From 7e073e3d743c2c2aac90306fd29b779bcd93e64a Mon Sep 17 00:00:00 2001 From: Alvaro Aleman Date: Wed, 3 Aug 2022 10:15:55 -0400 Subject: [PATCH] HCCO: Use cpo manifests for references Currently, the hcco redefines some manifests owned by the CPO. The content of the two must be the same, otherwise things won't work. Reference the CPO manifests instead to clarify this dependency. --- .../controllers/resources/manifests/ingress.go | 9 --------- .../controllers/resources/manifests/oauth.go | 9 --------- .../controllers/resources/resources.go | 4 ++-- .../controllers/resources/resources_test.go | 5 +++-- 4 files changed, 5 insertions(+), 22 deletions(-) diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests/ingress.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests/ingress.go index cb99c0551d..94f6207c6d 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests/ingress.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests/ingress.go @@ -24,12 +24,3 @@ func IngressDefaultIngressControllerCert() *corev1.Secret { }, } } - -func IngressCert(ns string) *corev1.Secret { - return &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "ingress-crt", - Namespace: ns, - }, - } -} diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests/oauth.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests/oauth.go index 93ae3241a8..089c1c19e4 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests/oauth.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests/oauth.go @@ -17,15 +17,6 @@ func OAuthCABundle() *corev1.ConfigMap { } } -func OpenShiftOAuthServerCert(ns string) *corev1.Secret { - return &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: "oauth-server-crt", - Namespace: ns, - }, - } -} - func OAuthServerChallengingClient() *oauthv1.OAuthClient { return &oauthv1.OAuthClient{ ObjectMeta: metav1.ObjectMeta{ diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go index 56f53c9fb3..610d8b9478 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources.go @@ -597,7 +597,7 @@ func (r *reconciler) reconcileIngressController(ctx context.Context, hcp *hyperv errs = append(errs, fmt.Errorf("failed to reconcile default ingress controller: %w", err)) } - sourceCert := manifests.IngressCert(hcp.Namespace) + sourceCert := cpomanifests.IngressCert(hcp.Namespace) if err := r.cpClient.Get(ctx, client.ObjectKeyFromObject(sourceCert), sourceCert); err != nil { errs = append(errs, fmt.Errorf("failed to get ingress cert (%s/%s) from control plane: %w", sourceCert.Namespace, sourceCert.Name, err)) } else { @@ -761,7 +761,7 @@ func secretHash(data []byte) string { } func (r *reconciler) reconcileOAuthServingCertCABundle(ctx context.Context, hcp *hyperv1.HostedControlPlane) error { - oauthServingCert := manifests.OpenShiftOAuthServerCert(hcp.Namespace) + oauthServingCert := cpomanifests.OpenShiftOAuthServerCert(hcp.Namespace) if err := r.cpClient.Get(ctx, client.ObjectKeyFromObject(oauthServingCert), oauthServingCert); err != nil { return fmt.Errorf("cannot get oauth serving cert: %w", err) } diff --git a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources_test.go b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources_test.go index 1ca023cf84..b869b7a90b 100644 --- a/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources_test.go +++ b/control-plane-operator/hostedclusterconfigoperator/controllers/resources/resources_test.go @@ -13,6 +13,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" hyperv1 "github.com/openshift/hypershift/api/v1alpha1" + cpomanifests "github.com/openshift/hypershift/control-plane-operator/controllers/hostedcontrolplane/manifests" "github.com/openshift/hypershift/control-plane-operator/hostedclusterconfigoperator/api" "github.com/openshift/hypershift/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests" "github.com/openshift/hypershift/support/globalconfig" @@ -148,7 +149,7 @@ func fakeHCP() *hyperv1.HostedControlPlane { } func fakeIngressCert() *corev1.Secret { - s := manifests.IngressCert("bar") + s := cpomanifests.IngressCert("bar") s.Data = map[string][]byte{ "tls.crt": []byte("12345"), "tls.key": []byte("12345"), @@ -201,7 +202,7 @@ func fakeKubeadminPasswordSecret() *corev1.Secret { } func fakeOAuthServingCert() *corev1.Secret { - s := manifests.OpenShiftOAuthServerCert("bar") + s := cpomanifests.OpenShiftOAuthServerCert("bar") s.Data = map[string][]byte{"tls.crt": []byte("test")} return s }