TLS kuttl

Signed-off-by: Veronika Fisarova <[email protected]>

api/bases/manila.openstack.org_manilaapis.yaml

@@ -54,12 +54,6 @@ spec:
               databaseUser:
                 default: manila
                 type: string
-              debug:
-                properties:
-                  service:
-                    default: false
-                    type: boolean
-                type: object
               extraMounts:
                 items:
                   properties:

api/bases/manila.openstack.org_manilas.yaml

@@ -58,9 +58,6 @@ spec:
                   dbPurge:
                     default: false
                     type: boolean
-                  dbSync:
-                    default: false
-                    type: boolean
                 type: object
               extraMounts:
                 items:
@@ -829,12 +826,6 @@ spec:
                     items:
                       type: string
                     type: array
-                  debug:
-                    properties:
-                      service:
-                        default: false
-                        type: boolean
-                    type: object
                   networkAttachments:
                     items:
                       type: string
@@ -963,12 +954,6 @@ spec:
                     items:
                       type: string
                     type: array
-                  debug:
-                    properties:
-                      service:
-                        default: false
-                        type: boolean
-                    type: object
                   networkAttachments:
                     items:
                       type: string
@@ -1029,12 +1014,6 @@ spec:
                       items:
                         type: string
                       type: array
-                    debug:
-                      properties:
-                        service:
-                          default: false
-                          type: boolean
-                      type: object
                     networkAttachments:
                       items:
                         type: string

api/bases/manila.openstack.org_manilaschedulers.yaml

@@ -54,12 +54,6 @@ spec:
               databaseUser:
                 default: manila
                 type: string
-              debug:
-                properties:
-                  service:
-                    default: false
-                    type: boolean
-                type: object
               extraMounts:
                 items:
                   properties:

api/bases/manila.openstack.org_manilashares.yaml

@@ -54,12 +54,6 @@ spec:
               databaseUser:
                 default: manila
                 type: string
-              debug:
-                properties:
-                  service:
-                    default: false
-                    type: boolean
-                type: object
               extraMounts:
                 items:
                   properties:

api/v1beta1/common_types.go

@@ -72,11 +72,6 @@ type ManilaServiceTemplate struct {
 	// any global NodeSelector settings within the Manila CR.
 	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
 
-	// +kubebuilder:validation:Optional
-	// Debug - enable debug for different deploy stages. If an init container is used, it runs and the
-	// actual action pod gets started with sleep infinity
-	Debug ManilaServiceDebug `json:"debug,omitempty"`
-
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default="# add your customization here"
 	// CustomServiceConfig - customize the service config using this parameter to change service defaults,
@@ -111,12 +106,3 @@ type PasswordSelector struct {
 	// Service - Selector to get the manila service password from the Secret
 	Service string `json:"service,omitempty"`
 }
-
-// ManilaServiceDebug indicates whether certain stages of Manila service
-// deployment should pause in debug mode
-type ManilaServiceDebug struct {
-	// +kubebuilder:validation:Optional
-	// +kubebuilder:default=false
-	// service enable debug
-	Service bool `json:"service,omitempty"`
-}

api/v1beta1/manila_types.go

@@ -161,10 +161,6 @@ type DBPurge struct {
 // ManilaDebug contains flags related to multiple debug activities. See the
 // individual comments for what this means for each flag.
 type ManilaDebug struct {
-	// +kubebuilder:validation:Optional
-	// +kubebuilder:default=false
-	// DBSync pauses the dbSync container instead of executing the db_sync command.
-	DBSync bool `json:"dbSync,omitempty"`
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default=false
 	// DBPurge increases log verbosity by executing the db_purge command with "--debug".

config/crd/bases/manila.openstack.org_manilaapis.yaml

@@ -54,12 +54,6 @@ spec:
               databaseUser:
                 default: manila
                 type: string
-              debug:
-                properties:
-                  service:
-                    default: false
-                    type: boolean
-                type: object
               extraMounts:
                 items:
                   properties:

config/crd/bases/manila.openstack.org_manilas.yaml

@@ -58,9 +58,6 @@ spec:
                   dbPurge:
                     default: false
                     type: boolean
-                  dbSync:
-                    default: false
-                    type: boolean
                 type: object
               extraMounts:
                 items:
@@ -829,12 +826,6 @@ spec:
                     items:
                       type: string
                     type: array
-                  debug:
-                    properties:
-                      service:
-                        default: false
-                        type: boolean
-                    type: object
                   networkAttachments:
                     items:
                       type: string
@@ -963,12 +954,6 @@ spec:
                     items:
                       type: string
                     type: array
-                  debug:
-                    properties:
-                      service:
-                        default: false
-                        type: boolean
-                    type: object
                   networkAttachments:
                     items:
                       type: string
@@ -1029,12 +1014,6 @@ spec:
                       items:
                         type: string
                       type: array
-                    debug:
-                      properties:
-                        service:
-                          default: false
-                          type: boolean
-                      type: object
                     networkAttachments:
                       items:
                         type: string

config/crd/bases/manila.openstack.org_manilaschedulers.yaml

@@ -54,12 +54,6 @@ spec:
               databaseUser:
                 default: manila
                 type: string
-              debug:
-                properties:
-                  service:
-                    default: false
-                    type: boolean
-                type: object
               extraMounts:
                 items:
                   properties:

