diff --git a/api/bases/nova.openstack.org_nova.yaml b/api/bases/nova.openstack.org_nova.yaml index c710a8d76..a6ee3e423 100644 --- a/api/bases/nova.openstack.org_nova.yaml +++ b/api/bases/nova.openstack.org_nova.yaml @@ -35,16 +35,16 @@ spec: spec: description: NovaSpec defines the desired state of Nova properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseInstance: default: openstack description: APIDatabaseInstance is the name of the MariaDB CR to select the DB Service instance used for the Nova API DB. type: string - apiDatabaseUser: - default: nova_api - description: APIDatabaseUser - username to use when accessing the - API DB - type: string apiMessageBusInstance: default: rabbitmq description: APIMessageBusInstance is the name of the RabbitMqCluster @@ -361,16 +361,16 @@ spec: description: NovaCellTemplate defines the input parameters specified by the user to create a NovaCell via higher level CRDs. properties: + cellDatabaseAccount: + description: CellDatabaseAccount - MariaDBAccount to use when + accessing the give cell DB + type: string cellDatabaseInstance: default: openstack description: CellDatabaseInstance is the name of the MariaDB CR to select the DB Service instance used as the DB of this cell. type: string - cellDatabaseUser: - description: CellDatabaseUser - username to use when accessing - the give cell DB - type: string cellMessageBusInstance: default: rabbitmq description: CellMessageBusInstance is the name of the RabbitMqCluster @@ -1194,29 +1194,17 @@ spec: Key from map is arbitrary name for the compute with a limit of 20 characters.' type: object - passwordSelectors: - default: - database: NovaCell0DatabasePassword - description: PasswordSelectors - Selectors to identify the DB - passwords from the Secret - properties: - database: - default: NovaCell0DatabasePassword - description: CellDatabase - the name of the field to get - the Cell DB password from the Secret - type: string - type: object required: - - cellDatabaseUser + - cellDatabaseAccount - hasAPIAccess type: object default: cell0: - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 hasAPIAccess: true cell1: + cellDatabaseAccount: nova-cell1 cellDatabaseInstance: openstack-cell1 - cellDatabaseUser: nova_cell1 cellMessageBusInstance: rabbitmq-cell1 hasAPIAccess: true description: Cells is a mapping of cell names to NovaCellTemplate @@ -1531,11 +1519,6 @@ spec: description: PasswordSelectors - Selectors to identify the DB and ServiceUser passwords from the Secret properties: - apiDatabase: - default: NovaAPIDatabasePassword - description: APIDatabase - the name of the field to get the API - DB password from the Secret - type: string metadataSecret: default: MetadataSecret description: MetadataSecret - the name of the field to get the diff --git a/api/bases/nova.openstack.org_novaapis.yaml b/api/bases/nova.openstack.org_novaapis.yaml index 294b25361..015c49c97 100644 --- a/api/bases/nova.openstack.org_novaapis.yaml +++ b/api/bases/nova.openstack.org_novaapis.yaml @@ -48,24 +48,24 @@ spec: spec: description: NovaAPISpec defines the desired state of NovaAPI properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: APIDatabaseHostname - hostname to use when accessing the API DB type: string - apiDatabaseUser: - default: nova_api - description: APIDatabaseUser - username to use when accessing the - API DB + cell0DatabaseAccount: + default: nova-cell0 + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the cell0 DB type: string cell0DatabaseHostname: description: APIDatabaseHostname - hostname to use when accessing the cell0 DB type: string - cell0DatabaseUser: - default: nova_cell0 - description: APIDatabaseUser - username to use when accessing the - cell0 DB - type: string containerImage: description: The service specific Container Image URL (will be set to environmental default if empty) diff --git a/api/bases/nova.openstack.org_novacells.yaml b/api/bases/nova.openstack.org_novacells.yaml index 8b2738959..e029e3628 100644 --- a/api/bases/nova.openstack.org_novacells.yaml +++ b/api/bases/nova.openstack.org_novacells.yaml @@ -35,26 +35,26 @@ spec: spec: description: NovaCellSpec defines the desired state of NovaCell properties: + apiDatabaseAccount: + default: nova + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: 'APIDatabaseHostname - hostname to use when accessing the API DB. If not provided then up-calls will be disabled. This filed is Required for cell0. TODO(gibi): Add a webhook to validate cell0 constraint' type: string - apiDatabaseUser: + cellDatabaseAccount: default: nova - description: APIDatabaseUser - username to use when accessing the - API DB + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB type: string cellDatabaseHostname: description: CellDatabaseHostname - hostname to use when accessing the cell DB type: string - cellDatabaseUser: - default: nova - description: CellDatabaseUser - username to use when accessing the - cell DB - type: string cellName: description: CellName is the name of the Nova Cell. The value "cell0" has a special meaning. The "cell0" Cell cannot have compute nodes diff --git a/api/bases/nova.openstack.org_novaconductors.yaml b/api/bases/nova.openstack.org_novaconductors.yaml index fb1c565a8..26719959c 100644 --- a/api/bases/nova.openstack.org_novaconductors.yaml +++ b/api/bases/nova.openstack.org_novaconductors.yaml @@ -48,26 +48,26 @@ spec: spec: description: NovaConductorSpec defines the desired state of NovaConductor properties: + apiDatabaseAccount: + default: nova + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: 'APIDatabaseHostname - hostname to use when accessing the API DB. If not provided then up-calls will be disabled. This filed is Required for cell0. TODO(gibi): Add a webhook to validate cell0 constraint' type: string - apiDatabaseUser: + cellDatabaseAccount: default: nova - description: APIDatabaseUser - username to use when accessing the - API DB + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB type: string cellDatabaseHostname: description: 'NOTE(gibi): This should be Required, see notes in KeystoneAuthURL CellDatabaseHostname - hostname to use when accessing the cell DB' type: string - cellDatabaseUser: - default: nova - description: CellDatabaseUser - username to use when accessing the - cell DB - type: string cellName: description: CellName is the name of the Nova Cell this conductor belongs to. diff --git a/api/bases/nova.openstack.org_novametadata.yaml b/api/bases/nova.openstack.org_novametadata.yaml index 879a9697d..b925d22f7 100644 --- a/api/bases/nova.openstack.org_novametadata.yaml +++ b/api/bases/nova.openstack.org_novametadata.yaml @@ -48,15 +48,20 @@ spec: spec: description: NovaMetadataSpec defines the desired state of NovaMetadata properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: 'APIDatabaseHostname - hostname to use when accessing the API DB. This filed is Required if the CellName is not provided TODO(gibi): Add a webhook to validate the CellName constraint' type: string - apiDatabaseUser: - default: nova_api - description: APIDatabaseUser - username to use when accessing the - API DB + cellDatabaseAccount: + default: nova + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB type: string cellDatabaseHostname: description: 'CellDatabaseHostname - hostname to use when accessing @@ -64,11 +69,6 @@ spec: is provided then CellDatabaseHostName is also Required. TODO(gibi): add webhook to validate this CellName constraint' type: string - cellDatabaseUser: - default: nova - description: CellDatabaseUser - username to use when accessing the - cell DB - type: string cellName: description: CellName is the name of the Nova Cell this metadata service belongs to. If not provided then the metadata serving every cells diff --git a/api/bases/nova.openstack.org_novanovncproxies.yaml b/api/bases/nova.openstack.org_novanovncproxies.yaml index b5641cb4d..5529d8afd 100644 --- a/api/bases/nova.openstack.org_novanovncproxies.yaml +++ b/api/bases/nova.openstack.org_novanovncproxies.yaml @@ -48,15 +48,15 @@ spec: spec: description: NovaNoVNCProxySpec defines the desired state of NovaNoVNCProxy properties: + cellDatabaseAccount: + default: nova + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB + type: string cellDatabaseHostname: description: CellDatabaseHostname - hostname to use when accessing the cell DB type: string - cellDatabaseUser: - default: nova - description: CellDatabaseUser - username to use when accessing the - cell DB - type: string cellName: description: CellName is the name of the Nova Cell this novncproxy belongs to. diff --git a/api/bases/nova.openstack.org_novaschedulers.yaml b/api/bases/nova.openstack.org_novaschedulers.yaml index dd2ebf3bf..b966ad2a4 100644 --- a/api/bases/nova.openstack.org_novaschedulers.yaml +++ b/api/bases/nova.openstack.org_novaschedulers.yaml @@ -48,24 +48,24 @@ spec: spec: description: NovaSchedulerSpec defines the desired state of NovaScheduler properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: APIDatabaseHostname - hostname to use when accessing the API DB type: string - apiDatabaseUser: - default: nova_api - description: APIDatabaseUser - username to use when accessing the - API DB + cell0DatabaseAccount: + default: nova-cell0 + description: Cell0DatabaseAccount - MariaDBAccount to use when accessing + the cell0 DB type: string cell0DatabaseHostname: description: Cell0DatabaseHostname - hostname to use when accessing the cell0 DB type: string - cell0DatabaseUser: - default: nova_cell0 - description: Cell0DatabaseUser - username to use when accessing the - cell0 DB - type: string containerImage: description: The service specific Container Image URL (will be set to environmental default if empty) diff --git a/api/go.mod b/api/go.mod index 61d9f3462..baf8ac0b1 100644 --- a/api/go.mod +++ b/api/go.mod @@ -14,13 +14,14 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect + github.com/emicklei/go-restful/v3 v3.11.2 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-logr/logr v1.4.1 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-logr/zapr v1.3.0 // indirect + github.com/go-openapi/jsonpointer v0.20.2 // indirect + github.com/go-openapi/jsonreference v0.20.4 // indirect + github.com/go-openapi/swag v0.22.9 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect @@ -32,34 +33,35 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/onsi/ginkgo/v2 v2.15.0 // indirect + github.com/onsi/gomega v1.31.1 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_golang v1.16.0 // indirect - github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.44.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect + github.com/prometheus/client_golang v1.18.0 // indirect + github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/common v0.46.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect github.com/spf13/pflag v1.0.5 // indirect golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect golang.org/x/net v0.21.0 // indirect - golang.org/x/oauth2 v0.8.0 // indirect + golang.org/x/oauth2 v0.16.0 // indirect golang.org/x/sys v0.17.0 // indirect golang.org/x/term v0.17.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect + golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.31.0 // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/protobuf v1.32.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/apiextensions-apiserver v0.28.3 // indirect k8s.io/client-go v0.28.3 // indirect k8s.io/component-base v0.28.3 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect + k8s.io/klog/v2 v2.120.1 // indirect + k8s.io/kube-openapi v0.0.0-20240126223410-2919ad4fcfec // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect diff --git a/api/go.sum b/api/go.sum index 1883ab33d..cb85f949c 100644 --- a/api/go.sum +++ b/api/go.sum @@ -2,35 +2,33 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.2 h1:1onLa9DcsMYO9P+CXaL0dStDqQ2EHHXLiz+BtnqkLAU= +github.com/emicklei/go-restful/v3 v3.11.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.20.2 h1:mQc3nmndL8ZBzStEo3JYF8wzmeWffDH4VbXz58sAx6Q= +github.com/go-openapi/jsonpointer v0.20.2/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= +github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdXSSgNeAhojU= +github.com/go-openapi/jsonreference v0.20.4/go.mod h1:5pZJyJP2MnYCpoeoMAql78cCHauHj0V9Lhc506VOpw4= +github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= +github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= @@ -47,23 +45,16 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -71,78 +62,85 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= +github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= +github.com/onsi/gomega v1.31.1 h1:KYppCUK+bUgAZwHOu7EXVBKyQA6ILvOESHkn/tgoqvo= +github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0= github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240216173409-86913e6d5885 h1:o7KZaxKt8Dr97ZJIBPW0P482gLyFEURKF89fizcJCBQ= github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:bQwzyQtWCR9F0+IvWZ30J9d1lB6tcX3CNJ0Ten1smDw= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= -github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= -github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= +github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= +github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/common v0.46.0 h1:doXzt5ybi1HBKpsZOL0sSkaNHJJqkyfEWZGGqqScV0Y= +github.com/prometheus/common v0.46.0/go.mod h1:Tp0qkxpb9Jsg54QMe+EAmqXkSV7Evdy1BTn+g2pa/hQ= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/exp v0.0.0-20240213143201-ec583247a57a h1:HinSgX1tJRX3KsL//Gxynpw5CTOAIPhgL4W8PNiIpVE= golang.org/x/exp v0.0.0-20240213143201-ec583247a57a/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= +golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -150,21 +148,19 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= +google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM= @@ -177,10 +173,10 @@ k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240126223410-2919ad4fcfec h1:iGTel2aR8vCZdxJDgmbeY0zrlXy9Qcvyw4R2sB4HLrA= +k8s.io/kube-openapi v0.0.0-20240126223410-2919ad4fcfec/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw= k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.16.4 h1:XMh7dF19MlyvMfQCHvH929YGg2WFrIuJ4N5sx3G7U+k= diff --git a/api/v1beta1/common_types.go b/api/v1beta1/common_types.go index f1ca35333..e2678e98c 100644 --- a/api/v1beta1/common_types.go +++ b/api/v1beta1/common_types.go @@ -83,26 +83,12 @@ type PasswordSelector struct { // Secret Service string `json:"service"` // +kubebuilder:validation:Optional - // +kubebuilder:default="NovaAPIDatabasePassword" - // APIDatabase - the name of the field to get the API DB password from the - // Secret - APIDatabase string `json:"apiDatabase"` - // +kubebuilder:validation:Optional // +kubebuilder:default="MetadataSecret" // MetadataSecret - the name of the field to get the metadata secret from the // Secret MetadataSecret string `json:"metadataSecret"` } -// PasswordSelector to identify the DB password for the Cell from the Secret -type CellPasswordSelector struct { - // +kubebuilder:validation:Optional - // +kubebuilder:default="NovaCell0DatabasePassword" - // CellDatabase - the name of the field to get the Cell DB password from - // the Secret - Database string `json:"database"` -} - // SetupDefaults - initializes any CRD field defaults based on environment variables (the defaulting mechanism itself is implemented via webhooks) func SetupDefaults() { // Acquire environmental defaults and initialize Nova defaults with them diff --git a/api/v1beta1/nova_types.go b/api/v1beta1/nova_types.go index 9a65fb176..fe8458236 100644 --- a/api/v1beta1/nova_types.go +++ b/api/v1beta1/nova_types.go @@ -49,7 +49,7 @@ type NovaSpec struct { APIMessageBusInstance string `json:"apiMessageBusInstance"` // +kubebuilder:validation:Optional - // +kubebuilder:default={cell0: {cellDatabaseUser: nova_cell0, hasAPIAccess: true}, cell1: {cellDatabaseUser: nova_cell1, cellDatabaseInstance: openstack-cell1, cellMessageBusInstance: rabbitmq-cell1, hasAPIAccess: true}} + // +kubebuilder:default={cell0: {cellDatabaseAccount: nova-cell0, hasAPIAccess: true}, cell1: {cellDatabaseAccount: nova-cell1, cellDatabaseInstance: openstack-cell1, cellMessageBusInstance: rabbitmq-cell1, hasAPIAccess: true}} // Cells is a mapping of cell names to NovaCellTemplate objects defining // the cells in the deployment. The "cell0" cell is a mandatory cell in // every deployment. Moreover any real deployment needs at least one @@ -62,9 +62,9 @@ type NovaSpec struct { ServiceUser string `json:"serviceUser"` // +kubebuilder:validation:Optional - // +kubebuilder:default="nova_api" - // APIDatabaseUser - username to use when accessing