From e02931550d2bcc812062a1e3ced6d99ebbb56017 Mon Sep 17 00:00:00 2001
From: Akhil Mohan <akhil.mohan@mayadata.io>
Date: Mon, 11 Jan 2021 13:17:45 +0530
Subject: [PATCH] feat(cleanup): support image pull secrets for cleanup pod
 (#527)

add image pull secret to cleanup job pod via env

Signed-off-by: Akhil Mohan <akhil.mohan@mayadata.io>
---
 changelogs/unreleased/493-RealHarshThakur |  1 +
 changelogs/unreleased/527-akhilerm        |  1 +
 pkg/cleaner/config.go                     |  4 ++-
 pkg/cleaner/jobcontroller.go              |  2 ++
 pkg/env/env.go                            | 25 ++++++++++++++
 pkg/env/env_test.go                       | 42 +++++++++++++++++++++++
 6 files changed, 74 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/unreleased/493-RealHarshThakur
 create mode 100644 changelogs/unreleased/527-akhilerm

diff --git a/changelogs/unreleased/493-RealHarshThakur b/changelogs/unreleased/493-RealHarshThakur
new file mode 100644
index 000000000..7d33d423c
--- /dev/null
+++ b/changelogs/unreleased/493-RealHarshThakur
@@ -0,0 +1 @@
+upgrade CRDs to v1 and add openAPI validation
\ No newline at end of file
diff --git a/changelogs/unreleased/527-akhilerm b/changelogs/unreleased/527-akhilerm
new file mode 100644
index 000000000..ec4f67946
--- /dev/null
+++ b/changelogs/unreleased/527-akhilerm
@@ -0,0 +1 @@
+add image pull secrets to cleanup job pod via environment variable
\ No newline at end of file
diff --git a/pkg/cleaner/config.go b/pkg/cleaner/config.go
index 4ebcdd147..784864f5f 100644
--- a/pkg/cleaner/config.go
+++ b/pkg/cleaner/config.go
@@ -16,7 +16,9 @@ limitations under the License.
 
 package cleaner
 
-import "os"
+import (
+	"os"
+)
 
 const (
 	// EnvCleanUpJobImage is the environment variable for getting the
diff --git a/pkg/cleaner/jobcontroller.go b/pkg/cleaner/jobcontroller.go
index 9dad2565a..98ed89f71 100644
--- a/pkg/cleaner/jobcontroller.go
+++ b/pkg/cleaner/jobcontroller.go
@@ -26,6 +26,7 @@ import (
 	"github.com/openebs/node-disk-manager/blockdevice"
 	"github.com/openebs/node-disk-manager/cmd/ndm_daemonset/controller"
 	"github.com/openebs/node-disk-manager/pkg/apis/openebs/v1alpha1"
+	"github.com/openebs/node-disk-manager/pkg/env"
 	batchv1 "k8s.io/api/batch/v1"
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -136,6 +137,7 @@ func NewCleanupJob(bd *v1alpha1.BlockDevice, volMode VolumeMode, tolerations []v
 	podSpec.ServiceAccountName = getServiceAccount()
 	podSpec.Containers = []v1.Container{jobContainer}
 	podSpec.NodeSelector = map[string]string{controller.KubernetesHostNameLabel: nodeName}
+	podSpec.ImagePullSecrets = env.GetOpenEBSImagePullSecrets()
 	podTemplate := v1.Pod{}
 	podTemplate.Spec = podSpec
 
diff --git a/pkg/env/env.go b/pkg/env/env.go
index 01ee4abac..b2a4f4077 100644
--- a/pkg/env/env.go
+++ b/pkg/env/env.go
@@ -18,6 +18,9 @@ package env
 
 import (
 	"os"
+	"strings"
+
+	v1 "k8s.io/api/core/v1"
 
 	"github.com/openebs/node-disk-manager/pkg/util"
 )
@@ -29,6 +32,9 @@ const (
 
 	// installCRDEnvDefaultValue is the default value for the INSTALL_CRD_ENV
 	installCRDEnvDefaultValue = true
+
+	// IMAGE_PULL_SECRETS_ENV is the environment variable used to pass the image pull secrets
+	IMAGE_PULL_SECRETS_ENV = "OPENEBS_IO_IMAGE_PULL_SECRETS"
 )
 
 // IsInstallCRDEnabled is used to check whether the CRDs need to be installed
@@ -42,3 +48,22 @@ func IsInstallCRDEnabled() bool {
 
 	return util.CheckTruthy(val)
 }
+
+// GetOpenEBSImagePullSecrets is used to get the image pull secrets from the environment variable
+func GetOpenEBSImagePullSecrets() []v1.LocalObjectReference {
+	secrets := strings.TrimSpace(os.Getenv(IMAGE_PULL_SECRETS_ENV))
+
+	list := make([]v1.LocalObjectReference, 0)
+
+	if len(secrets) == 0 {
+		return list
+	}
+	arr := strings.Split(secrets, ",")
+	for _, item := range arr {
+		if len(item) > 0 {
+			l := v1.LocalObjectReference{Name: strings.TrimSpace(item)}
+			list = append(list, l)
+		}
+	}
+	return list
+}
diff --git a/pkg/env/env_test.go b/pkg/env/env_test.go
index c745c1ae3..4662bdafb 100644
--- a/pkg/env/env_test.go
+++ b/pkg/env/env_test.go
@@ -20,6 +20,8 @@ import (
 	"os"
 	"testing"
 
+	v1 "k8s.io/api/core/v1"
+
 	"github.com/stretchr/testify/assert"
 )
 
@@ -58,3 +60,43 @@ func TestIsInstallCRDEnabled(t *testing.T) {
 		})
 	}
 }
+
+func TestGetOpenEBSImagePullSecrets(t *testing.T) {
+	tests := map[string]struct {
+		envValue string
+		secret   []v1.LocalObjectReference
+	}{
+		"empty variable": {
+			envValue: "",
+			secret:   []v1.LocalObjectReference{},
+		},
+		"single value": {
+			envValue: "image-pull-secret",
+			secret:   []v1.LocalObjectReference{{Name: "image-pull-secret"}},
+		},
+		"multiple value": {
+			envValue: "image-pull-secret,secret-1",
+			secret:   []v1.LocalObjectReference{{Name: "image-pull-secret"}, {Name: "secret-1"}},
+		},
+		"whitespaces": {
+			envValue: " ",
+			secret:   []v1.LocalObjectReference{},
+		},
+		"single value with whitespaces": {
+			envValue: " docker-secret ",
+			secret:   []v1.LocalObjectReference{{Name: "docker-secret"}},
+		},
+		"multiple value with whitespaces": {
+			envValue: " docker-secret, image-pull-secret ",
+			secret:   []v1.LocalObjectReference{{Name: "docker-secret"}, {Name: "image-pull-secret"}},
+		},
+	}
+	for name, tt := range tests {
+		t.Run(name, func(t *testing.T) {
+			os.Setenv(IMAGE_PULL_SECRETS_ENV, tt.envValue)
+			got := GetOpenEBSImagePullSecrets()
+			assert.Equal(t, tt.secret, got)
+			os.Unsetenv(IMAGE_PULL_SECRETS_ENV)
+		})
+	}
+}