Skip to content

Commit

Permalink
Change redis secret reference type
Browse files Browse the repository at this point in the history
Type changed from ObjectReference to LocalObjectReference
  • Loading branch information
Boomatang committed Nov 15, 2023
1 parent f614a91 commit 899960d
Show file tree
Hide file tree
Showing 7 changed files with 31 additions and 144 deletions.
4 changes: 2 additions & 2 deletions api/v1alpha1/limitador_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -171,7 +171,7 @@ type Storage struct {
type Redis struct {
// +ConfigSecretRef refers to the secret holding the URL for Redis.
// +optional
ConfigSecretRef *corev1.ObjectReference `json:"configSecretRef,omitempty"`
ConfigSecretRef *corev1.LocalObjectReference `json:"configSecretRef,omitempty"`
}

type RedisCachedOptions struct {
Expand All @@ -195,7 +195,7 @@ type RedisCachedOptions struct {
type RedisCached struct {
// +ConfigSecretRef refers to the secret holding the URL for Redis.
// +optional
ConfigSecretRef *corev1.ObjectReference `json:"configSecretRef,omitempty"`
ConfigSecretRef *corev1.LocalObjectReference `json:"configSecretRef,omitempty"`

// +optional
Options *RedisCachedOptions `json:"options,omitempty"`
Expand Down
4 changes: 2 additions & 2 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

