From 6478e2e3bd3a859df75844e47627a8dfbcd7b5f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Wenzel?= Date: Fri, 29 Jan 2021 14:56:32 +0100 Subject: [PATCH 1/2] Fix issue that could occur during startup, that produces an endless loop in add events Add rotation for statefulset --- .../kubernetes/ChangeAdjustmentService.java | 24 +++++++++++++++++++ .../vault/kubernetes/EventHandler.java | 5 ++-- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/ChangeAdjustmentService.java b/src/main/java/de/koudingspawn/vault/kubernetes/ChangeAdjustmentService.java index 85d46b7..fa88335 100644 --- a/src/main/java/de/koudingspawn/vault/kubernetes/ChangeAdjustmentService.java +++ b/src/main/java/de/koudingspawn/vault/kubernetes/ChangeAdjustmentService.java @@ -25,6 +25,9 @@ public void handle(Vault resource) { case "deployment": rotateDeployment(resource.getMetadata().getNamespace(), changeAdjustmentCallback.getName()); break; + case "statefulset": + rotateStatefulSet(resource.getMetadata().getNamespace(), changeAdjustmentCallback.getName()); + break; default: log.info("Currently a change adjustment is only supported for type deployment. Resource {} in namespace {} has type {}", resource.getMetadata().getName(), resource.getMetadata().getNamespace(), changeAdjustmentCallback.getType()); @@ -54,4 +57,25 @@ private void rotateDeployment(String namespace, String name) { log.error("Failed to rotate deployment {} in namespace {} with exception:", name, namespace, ex); } } + + private void rotateStatefulSet(String namespace, String name) { + try { + log.info("Start rotation of statefulSet {} in namespace {}", name, namespace); + client.apps() + .statefulSets() + .inNamespace(namespace) + .withName(name) + .edit() + .editSpec() + .editTemplate() + .editMetadata() + .addToAnnotations("certificate-change-on", "vault-crd_" + System.currentTimeMillis()) + .endMetadata() + .endTemplate() + .endSpec() + .done(); + } catch (Exception ex) { + log.error("Failed to rotate statefulSet {} in namespace {} with exception:", name, namespace, ex); + } + } } diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/EventHandler.java b/src/main/java/de/koudingspawn/vault/kubernetes/EventHandler.java index 906cec7..f234a6f 100644 --- a/src/main/java/de/koudingspawn/vault/kubernetes/EventHandler.java +++ b/src/main/java/de/koudingspawn/vault/kubernetes/EventHandler.java @@ -3,7 +3,6 @@ import de.koudingspawn.vault.crd.Vault; import de.koudingspawn.vault.vault.VaultSecret; import de.koudingspawn.vault.vault.VaultService; -import de.koudingspawn.vault.vault.communication.SecretNotAccessibleException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; @@ -28,7 +27,7 @@ public void addHandler(Vault resource) { try { VaultSecret secretContent = vaultService.generateSecret(resource); kubernetesService.createSecret(resource, secretContent); - } catch (SecretNotAccessibleException e) { + } catch (Exception e) { log.error("Failed to generate secret for vault resource {} in namespace {} failed with exception:", resource.getMetadata().getName(), resource.getMetadata().getNamespace(), e); } @@ -48,7 +47,7 @@ public void modifyHandler(Vault resource) { if (resource.getSpec().getChangeAdjustmentCallback() != null) { changeAdjustmentService.handle(resource); } - } catch (SecretNotAccessibleException e) { + } catch (Exception e) { log.error("Failed to modify secret for vault resource {} in namespace {} failed with exception:", resource.getMetadata().getName(), resource.getMetadata().getNamespace(), e); } From b3f65484ee2dd41c62a7ea1bd2f27f400f986e53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Wenzel?= Date: Fri, 29 Jan 2021 15:22:19 +0100 Subject: [PATCH 2/2] upgrade kind version --- .github/workflows/maven.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/maven.yaml b/.github/workflows/maven.yaml index 7560e2a..6f95932 100644 --- a/.github/workflows/maven.yaml +++ b/.github/workflows/maven.yaml @@ -25,7 +25,7 @@ jobs: with: java-version: 1.8 - - uses: engineerd/setup-kind@v0.4.0 + - uses: engineerd/setup-kind@v0.5.0 with: version: "v0.8.1" image: "${{ matrix.kubernetes_version }}"