diff --git a/Dockerfile b/Dockerfile index f945fa3375..804016ce38 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,7 +12,7 @@ ARG LDFLAGS RUN GOOS="$GOOS" GOARCH="$GOARCH" go build -ldflags "$LDFLAGS" -tags netgo,osusergo -o ocs-operator main.go RUN GOOS="$GOOS" GOARCH="$GOARCH" go build -tags netgo,osusergo -o provider-api services/provider/main.go -RUN GOOS="$GOOS" GOARCH="$GOARCH" go build -tags netgo,osusergo -o onboarding-secret-generator onboarding/main.go +RUN GOOS="$GOOS" GOARCH="$GOARCH" go build -tags netgo,osusergo -o onboarding-validation-keys-gen onboarding-validation-keys-generator/main.go RUN GOOS="$GOOS" GOARCH="$GOARCH" go build -tags netgo,osusergo -o ux-backend-server services/ux-backend/main.go # Build stage 2 @@ -21,7 +21,7 @@ FROM registry.access.redhat.com/ubi9/ubi-minimal COPY --from=builder workspace/ocs-operator /usr/local/bin/ocs-operator COPY --from=builder workspace/provider-api /usr/local/bin/provider-api -COPY --from=builder workspace/onboarding-secret-generator /usr/local/bin/onboarding-secret-generator +COPY --from=builder workspace/onboarding-validation-keys-gen /usr/local/bin/onboarding-validation-keys-gen COPY --from=builder workspace/metrics/deploy/*rules*.yaml /ocs-prometheus-rules/ COPY --from=builder workspace/ux-backend-server /usr/local/bin/ux-backend-server diff --git a/controllers/storagecluster/initialization_reconciler_test.go b/controllers/storagecluster/initialization_reconciler_test.go index 5a5c18dcda..8ac7e8c867 100644 --- a/controllers/storagecluster/initialization_reconciler_test.go +++ b/controllers/storagecluster/initialization_reconciler_test.go @@ -189,7 +189,7 @@ func initStorageClusterResourceCreateUpdateTestProviderMode(t *testing.T, runtim os.Setenv(providerAPIServerImage, "fake-image") os.Setenv(util.WatchNamespaceEnvVar, "") - os.Setenv(onboardingSecretGeneratorImage, "fake-image") + os.Setenv(onboardingValidationKeysGeneratorImage, "fake-image") deployment := &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{Name: ocsProviderServerName}, diff --git a/controllers/storagecluster/provider_server.go b/controllers/storagecluster/provider_server.go index c341957375..8516abc57c 100644 --- a/controllers/storagecluster/provider_server.go +++ b/controllers/storagecluster/provider_server.go @@ -27,11 +27,11 @@ import ( ) const ( - ocsProviderServerName = "ocs-provider-server" - providerAPIServerImage = "PROVIDER_API_SERVER_IMAGE" - onboardingSecretGeneratorImage = "ONBOARDING_SECRET_GENERATOR_IMAGE" - onboardingJobName = "onboarding-secret-generator" - onboardingTicketPublicKeySecretName = "onboarding-ticket-key" + ocsProviderServerName = "ocs-provider-server" + providerAPIServerImage = "PROVIDER_API_SERVER_IMAGE" + onboardingValidationKeysGeneratorImage = "ONBOARDING_VALIDATION_KEYS_GENERATOR_IMAGE" + onboardingValidationKeysGeneratorJobName = "onboarding-validation-keys-generator" + onboardingValidationPublicKeySecretName = "onboarding-ticket-key" ocsProviderServicePort = int32(50051) ocsProviderServiceNodePort = int32(31659) @@ -451,7 +451,7 @@ func getOnboardingJobObject(instance *ocsv1.StorageCluster) *batchv1.Job { return &batchv1.Job{ ObjectMeta: metav1.ObjectMeta{ - Name: onboardingJobName, + Name: onboardingValidationKeysGeneratorJobName, Namespace: instance.Namespace, }, Spec: batchv1.JobSpec{ @@ -460,12 +460,12 @@ func getOnboardingJobObject(instance *ocsv1.StorageCluster) *batchv1.Job { Template: corev1.PodTemplateSpec{ Spec: corev1.PodSpec{ RestartPolicy: corev1.RestartPolicyOnFailure, - ServiceAccountName: onboardingJobName, + ServiceAccountName: onboardingValidationKeysGeneratorJobName, Containers: []corev1.Container{ { - Name: onboardingJobName, - Image: os.Getenv(onboardingSecretGeneratorImage), - Command: []string{"/usr/local/bin/onboarding-secret-generator"}, + Name: onboardingValidationKeysGeneratorJobName, + Image: os.Getenv(onboardingValidationKeysGeneratorImage), + Command: []string{"/usr/local/bin/onboarding-validation-keys-gen"}, Env: []corev1.EnvVar{ { Name: util.OperatorNamespaceEnvVar, @@ -482,7 +482,7 @@ func getOnboardingJobObject(instance *ocsv1.StorageCluster) *batchv1.Job { func (o *ocsProviderServer) createJob(r *StorageClusterReconciler, instance *ocsv1.StorageCluster) (reconcile.Result, error) { var err error - if os.Getenv(onboardingSecretGeneratorImage) == "" { + if os.Getenv(onboardingValidationKeysGeneratorImage) == "" { err = fmt.Errorf("OnboardingSecretGeneratorImage env var is not set") r.Log.Error(err, "No value set for env variable") @@ -491,7 +491,7 @@ func (o *ocsProviderServer) createJob(r *StorageClusterReconciler, instance *ocs actualSecret := &corev1.Secret{} // Creating the job only if public is not found - err = r.Client.Get(context.Background(), types.NamespacedName{Name: onboardingTicketPublicKeySecretName, + err = r.Client.Get(context.Background(), types.NamespacedName{Name: onboardingValidationPublicKeySecretName, Namespace: instance.Namespace}, actualSecret) if errors.IsNotFound(err) { diff --git a/controllers/storagecluster/provider_server_test.go b/controllers/storagecluster/provider_server_test.go index b988473f54..8520390d2b 100644 --- a/controllers/storagecluster/provider_server_test.go +++ b/controllers/storagecluster/provider_server_test.go @@ -321,7 +321,7 @@ func createSetupForOcsProviderTest(t *testing.T, allowRemoteStorageConsumers boo } os.Setenv(providerAPIServerImage, "fake-image") - os.Setenv(onboardingSecretGeneratorImage, "fake-image") + os.Setenv(onboardingValidationKeysGeneratorImage, "fake-image") os.Setenv(util.WatchNamespaceEnvVar, "openshift-storage") return r, instance diff --git a/deploy/ocs-operator/manifests/ocs-operator.clusterserviceversion.yaml b/deploy/ocs-operator/manifests/ocs-operator.clusterserviceversion.yaml index 5d41cf9c64..924c438840 100644 --- a/deploy/ocs-operator/manifests/ocs-operator.clusterserviceversion.yaml +++ b/deploy/ocs-operator/manifests/ocs-operator.clusterserviceversion.yaml @@ -3093,7 +3093,7 @@ spec: value: docker.io/centos/postgresql-12-centos8 - name: PROVIDER_API_SERVER_IMAGE value: quay.io/ocs-dev/ocs-operator:latest - - name: ONBOARDING_SECRET_GENERATOR_IMAGE + - name: ONBOARDING_VALIDATION_KEYS_GENERATOR_IMAGE value: quay.io/ocs-dev/ocs-operator:latest - name: OPERATOR_NAMESPACE valueFrom: diff --git a/deploy/ocs-operator/manifests/onboarding-secret-generator-sa.yaml b/deploy/ocs-operator/manifests/onboarding-secret-generator-sa.yaml deleted file mode 100644 index d2e935ca0e..0000000000 --- a/deploy/ocs-operator/manifests/onboarding-secret-generator-sa.yaml +++ /dev/null @@ -1,5 +0,0 @@ -kind: ServiceAccount -apiVersion: v1 -metadata: - name: onboarding-secret-generator -type: kubernetes.io/service-account-token diff --git a/deploy/ocs-operator/manifests/onboarding-secret-generator-binding.yaml b/deploy/ocs-operator/manifests/onboarding-validation-keys-generator-binding.yaml similarity index 58% rename from deploy/ocs-operator/manifests/onboarding-secret-generator-binding.yaml rename to deploy/ocs-operator/manifests/onboarding-validation-keys-generator-binding.yaml index 344ce37876..0d35e68723 100644 --- a/deploy/ocs-operator/manifests/onboarding-secret-generator-binding.yaml +++ b/deploy/ocs-operator/manifests/onboarding-validation-keys-generator-binding.