Delete test for debug

Signed-off-by: Veronika Fisarova <[email protected]>
Deydra71 · Sep 5, 2024 · dbcd643 · dbcd643
1 parent ad7bf8d
commit dbcd643
Show file tree

Hide file tree

Showing 105 changed files with 29 additions and 9,145 deletions.
diff --git a/pkg/openstack/common.go b/pkg/openstack/common.go
@@ -131,7 +131,8 @@ type EndpointDetail struct {
 
 // ServiceTLSDetails - tls settings for the endpoint
 type ServiceTLSDetails struct {
-	Enabled bool
+	Enabled  bool
+	CertName string
 	tls.GenericService
 	tls.Ca
 }
@@ -155,6 +156,7 @@ type RouteDetails struct {
 type RouteTLSDetails struct {
 	Enabled    bool
 	SecretName *string
+	CertName   string
 	IssuerName string
 	tls.Ca
 }
@@ -242,6 +244,8 @@ func EnsureEndpointConfig(
 			if instance.Spec.TLS.Ingress.Enabled {
 				// TLS for route enabled if public endpoint TLS is true
 				ed.Route.TLS.Enabled = true
+				ed.Route.TLS.CertName = fmt.Sprintf("%s-route", ed.Name)
+				helper.GetLogger().Info("Set CertName for route", "CertName", ed.Route.TLS.CertName)
 
 				// if a custom cert secret was provided we'll use this for
 				// the route, otherwise the issuer is used to request one
@@ -278,6 +282,7 @@ func EnsureEndpointConfig(
 
 			if ed.Service.TLS.Enabled {
 				ed.Service.TLS.CaBundleSecretName = tls.CABundleSecret
+				ed.Service.TLS.CertName = fmt.Sprintf("%s-svc", ed.Name)
 
 				// if a custom cert secret was provided and ed.Route.Create == false
 				// we'll use this for the service, otherwise issue a cert. This is for
@@ -292,26 +297,25 @@ func EnsureEndpointConfig(
 						return endpoints, ctrlResult, nil
 					}
 					// Delete the issued certificate if it exists
-					certName := fmt.Sprintf("%s-route", ed.Name)
 					cert := certmanager.NewCertificate(
 						&certmgrv1.Certificate{
 							ObjectMeta: metav1.ObjectMeta{
-								Name:      certName,
+								Name:      ed.Route.TLS.CertName,
 								Namespace: ed.Namespace,
 							},
 						},
 						5*time.Second,
 					)
 					err = cert.Delete(ctx, helper)
 					if err != nil {
-						helper.GetLogger().Error(err, fmt.Sprintf("Failed to delete unused route certificate %s", certName))
+						helper.GetLogger().Error(err, fmt.Sprintf("Failed to delete unused route certificate %s", ed.Route.TLS.CertName))
 						return endpoints, ctrl.Result{}, err
 					}
 				} else {
 					// issue a certificate for public pod virthost
 					certRequest := certmanager.CertificateRequest{
 						IssuerName: instance.GetPublicIssuer(),
-						CertName:   fmt.Sprintf("%s-svc", ed.Name),
+						CertName:   ed.Service.TLS.CertName,
 						Hostnames: []string{
 							fmt.Sprintf("%s.%s.svc", ed.Name, instance.Namespace),
 							fmt.Sprintf("%s.%s.svc.%s", ed.Name, instance.Namespace, ClusterInternalDomain),
@@ -361,7 +365,7 @@ func EnsureEndpointConfig(
 				// request certificate
 				certRequest := certmanager.CertificateRequest{
 					IssuerName: instance.GetInternalIssuer(),
-					CertName:   fmt.Sprintf("%s-svc", ed.Name),
+					CertName:   ed.Service.TLS.CertName,
 					Hostnames: []string{
 						fmt.Sprintf("%s.%s.svc", ed.Name, instance.Namespace),
 						fmt.Sprintf("%s.%s.svc.%s", ed.Name, instance.Namespace, ClusterInternalDomain),
@@ -587,16 +591,12 @@ func (ed *EndpointDetail) CreateRoute(
 					}
 				}
 			}
-		} else if ed.Route.OverrideSpec.Spec != nil && ed.Route.OverrideSpec.Spec.TLS != nil {
-			if ed.Route.OverrideSpec.Spec.TLS.CACertificate == "" ||
-				ed.Route.OverrideSpec.Spec.TLS.Certificate == "" ||
-				ed.Route.OverrideSpec.Spec.TLS.Key == "" {
-				return ctrl.Result{}, fmt.Errorf("incomplete tls override data")
-			}
-		} else {
+		}
+		if ed.Route.TLS.SecretName == nil { //|| hasCertInOverrideSpec(ed.Route.OverrideSpec) {
+			helper.GetLogger().Info("Set CertName for route", "CertName", ed.Route.TLS.CertName)
 			certRequest := certmanager.CertificateRequest{
 				IssuerName:  ed.Route.TLS.IssuerName,
-				CertName:    fmt.Sprintf("%s-route", ed.Name),
+				CertName:    ed.Route.TLS.CertName,
 				Hostnames:   []string{*ed.Hostname},
 				Ips:         nil,
 				Annotations: ed.Annotations,
@@ -621,7 +621,6 @@ func (ed *EndpointDetail) CreateRoute(
 				return ctrlResult, nil
 			}
 		}
-
 		// create default TLS route override
 		tlsConfig := &routev1.TLSConfig{
 			Termination:                   routev1.TLSTerminationEdge,
@@ -670,23 +669,19 @@ func (ed *EndpointDetail) CreateRoute(
 		}
 
