Merge pull request #222 from stlaz/observe_config

Bug 1777137: add observation of idp config and validation of its cm/secrets
openshift · Jun 19, 2020 · 852cd73 · 852cd73
2 parents ee83ab9 + 94e4e71
commit 852cd73
Show file tree

Hide file tree

Showing 33 changed files with 1,851 additions and 1,050 deletions.
diff --git a/...ercontroller/observe_config_controller.go → ...ercontroller/observe_config_controller.go b/...ercontroller/observe_config_controller.go → ...ercontroller/observe_config_controller.go
@@ -11,10 +11,11 @@ import (
 	"github.com/openshift/library-go/pkg/operator/resourcesynccontroller"
 	"github.com/openshift/library-go/pkg/operator/v1helpers"
 
-	"github.com/openshift/cluster-authentication-operator/pkg/operator2/configobservation"
-	"github.com/openshift/cluster-authentication-operator/pkg/operator2/configobservation/console"
-	"github.com/openshift/cluster-authentication-operator/pkg/operator2/configobservation/infrastructure"
-	"github.com/openshift/cluster-authentication-operator/pkg/operator2/configobservation/routersecret"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation/console"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation/infrastructure"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation/oauth"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation/routersecret"
 )
 
 func NewConfigObserver(
@@ -26,20 +27,23 @@ func NewConfigObserver(
 ) factory.Controller {
 	interestingNamespaces := []string{
 		"openshift-authentication",
+		"openshift-config",
 	}
 
 	preRunCacheSynced := []cache.InformerSynced{
 		operatorClient.Informer().HasSynced,
 		configInformer.Config().V1().APIServers().Informer().HasSynced,
 		configInformer.Config().V1().Consoles().Informer().HasSynced,
 		configInformer.Config().V1().Infrastructures().Informer().HasSynced,
+		configInformer.Config().V1().OAuths().Informer().HasSynced,
 	}
 
 	informers := []factory.Informer{
 		operatorClient.Informer(),
 		configInformer.Config().V1().APIServers().Informer(),
 		configInformer.Config().V1().Consoles().Informer(),
 		configInformer.Config().V1().Infrastructures().Informer(),
+		configInformer.Config().V1().OAuths().Informer(),
 	}
 
 	for _, ns := range interestingNamespaces {
@@ -60,6 +64,9 @@ func NewConfigObserver(
 		apiserver.ObserveTLSSecurityProfile,
 		console.ObserveConsoleURL,
 		infrastructure.ObserveAPIServerURL,
+		oauth.ObserveIdentityProviders,
+		oauth.ObserveTemplates,
+		oauth.ObserveTokenConfig,
 		routersecret.ObserveRouterSecret,
 	} {
 		oauthServerObservers = append(oauthServerObservers,
@@ -70,11 +77,13 @@ func NewConfigObserver(
 		operatorClient,
 		eventRecorder,
 		configobservation.Listers{
-			SecretsLister: kubeInformersForNamespaces.SecretLister(),
+			ConfigMapLister: kubeInformersForNamespaces.ConfigMapLister(),
+			SecretsLister:   kubeInformersForNamespaces.SecretLister(),
 
 			APIServerLister_:     configInformer.Config().V1().APIServers().Lister(),
 			ConsoleLister:        configInformer.Config().V1().Consoles().Lister(),
 			InfrastructureLister: configInformer.Config().V1().Infrastructures().Lister(),
+			OAuthLister:          configInformer.Config().V1().OAuths().Lister(),
 			ResourceSync:         resourceSyncer,
 			PreRunCachesSynced:   preRunCacheSynced,
 		},

diff --git a/...observation/console/observe_consoleurl.go → ...observation/console/observe_consoleurl.go b/...observation/console/observe_consoleurl.go → ...observation/console/observe_consoleurl.go
@@ -9,7 +9,7 @@ import (
 	"github.com/openshift/library-go/pkg/operator/configobserver"
 	"github.com/openshift/library-go/pkg/operator/events"
 