126 changes: 10 additions & 116 deletions config/crd/bases/limitador.kuadrant.io_limitadors.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1028,133 +1028,27 @@ spec:
redis:
properties:
configSecretRef:
description: "ObjectReference contains enough information
to let you inspect or modify the referred object. --- New
uses of this type are discouraged because of difficulty
describing its usage when embedded in APIs. 1. Ignored fields.
\ It includes many fields which are not generally honored.
\ For instance, ResourceVersion and FieldPath are both very
rarely valid in actual usage. 2. Invalid usage help. It
is impossible to add specific help for individual usage.
\ In most embedded usages, there are particular restrictions
like, \"must refer only to types A and B\" or \"UID not
honored\" or \"name must be restricted\". Those cannot be
well described when embedded. 3. Inconsistent validation.
\ Because the usages are different, the validation rules
are different by usage, which makes it hard for users to
predict what will happen. 4. The fields are both imprecise
and overly precise. Kind is not a precise mapping to a
URL. This can produce ambiguity during interpretation and
require a REST mapping. In most cases, the dependency is
on the group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this
type will affect numerous schemas. Don't make new APIs
embed an underspecified API type they do not control. \n
Instead of using this type, create a locally provided and
used type that is well-focused on your reference. For example,
ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
."
description: LocalObjectReference contains enough information
to let you locate the referenced object inside the same
namespace.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that
triggered the event) or if no container name is specified
"spec.containers[2]" (container with index 2 in this
pod). This syntax is chosen only to have some well-defined
way of referencing a part of an object. TODO: this design
is not final and this field is subject to change in
the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
x-kubernetes-map-type: atomic
type: object
redis-cached:
properties:
configSecretRef:
description: "ObjectReference contains enough information
to let you inspect or modify the referred object. --- New
uses of this type are discouraged because of difficulty
describing its usage when embedded in APIs. 1. Ignored fields.
\ It includes many fields which are not generally honored.
\ For instance, ResourceVersion and FieldPath are both very
rarely valid in actual usage. 2. Invalid usage help. It
is impossible to add specific help for individual usage.
\ In most embedded usages, there are particular restrictions
like, \"must refer only to types A and B\" or \"UID not
honored\" or \"name must be restricted\". Those cannot be
well described when embedded. 3. Inconsistent validation.
\ Because the usages are different, the validation rules
are different by usage, which makes it hard for users to
predict what will happen. 4. The fields are both imprecise
and overly precise. Kind is not a precise mapping to a
URL. This can produce ambiguity during interpretation and
require a REST mapping. In most cases, the dependency is
on the group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this
type will affect numerous schemas. Don't make new APIs
embed an underspecified API type they do not control. \n
Instead of using this type, create a locally provided and
used type that is well-focused on your reference. For example,
ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
."
description: LocalObjectReference contains enough information
to let you locate the referenced object inside the same
namespace.
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead
of an entire object, this string should contain a valid
JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container
within a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that
triggered the event) or if no container name is specified
"spec.containers[2]" (container with index 2 in this
pod). This syntax is chosen only to have some well-defined
way of referencing a part of an object. TODO: this design
is not final and this field is subject to change in
the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
x-kubernetes-map-type: atomic
Expand Down
10 changes: 4 additions & 6 deletions controllers/limitador_controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1028,9 +1028,8 @@ func limitadorWithRedisStorage(redisKey client.ObjectKey) *limitadorv1alpha1.Lim
Spec: limitadorv1alpha1.LimitadorSpec{
Storage: &limitadorv1alpha1.Storage{
Redis: &limitadorv1alpha1.Redis{
ConfigSecretRef: &v1.ObjectReference{
Name: redisKey.Name,
Namespace: redisKey.Namespace,
ConfigSecretRef: &v1.LocalObjectReference{
Name: redisKey.Name,
},
},
},
Expand All @@ -1045,9 +1044,8 @@ func limitadorWithRedisCachedStorage(key client.ObjectKey) *limitadorv1alpha1.Li
Spec: limitadorv1alpha1.LimitadorSpec{
Storage: &limitadorv1alpha1.Storage{
RedisCached: &limitadorv1alpha1.RedisCached{
ConfigSecretRef: &v1.ObjectReference{
Name: key.Name,
Namespace: key.Namespace,
ConfigSecretRef: &v1.LocalObjectReference{
Name: key.Name,
},
Options: &limitadorv1alpha1.RedisCachedOptions{
TTL: &[]int{1}[0],
Expand Down
8 changes: 4 additions & 4 deletions pkg/limitador/redis_cache_storage_options_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ func TestRedisCachedDeploymentOptions(t *testing.T) {
t.Run("redis secret resource missing", func(subT *testing.T) {
cl := clientFactory(subT, nil)
redisObj := limitadorv1alpha1.RedisCached{
ConfigSecretRef: &v1.ObjectReference{Name: "notexisting", Namespace: namespace},
ConfigSecretRef: &v1.LocalObjectReference{Name: "notexisting"},
}
_, err := RedisCachedDeploymentOptions(ctx, cl, namespace, redisObj)
assert.Assert(subT, errors.IsNotFound(err))
Expand All @@ -63,7 +63,7 @@ func TestRedisCachedDeploymentOptions(t *testing.T) {
}
cl := clientFactory(subT, []client.Object{emptySecret})
redisObj := limitadorv1alpha1.RedisCached{
ConfigSecretRef: &v1.ObjectReference{Name: "redisSecret", Namespace: namespace},
ConfigSecretRef: &v1.LocalObjectReference{Name: "redisSecret"},
}
_, err := RedisCachedDeploymentOptions(ctx, cl, namespace, redisObj)
assert.Error(subT, err, "the storage config Secret doesn't have the `URL` field")
Expand All @@ -80,7 +80,7 @@ func TestRedisCachedDeploymentOptions(t *testing.T) {

cl := clientFactory(subT, []client.Object{redisSecret})
redisObj := limitadorv1alpha1.RedisCached{
ConfigSecretRef: &v1.ObjectReference{Name: "redisSecret", Namespace: namespace},
ConfigSecretRef: &v1.LocalObjectReference{Name: "redisSecret"},
}
options, err := RedisCachedDeploymentOptions(ctx, cl, namespace, redisObj)
assert.NilError(subT, err)
Expand All @@ -102,7 +102,7 @@ func TestRedisCachedDeploymentOptions(t *testing.T) {