 		// Delete the issued certificate if it exists and custom cert secret or direct TLS data was provided
-		if ed.Route.TLS.SecretName != nil || (ed.Route.OverrideSpec.Spec != nil && ed.Route.OverrideSpec.Spec.TLS != nil &&
-			(ed.Route.OverrideSpec.Spec.TLS.CACertificate != "" &&
-				ed.Route.OverrideSpec.Spec.TLS.Certificate != "" &&
-				ed.Route.OverrideSpec.Spec.TLS.Key != "")) {
-			certName := fmt.Sprintf("%s-route", ed.Name)
+		if ed.Route.TLS.SecretName != nil { //|| hasCertInOverrideSpec(ed.Route.OverrideSpec) {
 			cert := certmanager.NewCertificate(
 				&certmgrv1.Certificate{
 					ObjectMeta: metav1.ObjectMeta{
-						Name:      certName,
+						Name:      ed.Route.TLS.CertName,
 						Namespace: ed.Namespace,
 					},
 				},
 				5*time.Second,
 			)
 			err := cert.Delete(ctx, helper)
 			if err != nil {
-				helper.GetLogger().Error(err, fmt.Sprintf("Failed to delete unused route certificate %s", certName))
+				helper.GetLogger().Error(err, fmt.Sprintf("Failed to delete unused route certificate %s", ed.Route.TLS.CertName))
 				return ctrl.Result{}, err
 			}
 		}
@@ -789,3 +784,15 @@ func GetIssuerCertSecret(
 	}
 	return issuer.Spec.CA.SecretName, nil
 }
+
+func hasCertInOverrideSpec(overrideSpec route.OverrideSpec) bool {
+	if overrideSpec.Spec == nil {
+		return false
+	}
+	if overrideSpec.Spec.TLS == nil {
+		return false
+	}
+	return overrideSpec.Spec.TLS.CACertificate != "" &&
+		overrideSpec.Spec.TLS.Certificate != "" &&
+		overrideSpec.Spec.TLS.Key != ""
+}
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/01-assert-deploy-openstack.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/01-assert-deploy-openstack.yaml
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/01-deploy-openstack.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/01-deploy-openstack.yaml
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/02-assert-custom-cacert-secret.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/02-assert-custom-cacert-secret.yaml
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/02-deploy-custom-cacert-secret.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/02-deploy-custom-cacert-secret.yaml
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/03-assert-deploy-custom-cacert.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/03-assert-deploy-custom-cacert.yaml
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/03-deploy-custom-cacert.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/03-deploy-custom-cacert.yaml
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/04-assert-custom-cacert.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/04-assert-custom-cacert.yaml
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/05-cleanup.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/05-cleanup.yaml
diff --git a/tests/kuttl/tests/ctlplane-basic-deployment/05-errors-cleanup.yaml b/tests/kuttl/tests/ctlplane-basic-deployment/05-errors-cleanup.yaml