public_git
/
postgres-operator
mirror of https://github.com/zalando/postgres-operator.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

allow using both infrastructure_roles_options

This commit is contained in:
Felix Kunde 2020-08-07 16:30:12 +02:00
parent 7cf2fae6df
commit d68ef1a20e
3 changed files with 597 additions and 532 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1000
e2e/tests/test_e2e.py
View File

File diff suppressed because it is too large Load Diff

28
pkg/controller/util.go
View File

@ -118,13 +118,9 @@ var emptyName = (spec.NamespacedName{})
// configuration in ConfigMap & CRD. // configuration in ConfigMap & CRD.
func (c *Controller) getInfrastructureRoleDefinitions() []*config.InfrastructureRole { func (c *Controller) getInfrastructureRoleDefinitions() []*config.InfrastructureRole {
var roleDef config.InfrastructureRole var roleDef config.InfrastructureRole
rolesDefs := c.opConfig.InfrastructureRoles
if c.opConfig.InfrastructureRolesSecretName == emptyName { // take from CRD configuration
// All the other possibilities require secret name to be present, so if rolesDefs := c.opConfig.InfrastructureRoles
// it is not, then nothing else to be done here.
return rolesDefs
}
// check if we can extract something from the configmap config option // check if we can extract something from the configmap config option
if c.opConfig.InfrastructureRolesDefs != "" { if c.opConfig.InfrastructureRolesDefs != "" {
@ -167,23 +163,25 @@ func (c *Controller) getInfrastructureRoleDefinitions() []*config.Infrastructure
c.logger.Warningf("Role description is not known: %s", properties) c.logger.Warningf("Role description is not known: %s", properties)
} }
} }
} else {
if roleDef.SecretName != emptyName &&
roleDef.UserKey != "" &&
roleDef.PasswordKey != "" {
rolesDefs = append(rolesDefs, &roleDef)
}
}
if c.opConfig.InfrastructureRolesSecretName != emptyName {
// At this point we deal with the old format, let's replicate it // At this point we deal with the old format, let's replicate it
// via existing definition structure and remember that it's just a // via existing definition structure and remember that it's just a
// template, the real values are in user1,password1,inrole1 etc. // template, the real values are in user1,password1,inrole1 etc.
roleDef = config.InfrastructureRole{ rolesDefs = append(rolesDefs, &config.InfrastructureRole{
SecretName: c.opConfig.InfrastructureRolesSecretName, SecretName: c.opConfig.InfrastructureRolesSecretName,
UserKey: "user", UserKey: "user",
PasswordKey: "password", PasswordKey: "password",
RoleKey: "inrole", RoleKey: "inrole",
Template: true, Template: true,
} })
}
if roleDef.UserKey != "" &&
roleDef.PasswordKey != "" &&
roleDef.RoleKey != "" {
rolesDefs = append(rolesDefs, &roleDef)
} }
return rolesDefs return rolesDefs

101
pkg/controller/util_test.go
View File

@ -279,7 +279,7 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
roleSecrets string roleSecrets string
expectedDefs []*config.InfrastructureRole expectedDefs []*config.InfrastructureRole
}{ }{
// only new format // only new CRD format
{ {
[]*config.InfrastructureRole{ []*config.InfrastructureRole{
&config.InfrastructureRole{ &config.InfrastructureRole{
@ -287,9 +287,9 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
Namespace: v1.NamespaceDefault, Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName, Name: testInfrastructureRolesNewSecretName,
}, },
UserKey: "user", UserKey: "test-user",
PasswordKey: "password", PasswordKey: "test-password",
RoleKey: "inrole", RoleKey: "test-role",
Template: false, Template: false,
}, },
}, },
@ -301,14 +301,32 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
Namespace: v1.NamespaceDefault, Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName, Name: testInfrastructureRolesNewSecretName,
}, },
UserKey: "user", UserKey: "test-user",
PasswordKey: "password", PasswordKey: "test-password",
RoleKey: "inrole", RoleKey: "test-role",
Template: false, Template: false,
}, },
}, },
}, },
// only old format // only new configmap format
{
[]*config.InfrastructureRole{},
spec.NamespacedName{},
"secretname: infrastructureroles-new-test, userkey: test-user, passwordkey: test-password, rolekey: test-role",
[]*config.InfrastructureRole{
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "test-user",
PasswordKey: "test-password",
RoleKey: "test-role",
Template: false,
},
},
},
// only old CRD and configmap format
{ {
[]*config.InfrastructureRole{}, []*config.InfrastructureRole{},
spec.NamespacedName{ spec.NamespacedName{
@ -329,19 +347,13 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
}, },
}, },
}, },
// only configmap format // both formats for CRD
{ {
[]*config.InfrastructureRole{},
spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
},
"secretname: infrastructureroles-old-test, userkey: test-user, passwordkey: test-password, rolekey: test-role, template: false",
[]*config.InfrastructureRole{ []*config.InfrastructureRole{
&config.InfrastructureRole{ &config.InfrastructureRole{
SecretName: spec.NamespacedName{ SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault, Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName, Name: testInfrastructureRolesNewSecretName,
}, },
UserKey: "test-user", UserKey: "test-user",
PasswordKey: "test-password", PasswordKey: "test-password",
@ -349,14 +361,69 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
Template: false, Template: false,
}, },
}, },
spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
}, },
// incorrect configmap format "",
[]*config.InfrastructureRole{
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "test-user",
PasswordKey: "test-password",
RoleKey: "test-role",
Template: false,
},
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
},
UserKey: "user",
PasswordKey: "password",
RoleKey: "inrole",
Template: true,
},
},
},
// both formats for configmap
{ {
[]*config.InfrastructureRole{}, []*config.InfrastructureRole{},
spec.NamespacedName{ spec.NamespacedName{
Namespace: v1.NamespaceDefault, Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName, Name: testInfrastructureRolesOldSecretName,
}, },
"secretname: infrastructureroles-new-test, userkey: test-user, passwordkey: test-password, rolekey: test-role",
[]*config.InfrastructureRole{
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "test-user",
PasswordKey: "test-password",
RoleKey: "test-role",
Template: false,
},
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
},
UserKey: "user",
PasswordKey: "password",
RoleKey: "inrole",
Template: true,
},
},
},
// incorrect configmap format
{
[]*config.InfrastructureRole{},
spec.NamespacedName{},
"wrong-format", "wrong-format",
[]*config.InfrastructureRole{}, []*config.InfrastructureRole{},
}, },