public_git
/
postgres-operator
mirror of https://github.com/zalando/postgres-operator.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

allow using both infrastructure_roles_options

This commit is contained in:
Felix Kunde 2020-08-07 16:30:12 +02:00
parent 7cf2fae6df
commit d68ef1a20e
3 changed files with 597 additions and 532 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1000
e2e/tests/test_e2e.py
View File

File diff suppressed because it is too large Load Diff

28
pkg/controller/util.go
View File

@ -118,13 +118,9 @@ var emptyName = (spec.NamespacedName{})
// configuration in ConfigMap & CRD.
func (c *Controller) getInfrastructureRoleDefinitions() []*config.InfrastructureRole {
var roleDef config.InfrastructureRole
rolesDefs := c.opConfig.InfrastructureRoles
if c.opConfig.InfrastructureRolesSecretName == emptyName {
// All the other possibilities require secret name to be present, so if
// it is not, then nothing else to be done here.
return rolesDefs
}
// take from CRD configuration
rolesDefs := c.opConfig.InfrastructureRoles
// check if we can extract something from the configmap config option
if c.opConfig.InfrastructureRolesDefs != "" {
@ -167,23 +163,25 @@ func (c *Controller) getInfrastructureRoleDefinitions() []*config.Infrastructure
c.logger.Warningf("Role description is not known: %s", properties)
}
}
} else {
if roleDef.SecretName != emptyName &&
roleDef.UserKey != "" &&
roleDef.PasswordKey != "" {
rolesDefs = append(rolesDefs, &roleDef)
}
}
if c.opConfig.InfrastructureRolesSecretName != emptyName {
// At this point we deal with the old format, let's replicate it
// via existing definition structure and remember that it's just a
// template, the real values are in user1,password1,inrole1 etc.
roleDef = config.InfrastructureRole{
rolesDefs = append(rolesDefs, &config.InfrastructureRole{
SecretName: c.opConfig.InfrastructureRolesSecretName,
UserKey: "user",
PasswordKey: "password",
RoleKey: "inrole",
Template: true,
}
}
if roleDef.UserKey != "" &&
roleDef.PasswordKey != "" &&
roleDef.RoleKey != "" {
rolesDefs = append(rolesDefs, &roleDef)
})
}
return rolesDefs

101
pkg/controller/util_test.go
View File

@ -279,7 +279,7 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
roleSecrets string
expectedDefs []*config.InfrastructureRole
}{
// only new format
// only new CRD format
{
[]*config.InfrastructureRole{
&config.InfrastructureRole{
@ -287,9 +287,9 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "user",
PasswordKey: "password",
RoleKey: "inrole",
UserKey: "test-user",
PasswordKey: "test-password",
RoleKey: "test-role",
Template: false,
},
},
@ -301,14 +301,32 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "user",
PasswordKey: "password",
RoleKey: "inrole",
UserKey: "test-user",
PasswordKey: "test-password",
RoleKey: "test-role",
Template: false,
},
},
},
// only old format
// only new configmap format
{
[]*config.InfrastructureRole{},
spec.NamespacedName{},
"secretname: infrastructureroles-new-test, userkey: test-user, passwordkey: test-password, rolekey: test-role",
[]*config.InfrastructureRole{
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "test-user",
PasswordKey: "test-password",
RoleKey: "test-role",
Template: false,
},
},
},
// only old CRD and configmap format
{
[]*config.InfrastructureRole{},
spec.NamespacedName{
@ -329,19 +347,13 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
},
},
},
// only configmap format
// both formats for CRD
{
[]*config.InfrastructureRole{},
spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
},
"secretname: infrastructureroles-old-test, userkey: test-user, passwordkey: test-password, rolekey: test-role, template: false",
[]*config.InfrastructureRole{
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "test-user",
PasswordKey: "test-password",
@ -349,14 +361,69 @@ func TestInfrastructureRoleDefinitions(t *testing.T) {
Template: false,
},
},
spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
},
// incorrect configmap format
"",
[]*config.InfrastructureRole{
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "test-user",
PasswordKey: "test-password",
RoleKey: "test-role",
Template: false,
},
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
},
UserKey: "user",
PasswordKey: "password",
RoleKey: "inrole",
Template: true,
},
},
},
// both formats for configmap
{
[]*config.InfrastructureRole{},
spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
},
"secretname: infrastructureroles-new-test, userkey: test-user, passwordkey: test-password, rolekey: test-role",
[]*config.InfrastructureRole{
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesNewSecretName,
},
UserKey: "test-user",
PasswordKey: "test-password",
RoleKey: "test-role",
Template: false,
},
&config.InfrastructureRole{
SecretName: spec.NamespacedName{
Namespace: v1.NamespaceDefault,
Name: testInfrastructureRolesOldSecretName,
},
UserKey: "user",
PasswordKey: "password",
RoleKey: "inrole",
Template: true,
},
},
},
// incorrect configmap format
{
[]*config.InfrastructureRole{},
spec.NamespacedName{},
"wrong-format",
[]*config.InfrastructureRole{},
},