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: onboarding-secret-generator + name: onboarding-validation-keys-generator roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: onboarding-secret-generator + name: onboarding-validation-keys-generator subjects: - kind: ServiceAccount - name: onboarding-secret-generator + name: onboarding-validation-keys-generator namespace: openshift-storage diff --git a/deploy/ocs-operator/manifests/onboarding-secret-generator-role.yaml b/deploy/ocs-operator/manifests/onboarding-validation-keys-generator-role.yaml similarity index 85% rename from deploy/ocs-operator/manifests/onboarding-secret-generator-role.yaml rename to deploy/ocs-operator/manifests/onboarding-validation-keys-generator-role.yaml index 9e83a028e7..2049274f76 100644 --- a/deploy/ocs-operator/manifests/onboarding-secret-generator-role.yaml +++ b/deploy/ocs-operator/manifests/onboarding-validation-keys-generator-role.yaml @@ -1,7 +1,7 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: onboarding-secret-generator + name: onboarding-validation-keys-generator rules: - apiGroups: - "" diff --git a/deploy/ocs-operator/manifests/onboarding-validation-keys-generator-sa.yaml b/deploy/ocs-operator/manifests/onboarding-validation-keys-generator-sa.yaml new file mode 100644 index 0000000000..5d5c587238 --- /dev/null +++ b/deploy/ocs-operator/manifests/onboarding-validation-keys-generator-sa.yaml @@ -0,0 +1,4 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: onboarding-validation-keys-generator diff --git a/onboarding/main.go b/onboarding-validation-keys-generator/main.go similarity index 100% rename from onboarding/main.go rename to onboarding-validation-keys-generator/main.go diff --git a/rbac/onboarding-secret-generator-sa.yaml b/rbac/onboarding-secret-generator-sa.yaml deleted file mode 100644 index d2e935ca0e..0000000000 --- a/rbac/onboarding-secret-generator-sa.yaml +++ /dev/null @@ -1,5 +0,0 @@ -kind: ServiceAccount -apiVersion: v1 -metadata: - name: onboarding-secret-generator -type: kubernetes.io/service-account-token diff --git a/rbac/onboarding-secret-generator-binding.yaml b/rbac/onboarding-validation-keys-generator-binding.yaml similarity index 58% rename from rbac/onboarding-secret-generator-binding.yaml rename to rbac/onboarding-validation-keys-generator-binding.yaml index 344ce37876..0d35e68723 100644 --- a/rbac/onboarding-secret-generator-binding.yaml +++ b/rbac/onboarding-validation-keys-generator-binding.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: onboarding-secret-generator + name: onboarding-validation-keys-generator roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: onboarding-secret-generator + name: onboarding-validation-keys-generator subjects: - kind: ServiceAccount - name: onboarding-secret-generator + name: onboarding-validation-keys-generator namespace: openshift-storage diff --git a/rbac/onboarding-secret-generator-role.yaml b/rbac/onboarding-validation-keys-generator-role.yaml similarity index 85% rename from rbac/onboarding-secret-generator-role.yaml rename to rbac/onboarding-validation-keys-generator-role.yaml index 9e83a028e7..2049274f76 100644 --- a/rbac/onboarding-secret-generator-role.yaml +++ b/rbac/onboarding-validation-keys-generator-role.yaml @@ -1,7 +1,7 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: - name: onboarding-secret-generator + name: onboarding-validation-keys-generator rules: - apiGroups: - "" diff --git a/rbac/onboarding-validation-keys-generator-sa.yaml b/rbac/onboarding-validation-keys-generator-sa.yaml new file mode 100644 index 0000000000..5d5c587238 --- /dev/null +++ b/rbac/onboarding-validation-keys-generator-sa.yaml @@ -0,0 +1,4 @@ +kind: ServiceAccount +apiVersion: v1 +metadata: + name: onboarding-validation-keys-generator diff --git a/tools/csv-merger/csv-merger.go b/tools/csv-merger/csv-merger.go index 9cccb1f284..712b91cf30 100644 --- a/tools/csv-merger/csv-merger.go +++ b/tools/csv-merger/csv-merger.go @@ -159,7 +159,7 @@ func unmarshalCSV(filePath string) *csvv1.ClusterServiceVersion { Value: *ocsContainerImage, }, { - Name: "ONBOARDING_SECRET_GENERATOR_IMAGE", + Name: "ONBOARDING_VALIDATION_KEYS_GENERATOR_IMAGE", Value: *ocsContainerImage, }, {