From 0f4493dc1c78885d725b946cd86cb60f1ae841ab Mon Sep 17 00:00:00 2001 From: jparsai Date: Tue, 26 Sep 2023 16:13:46 +0530 Subject: [PATCH] fix: Change naming convention of RepoCred secret created in Argo CD namespace. --- backend-shared/util/argocd/util.go | 7 +++ .../managed-gitops/eventloop/repocred.go | 3 +- .../managed-gitops/eventloop/repocred_test.go | 5 +- tests-e2e/core/privaterepo_test.go | 56 +++++++++++++++++++ 4 files changed, 68 insertions(+), 3 deletions(-) diff --git a/backend-shared/util/argocd/util.go b/backend-shared/util/argocd/util.go index 1e3ceca1e7..d944417375 100644 --- a/backend-shared/util/argocd/util.go +++ b/backend-shared/util/argocd/util.go @@ -9,6 +9,8 @@ import ( const ( managedEnvPrefix = "managed-env-" + // #nosec G101 + repoCredPrefix = "repo-cred-" // ArgoCDDefaultDestinationInCluster is 'in-cluster' which is the spec destination value that Argo CD recognizes // as indicating that Argo CD should deploy to the local cluster (the cluster that Argo CD is installed on). @@ -30,6 +32,11 @@ func GenerateArgoCDApplicationName(gitopsDeploymentCRUID string) string { return gitopsDeplPrefix + string(gitopsDeploymentCRUID) } +// GenerateArgoCDRepoCredSecretName generates the name of the Argo CD Repository Credentials secret. +func GenerateArgoCDRepoCredSecretName(repoCred db.RepositoryCredentials) string { + return repoCredPrefix + repoCred.RepositoryCredentialsID +} + // ConvertArgoCDClusterSecretNameToManagedIdDatabaseRowId takes the name of an Argo CD cluster secret as input. // This name should correspond to the name of a Secret resource in the Argo CD namespace, which contains // cluster credentials. diff --git a/cluster-agent/controllers/managed-gitops/eventloop/repocred.go b/cluster-agent/controllers/managed-gitops/eventloop/repocred.go index 6607ed03bc..220e4ea280 100644 --- a/cluster-agent/controllers/managed-gitops/eventloop/repocred.go +++ b/cluster-agent/controllers/managed-gitops/eventloop/repocred.go @@ -8,6 +8,7 @@ import ( "github.com/go-logr/logr" operation "github.com/redhat-appstudio/managed-gitops/backend-shared/apis/managed-gitops/v1alpha1" "github.com/redhat-appstudio/managed-gitops/backend-shared/db" + argosharedutil "github.com/redhat-appstudio/managed-gitops/backend-shared/util/argocd" logutil "github.com/redhat-appstudio/managed-gitops/backend-shared/util/log" "github.com/redhat-appstudio/managed-gitops/cluster-agent/controllers" corev1 "k8s.io/api/core/v1" @@ -134,7 +135,7 @@ func processOperation_RepositoryCredentials(ctx context.Context, dbOperation db. // 3) Retrieve ArgoCD secret from the cluster. argoCDSecret := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ - Name: dbRepositoryCredentials.SecretObj, + Name: argosharedutil.GenerateArgoCDRepoCredSecretName(dbRepositoryCredentials), Namespace: opConfig.argoCDNamespace.Name, }, } diff --git a/cluster-agent/controllers/managed-gitops/eventloop/repocred_test.go b/cluster-agent/controllers/managed-gitops/eventloop/repocred_test.go index 57a7b4f22f..48baa15615 100644 --- a/cluster-agent/controllers/managed-gitops/eventloop/repocred_test.go +++ b/cluster-agent/controllers/managed-gitops/eventloop/repocred_test.go @@ -4,6 +4,7 @@ import ( "context" "time" + argosharedutil "github.com/redhat-appstudio/managed-gitops/backend-shared/util/argocd" "github.com/redhat-appstudio/managed-gitops/backend-shared/util/operations" "github.com/argoproj/argo-cd/v2/common" @@ -174,7 +175,7 @@ var _ = Describe("Testing Repository Credentials Operation", func() { By(" --- getting the secret ---") secret := &corev1.Secret{} - err = task.event.client.Get(ctx, types.NamespacedName{Name: repositoryCredential.SecretObj, Namespace: namespace}, secret) + err = task.event.client.Get(ctx, types.NamespacedName{Name: argosharedutil.GenerateArgoCDRepoCredSecretName(repositoryCredential), Namespace: namespace}, secret) Expect(err).ToNot(HaveOccurred()) By(" --- checking secret compatibility with ArgoCD ---") @@ -277,7 +278,7 @@ var _ = Describe("Testing