Skip to content
/ provider-credential-controller Public

This controller takes care of updating Hive & Ansible related secrets that are created from Cloud Provider Secrets

License

Apache-2.0 license
2 stars 10 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

stolostron/provider-credential-controller

BranchesTags

Repository files navigation

Provider-credential-controller

License

What is provider-credential-controller

With provider-credential-controller, your cluster secrets will be automatically updated when making changes to the Provider Crednetial secrets.

Go to the Contributing guide to learn how to get involved.

Getting started

  • Steps for development:

    • Compile the code by running

      make compile

./build/_output/manager  # Execute the binary

    • Run the go file manually

      go run ./cmd/manager/main.go

    • Push an image to your repository

      export VERSION=0.1 # Specify a version, must be edited in ./deploy/controller/deployment.yaml
export REPO_URL=quay.io/MY_ORGANIZATION_OR_USERNAME

make push

  • Steps for deployment:

    • Connect to the OpenShift cluster acting as the hub for Open Cluster Management 
      oc apply -k deploy/controller
      • Even though this controller deploys as a single pod, it uses leader election to make sure only one instance is ever running.
      • Even if the controller is interupted while updating secrets, when it restarts, it will continue the process until all copied secrets are updated with the new values from the Provider Credential secret.

  • Steps for testing:

    • Running unit tests:

      make unit-tests

    • Running scale testing (3000 copied secrets)

      • Connect to an OpenShift cluster
      • Make sure either the controller is deployed, see Steps for deployment or launched from the command line, see Steps for development 
        # Create namespace
oc new-project providers

make scale-up   # This creates a fake Ansible Provider Secret, and makes 3000 copies
                # To changes the number of copies edit ./controller/provider-credential-controller_scale_test.go
                #     const SecretCount = 3000

make scale-test # This makes FOUR token changes to the Provider secret without waiting

make scale-down # Removes a fake Ansible Provider Secret and deletes 3000 copies
      • This test executes a sequence of four token updates, not waiting for the 3000 copies to be reconciled. This validates that we do not lose track of the Provider secret updates, even when there is a processing delay in reconciling each copied secret.

  • Check the Security guide if you need to report a security issue.

About

This controller takes care of updating Hive & Ansible related secrets that are created from Cloud Provider Secrets

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

4 watching

Forks

10 forks
Report repository

Releases

17 tags

Packages

No packages published

Contributors 13

Languages