Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[TLS] TLS for public endpoints terminated at a route #502

Merged
merged 3 commits into from
Oct 26, 2023
Merged

[TLS] TLS for public endpoints terminated at a route #502

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8704327
[TLS] TLS for public endpoints terminated at a route
stuggi Sep 13, 2023
f02cce8
[TLS] basic CA/ca-bundle create envtest
stuggi Oct 5, 2023
094241c
[TLS] update kuttl tests for tls public endpoints
stuggi Oct 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
55 changes: 0 additions & 55 deletions .github/workflows/golangci-lint.yaml
View file
Open in desktop

This file was deleted.

14 changes: 14 additions & 0 deletions .github/workflows/lints.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
name: Lints

on: [pull_request]

jobs:
check-go-mod-replace-lines:
name: check for replace lines in go.mod files
runs-on: ubuntu-latest
steps:
- name: Checkout project code
uses: actions/checkout@v3
- name: check for replace lines in go.mod files
run: |
! egrep --invert-match -e '^replace.*/apis => \./apis|^replace.*//allow-merging$' `find . -name 'go.mod'` | egrep -e 'go.mod:replace'
16 changes: 11 additions & 5 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,8 +127,10 @@ golangci-lint:
$(LOCALBIN)/golangci-lint run --fix

.PHONY: test
test: manifests generate fmt vet envtest ## Run tests.
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out
test: manifests generate gowork fmt vet envtest ginkgo ## Run tests.
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) -v debug --bin-dir $(LOCALBIN) use $(ENVTEST_K8S_VERSION) -p path)" \
OPERATOR_TEMPLATES="$(PWD)/templates" \
$(GINKGO) --trace --cover --coverpkg=../../pkg/openstack,../../pkg/openstackclient,../../pkg/util,../../controllers,../../apis/client/v1beta1,../../apis/core/v1beta1 --coverprofile cover.out --covermode=atomic ${PROC_CMD} $(GINKGO_ARGS) ./tests/... ./apis/client/...

##@ Build

Expand Down Expand Up @@ -204,6 +206,7 @@ $(LOCALBIN):
KUSTOMIZE ?= $(LOCALBIN)/kustomize
CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
ENVTEST ?= $(LOCALBIN)/setup-envtest
GINKGO ?= $(LOCALBIN)/ginkgo

## Tool Versions
KUSTOMIZE_VERSION ?= v3.8.7
Expand All @@ -225,6 +228,11 @@ envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
$(ENVTEST): $(LOCALBIN)
test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest

.PHONY: ginkgo
ginkgo: $(GINKGO) ## Download ginkgo locally if necessary.
$(GINKGO): $(LOCALBIN)
test -s $(LOCALBIN)/ginkgo || GOBIN=$(LOCALBIN) go install github.com/onsi/ginkgo/v2/ginkgo

.PHONY: bundle
bundle: manifests kustomize ## Generate bundle manifests and metadata, then validate generated files.
operator-sdk generate kustomize manifests -q
Expand Down Expand Up @@ -316,9 +324,7 @@ govet: get-ci-tools
GOWORK=off $(CI_TOOLS_REPO_DIR)/test-runner/govet.sh ./apis

# Run go test against code
gotest: get-ci-tools
GOWORK=off $(CI_TOOLS_REPO_DIR)/test-runner/gotest.sh
GOWORK=off $(CI_TOOLS_REPO_DIR)/test-runner/gotest.sh ./apis
gotest: test

# Run golangci-lint test against code
golangci: get-ci-tools
Expand Down
4 changes: 4 additions & 0 deletions apis/bases/client.openstack.org_openstackclients.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,15 +36,19 @@ spec:
type: object
spec:
properties:
caSecretName:
type: string
containerImage:
type: string
nodeSelector:
additionalProperties:
type: string
type: object
openStackConfigMap:
default: openstack-config
type: string
openStackConfigSecret:
default: openstack-config-secret
type: string
required:
- containerImage
Expand Down
117 changes: 117 additions & 0 deletions apis/bases/core.openstack.org_openstackcontrolplanes.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: true
Expand Down Expand Up @@ -2348,6 +2353,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: true
Expand Down Expand Up @@ -3537,6 +3547,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
cnfAPIOverride:
properties:
Expand Down Expand Up @@ -3638,6 +3653,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: false
Expand Down Expand Up @@ -4089,6 +4109,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: false
Expand Down Expand Up @@ -4316,6 +4341,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: false
Expand Down Expand Up @@ -4420,6 +4450,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
template:
properties:
Expand Down Expand Up @@ -5034,6 +5069,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: true
Expand Down Expand Up @@ -5308,6 +5348,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: false
Expand Down Expand Up @@ -6534,6 +6579,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: true
Expand Down Expand Up @@ -7557,6 +7607,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
cellOverride:
additionalProperties:
Expand Down Expand Up @@ -7661,6 +7716,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
type: object
type: object
Expand Down Expand Up @@ -8470,6 +8530,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: false
Expand Down Expand Up @@ -8969,6 +9034,30 @@ spec:
- secret
type: object
type: object
openstackclient:
properties:
template:
properties:
caSecretName:
type: string
containerImage:
type: string
nodeSelector:
additionalProperties:
type: string
type: object
openStackConfigMap:
default: openstack-config
type: string
openStackConfigSecret:
default: openstack-config-secret
type: string
required:
- containerImage
- openStackConfigMap
- openStackConfigSecret
type: object
type: object
ovn:
properties:
enabled:
Expand Down Expand Up @@ -9297,6 +9386,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
enabled:
default: true
Expand Down Expand Up @@ -13620,6 +13714,11 @@ spec:
type: string
type: object
type: object
tls:
properties:
secretName:
type: string
type: object
type: object
template:
properties:
Expand Down Expand Up @@ -13778,6 +13877,24 @@ spec:
- swiftStorage
type: object
type: object
tls:
default:
endpoint:
internal:
enabled: false
public:
enabled: true
properties:
caSecretName:
type: string
endpoint:
additionalProperties:
properties:
enabled:
type: boolean
type: object
type: object
type: object
required:
- secret
- storageClass
Expand Down
Loading
Loading