Repository Credentials Operation", func() { By(" --- getting the secret ---") secret := &corev1.Secret{} - err = task.event.client.Get(ctx, types.NamespacedName{Name: repositoryCredential.SecretObj, Namespace: namespace}, secret) + err = task.event.client.Get(ctx, types.NamespacedName{Name: argosharedutil.GenerateArgoCDRepoCredSecretName(repositoryCredential), Namespace: namespace}, secret) Expect(err).ToNot(HaveOccurred()) By(" --- checking secret compatibility with ArgoCD ---") diff --git a/tests-e2e/core/privaterepo_test.go b/tests-e2e/core/privaterepo_test.go index 9f06f90538..e27617b7ce 100644 --- a/tests-e2e/core/privaterepo_test.go +++ b/tests-e2e/core/privaterepo_test.go @@ -18,6 +18,7 @@ package core // cd tests-e2e/tests-e2e/core/; go test -v -run Core -args -ginkgo.v -ginkgo.progress import ( + "context" "errors" "net/http" "os" @@ -26,12 +27,15 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" managedgitopsv1alpha1 "github.com/redhat-appstudio/managed-gitops/backend-shared/apis/managed-gitops/v1alpha1" + "github.com/redhat-appstudio/managed-gitops/backend-shared/db" + argosharedutil "github.com/redhat-appstudio/managed-gitops/backend-shared/util/argocd" "github.com/redhat-appstudio/managed-gitops/tests-e2e/fixture" gitopsDeplFixture "github.com/redhat-appstudio/managed-gitops/tests-e2e/fixture/gitopsdeployment" gitopsDeplRepoCredFixture "github.com/redhat-appstudio/managed-gitops/tests-e2e/fixture/gitopsdeploymentrepositorycredential" "github.com/redhat-appstudio/managed-gitops/tests-e2e/fixture/k8s" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -167,6 +171,32 @@ var _ = Describe("GitOpsRepositoryCredentials E2E tests", func() { By("6. ConfigMap should be deployed") Eventually(func() error { return k8s.Get(configMap, k8sClient) }, "4m", "1s").Should(Succeed()) + + By("7. Secret should be created by for GitOpsDeploymentRepositoryCredential resource") + + ctx := context.Background() + dbQueries, err := db.NewUnsafePostgresDBQueries(false, false) + Expect(err).ToNot(HaveOccurred()) + + var apiCRToDatabaseMappings []db.APICRToDatabaseMapping + err = dbQueries.UnsafeListAllAPICRToDatabaseMappings(ctx, &apiCRToDatabaseMappings) + Expect(err).ToNot(HaveOccurred()) + + for idx := range apiCRToDatabaseMappings { + apiCRToDBMapping := apiCRToDatabaseMappings[idx] + if apiCRToDBMapping.APIResourceUID == string(CR.UID) { + repoCred, err := dbQueries.GetRepositoryCredentialsByID(ctx, apiCRToDBMapping.DBRelationKey) + Expect(err).ToNot(HaveOccurred()) + + By("Get the secret") + + secret := &corev1.Secret{} + err = k8sClient.Get(ctx, types.NamespacedName{Name: argosharedutil.GenerateArgoCDRepoCredSecretName(repoCred), Namespace: "gitops-service-argocd"}, secret) + Expect(err).ToNot(HaveOccurred()) + + break + } + } }) }) @@ -223,6 +253,32 @@ var _ = Describe("GitOpsRepositoryCredentials E2E tests", func() { By("6. ConfigMap should be deployed") configMap := getConfigMapYAML() Eventually(func() error { return k8s.Get(configMap, k8sClient) }, "4m", "1s").Should(Succeed()) + + By("7. Secret should be created by for GitOpsDeploymentRepositoryCredential resource") + + ctx := context.Background() + dbQueries, err := db.NewUnsafePostgresDBQueries(false, false) + Expect(err).ToNot(HaveOccurred()) + + var apiCRToDatabaseMappings []db.APICRToDatabaseMapping + err = dbQueries.UnsafeListAllAPICRToDatabaseMappings(ctx, &apiCRToDatabaseMappings) + Expect(err).ToNot(HaveOccurred()) + + for idx := range apiCRToDatabaseMappings { + apiCRToDBMapping := apiCRToDatabaseMappings[idx] + if apiCRToDBMapping.APIResourceUID == string(CR.UID) { + repoCred, err := dbQueries.GetRepositoryCredentialsByID(ctx, apiCRToDBMapping.DBRelationKey) + Expect(err).ToNot(HaveOccurred()) + + By("Get the secret") + + secret := &corev1.Secret{} + err = k8sClient.Get(ctx, types.NamespacedName{Name: argosharedutil.GenerateArgoCDRepoCredSecretName(repoCred), Namespace: "gitops-service-argocd"}, secret) + Expect(err).ToNot(HaveOccurred()) + + break + } + } }) })