cl := clientFactory(subT, []client.Object{redisSecret})
redisObj := limitadorv1alpha1.RedisCached{
ConfigSecretRef: &v1.ObjectReference{Name: "redisSecret", Namespace: namespace},
ConfigSecretRef: &v1.LocalObjectReference{Name: "redisSecret"},
Options: &limitadorv1alpha1.RedisCachedOptions{
TTL: &[]int{1}[0],
Ratio: &[]int{2}[0],
Expand Down
13 changes: 4 additions & 9 deletions pkg/limitador/redis_storage_options.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ func RedisDeploymentOptions(ctx context.Context, cl client.Client, defSecretName
}, nil
}

func DeploymentEnvVar(configSecretRef *v1.ObjectReference) ([]v1.EnvVar, error) {
func DeploymentEnvVar(configSecretRef *v1.LocalObjectReference) ([]v1.EnvVar, error) {
if configSecretRef == nil {
return nil, errors.New("there's no ConfigSecretRef set")
}
Expand All @@ -47,18 +47,13 @@ func DeploymentEnvVar(configSecretRef *v1.ObjectReference) ([]v1.EnvVar, error)
return env, nil
}

func validateRedisSecret(ctx context.Context, cl client.Client, defSecretNamespace string, secretRef v1.ObjectReference) error {
func validateRedisSecret(ctx context.Context, cl client.Client, defSecretNamespace string, secretRef v1.LocalObjectReference) error {
secret := &v1.Secret{}
if err := cl.Get(
ctx,
types.NamespacedName{
Name: secretRef.Name,
Namespace: func() string {
if secretRef.Namespace != "" {
return secretRef.Namespace
}
return defSecretNamespace
}(),
Name: secretRef.Name,
Namespace: defSecretNamespace,
},
secret,
); err != nil {
Expand Down
10 changes: 5 additions & 5 deletions pkg/limitador/redis_storage_options_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ func TestRedisDeploymentOptions(t *testing.T) {
t.Run("redis secret resource missing", func(subT *testing.T) {
cl := clientFactory(subT, nil)
redisObj := limitadorv1alpha1.Redis{
ConfigSecretRef: &v1.ObjectReference{Name: "notexisting", Namespace: namespace},
ConfigSecretRef: &v1.LocalObjectReference{Name: "notexisting"},
}
_, err := RedisDeploymentOptions(ctx, cl, namespace, redisObj)
assert.Assert(subT, errors.IsNotFound(err))
Expand All @@ -73,7 +73,7 @@ func TestRedisDeploymentOptions(t *testing.T) {
}
cl := clientFactory(subT, []client.Object{emptySecret})
redisObj := limitadorv1alpha1.Redis{
ConfigSecretRef: &v1.ObjectReference{Name: "redisSecret", Namespace: namespace},
ConfigSecretRef: &v1.LocalObjectReference{Name: "redisSecret"},
}
_, err := RedisDeploymentOptions(ctx, cl, namespace, redisObj)
assert.Error(subT, err, "the storage config Secret doesn't have the `URL` field")
Expand All @@ -90,7 +90,7 @@ func TestRedisDeploymentOptions(t *testing.T) {

cl := clientFactory(subT, []client.Object{redisSecret})
redisObj := limitadorv1alpha1.Redis{
ConfigSecretRef: &v1.ObjectReference{Name: "redisSecret", Namespace: namespace},
ConfigSecretRef: &v1.LocalObjectReference{Name: "redisSecret"},
}
options, err := RedisDeploymentOptions(ctx, cl, namespace, redisObj)
assert.NilError(subT, err)
Expand All @@ -104,7 +104,7 @@ func TestRedisDeploymentOptions(t *testing.T) {

func TestDeploymentEnvVar(t *testing.T) {
type args struct {
configSecretRef *v1.ObjectReference
configSecretRef *v1.LocalObjectReference
}
tests := []struct {
name string
Expand Down Expand Up @@ -136,7 +136,7 @@ func TestDeploymentEnvVar(t *testing.T) {
},
wantErr: false,
args: args{
configSecretRef: &v1.ObjectReference{
configSecretRef: &v1.LocalObjectReference{
Name: "test",
},
},
Expand Down

0 comments on commit 899960d

Please sign in to comment.