-	"github.com/openshift/cluster-authentication-operator/pkg/operator2/configobservation"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation"
 )
 
 func ObserveConsoleURL(genericlisters configobserver.Listers, recorder events.Recorder, existingConfig map[string]interface{}) (ret map[string]interface{}, _ []error) {

diff --git a/...vation/console/observe_consoleurl_test.go → ...vation/console/observe_consoleurl_test.go b/...vation/console/observe_consoleurl_test.go → ...vation/console/observe_consoleurl_test.go
@@ -12,7 +12,7 @@ import (
 	configlistersv1 "github.com/openshift/client-go/config/listers/config/v1"
 	"github.com/openshift/library-go/pkg/operator/events"
 
-	"github.com/openshift/cluster-authentication-operator/pkg/operator2/configobservation"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation"
 )
 
 func TestObserveConsoleURL(t *testing.T) {

diff --git a/...on/infrastructure/observe_apiserverurl.go → ...on/infrastructure/observe_apiserverurl.go b/...on/infrastructure/observe_apiserverurl.go → ...on/infrastructure/observe_apiserverurl.go
@@ -9,7 +9,7 @@ import (
 	"github.com/openshift/library-go/pkg/operator/configobserver"
 	"github.com/openshift/library-go/pkg/operator/events"
 
-	"github.com/openshift/cluster-authentication-operator/pkg/operator2/configobservation"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation"
 )
 
 func ObserveAPIServerURL(genericlisters configobserver.Listers, recorder events.Recorder, existingConfig map[string]interface{}) (ret map[string]interface{}, _ []error) {

diff --git a/...frastructure/observe_apiserverurl_test.go → ...frastructure/observe_apiserverurl_test.go b/...frastructure/observe_apiserverurl_test.go → ...frastructure/observe_apiserverurl_test.go
@@ -12,7 +12,7 @@ import (
 	configlistersv1 "github.com/openshift/client-go/config/listers/config/v1"
 	"github.com/openshift/library-go/pkg/operator/events"
 
-	"github.com/openshift/cluster-authentication-operator/pkg/operator2/configobservation"
+	"github.com/openshift/cluster-authentication-operator/pkg/controllers/configobservation"
 )
 
 func TestObserveAPIServerURL(t *testing.T) {

diff --git a/...operator2/configobservation/interfaces.go → ...ntrollers/configobservation/interfaces.go b/...operator2/configobservation/interfaces.go → ...ntrollers/configobservation/interfaces.go
@@ -1,12 +1,12 @@
 package configobservation
 
 import (
+	corelistersv1 "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/tools/cache"
 
 	configlistersv1 "github.com/openshift/client-go/config/listers/config/v1"
 	"github.com/openshift/library-go/pkg/operator/configobserver"
 	"github.com/openshift/library-go/pkg/operator/resourcesynccontroller"
-	corelistersv1 "k8s.io/client-go/listers/core/v1"
 )
 
 var _ configobserver.Listers = Listers{}
@@ -17,11 +17,13 @@ const (
 )
 
 type Listers struct {
-	SecretsLister corelistersv1.SecretLister
+	SecretsLister   corelistersv1.SecretLister
+	ConfigMapLister corelistersv1.ConfigMapLister
 
 	APIServerLister_     configlistersv1.APIServerLister
 	ConsoleLister        configlistersv1.ConsoleLister
 	InfrastructureLister configlistersv1.InfrastructureLister
+	OAuthLister          configlistersv1.OAuthLister
 
 	ResourceSync       resourcesynccontroller.ResourceSyncer
 	PreRunCachesSynced []cache.InformerSynced

diff --git a/pkg/operator2/brand_ocp.go → ...lers/configobservation/oauth/brand_ocp.go b/pkg/operator2/brand_ocp.go → ...lers/configobservation/oauth/brand_ocp.go
@@ -1,6 +1,6 @@
 // +build ocp
 
-package operator2
+package oauth
 
 const (
 	defaultBrand = ocpBrand

diff --git a/pkg/operator2/brand_okd.go → ...lers/configobservation/oauth/brand_okd.go b/pkg/operator2/brand_okd.go → ...lers/configobservation/oauth/brand_okd.go
@@ -1,6 +1,6 @@
 // +build !ocp
 
-package operator2
+package oauth
 
 const (
 	defaultBrand = okdBrand