the API DB - APIDatabaseUser string `json:"apiDatabaseUser"` + // +kubebuilder:default="nova-api" + // APIDatabaseAccount - MariaDBAccount to use when accessing the API DB + APIDatabaseAccount string `json:"apiDatabaseAccount"` // +kubebuilder:validation:Required // Secret is the name of the Secret instance containing password diff --git a/api/v1beta1/novaapi_types.go b/api/v1beta1/novaapi_types.go index 254880931..a301c9c3a 100644 --- a/api/v1beta1/novaapi_types.go +++ b/api/v1beta1/novaapi_types.go @@ -116,18 +116,18 @@ type NovaAPISpec struct { KeystonePublicAuthURL string `json:"keystonePublicAuthURL"` // +kubebuilder:validation:Optional - // +kubebuilder:default="nova_api" - // APIDatabaseUser - username to use when accessing the API DB - APIDatabaseUser string `json:"apiDatabaseUser"` + // +kubebuilder:default="nova-api" + // APIDatabaseAccount - MariaDBAccount to use when accessing the API DB + APIDatabaseAccount string `json:"apiDatabaseAccount"` // +kubebuilder:validation:Required // APIDatabaseHostname - hostname to use when accessing the API DB APIDatabaseHostname string `json:"apiDatabaseHostname"` // +kubebuilder:validation:Optional - // +kubebuilder:default="nova_cell0" - // APIDatabaseUser - username to use when accessing the cell0 DB - Cell0DatabaseUser string `json:"cell0DatabaseUser"` + // +kubebuilder:default="nova-cell0" + // APIDatabaseAccount - MariaDBAccount to use when accessing the cell0 DB + Cell0DatabaseAccount string `json:"cell0DatabaseAccount"` // +kubebuilder:validation:Required // APIDatabaseHostname - hostname to use when accessing the cell0 DB diff --git a/api/v1beta1/novacell_types.go b/api/v1beta1/novacell_types.go index 7d1ad1474..a50eecc4a 100644 --- a/api/v1beta1/novacell_types.go +++ b/api/v1beta1/novacell_types.go @@ -40,8 +40,8 @@ type NovaCellTemplate struct { CellDatabaseInstance string `json:"cellDatabaseInstance"` // +kubebuilder:validation:Required - // CellDatabaseUser - username to use when accessing the give cell DB - CellDatabaseUser string `json:"cellDatabaseUser"` + // CellDatabaseAccount - MariaDBAccount to use when accessing the give cell DB + CellDatabaseAccount string `json:"cellDatabaseAccount"` // +kubebuilder:validation:Optional // +kubebuilder:default=rabbitmq @@ -84,12 +84,6 @@ type NovaCellTemplate struct { // compute_name: compute_template. Key from map is arbitrary name for the compute with // a limit of 20 characters. NovaComputeTemplates map[string]NovaComputeTemplate `json:"novaComputeTemplates,omitempty"` - - // +kubebuilder:validation:Optional - // +kubebuilder:default={database: NovaCell0DatabasePassword} - // PasswordSelectors - Selectors to identify the DB passwords from the - // Secret - PasswordSelectors CellPasswordSelector `json:"passwordSelectors"` } // NovaCellSpec defines the desired state of NovaCell @@ -128,8 +122,8 @@ type NovaCellSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=nova - // APIDatabaseUser - username to use when accessing the API DB - APIDatabaseUser string `json:"apiDatabaseUser"` + // APIDatabaseAccount - MariaDBAccount to use when accessing the API DB + APIDatabaseAccount string `json:"apiDatabaseAccount"` // +kubebuilder:validation:Optional // APIDatabaseHostname - hostname to use when accessing the API DB. If not @@ -140,8 +134,8 @@ type NovaCellSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=nova - // CellDatabaseUser - username to use when accessing the cell DB - CellDatabaseUser string `json:"cellDatabaseUser"` + // CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB + CellDatabaseAccount string `json:"cellDatabaseAccount"` // +kubebuilder:validation:Required // CellDatabaseHostname - hostname to use when accessing the cell DB diff --git a/api/v1beta1/novaconductor_types.go b/api/v1beta1/novaconductor_types.go index 61a82b3ac..c583c90f2 100644 --- a/api/v1beta1/novaconductor_types.go +++ b/api/v1beta1/novaconductor_types.go @@ -90,8 +90,8 @@ type NovaConductorSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=nova - // APIDatabaseUser - username to use when accessing the API DB - APIDatabaseUser string `json:"apiDatabaseUser"` + // APIDatabaseAccount - MariaDBAccount to use when accessing the API DB + APIDatabaseAccount string `json:"apiDatabaseAccount"` // +kubebuilder:validation:Optional // APIDatabaseHostname - hostname to use when accessing the API DB. If not @@ -102,8 +102,8 @@ type NovaConductorSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=nova - // CellDatabaseUser - username to use when accessing the cell DB - CellDatabaseUser string `json:"cellDatabaseUser"` + // CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB + CellDatabaseAccount string `json:"cellDatabaseAccount"` // +kubebuilder:validation:Optional // NOTE(gibi): This should be Required, see notes in KeystoneAuthURL @@ -188,9 +188,9 @@ func NewNovaConductorSpec( CellName: novaCell.CellName, Secret: novaCell.Secret, CellDatabaseHostname: novaCell.CellDatabaseHostname, - CellDatabaseUser: novaCell.CellDatabaseUser, + CellDatabaseAccount: novaCell.CellDatabaseAccount, APIDatabaseHostname: novaCell.APIDatabaseHostname, - APIDatabaseUser: novaCell.APIDatabaseUser, + APIDatabaseAccount: novaCell.APIDatabaseAccount, NovaServiceBase: NovaServiceBase(novaCell.ConductorServiceTemplate), KeystoneAuthURL: novaCell.KeystoneAuthURL, ServiceUser: novaCell.ServiceUser, diff --git a/api/v1beta1/novametadata_types.go b/api/v1beta1/novametadata_types.go index c2e7a8b0c..ce5ed3738 100644 --- a/api/v1beta1/novametadata_types.go +++ b/api/v1beta1/novametadata_types.go @@ -127,9 +127,9 @@ type NovaMetadataSpec struct { KeystoneAuthURL string `json:"keystoneAuthURL"` // +kubebuilder:validation:Optional - // +kubebuilder:default="nova_api" - // APIDatabaseUser - username to use when accessing the API DB - APIDatabaseUser string `json:"apiDatabaseUser"` + // +kubebuilder:default="nova-api" + // APIDatabaseAccount - MariaDBAccount to use when accessing the API DB + APIDatabaseAccount string `json:"apiDatabaseAccount"` // +kubebuilder:validation:Optional // APIDatabaseHostname - hostname to use when accessing the API DB. @@ -139,8 +139,8 @@ type NovaMetadataSpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=nova - // CellDatabaseUser - username to use when accessing the cell DB - CellDatabaseUser string `json:"cellDatabaseUser"` + // CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB + CellDatabaseAccount string `json:"cellDatabaseAccount"` // +kubebuilder:validation:Optional // CellDatabaseHostname - hostname to use when accessing the cell DB @@ -236,13 +236,14 @@ func (s NovaMetadataStatus) GetConditions() condition.Conditions { func NewNovaMetadataSpec( novaCell NovaCellSpec, ) NovaMetadataSpec { + metadataSpec := NovaMetadataSpec{ CellName: novaCell.CellName, Secret: novaCell.Secret, CellDatabaseHostname: novaCell.CellDatabaseHostname, - CellDatabaseUser: novaCell.CellDatabaseUser, + CellDatabaseAccount: novaCell.CellDatabaseAccount, APIDatabaseHostname: novaCell.APIDatabaseHostname, - APIDatabaseUser: novaCell.APIDatabaseUser, + APIDatabaseAccount: novaCell.APIDatabaseAccount, NovaServiceBase: NovaServiceBase{ ContainerImage: novaCell.MetadataServiceTemplate.ContainerImage, Replicas: novaCell.MetadataServiceTemplate.Replicas, diff --git a/api/v1beta1/novanovncproxy_types.go b/api/v1beta1/novanovncproxy_types.go index 15bc8d7ce..26c4f6d38 100644 --- a/api/v1beta1/novanovncproxy_types.go +++ b/api/v1beta1/novanovncproxy_types.go @@ -117,8 +117,8 @@ type NovaNoVNCProxySpec struct { // +kubebuilder:validation:Optional // +kubebuilder:default=nova - // CellDatabaseUser - username to use when accessing the cell DB - CellDatabaseUser string `json:"cellDatabaseUser"` + // CellDatabaseAccount - MariaDBAccount to use when accessing the cell DB + CellDatabaseAccount string `json:"cellDatabaseAccount"` // +kubebuilder:validation:Required // CellDatabaseHostname - hostname to use when accessing the cell DB @@ -201,7 +201,7 @@ func NewNovaNoVNCProxySpec( CellName: novaCell.CellName, Secret: novaCell.Secret, CellDatabaseHostname: novaCell.CellDatabaseHostname, - CellDatabaseUser: novaCell.CellDatabaseUser, + CellDatabaseAccount: novaCell.CellDatabaseAccount, NovaServiceBase: NovaServiceBase{ ContainerImage: novaCell.NoVNCProxyServiceTemplate.ContainerImage, Replicas: novaCell.NoVNCProxyServiceTemplate.Replicas, diff --git a/api/v1beta1/novascheduler_types.go b/api/v1beta1/novascheduler_types.go index ae19b887e..d2373df91 100644 --- a/api/v1beta1/novascheduler_types.go +++ b/api/v1beta1/novascheduler_types.go @@ -85,18 +85,18 @@ type NovaSchedulerSpec struct { KeystoneAuthURL string `json:"keystoneAuthURL"` // +kubebuilder:validation:Optional - // +kubebuilder:default=nova_api - // APIDatabaseUser - username to use when accessing the API DB - APIDatabaseUser string `json:"apiDatabaseUser"` + // +kubebuilder:default=nova-api + // APIDatabaseAccount - MariaDBAccount to use when accessing the API DB + APIDatabaseAccount string `json:"apiDatabaseAccount"` // +kubebuilder:validation:Required // APIDatabaseHostname - hostname to use when accessing the API DB APIDatabaseHostname string `json:"apiDatabaseHostname"` // +kubebuilder:validation:Optional - // +kubebuilder:default="nova_cell0" - // Cell0DatabaseUser - username to use when accessing the cell0 DB - Cell0DatabaseUser string `json:"cell0DatabaseUser"` + // +kubebuilder:default="nova-cell0" + // Cell0DatabaseAccount - MariaDBAccount to use when accessing the cell0 DB + Cell0DatabaseAccount string `json:"cell0DatabaseAccount"` // +kubebuilder:validation:Required // Cell0DatabaseHostname - hostname to use when accessing the cell0 DB diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index b15ab9b76..5b000e7b0 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -49,21 +49,6 @@ func (in *APIOverrideSpec) DeepCopy() *APIOverrideSpec { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CellPasswordSelector) DeepCopyInto(out *CellPasswordSelector) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CellPasswordSelector. -func (in *CellPasswordSelector) DeepCopy() *CellPasswordSelector { - if in == nil { - return nil - } - out := new(CellPasswordSelector) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *MetadataOverrideSpec) DeepCopyInto(out *MetadataOverrideSpec) { *out = *in @@ -466,7 +451,6 @@ func (in *NovaCellTemplate) DeepCopyInto(out *NovaCellTemplate) { (*out)[key] = *val.DeepCopy() } } - out.PasswordSelectors = in.PasswordSelectors } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NovaCellTemplate. diff --git a/config/crd/bases/nova.openstack.org_nova.yaml b/config/crd/bases/nova.openstack.org_nova.yaml index c710a8d76..a6ee3e423 100644 --- a/config/crd/bases/nova.openstack.org_nova.yaml +++ b/config/crd/bases/nova.openstack.org_nova.yaml @@ -35,16 +35,16 @@ spec: spec: description: NovaSpec defines the desired state of Nova properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseInstance: default: openstack description: APIDatabaseInstance is the name of the MariaDB CR to select the DB Service instance used for the Nova API DB. type: string - apiDatabaseUser: - default: nova_api - description: APIDatabaseUser - username to use when accessing the - API DB - type: string apiMessageBusInstance: default: rabbitmq description: APIMessageBusInstance is the name of the RabbitMqCluster @@ -361,16 +361,16 @@ spec: description: NovaCellTemplate defines the input parameters specified by the user to create a NovaCell via higher level CRDs. properties: + cellDatabaseAccount: + description: CellDatabaseAccount - MariaDBAccount to use when + accessing the give cell DB + type: string cellDatabaseInstance: default: openstack description: CellDatabaseInstance is the name of the MariaDB CR to select the DB Service instance used as the DB of this cell. type: string - cellDatabaseUser: - description: CellDatabaseUser - username to use when accessing - the give cell DB - type: string cellMessageBusInstance: default: rabbitmq description: CellMessageBusInstance is the name of the RabbitMqCluster @@ -1194,29 +1194,17 @@ spec: Key from map is arbitrary name for the compute with a limit of 20 characters.' type: object - passwordSelectors: - default: - database: NovaCell0DatabasePassword - description: PasswordSelectors - Selectors to identify the DB - passwords from the Secret - properties: - database: - default: NovaCell0DatabasePassword - description: CellDatabase - the name of the field to get - the Cell DB password from the Secret - type: string - type: object required: - - cellDatabaseUser + - cellDatabaseAccount - hasAPIAccess type: object default: cell0: - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 hasAPIAccess: true cell1: + cellDatabaseAccount: nova-cell1 cellDatabaseInstance: openstack-cell1 - cellDatabaseUser: nova_cell1 cellMessageBusInstance: rabbitmq-cell1 hasAPIAccess: true description: Cells is a mapping of cell names to NovaCellTemplate @@ -1531,11 +1519,6 @@ spec: description: PasswordSelectors - Selectors to identify the DB and ServiceUser passwords from the Secret properties: - apiDatabase: - default: NovaAPIDatabasePassword - description: APIDatabase - the name of the field to get the API - DB password from the Secret - type: string metadataSecret: default: MetadataSecret description: MetadataSecret - the name of the field to get the diff --git a/config/crd/bases/nova.openstack.org_novaapis.yaml b/config/crd/bases/nova.openstack.org_novaapis.yaml index 294b25361..015c49c97 100644 --- a/config/crd/bases/nova.openstack.org_novaapis.yaml +++ b/config/crd/bases/nova.openstack.org_novaapis.yaml @@ -48,24 +48,24 @@ spec: spec: description: NovaAPISpec defines the desired state of NovaAPI properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: APIDatabaseHostname - hostname to use when accessing the API DB type: string - apiDatabaseUser: - default: nova_api - description: APIDatabaseUser - username to use when accessing the - API DB + cell0DatabaseAccount: + default: nova-cell0 + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the cell0 DB type: string cell0DatabaseHostname: description: APIDatabaseHostname - hostname to use when accessing the cell0 DB type: string - cell0DatabaseUser: - default: nova_cell0 - description: APIDatabaseUser - username to use when accessing the - cell0 DB - type: string containerImage: description: The service specific Container Image URL (will be set to environmental default if empty) diff --git a/config/crd/bases/nova.openstack.org_novacells.yaml b/config/crd/bases/nova.openstack.org_novacells.yaml index 8b2738959..e029e3628 100644 --- a/config/crd/bases/nova.openstack.org_novacells.yaml +++ b/config/crd/bases/nova.openstack.org_novacells.yaml @@ -35,26 +35,26 @@ spec: spec: description: NovaCellSpec defines the desired state of NovaCell properties: + apiDatabaseAccount: + default: nova + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: 'APIDatabaseHostname - hostname to use when accessing the API DB. If not provided then up-calls will be disabled. This filed is Required for cell0. TODO(gibi): Add a webhook to validate cell0 constraint' type: string - apiDatabaseUser: + cellDatabaseAccount: default: nova - description: APIDatabaseUser - username to use when accessing the - API DB + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB type: string cellDatabaseHostname: description: CellDatabaseHostname - hostname to use when accessing the cell DB type: string - cellDatabaseUser: - default: nova - description: CellDatabaseUser - username to use when accessing the - cell DB - type: string cellName: description: CellName is the name of the Nova Cell. The value "cell0" has a special meaning. The "cell0" Cell cannot have compute nodes diff --git a/config/crd/bases/nova.openstack.org_novaconductors.yaml b/config/crd/bases/nova.openstack.org_novaconductors.yaml index fb1c565a8..26719959c 100644 --- a/config/crd/bases/nova.openstack.org_novaconductors.yaml +++ b/config/crd/bases/nova.openstack.org_novaconductors.yaml @@ -48,26 +48,26 @@ spec: spec: description: NovaConductorSpec defines the desired state of NovaConductor properties: + apiDatabaseAccount: + default: nova + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: 'APIDatabaseHostname - hostname to use when accessing the API DB. If not provided then up-calls will be disabled. This filed is Required for cell0. TODO(gibi): Add a webhook to validate cell0 constraint' type: string - apiDatabaseUser: + cellDatabaseAccount: default: nova - description: APIDatabaseUser - username to use when accessing the - API DB + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB type: string cellDatabaseHostname: description: 'NOTE(gibi): This should be Required, see notes in KeystoneAuthURL CellDatabaseHostname - hostname to use when accessing the cell DB' type: string - cellDatabaseUser: - default: nova - description: CellDatabaseUser - username to use when accessing the - cell DB - type: string cellName: description: CellName is the name of the Nova Cell this conductor belongs to. diff --git a/config/crd/bases/nova.openstack.org_novametadata.yaml b/config/crd/bases/nova.openstack.org_novametadata.yaml index 879a9697d..b925d22f7 100644 --- a/config/crd/bases/nova.openstack.org_novametadata.yaml +++ b/config/crd/bases/nova.openstack.org_novametadata.yaml @@ -48,15 +48,20 @@ spec: spec: description: NovaMetadataSpec defines the desired state of NovaMetadata properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: 'APIDatabaseHostname - hostname to use when accessing the API DB. This filed is Required if the CellName is not provided TODO(gibi): Add a webhook to validate the CellName constraint' type: string - apiDatabaseUser: - default: nova_api - description: APIDatabaseUser - username to use when accessing the - API DB + cellDatabaseAccount: + default: nova + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB type: string cellDatabaseHostname: description: 'CellDatabaseHostname - hostname to use when accessing @@ -64,11 +69,6 @@ spec: is provided then CellDatabaseHostName is also Required. TODO(gibi): add webhook to validate this CellName constraint' type: string - cellDatabaseUser: - default: nova - description: CellDatabaseUser - username to use when accessing the - cell DB - type: string cellName: description: CellName is the name of the Nova Cell this metadata service belongs to. If not provided then the metadata serving every cells diff --git a/config/crd/bases/nova.openstack.org_novanovncproxies.yaml b/config/crd/bases/nova.openstack.org_novanovncproxies.yaml index b5641cb4d..5529d8afd 100644 --- a/config/crd/bases/nova.openstack.org_novanovncproxies.yaml +++ b/config/crd/bases/nova.openstack.org_novanovncproxies.yaml @@ -48,15 +48,15 @@ spec: spec: description: NovaNoVNCProxySpec defines the desired state of NovaNoVNCProxy properties: + cellDatabaseAccount: + default: nova + description: CellDatabaseAccount - MariaDBAccount to use when accessing + the cell DB + type: string cellDatabaseHostname: description: CellDatabaseHostname - hostname to use when accessing the cell DB type: string - cellDatabaseUser: - default: nova - description: CellDatabaseUser - username to use when accessing the - cell DB - type: string cellName: description: CellName is the name of the Nova Cell this novncproxy belongs to. diff --git a/config/crd/bases/nova.openstack.org_novaschedulers.yaml b/config/crd/bases/nova.openstack.org_novaschedulers.yaml index dd2ebf3bf..b966ad2a4 100644 --- a/config/crd/bases/nova.openstack.org_novaschedulers.yaml +++ b/config/crd/bases/nova.openstack.org_novaschedulers.yaml @@ -48,24 +48,24 @@ spec: spec: description: NovaSchedulerSpec defines the desired state of NovaScheduler properties: + apiDatabaseAccount: + default: nova-api + description: APIDatabaseAccount - MariaDBAccount to use when accessing + the API DB + type: string apiDatabaseHostname: description: APIDatabaseHostname - hostname to use when accessing the API DB type: string - apiDatabaseUser: - default: nova_api - description: APIDatabaseUser - username to use when accessing the - API DB + cell0DatabaseAccount: + default: nova-cell0 + description: Cell0DatabaseAccount - MariaDBAccount to use when accessing + the cell0 DB type: string cell0DatabaseHostname: description: Cell0DatabaseHostname - hostname to use when accessing the cell0 DB type: string - cell0DatabaseUser: - default: nova_cell0 - description: Cell0DatabaseUser - username to use when accessing the - cell0 DB - type: string containerImage: description: The service specific Container Image URL (will be set to environmental default if empty) diff --git a/config/samples/nova_v1beta1_nova-compute-fake.yaml b/config/samples/nova_v1beta1_nova-compute-fake.yaml index 2030b0a4d..3ec058257 100644 --- a/config/samples/nova_v1beta1_nova-compute-fake.yaml +++ b/config/samples/nova_v1beta1_nova-compute-fake.yaml @@ -6,7 +6,7 @@ spec: secret: osp-secret cellTemplates: cell0: - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 hasAPIAccess: true cell1: novaComputeTemplates: diff --git a/config/samples/nova_v1beta1_nova-compute-ironic.yaml b/config/samples/nova_v1beta1_nova-compute-ironic.yaml index 0d9e509d9..27e2fed91 100644 --- a/config/samples/nova_v1beta1_nova-compute-ironic.yaml +++ b/config/samples/nova_v1beta1_nova-compute-ironic.yaml @@ -6,7 +6,7 @@ spec: secret: osp-secret cellTemplates: cell0: - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 hasAPIAccess: true cell1: novaComputeTemplates: diff --git a/config/samples/nova_v1beta1_nova-multi-cell-metadata.yaml b/config/samples/nova_v1beta1_nova-multi-cell-metadata.yaml index b085bf643..2cdc0723a 100644 --- a/config/samples/nova_v1beta1_nova-multi-cell-metadata.yaml +++ b/config/samples/nova_v1beta1_nova-multi-cell-metadata.yaml @@ -8,10 +8,10 @@ spec: enabled: false cellTemplates: cell0: - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 hasAPIAccess: true cell1: - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 conductorServiceTemplate: replicas: 1 hasAPIAccess: true diff --git a/config/samples/nova_v1beta1_nova-multi-cell-metadata_tls.yaml b/config/samples/nova_v1beta1_nova-multi-cell-metadata_tls.yaml index 7184f48d8..1eda15d16 100644 --- a/config/samples/nova_v1beta1_nova-multi-cell-metadata_tls.yaml +++ b/config/samples/nova_v1beta1_nova-multi-cell-metadata_tls.yaml @@ -19,10 +19,10 @@ spec: enabled: false cellTemplates: cell0: - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 hasAPIAccess: true cell1: - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 conductorServiceTemplate: replicas: 1 hasAPIAccess: true diff --git a/config/samples/nova_v1beta1_nova-multi-cell-tls.yaml b/config/samples/nova_v1beta1_nova-multi-cell-tls.yaml index bf7a77b6f..11eb69115 100644 --- a/config/samples/nova_v1beta1_nova-multi-cell-tls.yaml +++ b/config/samples/nova_v1beta1_nova-multi-cell-tls.yaml @@ -23,10 +23,10 @@ spec: secretName: cert-nova-metadata-internal-svc cellTemplates: cell0: - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 hasAPIAccess: true cell1: - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 conductorServiceTemplate: replicas: 1 hasAPIAccess: true diff --git a/config/samples/nova_v1beta1_nova-multi-cell.yaml b/config/samples/nova_v1beta1_nova-multi-cell.yaml index d1bd9a779..2514b0ad2 100644 --- a/config/samples/nova_v1beta1_nova-multi-cell.yaml +++ b/config/samples/nova_v1beta1_nova-multi-cell.yaml @@ -6,7 +6,7 @@ spec: # This is the name of the single MariaDB CR we deploy today # The Service is labelled with app=mariadb,cr=mariadb- apiDatabaseInstance: openstack - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api # This is the name of the single RabbitMqCluster CR we deploy today # The Service is labelled with # app.kubernetes.io/component=rabbitmq, app.kubernetes.io/name= @@ -48,7 +48,7 @@ spec: cellTemplates: cell0: cellDatabaseInstance: openstack - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 cellMessageBusInstance: rabbitmq # cell0 alway needs access to the API DB and MQ as it hosts the super # conductor. It will inherit the API DB and MQ access from the Nova CR @@ -62,7 +62,7 @@ spec: nodeSelector: {} cell1: cellDatabaseInstance: mariadb-cell1 - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 cellMessageBusInstance: rabbitmq-cell1 # cell1 will have upcalls support. It will inherit the API DB and MQ # access from the Nova CR that creates it. @@ -81,7 +81,7 @@ spec: nodeSelector: {} cell2: cellDatabaseInstance: mariadb-cell2 - cellDatabaseUser: nova_cell2 + cellDatabaseAccount: nova-cell2 cellMessageBusInstance: rabbitmq-cell2 # cell2 will not get the API DB and MQ connection info from the Nova CR hasAPIAccess: false diff --git a/config/samples/nova_v1beta1_nova_collapsed_cell.yaml b/config/samples/nova_v1beta1_nova_collapsed_cell.yaml index b13341d61..a8017e863 100644 --- a/config/samples/nova_v1beta1_nova_collapsed_cell.yaml +++ b/config/samples/nova_v1beta1_nova_collapsed_cell.yaml @@ -6,14 +6,14 @@ spec: secret: osp-secret cellTemplates: cell0: - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 conductorServiceTemplate: # conductor in cell1 will act both as the super conductor and as the # cell1 conductor replicas: 0 hasAPIAccess: true cell1: - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 conductorServiceTemplate: replicas: 1 hasAPIAccess: true diff --git a/config/samples/nova_v1beta1_novametadata.yaml b/config/samples/nova_v1beta1_novametadata.yaml index 13ef94781..a7f95954e 100644 --- a/config/samples/nova_v1beta1_novametadata.yaml +++ b/config/samples/nova_v1beta1_novametadata.yaml @@ -5,9 +5,9 @@ metadata: spec: apiDatabaseHostname: openstack cellDatabaseHostname: openstack - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 keystoneAuthURL: http://keystone-public-openstack.apps-crc.testing secret: osp-secret - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api serviceAccount: nova registeredCells: {} diff --git a/controllers/common.go b/controllers/common.go index ab7e8f29d..e52627aab 100644 --- a/controllers/common.go +++ b/controllers/common.go @@ -83,12 +83,6 @@ const ( // MetadataSecretSelector is the name of key in the internal Secret for // the metadata shared secret MetadataSecretSelector = "MetadataSecret" - // APIDatabasePasswordSelector is the name of key in the internal Secret - // for the API database - APIDatabasePasswordSelector = "APIDatabasePassword" - // CellDatabasePasswordSelector is the name of key in the internal cell - // Secret for the cell database of the given cell - CellDatabasePasswordSelector = "CellDatabasePassword" // TransportURLSelector is the name of key in the internal cell // Secret for the cell message bus transport URL TransportURLSelector = "transport_url" diff --git a/controllers/nova_controller.go b/controllers/nova_controller.go index 64a8890c3..fcf9e3dd0 100644 --- a/controllers/nova_controller.go +++ b/controllers/nova_controller.go @@ -196,18 +196,36 @@ func (r *NovaReconciler) Reconcile(ctx context.Context, req ctrl.Request) (resul return rbacResult, nil } + // ensure MariaDBAccount exists. This account record may be created by + // openstack-operator or the cloud operator up front without a specific + // MariaDBDatabase configured yet. Otherwise, a MariaDBAccount CR is + // created here with a generated username as well as a secret with + // generated password. The MariaDBAccount is created without being + // yet associated with any MariaDBDatabase. + _, _, err = mariadbv1.EnsureMariaDBAccount( + ctx, h, instance.Spec.APIDatabaseAccount, + instance.Namespace, false, + ) + + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + mariadbv1.MariaDBAccountReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + mariadbv1.MariaDBAccountNotReadyMessage, + err.Error())) + + return ctrl.Result{}, err + } + // There is a webhook validation that ensures that there is always cell0 in // the cellTemplates cell0Template := instance.Spec.CellTemplates[novav1.Cell0Name] expectedSelectors := []string{ instance.Spec.PasswordSelectors.Service, - instance.Spec.PasswordSelectors.APIDatabase, instance.Spec.PasswordSelectors.MetadataSecret, } - for _, cellTemplate := range instance.Spec.CellTemplates { - expectedSelectors = append(expectedSelectors, cellTemplate.PasswordSelectors.Database) - } _, result, secret, err := ensureSecret( ctx, @@ -546,6 +564,15 @@ func (r *NovaReconciler) Reconcile(ctx context.Context, req ctrl.Request) (resul instance.Status.MetadataServiceReadyCount = 0 } + // remove finalizers from unused MariaDBAccount records but ONLY if + // ensureAPIDB finished + if apiDBStatus == nova.DBCompleted { + err = mariadbv1.DeleteUnusedMariaDBAccountFinalizers(ctx, h, "nova-api", instance.Spec.APIDatabaseAccount, instance.Namespace) + if err != nil { + return ctrl.Result{}, err + } + } + Log.Info("Successfully reconciled") return ctrl.Result{}, nil } @@ -669,6 +696,16 @@ func (r *NovaReconciler) ensureNovaManageJobSecret( "nova-blank.conf": "/nova-blank.conf", } + apiDatabaseAccount, apiDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.APIDatabaseAccount, instance.Namespace) + if err != nil { + return nil, "", "", err + } + + cellDatabaseAccount, cellDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, cell.Spec.CellDatabaseAccount, instance.Namespace) + if err != nil { + return nil, "", "", err + } + // We configure the Job like it runs in the env of the conductor of the given cell // but we ensure that the config always has [api_database] section configure // even if the cell has no API access at all. @@ -677,16 +714,16 @@ func (r *NovaReconciler) ensureNovaManageJobSecret( "keystone_internal_url": cell.Spec.KeystoneAuthURL, "nova_keystone_user": cell.Spec.ServiceUser, "nova_keystone_password": string(ospSecret.Data[instance.Spec.PasswordSelectors.Service]), - // cell.Spec.APIDatabaseUser is empty for cells without APIDB access + // cell.Spec.APIDatabaseAccount is empty for cells without APIDB access "api_db_name": NovaAPIDatabaseName, - "api_db_user": instance.Spec.APIDatabaseUser, - "api_db_password": string(ospSecret.Data[instance.Spec.PasswordSelectors.APIDatabase]), + "api_db_user": apiDatabaseAccount.Spec.UserName, + "api_db_password": string(apiDbSecret.Data[mariadbv1.DatabasePasswordSelector]), // cell.Spec.APIDatabaseHostname is empty for cells without APIDB access "api_db_address": apiDBHostname, "api_db_port": 3306, "cell_db_name": getCellDatabaseName(cell.Spec.CellName), - "cell_db_user": cell.Spec.CellDatabaseUser, - "cell_db_password": string(ospSecret.Data[cellTemplate.PasswordSelectors.Database]), + "cell_db_user": cellDatabaseAccount.Spec.UserName, + "cell_db_password": string(cellDbSecret.Data[mariadbv1.DatabasePasswordSelector]), "cell_db_address": cell.Spec.CellDatabaseHostname, "cell_db_port": 3306, "openstack_cacert": "", // fixme @@ -726,7 +763,7 @@ func (r *NovaReconciler) ensureNovaManageJobSecret( } configHash := make(map[string]env.Setter) - err := secret.EnsureSecrets(ctx, h, instance, cms, &configHash) + err = secret.EnsureSecrets(ctx, h, instance, cms, &configHash) return configHash, scriptName, configName, err } @@ -739,11 +776,7 @@ func (r *NovaReconciler) ensureDB( databaseServiceName string, targetCondition condition.Type, ) (nova.DatabaseStatus, error) { - ctrlResult, err := db.CreateOrPatchDBByName( - ctx, - h, - databaseServiceName, - ) + ctrlResult, err := db.CreateOrPatchAll(ctx, h) if err != nil { return nova.DBFailed, err } @@ -767,16 +800,14 @@ func (r *NovaReconciler) ensureAPIDB( h *helper.Helper, instance *novav1.Nova, ) (*mariadbv1.Database, nova.DatabaseStatus, error) { - apiDB := mariadbv1.NewDatabaseWithNamespace( - NovaAPIDatabaseName, - instance.Spec.APIDatabaseUser, - instance.Spec.Secret, - map[string]string{ - "dbName": instance.Spec.APIDatabaseInstance, - }, - "nova-api", - instance.Namespace, + apiDB := mariadbv1.NewDatabaseForAccount( + instance.Spec.APIDatabaseInstance, // mariadb/galera service to target + NovaAPIDatabaseName, // name used in CREATE DATABASE in mariadb + "nova-api", // CR name for MariaDBDatabase + instance.Spec.APIDatabaseAccount, // CR name for MariaDBAccount + instance.Namespace, // namespace ) + result, err := r.ensureDB( ctx, h, @@ -795,16 +826,30 @@ func (r *NovaReconciler) ensureCellDB( cellName string, cellTemplate novav1.NovaCellTemplate, ) (*mariadbv1.Database, nova.DatabaseStatus, error) { - cellDB := mariadbv1.NewDatabaseWithNamespace( - "nova_"+cellName, - cellTemplate.CellDatabaseUser, - instance.Spec.Secret, - map[string]string{ - "dbName": cellTemplate.CellDatabaseInstance, - }, - "nova-"+cellName, - instance.Namespace, + + // ensure MariaDBAccount exists. This account record may be created by + // openstack-operator or the cloud operator up front without a specific + // MariaDBDatabase configured yet. Otherwise, a MariaDBAccount CR is + // created here with a generated username as well as a secret with + // generated password. The MariaDBAccount is created without being + // yet associated with any MariaDBDatabase. + _, _, err := mariadbv1.EnsureMariaDBAccount( + ctx, h, cellTemplate.CellDatabaseAccount, + instance.Namespace, false, + ) + + if err != nil { + return nil, nova.DBFailed, err + } + + cellDB := mariadbv1.NewDatabaseForAccount( + cellTemplate.CellDatabaseInstance, // mariadb/galera service to target + "nova_"+cellName, // name used in CREATE DATABASE in mariadb + "nova-"+cellName, // CR name for MariaDBDatabase + cellTemplate.CellDatabaseAccount, // CR name for MariaDBAccount + instance.Namespace, // namespace ) + result, err := r.ensureDB( ctx, h, @@ -839,7 +884,7 @@ func (r *NovaReconciler) ensureCell( CellName: cellName, Secret: cellSecretName, CellDatabaseHostname: cellDB.GetDatabaseHostname(), - CellDatabaseUser: cellTemplate.CellDatabaseUser, + CellDatabaseAccount: cellTemplate.CellDatabaseAccount, ConductorServiceTemplate: cellTemplate.ConductorServiceTemplate, MetadataServiceTemplate: cellTemplate.MetadataServiceTemplate, NoVNCProxyServiceTemplate: cellTemplate.NoVNCProxyServiceTemplate, @@ -856,7 +901,7 @@ func (r *NovaReconciler) ensureCell( } if cellTemplate.HasAPIAccess { cellSpec.APIDatabaseHostname = apiDB.GetDatabaseHostname() - cellSpec.APIDatabaseUser = instance.Spec.APIDatabaseUser + cellSpec.APIDatabaseAccount = instance.Spec.APIDatabaseAccount } cell := &novav1.NovaCell{ @@ -921,6 +966,14 @@ func (r *NovaReconciler) ensureCell( return cell, status, err } + // remove finalizers from unused MariaDBAccount records + if status == nova.CellReady { + err = mariadbv1.DeleteUnusedMariaDBAccountFinalizers(ctx, h, "nova-"+cellName, cellTemplate.CellDatabaseAccount, instance.Namespace) + if err != nil { + return cell, status, err + } + } + return cell, status, err } @@ -986,14 +1039,15 @@ func (r *NovaReconciler) ensureAPI( secretName string, ) (ctrl.Result, error) { Log := r.GetLogger(ctx) + // TODO(gibi): Pass down a narrowed secret that only hold // specific information but also holds user names apiSpec := novav1.NovaAPISpec{ Secret: secretName, APIDatabaseHostname: apiDB.GetDatabaseHostname(), - APIDatabaseUser: instance.Spec.APIDatabaseUser, + APIDatabaseAccount: instance.Spec.APIDatabaseAccount, Cell0DatabaseHostname: cell0DB.GetDatabaseHostname(), - Cell0DatabaseUser: cell0Template.CellDatabaseUser, + Cell0DatabaseAccount: cell0Template.CellDatabaseAccount, NovaServiceBase: novav1.NovaServiceBase{ ContainerImage: instance.Spec.APIServiceTemplate.ContainerImage, Replicas: instance.Spec.APIServiceTemplate.Replicas, @@ -1071,9 +1125,9 @@ func (r *NovaReconciler) ensureScheduler( spec := novav1.NovaSchedulerSpec{ Secret: secretName, APIDatabaseHostname: apiDB.GetDatabaseHostname(), - APIDatabaseUser: instance.Spec.APIDatabaseUser, + APIDatabaseAccount: instance.Spec.APIDatabaseAccount, Cell0DatabaseHostname: cell0DB.GetDatabaseHostname(), - Cell0DatabaseUser: cell0Template.CellDatabaseUser, + Cell0DatabaseAccount: cell0Template.CellDatabaseAccount, // This is a coincidence that the NovaServiceBase // has exactly the same fields as the SchedulerServiceTemplate so we // can convert between them directly. As soon as these two structs @@ -1177,13 +1231,14 @@ func (r *NovaReconciler) ensureDBDeletion( // are deleted Log := r.GetLogger(ctx) // initialize a nova dbs list with default db names and add used cells: - novaDbs := []string{"nova-api"} + novaDbs := [][]string{{"nova-api", instance.Spec.APIDatabaseAccount}} for cellName := range instance.Spec.CellTemplates { - novaDbs = append(novaDbs, novaapi.ServiceName+"-"+cellName) + novaDbs = append(novaDbs, []string{novaapi.ServiceName + "-" + cellName, instance.Spec.CellTemplates[cellName].CellDatabaseAccount}) } // iterate over novaDbs and remove finalizers - for _, dbName := range novaDbs { - db, err := mariadbv1.GetDatabaseByName(ctx, h, dbName) + for _, novaDb := range novaDbs { + dbName, accountName := novaDb[0], novaDb[1] + db, err := mariadbv1.GetDatabaseByNameAndAccount(ctx, h, dbName, accountName, instance.ObjectMeta.Namespace) if err != nil && !k8s_errors.IsNotFound(err) { return err } @@ -1413,9 +1468,9 @@ func (r *NovaReconciler) ensureMetadata( apiSpec := novav1.NovaMetadataSpec{ Secret: secretName, APIDatabaseHostname: apiDB.GetDatabaseHostname(), - APIDatabaseUser: instance.Spec.APIDatabaseUser, + APIDatabaseAccount: instance.Spec.APIDatabaseAccount, CellDatabaseHostname: cell0DB.GetDatabaseHostname(), - CellDatabaseUser: cell0Template.CellDatabaseUser, + CellDatabaseAccount: cell0Template.CellDatabaseAccount, NovaServiceBase: novav1.NovaServiceBase{ ContainerImage: instance.Spec.MetadataServiceTemplate.ContainerImage, Replicas: instance.Spec.MetadataServiceTemplate.Replicas, @@ -1553,13 +1608,8 @@ func (r *NovaReconciler) ensureCellSecret( // NOTE(gibi): We can move other sensitive data to the internal Secret from // the NovaCellSpec fields, possibly hostnames or usernames. data := map[string]string{ - ServicePasswordSelector: string(externalSecret.Data[instance.Spec.PasswordSelectors.Service]), - CellDatabasePasswordSelector: string(externalSecret.Data[cellTemplate.PasswordSelectors.Database]), - TransportURLSelector: cellTransportURL, - } - - if cellTemplate.HasAPIAccess { - data[APIDatabasePasswordSelector] = string(externalSecret.Data[instance.Spec.PasswordSelectors.APIDatabase]) + ServicePasswordSelector: string(externalSecret.Data[instance.Spec.PasswordSelectors.Service]), + TransportURLSelector: cellTransportURL, } // If metadata is enabled in the cell then the cell secret needs the @@ -1604,11 +1654,9 @@ func (r *NovaReconciler) ensureTopLevelSecret( // NOTE(gibi): We can move other sensitive data to the internal Secret from // the subCR fields, possibly hostnames or usernames. data := map[string]string{ - ServicePasswordSelector: string(externalSecret.Data[instance.Spec.PasswordSelectors.Service]), - APIDatabasePasswordSelector: string(externalSecret.Data[instance.Spec.PasswordSelectors.APIDatabase]), - CellDatabasePasswordSelector: string(externalSecret.Data[cell0Template.PasswordSelectors.Database]), - MetadataSecretSelector: string(externalSecret.Data[instance.Spec.PasswordSelectors.MetadataSecret]), - TransportURLSelector: apiTransportURL, + ServicePasswordSelector: string(externalSecret.Data[instance.Spec.PasswordSelectors.Service]), + MetadataSecretSelector: string(externalSecret.Data[instance.Spec.PasswordSelectors.MetadataSecret]), + TransportURLSelector: apiTransportURL, } // NOTE(gibi): When we switch to immutable secrets then we need to include diff --git a/controllers/novaapi_controller.go b/controllers/novaapi_controller.go index ddb2ba370..f8cfa006d 100644 --- a/controllers/novaapi_controller.go +++ b/controllers/novaapi_controller.go @@ -47,6 +47,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" @@ -174,9 +175,7 @@ func (r *NovaAPIReconciler) Reconcile(ctx context.Context, req ctrl.Request) (re // the Secret. Also add DB and MQ user name here too if those are // passed via the Secret []string{ - APIDatabasePasswordSelector, ServicePasswordSelector, - CellDatabasePasswordSelector, TransportURLSelector, }, h.GetClient(), @@ -391,6 +390,17 @@ func (r *NovaAPIReconciler) ensureConfigs( func (r *NovaAPIReconciler) generateConfigs( ctx context.Context, h *helper.Helper, instance *novav1.NovaAPI, hashes *map[string]env.Setter, secret corev1.Secret, ) error { + + apiDatabaseAccount, apiDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.APIDatabaseAccount, instance.Namespace) + if err != nil { + return err + } + + cellDatabaseAccount, cellDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.Cell0DatabaseAccount, instance.Namespace) + if err != nil { + return err + } + templateParameters := map[string]interface{}{ "service_name": "nova-api", "keystone_internal_url": instance.Spec.KeystoneAuthURL, @@ -400,13 +410,13 @@ func (r *NovaAPIReconciler) generateConfigs( "nova_keystone_user": instance.Spec.ServiceUser, "nova_keystone_password": string(secret.Data[ServicePasswordSelector]), "api_db_name": NovaAPIDatabaseName, - "api_db_user": instance.Spec.APIDatabaseUser, - "api_db_password": string(secret.Data[APIDatabasePasswordSelector]), + "api_db_user": apiDatabaseAccount.Spec.UserName, + "api_db_password": string(apiDbSecret.Data[mariadbv1.DatabasePasswordSelector]), "api_db_address": instance.Spec.APIDatabaseHostname, "api_db_port": 3306, "cell_db_name": NovaCell0DatabaseName, - "cell_db_user": instance.Spec.Cell0DatabaseUser, - "cell_db_password": string(secret.Data[CellDatabasePasswordSelector]), + "cell_db_user": cellDatabaseAccount.Spec.UserName, + "cell_db_password": string(cellDbSecret.Data[mariadbv1.DatabasePasswordSelector]), "cell_db_address": instance.Spec.Cell0DatabaseHostname, "cell_db_port": 3306, "openstack_cacert": "", // fixme @@ -444,7 +454,7 @@ func (r *NovaAPIReconciler) generateConfigs( instance, labels.GetGroupLabel(NovaAPILabelPrefix), map[string]string{}, ) - err := r.GenerateConfigs( + err = r.GenerateConfigs( ctx, h, instance, nova.GetServiceConfigSecretName(instance.GetName()), hashes, templateParameters, extraData, cmLabels, map[string]string{}, ) diff --git a/controllers/novacell_controller.go b/controllers/novacell_controller.go index 49c59465b..5e7fa3d79 100644 --- a/controllers/novacell_controller.go +++ b/controllers/novacell_controller.go @@ -564,6 +564,7 @@ func (r *NovaCellReconciler) ensureMetadata( } metadataSpec := novav1.NewNovaMetadataSpec(instance.Spec) + metadata = &novav1.NovaMetadata{ ObjectMeta: metav1.ObjectMeta{ Name: metadataName.Name, diff --git a/controllers/novaconductor_controller.go b/controllers/novaconductor_controller.go index 2d70bcefe..d92a719db 100644 --- a/controllers/novaconductor_controller.go +++ b/controllers/novaconductor_controller.go @@ -45,6 +45,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" "github.com/openstack-k8s-operators/nova-operator/pkg/novaconductor" ) @@ -144,12 +145,8 @@ func (r *NovaConductorReconciler) Reconcile(ctx context.Context, req ctrl.Reques required_secret_fields := []string{ ServicePasswordSelector, - CellDatabasePasswordSelector, TransportURLSelector, } - if len(instance.Spec.APIDatabaseHostname) > 0 { - required_secret_fields = append(required_secret_fields, APIDatabasePasswordSelector) - } secretHash, result, secret, err := ensureSecret( ctx, @@ -334,14 +331,20 @@ func (r *NovaConductorReconciler) generateConfigs( hashes *map[string]env.Setter, secret corev1.Secret, ) error { + + cellDatabaseAccount, cellDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.CellDatabaseAccount, instance.Namespace) + if err != nil { + return err + } + templateParameters := map[string]interface{}{ "service_name": "nova-conductor", "keystone_internal_url": instance.Spec.KeystoneAuthURL, "nova_keystone_user": instance.Spec.ServiceUser, "nova_keystone_password": string(secret.Data[ServicePasswordSelector]), "cell_db_name": getCellDatabaseName(instance.Spec.CellName), - "cell_db_user": instance.Spec.CellDatabaseUser, - "cell_db_password": string(secret.Data[CellDatabasePasswordSelector]), + "cell_db_user": cellDatabaseAccount.Spec.UserName, + "cell_db_password": string(cellDbSecret.Data[mariadbv1.DatabasePasswordSelector]), "cell_db_address": instance.Spec.CellDatabaseHostname, "cell_db_port": 3306, "openstack_cacert": "", // fixme @@ -350,10 +353,15 @@ func (r *NovaConductorReconciler) generateConfigs( "default_user_domain": "Default", // fixme "transport_url": string(secret.Data[TransportURLSelector]), } - if len(instance.Spec.APIDatabaseHostname) > 0 && len(instance.Spec.APIDatabaseUser) > 0 { + if len(instance.Spec.APIDatabaseHostname) > 0 { + apiDatabaseAccount, apiDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.APIDatabaseAccount, instance.Namespace) + if err != nil { + return err + } + templateParameters["api_db_name"] = NovaAPIDatabaseName - templateParameters["api_db_user"] = instance.Spec.APIDatabaseUser - templateParameters["api_db_password"] = string(secret.Data[APIDatabasePasswordSelector]) + templateParameters["api_db_user"] = apiDatabaseAccount.Spec.UserName + templateParameters["api_db_password"] = string(apiDbSecret.Data[mariadbv1.DatabasePasswordSelector]) templateParameters["api_db_address"] = instance.Spec.APIDatabaseHostname templateParameters["api_db_port"] = 3306 } diff --git a/controllers/novametadata_controller.go b/controllers/novametadata_controller.go index 57b765f07..089f7b014 100644 --- a/controllers/novametadata_controller.go +++ b/controllers/novametadata_controller.go @@ -46,6 +46,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" "github.com/openstack-k8s-operators/nova-operator/pkg/nova" "github.com/openstack-k8s-operators/nova-operator/pkg/novametadata" @@ -147,13 +148,10 @@ func (r *NovaMetadataReconciler) Reconcile(ctx context.Context, req ctrl.Request expectedSelectors := []string{ ServicePasswordSelector, - CellDatabasePasswordSelector, MetadataSecretSelector, TransportURLSelector, } - if instance.Spec.CellName == "" { - expectedSelectors = append(expectedSelectors, APIDatabasePasswordSelector) - } + secretHash, result, secret, err := ensureSecret( ctx, types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, @@ -372,14 +370,25 @@ func (r *NovaMetadataReconciler) generateConfigs( ctx context.Context, h *helper.Helper, instance *novav1.NovaMetadata, hashes *map[string]env.Setter, secret corev1.Secret, ) error { + + apiDatabaseAccount, apiDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.APIDatabaseAccount, instance.Namespace) + if err != nil { + return err + } + + cellDatabaseAccount, cellDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.CellDatabaseAccount, instance.Namespace) + if err != nil { + return err + } + templateParameters := map[string]interface{}{ "service_name": novametadata.ServiceName, "keystone_internal_url": instance.Spec.KeystoneAuthURL, "nova_keystone_user": instance.Spec.ServiceUser, "nova_keystone_password": string(secret.Data[ServicePasswordSelector]), "cell_db_name": NovaCell0DatabaseName, - "cell_db_user": instance.Spec.CellDatabaseUser, - "cell_db_password": string(secret.Data[CellDatabasePasswordSelector]), + "cell_db_user": cellDatabaseAccount.Spec.UserName, + "cell_db_password": string(cellDbSecret.Data[mariadbv1.DatabasePasswordSelector]), "cell_db_address": instance.Spec.CellDatabaseHostname, "cell_db_port": 3306, "openstack_cacert": "", // fixme @@ -395,8 +404,8 @@ func (r *NovaMetadataReconciler) generateConfigs( if instance.Spec.CellName == "" { templateParameters["api_db_name"] = NovaAPIDatabaseName - templateParameters["api_db_user"] = instance.Spec.APIDatabaseUser // fixme - templateParameters["api_db_password"] = string(secret.Data[APIDatabasePasswordSelector]) + templateParameters["api_db_user"] = apiDatabaseAccount.Spec.UserName + templateParameters["api_db_password"] = string(apiDbSecret.Data[mariadbv1.DatabasePasswordSelector]) templateParameters["api_db_address"] = instance.Spec.APIDatabaseHostname templateParameters["api_db_port"] = 3306 templateParameters["local_metadata_per_cell"] = false @@ -424,7 +433,7 @@ func (r *NovaMetadataReconciler) generateConfigs( instance, labels.GetGroupLabel(NovaMetadataLabelPrefix), map[string]string{}, ) - err := r.GenerateConfigs( + err = r.GenerateConfigs( ctx, h, instance, nova.GetServiceConfigSecretName(instance.GetName()), hashes, templateParameters, extraData, cmLabels, map[string]string{}, ) diff --git a/controllers/novanovncproxy_controller.go b/controllers/novanovncproxy_controller.go index 199f8e721..fe2230e6d 100644 --- a/controllers/novanovncproxy_controller.go +++ b/controllers/novanovncproxy_controller.go @@ -43,6 +43,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" "github.com/openstack-k8s-operators/nova-operator/pkg/nova" "github.com/openstack-k8s-operators/nova-operator/pkg/novncproxy" @@ -149,7 +150,6 @@ func (r *NovaNoVNCProxyReconciler) Reconcile(ctx context.Context, req ctrl.Reque types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, []string{ ServicePasswordSelector, - CellDatabasePasswordSelector, TransportURLSelector, }, h.GetClient(), @@ -339,14 +339,20 @@ func (r *NovaNoVNCProxyReconciler) generateConfigs( ctx context.Context, h *helper.Helper, instance *novav1.NovaNoVNCProxy, hashes *map[string]env.Setter, secret corev1.Secret, ) error { + + cellDatabaseAccount, cellDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.CellDatabaseAccount, instance.Namespace) + if err != nil { + return err + } + templateParameters := map[string]interface{}{ "service_name": novncproxy.ServiceName, "keystone_internal_url": instance.Spec.KeystoneAuthURL, "nova_keystone_user": instance.Spec.ServiceUser, "nova_keystone_password": string(secret.Data[ServicePasswordSelector]), "cell_db_name": getCellDatabaseName(instance.Spec.CellName), - "cell_db_user": instance.Spec.CellDatabaseUser, - "cell_db_password": string(secret.Data[CellDatabasePasswordSelector]), + "cell_db_user": cellDatabaseAccount.Spec.UserName, + "cell_db_password": string(cellDbSecret.Data[mariadbv1.DatabasePasswordSelector]), "cell_db_address": instance.Spec.CellDatabaseHostname, "cell_db_port": 3306, "transport_url": string(secret.Data[TransportURLSelector]), @@ -367,7 +373,7 @@ func (r *NovaNoVNCProxyReconciler) generateConfigs( instance, labels.GetGroupLabel(NovaNoVNCProxyLabelPrefix), map[string]string{}, ) - err := r.GenerateConfigs( + err = r.GenerateConfigs( ctx, h, instance, nova.GetServiceConfigSecretName(instance.GetName()), hashes, templateParameters, extraData, cmLabels, map[string]string{}, ) diff --git a/controllers/novascheduler_controller.go b/controllers/novascheduler_controller.go index 384244692..6131b5d18 100644 --- a/controllers/novascheduler_controller.go +++ b/controllers/novascheduler_controller.go @@ -43,6 +43,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" "github.com/openstack-k8s-operators/lib-common/modules/common/tls" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" "github.com/openstack-k8s-operators/nova-operator/pkg/nova" @@ -149,8 +150,6 @@ func (r *NovaSchedulerReconciler) Reconcile(ctx context.Context, req ctrl.Reques // passed via the Secret []string{ ServicePasswordSelector, - APIDatabasePasswordSelector, - CellDatabasePasswordSelector, TransportURLSelector, }, h.GetClient(), @@ -408,19 +407,30 @@ func (r *NovaSchedulerReconciler) generateConfigs( ctx context.Context, h *helper.Helper, instance *novav1.NovaScheduler, hashes *map[string]env.Setter, secret corev1.Secret, ) error { + + apiDatabaseAccount, apiDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.APIDatabaseAccount, instance.Namespace) + if err != nil { + return err + } + + cellDatabaseAccount, cellDbSecret, err := mariadbv1.GetAccountAndSecret(ctx, h, instance.Spec.Cell0DatabaseAccount, instance.Namespace) + if err != nil { + return err + } + templateParameters := map[string]interface{}{ "service_name": "nova-scheduler", "keystone_internal_url": instance.Spec.KeystoneAuthURL, "nova_keystone_user": instance.Spec.ServiceUser, "nova_keystone_password": string(secret.Data[ServicePasswordSelector]), "api_db_name": NovaAPIDatabaseName, - "api_db_user": instance.Spec.APIDatabaseUser, - "api_db_password": string(secret.Data[APIDatabasePasswordSelector]), + "api_db_user": apiDatabaseAccount.Spec.UserName, + "api_db_password": string(apiDbSecret.Data[mariadbv1.DatabasePasswordSelector]), "api_db_address": instance.Spec.APIDatabaseHostname, "api_db_port": 3306, "cell_db_name": NovaCell0DatabaseName, - "cell_db_user": instance.Spec.Cell0DatabaseUser, - "cell_db_password": string(secret.Data[CellDatabasePasswordSelector]), + "cell_db_user": cellDatabaseAccount.Spec.UserName, + "cell_db_password": string(cellDbSecret.Data[mariadbv1.DatabasePasswordSelector]), "cell_db_address": instance.Spec.Cell0DatabaseHostname, "cell_db_port": 3306, "openstack_cacert": "", // fixme diff --git a/go.mod b/go.mod index f2f772c1a..2683231b4 100644 --- a/go.mod +++ b/go.mod @@ -7,8 +7,8 @@ require ( github.com/google/uuid v1.6.0 github.com/gophercloud/gophercloud v1.9.0 github.com/k8snetworkplumbingwg/network-attachment-definition-client v1.4.0 - github.com/onsi/ginkgo/v2 v2.14.0 - github.com/onsi/gomega v1.30.0 + github.com/onsi/ginkgo/v2 v2.15.0 + github.com/onsi/gomega v1.31.1 github.com/openstack-k8s-operators/infra-operator/apis v0.3.1-0.20240219072823-a587b364203f github.com/openstack-k8s-operators/keystone-operator/api v0.3.1-0.20240219094943-9bbb46c9afba github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20240216173409-86913e6d5885 @@ -30,13 +30,13 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/go-logr/zapr v1.2.4 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/emicklei/go-restful/v3 v3.11.2 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/go-logr/zapr v1.3.0 // indirect + github.com/go-openapi/jsonpointer v0.20.2 // indirect + github.com/go-openapi/jsonreference v0.20.4 // indirect + github.com/go-openapi/swag v0.22.9 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -49,35 +49,34 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/openshift/api v3.9.0+incompatible // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_golang v1.16.0 // indirect - github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.44.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect + github.com/prometheus/client_golang v1.18.0 // indirect + github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/common v0.46.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect github.com/spf13/pflag v1.0.5 // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/mod v0.15.0 // indirect golang.org/x/net v0.21.0 // indirect - golang.org/x/oauth2 v0.8.0 // indirect + golang.org/x/oauth2 v0.16.0 // indirect golang.org/x/sys v0.17.0 // indirect golang.org/x/term v0.17.0 // indirect golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect + golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.18.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.31.0 // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/protobuf v1.32.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/apiextensions-apiserver v0.28.3 // indirect k8s.io/component-base v0.28.3 // indirect - k8s.io/klog/v2 v2.110.1 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect + k8s.io/klog/v2 v2.120.1 // indirect + k8s.io/kube-openapi v0.0.0-20240126223410-2919ad4fcfec // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect @@ -88,3 +87,5 @@ replace github.com/openstack-k8s-operators/nova-operator/api => ./api // mschuppert: map to latest commit from release-4.13 tag // must consistent within modules and service operators replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 //allow-merging + +replace github.com/openstack-k8s-operators/mariadb-operator/api => github.com/zzzeek/mariadb-operator/api v0.3.1-0.20240222195117-de879c4be63a //allow-merging diff --git a/go.sum b/go.sum index 9a8406c5b..849347ce3 100644 --- a/go.sum +++ b/go.sum @@ -1,4 +1,3 @@ -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= @@ -6,38 +5,34 @@ github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.2 h1:1onLa9DcsMYO9P+CXaL0dStDqQ2EHHXLiz+BtnqkLAU= +github.com/emicklei/go-restful/v3 v3.11.2/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.20.2 h1:mQc3nmndL8ZBzStEo3JYF8wzmeWffDH4VbXz58sAx6Q= +github.com/go-openapi/jsonpointer v0.20.2/go.mod h1:bHen+N0u1KEO3YlmqOjTT9Adn1RfD91Ar825/PuiRVs= +github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdXSSgNeAhojU= +github.com/go-openapi/jsonreference v0.20.4/go.mod h1:5pZJyJP2MnYCpoeoMAql78cCHauHj0V9Lhc506VOpw4= +github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= +github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= @@ -58,7 +53,6 @@ github.com/gophercloud/gophercloud v1.9.0/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgz github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -67,17 +61,10 @@ github.com/k8snetworkplumbingwg/network-attachment-definition-client v1.4.0 h1:V github.com/k8snetworkplumbingwg/network-attachment-definition-client v1.4.0/go.mod h1:nqCI7aelBJU61wiBeeZWJ6oi4bJy5nrjkM6lWIMA4j0= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -85,10 +72,10 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= -github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= -github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY= +github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM= +github.com/onsi/gomega v1.31.1 h1:KYppCUK+bUgAZwHOu7EXVBKyQA6ILvOESHkn/tgoqvo= +github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0= github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI= github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/openstack-k8s-operators/infra-operator/apis v0.3.1-0.20240219072823-a587b364203f h1:suf/08227pC+qQRbsUPLMOSw3mJ82b0o9Hs7MO/g9BY= @@ -101,104 +88,91 @@ github.com/openstack-k8s-operators/lib-common/modules/openstack v0.3.1-0.2024021 github.com/openstack-k8s-operators/lib-common/modules/openstack v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:8QsCFttAm+X6A8I8EQThGjNjeMAYt2hK7ivbvnR3434= github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885 h1:ioJ2MO3vAcBkLM+0UBu5IuKW/DPXcyiNSOLq0Xvn+Nw= github.com/openstack-k8s-operators/lib-common/modules/test v0.3.1-0.20240216173409-86913e6d5885/go.mod h1:82nzS+DbBe1tzaMvNHH8FctmZzQ14ZAJysFGsMJiivo= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240219072536-62f6b4dc7798 h1:zL4DdQ5HPXCLHeRMAWC2zI7ypbkZVYg3UkyEFSnzeow= -github.com/openstack-k8s-operators/mariadb-operator/api v0.3.1-0.20240219072536-62f6b4dc7798/go.mod h1:PDqfLbP4ZWqQHAu1OtbjfpOGQUKSzLqRJChvE/9pcyQ= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= -github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= -github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= +github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= +github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/common v0.46.0 h1:doXzt5ybi1HBKpsZOL0sSkaNHJJqkyfEWZGGqqScV0Y= +github.com/prometheus/common v0.46.0/go.mod h1:Tp0qkxpb9Jsg54QMe+EAmqXkSV7Evdy1BTn+g2pa/hQ= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/zzzeek/mariadb-operator/api v0.3.1-0.20240222195117-de879c4be63a h1:eVtZZAIwgoyOGv1BdNsjy1WRsosdvK13NeYhyXikOIo= +github.com/zzzeek/mariadb-operator/api v0.3.1-0.20240222195117-de879c4be63a/go.mod h1:f9IIyWeoskWoeWaDFF3qmAJ2Kqyovfi0Ar/QUfk3qag= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20240213143201-ec583247a57a h1:HinSgX1tJRX3KsL//Gxynpw5CTOAIPhgL4W8PNiIpVE= golang.org/x/exp v0.0.0-20240213143201-ec583247a57a/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= +golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= +golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -207,16 +181,14 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= +google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -235,10 +207,10 @@ k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240126223410-2919ad4fcfec h1:iGTel2aR8vCZdxJDgmbeY0zrlXy9Qcvyw4R2sB4HLrA= +k8s.io/kube-openapi v0.0.0-20240126223410-2919ad4fcfec/go.mod h1:Pa1PvrP7ACSkuX6I7KYomY6cmMA0Tx86waBhDUgoKPw= k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.16.4 h1:XMh7dF19MlyvMfQCHvH929YGg2WFrIuJ4N5sx3G7U+k= diff --git a/test/functional/base_test.go b/test/functional/base_test.go index 2df7c8fc1..63450ca31 100644 --- a/test/functional/base_test.go +++ b/test/functional/base_test.go @@ -253,6 +253,7 @@ func GetDefaultNovaAPISpec(novaNames NovaNames) map[string]interface{} { "containerImage": ContainerImage, "serviceAccount": "nova-sa", "registeredCells": map[string]string{}, + "apiDatabaseAccount": novaNames.APIMariaDBDatabaseAccount.Name, } } @@ -306,8 +307,8 @@ func GetDefaultNovaSpec() map[string]interface{} { func GetDefaultNovaCellTemplate() map[string]interface{} { return map[string]interface{}{ - "cellDatabaseUser": "nova_cell0", - "hasAPIAccess": true, + "cellDatabaseAccount": "nova-cell0", + "hasAPIAccess": true, } } @@ -336,8 +337,8 @@ func CreateNovaWithCell0(name types.NamespacedName) client.Object { "secret": SecretName, "cellTemplates": map[string]interface{}{ "cell0": map[string]interface{}{ - "cellDatabaseUser": "nova_cell0", - "hasAPIAccess": true, + "cellDatabaseAccount": cell0.MariaDBAccountName.Name, + "hasAPIAccess": true, }, }, "apiMessageBusInstance": cell0.TransportURLName.Name, @@ -368,6 +369,7 @@ func GetDefaultNovaConductorSpec(cell CellNames) map[string]interface{} { "keystoneAuthURL": "keystone-auth-url", "serviceAccount": "nova-sa", "customServiceConfig": "foo=bar", + "cellDatabaseAccount": cell.MariaDBAccountName.Name, } } @@ -415,6 +417,7 @@ func GetDefaultNovaCellSpec(cell CellNames) map[string]interface{} { "cellDatabaseHostname": "cell-database-hostname", "keystoneAuthURL": "keystone-auth-url", "serviceAccount": "nova", + "cellDatabaseAccount": cell.MariaDBAccountName.Name, } } @@ -457,10 +460,8 @@ func CreateNovaSecret(namespace string, name string) *corev1.Secret { return th.CreateSecret( types.NamespacedName{Namespace: namespace, Name: name}, map[string][]byte{ - "NovaPassword": []byte("service-password"), - "NovaAPIDatabasePassword": []byte("api-database-password"), - "MetadataSecret": []byte("metadata-secret"), - "NovaCell0DatabasePassword": []byte("cell0-database-password"), + "NovaPassword": []byte("service-password"), + "MetadataSecret": []byte("metadata-secret"), }, ) } @@ -469,12 +470,8 @@ func CreateNovaSecretFor3Cells(namespace string, name string) *corev1.Secret { return th.CreateSecret( types.NamespacedName{Namespace: namespace, Name: name}, map[string][]byte{ - "NovaPassword": []byte("service-password"), - "NovaAPIDatabasePassword": []byte("api-database-password"), - "MetadataSecret": []byte("metadata-secret"), - "NovaCell0DatabasePassword": []byte("cell0-database-password"), - "NovaCell1DatabasePassword": []byte("cell1-database-password"), - "NovaCell2DatabasePassword": []byte("cell2-database-password"), + "NovaPassword": []byte("service-password"), + "MetadataSecret": []byte("metadata-secret"), }, ) } @@ -524,6 +521,8 @@ type CellNames struct { CellName string CellCRName types.NamespacedName MariaDBDatabaseName types.NamespacedName + MariaDBAccountName types.NamespacedName + APIDatabaseAccountName types.NamespacedName ConductorName types.NamespacedName DBSyncJobName types.NamespacedName ConductorConfigDataName types.NamespacedName @@ -576,6 +575,14 @@ func GetCellNames(novaName types.NamespacedName, cell string) CellNames { Namespace: novaName.Namespace, Name: "nova-" + cell, }, + MariaDBAccountName: types.NamespacedName{ + Namespace: novaName.Namespace, + Name: "nova-" + cell, + }, + APIDatabaseAccountName: types.NamespacedName{ + Namespace: novaName.Namespace, + Name: "nova", + }, ConductorName: cellConductor, DBSyncJobName: types.NamespacedName{ Namespace: novaName.Namespace, @@ -646,21 +653,22 @@ func GetCellNames(novaName types.NamespacedName, cell string) CellNames { } type NovaNames struct { - Namespace string - NovaName types.NamespacedName - InternalNovaServiceName types.NamespacedName - PublicNovaServiceName types.NamespacedName - AdminNovaServiceName types.NamespacedName - KeystoneServiceName types.NamespacedName - APIName types.NamespacedName - APIMariaDBDatabaseName types.NamespacedName - APIDeploymentName types.NamespacedName - APIKeystoneEndpointName types.NamespacedName - APIStatefulSetName types.NamespacedName - APIConfigDataName types.NamespacedName - InternalCertSecretName types.NamespacedName - PublicCertSecretName types.NamespacedName - CaBundleSecretName types.NamespacedName + Namespace string + NovaName types.NamespacedName + InternalNovaServiceName types.NamespacedName + PublicNovaServiceName types.NamespacedName + AdminNovaServiceName types.NamespacedName + KeystoneServiceName types.NamespacedName + APIName types.NamespacedName + APIMariaDBDatabaseName types.NamespacedName + APIMariaDBDatabaseAccount types.NamespacedName + APIDeploymentName types.NamespacedName + APIKeystoneEndpointName types.NamespacedName + APIStatefulSetName types.NamespacedName + APIConfigDataName types.NamespacedName + InternalCertSecretName types.NamespacedName + PublicCertSecretName types.NamespacedName + CaBundleSecretName types.NamespacedName // refers internal API network for all Nova services (not just nova API) InternalAPINetworkNADName types.NamespacedName SchedulerName types.NamespacedName @@ -721,6 +729,10 @@ func GetNovaNames(novaName types.NamespacedName, cellNames []string) NovaNames { Namespace: novaAPI.Namespace, Name: "nova-api", // a static DB name for nova }, + APIMariaDBDatabaseAccount: types.NamespacedName{ + Namespace: novaAPI.Namespace, + Name: "nova-api", + }, APIDeploymentName: novaAPI, APIKeystoneEndpointName: types.NamespacedName{ Namespace: novaName.Namespace, @@ -813,11 +825,9 @@ func CreateInternalTopLevelSecret(novaNames NovaNames) *corev1.Secret { return th.CreateSecret( novaNames.InternalTopLevelSecretName, map[string][]byte{ - "ServicePassword": []byte("service-password"), - "APIDatabasePassword": []byte("api-database-password"), - "CellDatabasePassword": []byte("cell-database-password"), - "MetadataSecret": []byte("metadata-secret"), - "transport_url": []byte("rabbit://api/fake"), + "ServicePassword": []byte("service-password"), + "MetadataSecret": []byte("metadata-secret"), + "transport_url": []byte("rabbit://api/fake"), }, ) } @@ -830,6 +840,7 @@ func GetDefaultNovaMetadataSpec(secretName types.NamespacedName) map[string]inte "containerImage": ContainerImage, "keystoneAuthURL": "keystone-auth-url", "serviceAccount": "nova-sa", + "cellDatabaseAccount": "nova-cell0", } } @@ -875,15 +886,15 @@ func GetDefaultNovaNoVNCProxySpec(cell CellNames) map[string]interface{} { "keystoneAuthURL": "keystone-auth-url", "serviceAccount": "nova-sa", "cellName": cell.CellName, + "cellDatabaseAccount": cell.MariaDBAccountName.Name, } } func CreateCellInternalSecret(cell CellNames, additionalValues map[string][]byte) *corev1.Secret { secretMap := map[string][]byte{ - "ServicePassword": []byte("service-password"), - "CellDatabasePassword": []byte("cell-database-password"), - "transport_url": []byte(fmt.Sprintf("rabbit://%s/fake", cell.CellName)), + "ServicePassword": []byte("service-password"), + "transport_url": []byte(fmt.Sprintf("rabbit://%s/fake", cell.CellName)), } // (ksambor) this