelectors.Database]), instance.Spec.DatabaseHostname, diff --git a/go.mod b/go.mod index 564f5113..45159de6 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240216173409-86913e6d5885 github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.20240216173409-86913e6d5885 github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885 - github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240215091212-cbf2ad281f43 + github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240220132409-f96d4d040f4e k8s.io/api v0.28.3 k8s.io/apimachinery v0.28.3 k8s.io/client-go v0.28.3 diff --git a/go.sum b/go.sum index e82f8609..4a44f285 100644 --- a/go.sum +++ b/go.sum @@ -93,8 +93,8 @@ github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.202402161 github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:sK82mkh2UzITsbNa/y6AKTZftHQnsYigqRx+rFbfZM4= github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885 h1:ioJ2MO3vAcBkLM+0UBu5IuKW/DPXcyiNSOLq0Xvn+Nw= github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:82nzS+DbBe1tzaMvNHH8FctmZzQ14ZAJysFGsMJiivo= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240215091212-cbf2ad281f43 h1:azblrnuVV8sLWihuqS7lJMrwpo1dtB1K5vvkug0agw4= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240215091212-cbf2ad281f43/go.mod h1:52Ja/B4RrrytMmKh+Kf+/BPe7Fq40Pi77vcFH4yJeoU= +github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240220132409-f96d4d040f4e h1:6vqp5HZwcGvPH0MII/23iCd97T3/1HJZlONKW6LyNio= +github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240220132409-f96d4d040f4e/go.mod h1:PDqfLbP4ZWqQHAu1OtbjfpOGQUKSzLqRJChvE/9pcyQ= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= diff --git a/pkg/glance/cronjob.go b/pkg/glance/cronjob.go index 854c19db..73308256 100644 --- a/pkg/glance/cronjob.go +++ b/pkg/glance/cronjob.go @@ -88,6 +88,15 @@ func CronJob( }, }, }, + { + Name: "config-data", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + DefaultMode: &config0644AccessMode, + SecretName: ServiceName + "-config-data", + }, + }, + }, } cronJobVolumeMounts := []corev1.VolumeMount{ { @@ -95,6 +104,12 @@ func CronJob( MountPath: "/etc/glance/glance.conf.d", ReadOnly: true, }, + { + Name: "config-data", + MountPath: "/etc/my.cnf", + SubPath: "my.cnf", + ReadOnly: true, + }, } // add CA cert if defined from the first api diff --git a/pkg/glance/dbsync.go b/pkg/glance/dbsync.go index 872c7f17..381c3afa 100644 --- a/pkg/glance/dbsync.go +++ b/pkg/glance/dbsync.go @@ -80,6 +80,12 @@ func DbSyncJob( MountPath: "/etc/glance/glance.conf.d", ReadOnly: true, }, + { + Name: "config-data", + MountPath: "/etc/my.cnf", + SubPath: "my.cnf", + ReadOnly: true, + }, { Name: "config-data", MountPath: "/var/lib/kolla/config_files/config.json", diff --git a/pkg/glance/volumes.go b/pkg/glance/volumes.go index dd5a0a1c..2c36ee0c 100644 --- a/pkg/glance/volumes.go +++ b/pkg/glance/volumes.go @@ -131,6 +131,12 @@ func GetVolumeMounts(secretNames []string, hasCinder bool, extraVol []glancev1.G MountPath: "/var/lib/config-data/default", ReadOnly: true, }, + { + Name: "config-data", + MountPath: "/etc/my.cnf", + SubPath: "my.cnf", + ReadOnly: true, + }, { Name: ServiceName, MountPath: "/var/lib/glance", diff --git a/test/functional/glance_controller_test.go b/test/functional/glance_controller_test.go index 304a57b8..3f801678 100644 --- a/test/functional/glance_controller_test.go +++ b/test/functional/glance_controller_test.go @@ -146,6 +146,13 @@ var _ = Describe("Glance controller", func() { th.SimulateJobSuccess(glanceTest.GlanceDBSync) Glance := GetGlance(glanceTest.Instance) Expect(Glance.Status.DatabaseHostname).To(Equal(fmt.Sprintf("hostname-for-openstack.