rename cert to serverCert

aenix-io · Apr 8, 2024 · 923ec23 · 923ec23
1 parent ba1f6a4
commit 923ec23
Show file tree

Hide file tree

Showing 8 changed files with 14 additions and 22 deletions.
diff --git a/api/v1alpha1/etcdcluster_types.go b/api/v1alpha1/etcdcluster_types.go
@@ -210,8 +210,6 @@ type SecuritySpec struct {
 	Peer *PeerSpec `json:"peer,omitempty"`
 	// +optional
 	ClientServer *ClientServerSpec `json:"clientServer,omitempty"`
-	// +optional
-	Rbac RbacSpec `json:"rbac,omitempty"`
 }
 
 type PeerSpec struct {
@@ -225,7 +223,7 @@ type ClientServerSpec struct {
 	// +optional
 	Ca SecretSpec `json:"ca,omitempty"`
 	// +optional
-	Cert SecretSpec `json:"cert,omitempty"`
+	ServerCert SecretSpec `json:"serverCert,omitempty"`
 	// +optional
 	RootClientCert SecretSpec `json:"rootClientCert,omitempty"`
 }

diff --git a/api/v1alpha1/etcdcluster_webhook.go b/api/v1alpha1/etcdcluster_webhook.go
@@ -289,13 +289,13 @@ func (r *EtcdCluster) validateSecurity() field.ErrorList {
 	}
 
 	if security.ClientServer != nil {
-		if (security.ClientServer.Ca.SecretName != "" && security.ClientServer.Cert.SecretName == "") ||
-			(security.ClientServer.Ca.SecretName == "" && security.ClientServer.Cert.SecretName != "") {
+		if (security.ClientServer.Ca.SecretName != "" && security.ClientServer.ServerCert.SecretName == "") ||
+			(security.ClientServer.Ca.SecretName == "" && security.ClientServer.ServerCert.SecretName != "") {
 
 			allErrors = append(allErrors, field.Invalid(
 				field.NewPath("spec", "security", "clientServer"),
 				security.ClientServer,
-				"both clientServer.ca.secretName and clientServer.cert.secretName must be filled or empty"),
+				"both clientServer.ca.secretName and ClientServer.ServerCert.secretName must be filled or empty"),
 			)
 		}
 	}

diff --git a/api/v1alpha1/etcdcluster_webhook_test.go b/api/v1alpha1/etcdcluster_webhook_test.go
@@ -195,7 +195,7 @@ var _ = Describe("EtcdCluster Webhook", func() {
 				expectedFieldErr := field.Invalid(
 					field.NewPath("spec", "security", "clientServer"),
 					localCluster.Spec.Security.ClientServer,
-					"both clientServer.ca.secretName and clientServer.cert.secretName must be filled or empty",
+					"both clientServer.ca.secretName and ClientServer.ServerCert.secretName must be filled or empty",
 				)
 				if Expect(err).To(HaveLen(1)) {
 					Expect(*(err[0])).To(Equal(*expectedFieldErr))
@@ -206,7 +206,7 @@ var _ = Describe("EtcdCluster Webhook", func() {
 		It("Should reject if only one secret in clientServer section is defined", func() {
 			localCluster := etcdCluster.DeepCopy()
 			localCluster.Spec.Security.ClientServer = &ClientServerSpec{
-				Cert: SecretSpec{
+				ServerCert: SecretSpec{
 					SecretName: "test-server-cert",
 				},
 			}
@@ -215,7 +215,7 @@ var _ = Describe("EtcdCluster Webhook", func() {
 				expectedFieldErr := field.Invalid(
 					field.NewPath("spec", "security", "clientServer"),
 					localCluster.Spec.Security.ClientServer,
-					"both clientServer.ca.secretName and clientServer.cert.secretName must be filled or empty",
+					"both clientServer.ca.secretName and ClientServer.ServerCert.secretName must be filled or empty",
 				)
 				if Expect(err).To(HaveLen(1)) {
 					Expect(*(err[0])).To(Equal(*expectedFieldErr))

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/config/crd/bases/etcd.aenix.io_etcdclusters.yaml b/config/crd/bases/etcd.aenix.io_etcdclusters.yaml
@@ -4582,12 +4582,12 @@ spec:
                           secretName:
                             type: string
                         type: object
-                      cert:
+                      rootClientCert:
                         properties:
                           secretName:
                             type: string
                         type: object
-                      rootClientCert:
+                      serverCert:
                         properties:
                           secretName:
                             type: string
@@ -4606,11 +4606,6 @@ spec:
                             type: string
                         type: object
                     type: object
-                  rbac:
-                    properties:
-                      enabled:
-                        type: boolean
-                    type: object
                 type: object
               storage:
                 description: |-

diff --git a/examples/manifests/etcdcluster-with-external-certificates.yaml b/examples/manifests/etcdcluster-with-external-certificates.yaml
@@ -14,7 +14,7 @@ spec:
     clientServer:
       ca:
         secretName: ca-server-secret
-      cert:
+      serverCert:
         secretName: server-secret
 ---
 apiVersion: cert-manager.io/v1

diff --git a/internal/controller/factory/statefulset.go b/internal/controller/factory/statefulset.go
@@ -182,7 +182,7 @@ func generateVolumes(cluster *etcdaenixiov1alpha1.EtcdCluster) []corev1.Volume {
 					Name: "server-cert",
 					VolumeSource: corev1.VolumeSource{
 						Secret: &corev1.SecretVolumeSource{
-							SecretName: cluster.Spec.Security.ClientServer.Cert.SecretName,
+							SecretName: cluster.Spec.Security.ClientServer.ServerCert.SecretName,
 						},
 					},
 				},

diff --git a/internal/controller/factory/statefulset_test.go b/internal/controller/factory/statefulset_test.go
@@ -123,7 +123,7 @@ var _ = Describe("CreateOrUpdateStatefulSet handler", func() {
 					Ca: etcdaenixiov1alpha1.SecretSpec{
 						SecretName: "server-ca-secret",
 					},
-					Cert: etcdaenixiov1alpha1.SecretSpec{
+					ServerCert: etcdaenixiov1alpha1.SecretSpec{
 						SecretName: "server-cert-secret",
 					},
 				},
@@ -704,7 +704,7 @@ var _ = Describe("CreateOrUpdateStatefulSet handler", func() {
 					Ca: etcdaenixiov1alpha1.SecretSpec{
 						SecretName: "client-server-ca-secret",
 					},
-					Cert: etcdaenixiov1alpha1.SecretSpec{
+					ServerCert: etcdaenixiov1alpha1.SecretSpec{
 						SecretName: "client-server-cert-secret",
 					},
 				},