config/crd/bases/manila.openstack.org_manilashares.yaml

@@ -54,12 +54,6 @@ spec:
               databaseUser:
                 default: manila
                 type: string
-              debug:
-                properties:
-                  service:
-                    default: false
-                    type: boolean
-                type: object
               extraMounts:
                 items:
                   properties:

config/samples/layout/tls/kustomization.yaml

@@ -0,0 +1,15 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- ../bases/manila
+patches:
+- patch: |-
+    - op: replace
+      path: /spec/secret
+      value: osp-secret
+    - op: replace
+      path: /metadata/namespace
+      value: manila-kuttl-tests
+  target:
+    kind: Manila
+- path: tls.yaml

config/samples/layout/tls/tls.yaml

@@ -0,0 +1,47 @@
+apiVersion: manila.openstack.org/v1beta1
+kind: Manila
+metadata:
+  name: manila
+  namespace: openstack
+spec:
+  manilaAPI:
+    tls:
+      api:
+        internal:
+          secretName: cert-manila-internal-svc
+        public:
+          secretName: cert-manila-public-svc
+      caBundleSecretName: combined-ca-bundle
+    customServiceConfig: |
+        [DEFAULT]
+        enabled_share_protocols = cephfs
+  manilaShares:
+    share0:
+      customServiceConfig: |
+         [DEFAULT]
+         enabled_share_backends = cephfs
+         [cephfs]
+         driver_handles_share_servers=False
+         share_backend_name=cephfs
+         share_driver=manila.share.drivers.cephfs.driver.CephFSDriver
+         cephfs_conf_path=/etc/ceph/ceph.conf
+         cephfs_auth_id=openstack
+         cephfs_cluster_name=ceph
+         cephfs_protocol_helper_type=CEPHFS
+  extraMounts:
+    - name: v1
+      region: r1
+      extraVol:
+        - propagation:
+          - share0
+          extraVolType: Ceph
+          volumes:
+          - name: ceph
+            projected:
+              sources:
+              - secret:
+                  name: ceph-conf-files
+          mounts:
+          - name: ceph
+            mountPath: "/etc/ceph"
+            readOnly: true

pkg/manila/dbsync.go

@@ -1,7 +1,6 @@
 package manila
 
 import (
-	common "github.com/openstack-k8s-operators/lib-common/modules/common"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/env"
 	manilav1 "github.com/openstack-k8s-operators/manila-operator/api/v1beta1"
 	batchv1 "k8s.io/api/batch/v1"
@@ -68,19 +67,14 @@ func DbSyncJob(instance *manilav1.Manila, labels map[string]string, annotations
 		},
 	}
 
+	args := []string{"-c", DBSyncCommand}
+
 	// add CA cert if defined
 	if instance.Spec.ManilaAPI.TLS.CaBundleSecretName != "" {
 		dbSyncVolume = append(dbSyncVolume, instance.Spec.ManilaAPI.TLS.CreateVolume())
 		dbSyncMounts = append(dbSyncMounts, instance.Spec.ManilaAPI.TLS.CreateVolumeMounts(nil)...)
 	}
 
-	args := []string{"-c"}
-	if instance.Spec.Debug.DBSync {
-		args = append(args, common.DebugCommand)
-	} else {
-		args = append(args, DBSyncCommand)
-	}
-
 	runAsUser := int64(0)
 	envVars := map[string]env.Setter{}
 	envVars["KOLLA_CONFIG_STRATEGY"] = env.SetValue("COPY_ALWAYS")

pkg/manilaapi/statefulset.go

@@ -52,31 +52,20 @@ func StatefulSet(
 		InitialDelaySeconds: 5,
 	}
 
-	args := []string{"-c"}
-	if instance.Spec.Debug.Service {
-		args = append(args, common.DebugCommand)
-		livenessProbe.Exec = &corev1.ExecAction{
-			Command: []string{
-				"/bin/true",
-			},
-		}
-		readinessProbe.Exec = livenessProbe.Exec
-	} else {
-		args = append(args, ServiceCommand)
-		//
-		// https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
-		//
-
-		livenessProbe.HTTPGet = &corev1.HTTPGetAction{
-			Path: "/healthcheck",
-			Port: intstr.IntOrString{Type: intstr.Int, IntVal: int32(manila.ManilaPublicPort)},
-		}
-		readinessProbe.HTTPGet = livenessProbe.HTTPGet
+	args := []string{"-c", ServiceCommand}
+	//
+	// https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
+	//
+
+	livenessProbe.HTTPGet = &corev1.HTTPGetAction{
+		Path: "/healthcheck",
+		Port: intstr.IntOrString{Type: intstr.Int, IntVal: int32(manila.ManilaPublicPort)},
+	}
+	readinessProbe.HTTPGet = livenessProbe.HTTPGet
 
-		if instance.Spec.TLS.API.Enabled(service.EndpointPublic) {
-			livenessProbe.HTTPGet.Scheme = corev1.URISchemeHTTPS
-			readinessProbe.HTTPGet.Scheme = corev1.URISchemeHTTPS
-		}
+	if instance.Spec.TLS.API.Enabled(service.EndpointPublic) {
+		livenessProbe.HTTPGet.Scheme = corev1.URISchemeHTTPS
+		readinessProbe.HTTPGet.Scheme = corev1.URISchemeHTTPS
 	}
 
 	// create Volume and VolumeMounts