%s.svc", namespace))) + + secretDataMap := th.GetSecret(glanceTest.GlanceConfigMapData) + Expect(secretDataMap).ShouldNot(BeNil()) + myCnf := secretDataMap.Data["my.cnf"] + Expect(myCnf).To( + ContainSubstring("[client]\nssl=0")) + th.ExpectCondition( glanceName, ConditionGetterFunc(GlanceConditionGetter), diff --git a/test/functional/glanceapi_controller_test.go b/test/functional/glanceapi_controller_test.go index 2acd925f..d7af1613 100644 --- a/test/functional/glanceapi_controller_test.go +++ b/test/functional/glanceapi_controller_test.go @@ -23,6 +23,7 @@ import ( . "github.com/onsi/gomega" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -70,6 +71,20 @@ var _ = Describe("Glanceapi controller", func() { When("the Secret is created with all the expected fields", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) spec := GetDefaultGlanceAPISpec(GlanceAPITypeSingle) spec["customServiceConfig"] = "foo=bar" DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceSingle, spec)) @@ -97,6 +112,11 @@ var _ = Describe("Glanceapi controller", func() { //Double check customServiceConfig has been applied configData := string(secretDataMap.Data["02-config.conf"]) Expect(configData).Should(ContainSubstring("foo=bar")) + + Expect(secretDataMap).ShouldNot(BeNil()) + myCnf := secretDataMap.Data["my.cnf"] + Expect(myCnf).To( + ContainSubstring("[client]\nssl=0")) }) It("stored the input hash in the Status", func() { Eventually(func(g Gomega) { @@ -108,6 +128,20 @@ var _ = Describe("Glanceapi controller", func() { When("GlanceAPI is generated by the top-level CR", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceInternal, CreateGlanceAPISpec(GlanceAPITypeInternal))) DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceExternal, CreateGlanceAPISpec(GlanceAPITypeExternal))) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.Instance.Namespace)) @@ -134,7 +168,7 @@ var _ = Describe("Glanceapi controller", func() { Expect(ss.Spec.Template.Spec.Containers).To(HaveLen(3)) container := ss.Spec.Template.Spec.Containers[2] - Expect(container.VolumeMounts).To(HaveLen(5)) + Expect(container.VolumeMounts).To(HaveLen(6)) Expect(container.Image).To(Equal(glanceTest.ContainerImage)) Expect(container.LivenessProbe.HTTPGet.Port.IntVal).To(Equal(int32(9292))) Expect(container.ReadinessProbe.HTTPGet.Port.IntVal).To(Equal(int32(9292))) @@ -152,7 +186,7 @@ var _ = Describe("Glanceapi controller", func() { // Check the glance-api container container := ss.Spec.Template.Spec.Containers[2] - Expect(container.VolumeMounts).To(HaveLen(5)) + Expect(container.VolumeMounts).To(HaveLen(6)) Expect(container.Image).To(Equal(glanceTest.ContainerImage)) Expect(container.LivenessProbe.HTTPGet.Port.IntVal).To(Equal(int32(9292))) Expect(container.ReadinessProbe.HTTPGet.Port.IntVal).To(Equal(int32(9292))) @@ -175,6 +209,20 @@ var _ = Describe("Glanceapi controller", func() { When("GlanceAPI is generated by the top-level CR (single-api)", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceSingle, CreateGlanceAPISpec(GlanceAPITypeSingle))) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.Instance.Namespace)) th.ExpectCondition( @@ -193,7 +241,7 @@ var _ = Describe("Glanceapi controller", func() { Expect(ss.Spec.Template.Spec.Containers).To(HaveLen(3)) container := ss.Spec.Template.Spec.Containers[2] - Expect(container.VolumeMounts).To(HaveLen(5)) + Expect(container.VolumeMounts).To(HaveLen(6)) Expect(container.Image).To(Equal(glanceTest.ContainerImage)) Expect(container.LivenessProbe.HTTPGet.Port.IntVal).To(Equal(int32(9292))) Expect(container.ReadinessProbe.HTTPGet.Port.IntVal).To(Equal(int32(9292))) @@ -205,6 +253,21 @@ var _ = Describe("Glanceapi controller", func() { }) When("the StatefulSet has at least one Replica ready - External", func() { BeforeEach(func() { + DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceExternal, CreateGlanceAPISpec(GlanceAPITypeExternal))) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.GlanceExternal.Namespace)) th.SimulateStatefulSetReplicaReady(glanceTest.GlanceExternalStatefulSet) @@ -239,6 +302,21 @@ var _ = Describe("Glanceapi controller", func() { }) When("the StatefulSet has at least one Replica ready - Internal", func() { BeforeEach(func() { + DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceInternal, CreateGlanceAPISpec(GlanceAPITypeInternal))) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.GlanceInternal.Namespace)) th.SimulateStatefulSetReplicaReady(glanceTest.GlanceInternalStatefulSet) @@ -273,6 +351,21 @@ var _ = Describe("Glanceapi controller", func() { }) When("the StatefulSet has at least one Replica ready - Single", func() { BeforeEach(func() { + DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceSingle, CreateGlanceAPISpec(GlanceAPITypeSingle))) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.GlanceSingle.Namespace)) th.SimulateStatefulSetReplicaReady(glanceTest.GlanceSingle) @@ -308,6 +401,21 @@ var _ = Describe("Glanceapi controller", func() { }) When("A GlanceAPI is created with service override", func() { BeforeEach(func() { + DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) spec := CreateGlanceAPISpec(GlanceAPITypeInternal) serviceOverride := map[string]interface{}{} serviceOverride["internal"] = map[string]interface{}{ @@ -372,6 +480,21 @@ var _ = Describe("Glanceapi controller", func() { }) When("A GlanceAPI is created with service override endpointURL set", func() { BeforeEach(func() { + DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBDatabaseCompleted(glanceTest.Instance) spec := CreateGlanceAPISpec(GlanceAPITypeExternal) serviceOverride := map[string]interface{}{} serviceOverride["public"] = map[string]interface{}{ @@ -403,6 +526,21 @@ var _ = Describe("Glanceapi controller", func() { When("A split GlanceAPI with TLS is generated by the top-level CR", func() { BeforeEach(func() { + DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBTLSDatabaseCompleted(glanceTest.Instance) DeferCleanup(k8sClient.Delete, ctx, th.CreateCABundleSecret(glanceTest.CABundleSecret)) DeferCleanup(k8sClient.Delete, ctx, th.CreateCertSecret(glanceTest.InternalCertSecret)) DeferCleanup(k8sClient.Delete, ctx, th.CreateCertSecret(glanceTest.PublicCertSecret)) @@ -505,6 +643,21 @@ var _ = Describe("Glanceapi controller", func() { When("A single GlanceAPI with TLS is generated by the top-level CR (single-api)", func() { BeforeEach(func() { + DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBTLSDatabaseCompleted(glanceTest.Instance) DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceSingle, GetTLSGlanceAPISpec(GlanceAPITypeSingle))) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(glanceTest.Instance.Namespace)) @@ -603,6 +756,12 @@ var _ = Describe("Glanceapi controller", func() { Expect(httpdProxyContainer.ReadinessProbe.HTTPGet.Scheme).To(Equal(corev1.URISchemeHTTPS)) Expect(httpdProxyContainer.LivenessProbe.HTTPGet.Scheme).To(Equal(corev1.URISchemeHTTPS)) + + secretDataMap := th.GetSecret(glanceTest.GlanceSingleConfigMapData) + Expect(secretDataMap).ShouldNot(BeNil()) + myCnf := secretDataMap.Data["my.cnf"] + Expect(myCnf).To( + ContainSubstring("[client]\nssl-ca=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\nssl=1")) }) It("TLS Endpoints are created", func() { @@ -657,6 +816,21 @@ var _ = Describe("Glanceapi controller", func() { When("A GlanceAPI with TLS is created with service override endpointURL", func() { BeforeEach(func() { + DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + glanceName.Namespace, + GetGlance(glanceTest.Instance).Spec.DatabaseInstance, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + mariadb.CreateMariaDBAccount(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBAccountSpec{}) + mariadb.CreateMariaDBDatabase(glanceTest.Instance.Namespace, glanceTest.Instance.Name, mariadbv1.MariaDBDatabaseSpec{}) + mariadb.SimulateMariaDBAccountCompleted(glanceTest.Instance) + mariadb.SimulateMariaDBTLSDatabaseCompleted(glanceTest.Instance) DeferCleanup(k8sClient.Delete, ctx, th.CreateCABundleSecret(glanceTest.CABundleSecret)) DeferCleanup(k8sClient.Delete, ctx, th.CreateCertSecret(glanceTest.InternalCertSecret)) DeferCleanup(k8sClient.Delete, ctx, th.CreateCertSecret(glanceTest.PublicCertSecret)) diff --git a/test/kuttl/tests/glance_single_tls/01-assert.yaml b/test/kuttl/tests/glance_single_tls/01-assert.yaml index e26089ac..6703ed69 100644 --- a/test/kuttl/tests/glance_single_tls/01-assert.yaml +++ b/test/kuttl/tests/glance_single_tls/01-assert.yaml @@ -106,6 +106,10 @@ spec: - mountPath: /var/lib/config-data/default name: config-data readOnly: true + - mountPath: /etc/my.cnf + name: config-data + readOnly: true + subPath: my.cnf - mountPath: /var/lib/glance name: glance - mountPath: /var/lib/kolla/config_files/config.json