can be replaced with maps.Copy directly from maps // not experimental package when we move to go 1.21 @@ -956,6 +967,7 @@ func GetDefaultNovaComputeSpec(cell CellNames) map[string]interface{} { "serviceAccount": "nova", "cellName": cell.CellName, "computeDriver": novav1.IronicDriver, + "cellDatabaseAccount": cell.MariaDBAccountName.Name, } } diff --git a/test/functional/nova_controller_test.go b/test/functional/nova_controller_test.go index f45832caf..eefff32a4 100644 --- a/test/functional/nova_controller_test.go +++ b/test/functional/nova_controller_test.go @@ -24,6 +24,9 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" + mariadb_test "github.com/openstack-k8s-operators/mariadb-operator/api/test/helpers" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" + condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" "github.com/openstack-k8s-operators/lib-common/modules/common/util" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" @@ -93,6 +96,7 @@ var _ = Describe("Nova controller", func() { DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(novaNames.NovaName.Namespace)) DeferCleanup(th.DeleteInstance, CreateNovaWithCell0(novaNames.NovaName)) + }) It("creates service account, role and rolebindig", func() { @@ -163,7 +167,7 @@ var _ = Describe("Nova controller", func() { mariadb.GetMariaDBDatabase(novaNames.APIMariaDBDatabaseName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) th.ExpectCondition( novaNames.NovaName, ConditionGetterFunc(NovaConditionGetter), @@ -199,11 +203,12 @@ var _ = Describe("Nova controller", func() { novav1.NovaAllCellsDBReadyCondition, corev1.ConditionFalse, ) + mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.GetMariaDBDatabase(cell0.MariaDBDatabaseName) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) th.ExpectCondition( novaNames.NovaName, ConditionGetterFunc(NovaConditionGetter), @@ -215,9 +220,9 @@ var _ = Describe("Nova controller", func() { It("creates cell0 NovaCell", func() { keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) // assert that cell related CRs are created cell := GetNovaCell(cell0.CellCRName) @@ -232,11 +237,7 @@ var _ = Describe("Nova controller", func() { // proper content and the cell subCRs are configured to use the // internal secret internalCellSecret := th.GetSecret(cell0.InternalCellSecretName) - Expect(internalCellSecret.Data).To(HaveLen(4)) - Expect(internalCellSecret.Data).To( - HaveKeyWithValue(controllers.APIDatabasePasswordSelector, []byte("api-database-password"))) - Expect(internalCellSecret.Data).To( - HaveKeyWithValue(controllers.CellDatabasePasswordSelector, []byte("cell0-database-password"))) + Expect(internalCellSecret.Data).To(HaveLen(2)) Expect(internalCellSecret.Data).To( HaveKeyWithValue(controllers.ServicePasswordSelector, []byte("service-password"))) Expect(internalCellSecret.Data).To( @@ -282,11 +283,22 @@ var _ = Describe("Nova controller", func() { ) Expect(mappingJobConfig.Data).Should(HaveKey("01-nova.conf")) configData := string(mappingJobConfig.Data["01-nova.conf"]) + + cell0Account := mariadb.GetMariaDBAccount(cell0.MariaDBAccountName) + cell0Secret := th.GetSecret(types.NamespacedName{Name: cell0Account.Spec.Secret, Namespace: cell0.MariaDBAccountName.Namespace}) + Expect(configData).To( - ContainSubstring(fmt.Sprintf("[database]\nconnection = mysql+pymysql://nova_cell0:cell0-database-password@hostname-for-openstack.%s.svc/nova_cell0", novaNames.Namespace)), + ContainSubstring(fmt.Sprintf("[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-openstack.%s.svc/nova_cell0", + cell0Account.Spec.UserName, cell0Secret.Data[mariadbv1.DatabasePasswordSelector], + novaNames.Namespace)), ) + + apiAccount := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) + apiSecret := th.GetSecret(types.NamespacedName{Name: apiAccount.Spec.Secret, Namespace: novaNames.APIMariaDBDatabaseAccount.Namespace}) + Expect(configData).To( - ContainSubstring(fmt.Sprintf("[api_database]\nconnection = mysql+pymysql://nova_api:api-database-password@hostname-for-openstack.%s.svc/nova_api", novaNames.Namespace)), + ContainSubstring(fmt.Sprintf("[api_database]\nconnection = mysql+pymysql://%s:%s@hostname-for-openstack.%s.svc/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector], novaNames.Namespace)), ) // NOTE(gibi): cell mapping for cell0 should not have transport_url // configured. As the nova-manage command used to create the mapping @@ -322,9 +334,9 @@ var _ = Describe("Nova controller", func() { It("creates an internal Secret for the top level services", func() { keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) th.SimulateJobSuccess(cell0.DBSyncJobName) th.SimulateStatefulSetReplicaReady(cell0.ConductorStatefulSetName) @@ -335,11 +347,7 @@ var _ = Describe("Nova controller", func() { // assert that a the top level internal internal secret is created // with the proper data internalTopLevelSecret := th.GetSecret(novaNames.InternalTopLevelSecretName) - Expect(internalTopLevelSecret.Data).To(HaveLen(5)) - Expect(internalTopLevelSecret.Data).To( - HaveKeyWithValue(controllers.APIDatabasePasswordSelector, []byte("api-database-password"))) - Expect(internalTopLevelSecret.Data).To( - HaveKeyWithValue(controllers.CellDatabasePasswordSelector, []byte("cell0-database-password"))) + Expect(internalTopLevelSecret.Data).To(HaveLen(3)) Expect(internalTopLevelSecret.Data).To( HaveKeyWithValue(controllers.ServicePasswordSelector, []byte("service-password"))) Expect(internalTopLevelSecret.Data).To( @@ -351,9 +359,9 @@ var _ = Describe("Nova controller", func() { It("creates NovaAPI", func() { keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) th.SimulateJobSuccess(cell0.DBSyncJobName) th.SimulateStatefulSetReplicaReady(cell0.ConductorStatefulSetName) @@ -392,9 +400,9 @@ var _ = Describe("Nova controller", func() { It("creates NovaScheduler", func() { keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) th.SimulateJobSuccess(cell0.DBSyncJobName) th.SimulateStatefulSetReplicaReady(cell0.ConductorStatefulSetName) @@ -433,9 +441,9 @@ var _ = Describe("Nova controller", func() { It("creates NovaMetadata", func() { keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) th.SimulateJobSuccess(cell0.DBSyncJobName) th.SimulateStatefulSetReplicaReady(cell0.ConductorStatefulSetName) @@ -494,9 +502,9 @@ var _ = Describe("Nova controller", func() { keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) GetNovaCell(cell0.CellCRName) GetNovaConductor(cell0.ConductorName) @@ -562,9 +570,9 @@ var _ = Describe("Nova controller", func() { keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) th.SimulateJobSuccess(cell0.DBSyncJobName) th.SimulateStatefulSetReplicaReady(cell0.ConductorStatefulSetName) @@ -628,11 +636,12 @@ var _ = Describe("Nova controller", func() { }) It("uses the correct hostnames to access the different DB services", func() { + keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) cell0DBSync := th.GetJob(cell0.DBSyncJobName) @@ -640,16 +649,26 @@ var _ = Describe("Nova controller", func() { configDataMap := th.GetSecret(cell0.ConductorConfigDataName) Expect(configDataMap.Data).Should(HaveKey("01-nova.conf")) configData := string(configDataMap.Data["01-nova.conf"]) + + cell0Account := mariadb.GetMariaDBAccount(cell0.MariaDBAccountName) + cell0Secret := th.GetSecret(types.NamespacedName{Name: cell0Account.Spec.Secret, Namespace: cell0.MariaDBAccountName.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[database]\nconnection = mysql+pymysql://nova_cell0:cell0-database-password@hostname-for-%s.%s.svc/nova_cell0", + "[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_cell0", + cell0Account.Spec.UserName, cell0Secret.Data[mariadbv1.DatabasePasswordSelector], cell0.MariaDBDatabaseName.Name, novaNames.Namespace)), ) + + apiAccount := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) + apiSecret := th.GetSecret(types.NamespacedName{Name: apiAccount.Spec.Secret, Namespace: novaNames.APIMariaDBDatabaseAccount.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[api_database]\nconnection = mysql+pymysql://nova_api:api-database-password@hostname-for-%s.%s.svc/nova_api", + "[api_database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector], novaNames.APIMariaDBDatabaseName.Name, novaNames.Namespace)), ) Expect(configData).To(ContainSubstring("password = service-password")) @@ -666,13 +685,15 @@ var _ = Describe("Nova controller", func() { Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[database]\nconnection = mysql+pymysql://nova_cell0:cell0-database-password@hostname-for-%s.%s.svc/nova_cell0", + "[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_cell0", + cell0Account.Spec.UserName, cell0Secret.Data[mariadbv1.DatabasePasswordSelector], cell0.MariaDBDatabaseName.Name, novaNames.Namespace)), ) Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[api_database]\nconnection = mysql+pymysql://nova_api:api-database-password@hostname-for-%s.%s.svc/nova_api", + "[api_database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector], novaNames.APIMariaDBDatabaseName.Name, novaNames.Namespace)), ) Expect(configData).To(ContainSubstring("password = service-password")) @@ -683,13 +704,15 @@ var _ = Describe("Nova controller", func() { Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[database]\nconnection = mysql+pymysql://nova_cell0:cell0-database-password@hostname-for-%s.%s.svc/nova_cell0", + "[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_cell0", + cell0Account.Spec.UserName, cell0Secret.Data[mariadbv1.DatabasePasswordSelector], cell0.MariaDBDatabaseName.Name, novaNames.Namespace)), ) Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[api_database]\nconnection = mysql+pymysql://nova_api:api-database-password@hostname-for-%s.%s.svc/nova_api", + "[api_database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector], novaNames.APIMariaDBDatabaseName.Name, novaNames.Namespace)), ) Expect(configData).To(ContainSubstring("password = service-password")) @@ -755,6 +778,7 @@ var _ = Describe("Nova controller", func() { DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(novaNames.NovaName.Namespace)) DeferCleanup(th.DeleteInstance, CreateNovaWithCell0(novaNames.NovaName)) + }) It("removes the finalizer from KeystoneService", func() { @@ -782,9 +806,9 @@ var _ = Describe("Nova controller", func() { cell0DB := mariadb.GetMariaDBDatabase(cell0.MariaDBDatabaseName) Expect(cell0DB.Finalizers).To(ContainElement("Nova")) - apiAcc := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseName) + apiAcc := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) Expect(apiAcc.Finalizers).To(ContainElement("Nova")) - cell0Acc := mariadb.GetMariaDBAccount(cell0.MariaDBDatabaseName) + cell0Acc := mariadb.GetMariaDBAccount(cell0.MariaDBAccountName) Expect(cell0Acc.Finalizers).To(ContainElement("Nova")) th.DeleteInstance(GetNova(novaNames.NovaName)) @@ -794,9 +818,9 @@ var _ = Describe("Nova controller", func() { cell0DB = mariadb.GetMariaDBDatabase(cell0.MariaDBDatabaseName) Expect(cell0DB.Finalizers).NotTo(ContainElement("Nova")) - apiAcc = mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseName) + apiAcc = mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) Expect(apiAcc.Finalizers).NotTo(ContainElement("Nova")) - cell0Acc = mariadb.GetMariaDBAccount(cell0.MariaDBDatabaseName) + cell0Acc = mariadb.GetMariaDBAccount(cell0.MariaDBAccountName) Expect(cell0Acc.Finalizers).NotTo(ContainElement("Nova")) }) @@ -836,8 +860,8 @@ var _ = Describe("Nova controller", func() { "apiMessageBusInstance": cell0.TransportURLName.Name, "cellTemplates": map[string]interface{}{ "cell0": map[string]interface{}{ - "cellDatabaseUser": "nova_cell0", - "hasAPIAccess": true, + "cellDatabaseAccount": cell0.MariaDBAccountName.Name, + "hasAPIAccess": true, "conductorServiceTemplate": map[string]interface{}{ "networkAttachments": []string{"internalapi"}, }, @@ -858,9 +882,9 @@ var _ = Describe("Nova controller", func() { keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) th.SimulateJobSuccess(cell0.DBSyncJobName) }) @@ -932,4 +956,200 @@ var _ = Describe("Nova controller", func() { } }) }) + + // Run MariaDBAccount suite tests for NovaAPI database. these are pre-packaged ginkgo tests + // that exercise standard account create / update patterns that should be + // common to all controllers that ensure MariaDBAccount CRs. + mariadb_test.MariaDBAccountSuiteTests( + "Nova API", + // Populate test variables which will run inside of BeforeEach + func(harness *mariadb_test.MariaDBTestHarness) { + harness.PopulateHarness( + novaNames.Namespace, + novaNames.APIMariaDBDatabaseName.Name, + "Nova", + mariadb, + timeout, + interval, + ) + }, + // Generate a fully running Nova service given an accountName + // needs to make it all the way to the end where the mariadb finalizers + // are removed from unused accounts since that's part of what we are testing + func(accountName types.NamespacedName) { + DeferCleanup( + k8sClient.Delete, ctx, CreateNovaSecret(novaNames.NovaName.Namespace, SecretName)) + DeferCleanup( + k8sClient.Delete, ctx, CreateNovaMessageBusSecret(cell0)) + + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + cell0.MariaDBDatabaseName.Namespace, + cell0.MariaDBDatabaseName.Name, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + novaNames.APIMariaDBDatabaseName.Namespace, + novaNames.APIMariaDBDatabaseName.Name, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(novaNames.NovaName.Namespace)) + + spec := GetDefaultNovaSpec() + cell0template := GetDefaultNovaCellTemplate() + cell0template["cellDatabaseInstance"] = cell0.MariaDBDatabaseName.Name + spec["cellTemplates"] = map[string]interface{}{"cell0": cell0template} + spec["apiDatabaseInstance"] = novaNames.APIMariaDBDatabaseName.Name + spec["apiDatabaseAccount"] = accountName.Name + + DeferCleanup(th.DeleteInstance, CreateNova(novaNames.NovaName, spec)) + + keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) + mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(accountName) + mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) + infra.SimulateTransportURLReady(cell0.TransportURLName) + th.SimulateJobSuccess(cell0.DBSyncJobName) + th.SimulateStatefulSetReplicaReady(cell0.ConductorStatefulSetName) + th.SimulateJobSuccess(cell0.CellMappingJobName) + + th.SimulateStatefulSetReplicaReady(novaNames.APIDeploymentName) + keystone.SimulateKeystoneEndpointReady(novaNames.APIKeystoneEndpointName) + th.SimulateStatefulSetReplicaReady(novaNames.SchedulerStatefulSetName) + th.SimulateStatefulSetReplicaReady(novaNames.MetadataStatefulSetName) + + // ensure api/scheduler/metadata all complete + Eventually(func(g Gomega) { + nova := GetNova(novaNames.NovaName) + g.Expect(nova.Status.APIServiceReadyCount).To(Equal(int32(1))) + g.Expect(nova.Status.SchedulerServiceReadyCount).To(Equal(int32(1))) + g.Expect(nova.Status.MetadataServiceReadyCount).To(Equal(int32(1))) + }) + }, + // update to a new account name + func(accountName types.NamespacedName) { + Eventually(func(g Gomega) { + nova := GetNova(novaNames.NovaName) + nova.Spec.APIDatabaseAccount = accountName.Name + g.Expect(th.K8sClient.Update(ctx, nova)).Should(Succeed()) + }, timeout, interval).Should(Succeed()) + + }, + // delete the CR, allowing tests that exercise finalizer removal + func() { + th.DeleteInstance(GetNova(novaNames.NovaName)) + }, + ) + + // Run MariaDBAccount suite tests for NovaCell0 database. these are pre-packaged ginkgo tests + // that exercise standard account create / update patterns that should be + // common to all controllers that ensure MariaDBAccount CRs. + mariadb_test.MariaDBAccountSuiteTests( + "Nova Cell", + // Populate test variables which will run inside of BeforeEach + func(harness *mariadb_test.MariaDBTestHarness) { + harness.PopulateHarness( + novaNames.Namespace, + cell0.MariaDBDatabaseName.Name, + "Nova", + mariadb, + timeout, + interval, + ) + }, + // Generate a fully running Nova service given an accountName + // needs to make it all the way to the end where the mariadb finalizers + // are removed from unused accounts since that's part of what we are testing + func(accountName types.NamespacedName) { + DeferCleanup( + k8sClient.Delete, ctx, CreateNovaSecret(novaNames.NovaName.Namespace, SecretName)) + DeferCleanup( + k8sClient.Delete, ctx, CreateNovaMessageBusSecret(cell0)) + + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + cell0.MariaDBDatabaseName.Namespace, + cell0.MariaDBDatabaseName.Name, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + DeferCleanup( + mariadb.DeleteDBService, + mariadb.CreateDBService( + novaNames.APIMariaDBDatabaseName.Namespace, + novaNames.APIMariaDBDatabaseName.Name, + corev1.ServiceSpec{ + Ports: []corev1.ServicePort{{Port: 3306}}, + }, + ), + ) + DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(novaNames.NovaName.Namespace)) + + spec := GetDefaultNovaSpec() + cell0template := GetDefaultNovaCellTemplate() + cell0template["cellDatabaseInstance"] = cell0.MariaDBDatabaseName.Name + cell0template["cellDatabaseAccount"] = accountName.Name + spec["cellTemplates"] = map[string]interface{}{"cell0": cell0template} + spec["apiDatabaseInstance"] = novaNames.APIMariaDBDatabaseName.Name + + DeferCleanup(th.DeleteInstance, CreateNova(novaNames.NovaName, spec)) + + keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) + mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) + mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(accountName) + infra.SimulateTransportURLReady(cell0.TransportURLName) + th.SimulateJobSuccess(cell0.DBSyncJobName) + th.SimulateStatefulSetReplicaReady(cell0.ConductorStatefulSetName) + th.SimulateJobSuccess(cell0.CellMappingJobName) + + th.SimulateStatefulSetReplicaReady(novaNames.APIDeploymentName) + keystone.SimulateKeystoneEndpointReady(novaNames.APIKeystoneEndpointName) + th.SimulateStatefulSetReplicaReady(novaNames.SchedulerStatefulSetName) + th.SimulateStatefulSetReplicaReady(novaNames.MetadataStatefulSetName) + + // ensure api/scheduler/metadata all complete so that the Nova + // CR is not expected to have subsequent status changes from the controller + Eventually(func(g Gomega) { + nova := GetNova(novaNames.NovaName) + g.Expect(nova.Status.APIServiceReadyCount).To(Equal(int32(1))) + g.Expect(nova.Status.SchedulerServiceReadyCount).To(Equal(int32(1))) + g.Expect(nova.Status.MetadataServiceReadyCount).To(Equal(int32(1))) + }) + }, + // update to a new account name + func(accountName types.NamespacedName) { + + Eventually(func(g Gomega) { + nova := GetNova(novaNames.NovaName) + + if entry, ok := nova.Spec.CellTemplates[cell0.CellName]; ok { + entry.CellDatabaseAccount = accountName.Name + nova.Spec.CellTemplates[cell0.CellName] = entry + } + + g.Expect(th.K8sClient.Update(ctx, nova)).Should(Succeed()) + }, timeout, interval).Should(Succeed()) + + }, + // delete the CR, allowing tests that exercise finalizer removal + func() { + th.DeleteInstance(GetNova(novaNames.NovaName)) + }, + ) + }) diff --git a/test/functional/nova_metadata_controller_test.go b/test/functional/nova_metadata_controller_test.go index eafa9b97c..b7d234956 100644 --- a/test/functional/nova_metadata_controller_test.go +++ b/test/functional/nova_metadata_controller_test.go @@ -24,6 +24,7 @@ import ( . "github.com/onsi/gomega" . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" @@ -35,6 +36,24 @@ import ( ) var _ = Describe("NovaMetadata controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + }) + When("with standard spec without network interface", func() { BeforeEach(func() { spec := GetDefaultNovaMetadataSpec(novaNames.InternalTopLevelSecretName) @@ -173,9 +192,16 @@ var _ = Describe("NovaMetadata controller", func() { Expect(configData).Should(ContainSubstring("local_metadata_per_cell = false")) Expect(configData).Should(ContainSubstring("enabled_apis=metadata")) Expect(configData).Should(ContainSubstring("metadata_workers=1")) - Expect(configData).Should( + + apiAccount := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) + apiSecret := th.GetSecret(types.NamespacedName{Name: apiAccount.Spec.Secret, Namespace: novaNames.APIMariaDBDatabaseAccount.Namespace}) + + Expect(configData).To( ContainSubstring( - "connection = mysql+pymysql://nova_api:api-database-password@nova-api-db-hostname/nova_api")) + fmt.Sprintf("connection = mysql+pymysql://%s:%s@nova-api-db-hostname/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector])), + ) + Expect(configData).Should( ContainSubstring("[upgrade_levels]\ncompute = auto")) Expect(configDataMap.Data).Should(HaveKey("02-nova-override.conf")) @@ -327,6 +353,24 @@ var _ = Describe("NovaMetadata controller", func() { }) var _ = Describe("NovaMetadata controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + }) + When("configured with cell name", func() { BeforeEach(func() { spec := GetDefaultNovaMetadataSpec(cell1.InternalCellSecretName) @@ -745,6 +789,24 @@ var _ = Describe("NovaMetadata controller", func() { }) var _ = Describe("NovaMetadata controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + }) + When("NovaMetadata is created with TLS CA cert secret", func() { BeforeEach(func() { DeferCleanup( diff --git a/test/functional/nova_multicell_test.go b/test/functional/nova_multicell_test.go index d76c60a7a..be9b4c73f 100644 --- a/test/functional/nova_multicell_test.go +++ b/test/functional/nova_multicell_test.go @@ -21,6 +21,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" @@ -30,6 +31,28 @@ import ( ) var _ = Describe("Nova multicell", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + cell2Account, cell2Secret := mariadb.CreateMariaDBAccountAndSecret( + cell2.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell2Account) + DeferCleanup(k8sClient.Delete, ctx, cell2Secret) + + }) When("Nova CR instance is created with 3 cells", func() { BeforeEach(func() { // TODO(bogdando): deduplicate this into CreateNovaWith3CellsAndEnsureReady() @@ -47,11 +70,11 @@ var _ = Describe("Nova multicell", func() { spec := GetDefaultNovaSpec() cell0Template := GetDefaultNovaCellTemplate() cell0Template["cellDatabaseInstance"] = cell0.MariaDBDatabaseName.Name - cell0Template["cellDatabaseUser"] = "nova_cell0" + cell0Template["cellDatabaseAccount"] = cell0.MariaDBAccountName.Name cell1Template := GetDefaultNovaCellTemplate() cell1Template["cellDatabaseInstance"] = cell1.MariaDBDatabaseName.Name - cell1Template["cellDatabaseUser"] = "nova_cell1" + cell1Template["cellDatabaseAccount"] = cell1.MariaDBAccountName.Name cell1Template["cellMessageBusInstance"] = cell1.TransportURLName.Name cell1Template["passwordSelectors"] = map[string]interface{}{ "database": "NovaCell1DatabasePassword", @@ -62,7 +85,7 @@ var _ = Describe("Nova multicell", func() { cell2Template := GetDefaultNovaCellTemplate() cell2Template["cellDatabaseInstance"] = cell2.MariaDBDatabaseName.Name - cell2Template["cellDatabaseUser"] = "nova_cell2" + cell2Template["cellDatabaseAccount"] = cell2.MariaDBAccountName.Name cell2Template["cellMessageBusInstance"] = cell2.TransportURLName.Name cell2Template["hasAPIAccess"] = false cell2Template["passwordSelectors"] = map[string]interface{}{ @@ -84,9 +107,9 @@ var _ = Describe("Nova multicell", func() { It("creates cell0 NovaCell", func() { mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(novaNames.APIMariaDBDatabaseAccount) mariadb.SimulateMariaDBDatabaseCompleted(cell0.MariaDBDatabaseName) - mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBDatabaseName) + mariadb.SimulateMariaDBAccountCompleted(cell0.MariaDBAccountName) infra.SimulateTransportURLReady(cell0.TransportURLName) th.ExpectCondition( @@ -103,16 +126,25 @@ var _ = Describe("Nova multicell", func() { Expect(configDataMap.Data).Should(HaveKey("01-nova.conf")) configData := string(configDataMap.Data["01-nova.conf"]) + cell0Account := mariadb.GetMariaDBAccount(cell0.MariaDBAccountName) + cell0Secret := th.GetSecret(types.NamespacedName{Name: cell0Account.Spec.Secret, Namespace: cell0.MariaDBAccountName.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[database]\nconnection = mysql+pymysql://nova_cell0:cell0-database-password@hostname-for-%s.%s.svc/nova_cell0", + "[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_cell0", + cell0Account.Spec.UserName, cell0Secret.Data[mariadbv1.DatabasePasswordSelector], cell0.MariaDBDatabaseName.Name, novaNames.Namespace)), ) + + apiAccount := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) + apiSecret := th.GetSecret(types.NamespacedName{Name: apiAccount.Spec.Secret, Namespace: novaNames.APIMariaDBDatabaseAccount.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[api_database]\nconnection = mysql+pymysql://nova_api:api-database-password@hostname-for-%s.%s.svc/nova_api", + "[api_database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector], novaNames.APIMariaDBDatabaseName.Name, novaNames.Namespace)), ) // and that it is using the top level MQ @@ -166,18 +198,29 @@ var _ = Describe("Nova multicell", func() { configDataMap := th.GetSecret(novaNames.APIConfigDataName) Expect(configDataMap.Data).Should(HaveKey("01-nova.conf")) configData := string(configDataMap.Data["01-nova.conf"]) + + cell0Account := mariadb.GetMariaDBAccount(cell0.MariaDBAccountName) + cell0Secret := th.GetSecret(types.NamespacedName{Name: cell0Account.Spec.Secret, Namespace: cell0.MariaDBAccountName.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[database]\nconnection = mysql+pymysql://nova_cell0:cell0-database-password@hostname-for-%s.%s.svc/nova_cell0", + "[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_cell0", + cell0Account.Spec.UserName, cell0Secret.Data[mariadbv1.DatabasePasswordSelector], cell0.MariaDBDatabaseName.Name, novaNames.Namespace)), ) + + apiAccount := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) + apiSecret := th.GetSecret(types.NamespacedName{Name: apiAccount.Spec.Secret, Namespace: novaNames.APIMariaDBDatabaseAccount.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[api_database]\nconnection = mysql+pymysql://nova_api:api-database-password@hostname-for-%s.%s.svc/nova_api", + "[api_database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector], novaNames.APIMariaDBDatabaseName.Name, novaNames.Namespace)), ) + Expect(configData).To(ContainSubstring("transport_url=rabbit://cell0/fake")) th.SimulateStatefulSetReplicaReady(novaNames.APIDeploymentName) @@ -275,18 +318,29 @@ var _ = Describe("Nova multicell", func() { configDataMap := th.GetSecret(cell1.ConductorConfigDataName) Expect(configDataMap.Data).Should(HaveKey("01-nova.conf")) configData := string(configDataMap.Data["01-nova.conf"]) + + cell1Account := mariadb.GetMariaDBAccount(cell1.MariaDBAccountName) + cell1Secret := th.GetSecret(types.NamespacedName{Name: cell1Account.Spec.Secret, Namespace: cell1.MariaDBAccountName.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[database]\nconnection = mysql+pymysql://nova_cell1:cell1-database-password@hostname-for-%s.%s.svc/nova_cell1", + "[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_cell1", + cell1Account.Spec.UserName, cell1Secret.Data[mariadbv1.DatabasePasswordSelector], cell1.MariaDBDatabaseName.Name, novaNames.Namespace)), ) + + apiAccount := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) + apiSecret := th.GetSecret(types.NamespacedName{Name: apiAccount.Spec.Secret, Namespace: novaNames.APIMariaDBDatabaseAccount.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[api_database]\nconnection = mysql+pymysql://nova_api:api-database-password@hostname-for-%s.%s.svc/nova_api", + "[api_database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector], novaNames.APIMariaDBDatabaseName.Name, novaNames.Namespace)), ) + Expect(configData).To(ContainSubstring("transport_url=rabbit://cell1/fake")) th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) @@ -375,12 +429,18 @@ var _ = Describe("Nova multicell", func() { configDataMap := th.GetSecret(cell2.ConductorConfigDataName) Expect(configDataMap.Data).Should(HaveKey("01-nova.conf")) configData := string(configDataMap.Data["01-nova.conf"]) + + cell2Account := mariadb.GetMariaDBAccount(cell2.MariaDBAccountName) + cell2Secret := th.GetSecret(types.NamespacedName{Name: cell2Account.Spec.Secret, Namespace: cell2.MariaDBAccountName.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[database]\nconnection = mysql+pymysql://nova_cell2:cell2-database-password@hostname-for-%s.%s.svc/nova_cell2", + "[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_cell2", + cell2Account.Spec.UserName, cell2Secret.Data[mariadbv1.DatabasePasswordSelector], cell2.MariaDBDatabaseName.Name, novaNames.Namespace)), ) + Expect(configData).ToNot( ContainSubstring("[api_database]"), ) @@ -411,13 +471,19 @@ var _ = Describe("Nova multicell", func() { Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[database]\nconnection = mysql+pymysql://nova_cell2:cell2-database-password@hostname-for-%s.%s.svc/nova_cell2", + "[database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_cell2", + cell2Account.Spec.UserName, cell2Secret.Data[mariadbv1.DatabasePasswordSelector], cell2.MariaDBDatabaseName.Name, novaNames.Namespace)), ) + + apiAccount := mariadb.GetMariaDBAccount(novaNames.APIMariaDBDatabaseAccount) + apiSecret := th.GetSecret(types.NamespacedName{Name: apiAccount.Spec.Secret, Namespace: novaNames.APIMariaDBDatabaseAccount.Namespace}) + Expect(configData).To( ContainSubstring( fmt.Sprintf( - "[api_database]\nconnection = mysql+pymysql://nova_api:api-database-password@hostname-for-%s.%s.svc/nova_api", + "[api_database]\nconnection = mysql+pymysql://%s:%s@hostname-for-%s.%s.svc/nova_api", + apiAccount.Spec.UserName, apiSecret.Data[mariadbv1.DatabasePasswordSelector], novaNames.APIMariaDBDatabaseName.Name, novaNames.Namespace)), ) @@ -566,7 +632,7 @@ var _ = Describe("Nova multicell", func() { spec := GetDefaultNovaSpec() cell0Template := GetDefaultNovaCellTemplate() cell0Template["cellDatabaseInstance"] = novaNames.APIMariaDBDatabaseName.Name - cell0Template["cellDatabaseUser"] = "nova_cell0" + cell0Template["cellDatabaseAccount"] = cell0.MariaDBAccountName.Name cell0Template["hasAPIAccess"] = true // disable cell0 conductor cell0Template["conductorServiceTemplate"] = map[string]interface{}{ @@ -578,7 +644,7 @@ var _ = Describe("Nova multicell", func() { // message bus as the top level services. Hence cell1 conductor // will act both as a super conductor and as cell1 conductor cell1Template["cellDatabaseInstance"] = novaNames.APIMariaDBDatabaseName.Name - cell1Template["cellDatabaseUser"] = "nova_cell1" + cell1Template["cellDatabaseAccount"] = cell1.MariaDBAccountName.Name cell1Template["cellMessageBusInstance"] = cell0.TransportURLName.Name cell1Template["hasAPIAccess"] = true @@ -592,6 +658,7 @@ var _ = Describe("Nova multicell", func() { DeferCleanup(th.DeleteInstance, CreateNova(novaNames.NovaName, spec)) DeferCleanup(keystone.DeleteKeystoneAPI, keystone.CreateKeystoneAPI(novaNames.NovaName.Namespace)) keystone.SimulateKeystoneServiceReady(novaNames.KeystoneServiceName) + }) It("cell0 becomes ready with 0 conductor replicas and the rest of nova is deployed", func() { mariadb.SimulateMariaDBDatabaseCompleted(novaNames.APIMariaDBDatabaseName) @@ -689,11 +756,11 @@ var _ = Describe("Nova multicell", func() { spec := GetDefaultNovaSpec() cell0Template := GetDefaultNovaCellTemplate() cell0Template["cellDatabaseInstance"] = cell0.MariaDBDatabaseName.Name - cell0Template["cellDatabaseUser"] = "nova_cell0" + cell0Template["cellDatabaseAccount"] = cell0.MariaDBAccountName.Name cell1Template := GetDefaultNovaCellTemplate() cell1Template["cellDatabaseInstance"] = cell1.MariaDBDatabaseName.Name - cell1Template["cellDatabaseUser"] = "nova_cell1" + cell1Template["cellDatabaseAccount"] = cell1.MariaDBAccountName.Name cell1Template["cellMessageBusInstance"] = cell1.TransportURLName.Name spec["cellTemplates"] = map[string]interface{}{ @@ -736,11 +803,11 @@ var _ = Describe("Nova multicell", func() { spec := GetDefaultNovaSpec() cell0Template := GetDefaultNovaCellTemplate() cell0Template["cellDatabaseInstance"] = cell0.MariaDBDatabaseName.Name - cell0Template["cellDatabaseUser"] = "nova_cell0" + cell0Template["cellDatabaseAccount"] = cell0.MariaDBAccountName.Name cell1Template := GetDefaultNovaCellTemplate() cell1Template["cellDatabaseInstance"] = cell1.MariaDBDatabaseName.Name - cell1Template["cellDatabaseUser"] = "nova_cell1" + cell1Template["cellDatabaseAccount"] = cell1.MariaDBAccountName.Name cell1Template["cellMessageBusInstance"] = cell1.TransportURLName.Name cell1Template["metadataServiceTemplate"] = map[string]interface{}{ "enabled": true, diff --git a/test/functional/nova_novncproxy_test.go b/test/functional/nova_novncproxy_test.go index 9902f6acb..32f9a72c4 100644 --- a/test/functional/nova_novncproxy_test.go +++ b/test/functional/nova_novncproxy_test.go @@ -23,6 +23,7 @@ import ( condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" "github.com/openstack-k8s-operators/lib-common/modules/common/util" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -31,6 +32,22 @@ import ( ) var _ = Describe("NovaNoVNCProxy controller", func() { + BeforeEach(func() { + // only cell DB accounts are needed as novanovncproxy_controller does + // not create configurations with the API DB account + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + }) + When("with standard spec without network interface", func() { BeforeEach(func() { spec := GetDefaultNovaNoVNCProxySpec(cell1) @@ -290,6 +307,22 @@ var _ = Describe("NovaNoVNCProxy controller", func() { }) var _ = Describe("NovaNoVNCProxy controller", func() { + BeforeEach(func() { + // only cell DB accounts are needed as novanovncproxy_controller does + // not create configurations with the API DB account + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + }) + When(" is created with networkAttachments", func() { BeforeEach(func() { spec := GetDefaultNovaNoVNCProxySpec(cell1) @@ -646,6 +679,22 @@ var _ = Describe("NovaNoVNCProxy controller", func() { }) var _ = Describe("NovaNoVNCProxy controller", func() { + BeforeEach(func() { + // only cell DB accounts are needed as novanovncproxy_controller does + // not create configurations with the API DB account + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + }) + When("NovaNoVNCProxy is created with TLS CA cert secret", func() { BeforeEach(func() { spec := GetDefaultNovaNoVNCProxySpec(cell1) diff --git a/test/functional/nova_reconfiguration_test.go b/test/functional/nova_reconfiguration_test.go index b81d27f2e..1c7a6c0ba 100644 --- a/test/functional/nova_reconfiguration_test.go +++ b/test/functional/nova_reconfiguration_test.go @@ -23,6 +23,7 @@ import ( . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -48,14 +49,29 @@ func CreateNovaWith3CellsAndEnsureReady(novaNames NovaNames) { DeferCleanup(mariadb.DeleteDBService, mariadb.CreateDBService(cell1.MariaDBDatabaseName.Namespace, cell1.MariaDBDatabaseName.Name, serviceSpec)) DeferCleanup(mariadb.DeleteDBService, mariadb.CreateDBService(cell2.MariaDBDatabaseName.Namespace, cell2.MariaDBDatabaseName.Name, serviceSpec)) + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + cell2Account, cell2Secret := mariadb.CreateMariaDBAccountAndSecret( + cell2.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell2Account) + DeferCleanup(k8sClient.Delete, ctx, cell2Secret) + spec := GetDefaultNovaSpec() cell0Template := GetDefaultNovaCellTemplate() cell0Template["cellDatabaseInstance"] = cell0.MariaDBDatabaseName.Name - cell0Template["cellDatabaseUser"] = "nova_cell0" + cell0Template["cellDatabaseAccount"] = cell0Account.Name cell1Template := GetDefaultNovaCellTemplate() cell1Template["cellDatabaseInstance"] = cell1.MariaDBDatabaseName.Name - cell1Template["cellDatabaseUser"] = "nova_cell1" + cell1Template["cellDatabaseAccount"] = cell1Account.Name cell1Template["cellMessageBusInstance"] = cell1.TransportURLName.Name cell1Template["novaComputeTemplates"] = map[string]interface{}{ ironicComputeName: GetDefaultNovaComputeTemplate(), @@ -63,7 +79,7 @@ func CreateNovaWith3CellsAndEnsureReady(novaNames NovaNames) { cell2Template := GetDefaultNovaCellTemplate() cell2Template["cellDatabaseInstance"] = cell2.MariaDBDatabaseName.Name - cell2Template["cellDatabaseUser"] = "nova_cell2" + cell2Template["cellDatabaseAccount"] = cell2Account.Name cell2Template["cellMessageBusInstance"] = cell2.TransportURLName.Name cell2Template["hasAPIAccess"] = false diff --git a/test/functional/nova_scheduler_test.go b/test/functional/nova_scheduler_test.go index 559659ccd..6d26fa032 100644 --- a/test/functional/nova_scheduler_test.go +++ b/test/functional/nova_scheduler_test.go @@ -26,6 +26,7 @@ import ( condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" "github.com/openstack-k8s-operators/lib-common/modules/common/util" api "github.com/openstack-k8s-operators/lib-common/modules/test/apis" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -34,6 +35,16 @@ import ( ) var _ = Describe("NovaScheduler controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret(novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret(cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + }) + BeforeEach(func() { // Uncomment this if you need the full output in the logs from gomega // matchers @@ -294,6 +305,18 @@ var _ = Describe("NovaScheduler controller", func() { }) var _ = Describe("NovaScheduler controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + }) + When("NovaScheduler is created with networkAttachments", func() { BeforeEach(func() { DeferCleanup( @@ -551,6 +574,16 @@ var _ = Describe("NovaScheduler controller", func() { }) var _ = Describe("NovaScheduler controller cleaning", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret(novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret(cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + }) + var novaAPIFixture *NovaAPIFixture BeforeEach(func() { DeferCleanup( @@ -599,6 +632,16 @@ var _ = Describe("NovaScheduler controller cleaning", func() { }) var _ = Describe("NovaScheduler controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret(novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret(cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + }) + When("NovaScheduler is created with TLS CA cert secret", func() { BeforeEach(func() { spec := GetDefaultNovaSchedulerSpec(novaNames) diff --git a/test/functional/novaapi_controller_test.go b/test/functional/novaapi_controller_test.go index b2f931548..b769ac7ab 100644 --- a/test/functional/novaapi_controller_test.go +++ b/test/functional/novaapi_controller_test.go @@ -24,6 +24,7 @@ import ( . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" networkv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -34,6 +35,19 @@ import ( ) var _ = Describe("NovaAPI controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + }) + When("a NovaAPI CR is created pointing to a non existent Secret", func() { BeforeEach(func() { spec := GetDefaultNovaAPISpec(novaNames) @@ -145,6 +159,7 @@ var _ = Describe("NovaAPI controller", func() { BeforeEach(func() { DeferCleanup( k8sClient.Delete, ctx, CreateInternalTopLevelSecret(novaNames)) + }) It("reports that input is ready", func() { @@ -372,6 +387,19 @@ var _ = Describe("NovaAPI controller", func() { }) var _ = Describe("NovaAPI controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + }) + When("NovaAPI is created with networkAttachments", func() { BeforeEach(func() { DeferCleanup( @@ -380,6 +408,7 @@ var _ = Describe("NovaAPI controller", func() { spec := GetDefaultNovaAPISpec(novaNames) spec["networkAttachments"] = []string{"internalapi"} DeferCleanup(th.DeleteInstance, CreateNovaAPI(novaNames.APIName, spec)) + }) It("reports that the definition is missing", func() { @@ -819,6 +848,19 @@ var _ = Describe("NovaAPI controller", func() { }) var _ = Describe("NovaAPI controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + }) + When("NovaAPI is created with TLS cert secrets", func() { BeforeEach(func() { spec := GetDefaultNovaAPISpec(novaNames) diff --git a/test/functional/novacell_controller_test.go b/test/functional/novacell_controller_test.go index 6e38da7c2..9a56c0a50 100644 --- a/test/functional/novacell_controller_test.go +++ b/test/functional/novacell_controller_test.go @@ -30,10 +30,34 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" ) var _ = Describe("NovaCell controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + cell0.APIDatabaseAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + cell1Account, cell1Secret := mariadb.CreateMariaDBAccountAndSecret( + cell1.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell1Account) + DeferCleanup(k8sClient.Delete, ctx, cell1Secret) + + cell2Account, cell2Secret := mariadb.CreateMariaDBAccountAndSecret( + cell2.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell2Account) + DeferCleanup(k8sClient.Delete, ctx, cell2Secret) + + }) + When("A NovaCell CR instance is created without any input", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateNovaCell(cell0.CellCRName, GetDefaultNovaCellSpec(cell0))) @@ -146,6 +170,7 @@ var _ = Describe("NovaCell controller", func() { ctx, CreateMetadataCellInternalSecret(cell1), ) + spec := GetDefaultNovaCellSpec(cell1) spec["metadataServiceTemplate"] = map[string]interface{}{ "enabled": true, diff --git a/test/functional/novaconductor_controller_test.go b/test/functional/novaconductor_controller_test.go index 76d9afa25..70ffd154a 100644 --- a/test/functional/novaconductor_controller_test.go +++ b/test/functional/novaconductor_controller_test.go @@ -24,6 +24,7 @@ import ( keystone_helper "github.com/openstack-k8s-operators/keystone-operator/api/test/helpers" . "github.com/openstack-k8s-operators/lib-common/modules/common/test/helpers" api "github.com/openstack-k8s-operators/lib-common/modules/test/apis" + mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" corev1 "k8s.io/api/core/v1" @@ -34,6 +35,19 @@ import ( ) var _ = Describe("NovaConductor controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + }) + When("a NovaConductor CR is created pointing to a non existent Secret", func() { BeforeEach(func() { DeferCleanup( @@ -399,6 +413,19 @@ var _ = Describe("NovaConductor controller", func() { }) var _ = Describe("NovaConductor controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + }) + When("NovaConductor is created with networkAttachments", func() { BeforeEach(func() { DeferCleanup( @@ -639,6 +666,19 @@ var _ = Describe("NovaConductor controller", func() { }) var _ = Describe("NovaConductor controller cleaning", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + + }) + var novaAPIServer *NovaAPIFixture BeforeEach(func() { novaAPIServer = NewNovaAPIFixtureWithServer(logger) @@ -683,6 +723,18 @@ var _ = Describe("NovaConductor controller cleaning", func() { }) var _ = Describe("NovaConductor controller", func() { + BeforeEach(func() { + apiMariaDBAccount, apiMariaDBSecret := mariadb.CreateMariaDBAccountAndSecret( + novaNames.APIMariaDBDatabaseAccount, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBAccount) + DeferCleanup(k8sClient.Delete, ctx, apiMariaDBSecret) + + cell0Account, cell0Secret := mariadb.CreateMariaDBAccountAndSecret( + cell0.MariaDBAccountName, mariadbv1.MariaDBAccountSpec{}) + DeferCleanup(k8sClient.Delete, ctx, cell0Account) + DeferCleanup(k8sClient.Delete, ctx, cell0Secret) + }) + When("NovaConductor is created with TLS CA cert secret", func() { BeforeEach(func() { DeferCleanup( diff --git a/test/kuttl/test-suites/default/scale-tests/01-assert.yaml b/test/kuttl/test-suites/default/scale-tests/01-assert.yaml index d8c128cae..c22e7cc3d 100644 --- a/test/kuttl/test-suites/default/scale-tests/01-assert.yaml +++ b/test/kuttl/test-suites/default/scale-tests/01-assert.yaml @@ -7,7 +7,7 @@ metadata: namespace: nova-kuttl-default spec: apiDatabaseInstance: openstack - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api apiMessageBusInstance: rabbitmq apiServiceTemplate: containerImage: quay.io/podified-antelope-centos9/openstack-nova-api:current-podified @@ -17,7 +17,7 @@ spec: cellTemplates: cell0: cellDatabaseInstance: openstack - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 cellMessageBusInstance: rabbitmq conductorServiceTemplate: containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified @@ -29,11 +29,9 @@ spec: enabled: false noVNCProxyServiceTemplate: enabled: false - passwordSelectors: - database: NovaCell0DatabasePassword cell1: cellDatabaseInstance: openstack-cell1 - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 cellMessageBusInstance: rabbitmq-cell1 conductorServiceTemplate: containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified @@ -49,8 +47,6 @@ spec: customServiceConfig: "" replicas: 1 resources: {} - passwordSelectors: - database: NovaCell0DatabasePassword keystoneInstance: keystone metadataServiceTemplate: enabled: true @@ -59,7 +55,6 @@ spec: replicas: 1 resources: {} passwordSelectors: - apiDatabase: NovaAPIDatabasePassword metadataSecret: MetadataSecret service: NovaPassword schedulerServiceTemplate: diff --git a/test/kuttl/test-suites/default/scale-tests/02-assert.yaml b/test/kuttl/test-suites/default/scale-tests/02-assert.yaml index c82702900..c2102a6fe 100644 --- a/test/kuttl/test-suites/default/scale-tests/02-assert.yaml +++ b/test/kuttl/test-suites/default/scale-tests/02-assert.yaml @@ -30,9 +30,9 @@ metadata: namespace: nova-kuttl-default spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cell0DatabaseHostname: openstack.nova-kuttl-default.svc - cell0DatabaseUser: nova_cell0 + cell0DatabaseAccount: nova-cell0 replicas: 3 status: readyCount: 3 @@ -44,9 +44,9 @@ metadata: namespace: nova-kuttl-default spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack.nova-kuttl-default.svc - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 replicas: 3 status: readyCount: 3 @@ -64,9 +64,9 @@ metadata: name: nova-kuttl-cell0 spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack.nova-kuttl-default.svc - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 cellName: cell0 containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified replicas: 3 @@ -86,9 +86,9 @@ metadata: name: nova-kuttl-cell1 spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack-cell1.nova-kuttl-default.svc - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 cellName: cell1 containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified replicas: 3 diff --git a/test/kuttl/test-suites/default/scale-tests/03-assert.yaml b/test/kuttl/test-suites/default/scale-tests/03-assert.yaml index 79110467e..781113e4d 100644 --- a/test/kuttl/test-suites/default/scale-tests/03-assert.yaml +++ b/test/kuttl/test-suites/default/scale-tests/03-assert.yaml @@ -30,9 +30,9 @@ metadata: namespace: nova-kuttl-default spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cell0DatabaseHostname: openstack.nova-kuttl-default.svc - cell0DatabaseUser: nova_cell0 + cell0DatabaseAccount: nova-cell0 replicas: 1 status: readyCount: 1 @@ -44,9 +44,9 @@ metadata: namespace: nova-kuttl-default spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack.nova-kuttl-default.svc - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 replicas: 1 status: readyCount: 1 @@ -64,9 +64,9 @@ metadata: name: nova-kuttl-cell0 spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack.nova-kuttl-default.svc - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 cellName: cell0 containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified replicas: 1 @@ -86,9 +86,9 @@ metadata: name: nova-kuttl-cell1 spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack-cell1.nova-kuttl-default.svc - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 cellName: cell1 containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified replicas: 1 diff --git a/test/kuttl/test-suites/default/scale-tests/04-assert.yaml b/test/kuttl/test-suites/default/scale-tests/04-assert.yaml index e907cdbe0..f1bc2f6be 100644 --- a/test/kuttl/test-suites/default/scale-tests/04-assert.yaml +++ b/test/kuttl/test-suites/default/scale-tests/04-assert.yaml @@ -14,7 +14,7 @@ metadata: name: nova-kuttl spec: apiDatabaseInstance: openstack - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api apiMessageBusInstance: rabbitmq apiServiceTemplate: containerImage: quay.io/podified-antelope-centos9/openstack-nova-api:current-podified @@ -26,7 +26,7 @@ spec: cellTemplates: cell0: cellDatabaseInstance: openstack - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 cellMessageBusInstance: rabbitmq conductorServiceTemplate: containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified @@ -39,7 +39,7 @@ spec: enabled: false cell1: cellDatabaseInstance: openstack-cell1 - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 cellMessageBusInstance: rabbitmq-cell1 conductorServiceTemplate: containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified @@ -74,9 +74,9 @@ metadata: namespace: nova-kuttl-default spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cell0DatabaseHostname: openstack.nova-kuttl-default.svc - cell0DatabaseUser: nova_cell0 + cell0DatabaseAccount: nova-cell0 replicas: 0 --- apiVersion: nova.openstack.org/v1beta1 @@ -86,9 +86,9 @@ metadata: namespace: nova-kuttl-default spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack.nova-kuttl-default.svc - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 replicas: 0 --- apiVersion: nova.openstack.org/v1beta1 @@ -104,9 +104,9 @@ metadata: name: nova-kuttl-cell0 spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack.nova-kuttl-default.svc - cellDatabaseUser: nova_cell0 + cellDatabaseAccount: nova-cell0 cellName: cell0 containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified replicas: 0 @@ -124,9 +124,9 @@ metadata: name: nova-kuttl-cell1 spec: apiDatabaseHostname: openstack.nova-kuttl-default.svc - apiDatabaseUser: nova_api + apiDatabaseAccount: nova-api cellDatabaseHostname: openstack-cell1.nova-kuttl-default.svc - cellDatabaseUser: nova_cell1 + cellDatabaseAccount: nova-cell1 cellName: cell1 containerImage: quay.io/podified-antelope-centos9/openstack-nova-conductor:current-podified replicas: 0