From 110f5529cc40916f0ee1bf35bcac5d36ebd96fb9 Mon Sep 17 00:00:00 2001 From: "jesus m. rodriguez" Date: Wed, 11 Sep 2019 13:43:55 -0400 Subject: [PATCH] Bug 1747400: ensure ca volume is not wiped out --- .../sync_controllermanager_v311_00.go | 24 +++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/pkg/operator/sync_controllermanager_v311_00.go b/pkg/operator/sync_controllermanager_v311_00.go index fc4d6b3ad..53ff7683e 100644 --- a/pkg/operator/sync_controllermanager_v311_00.go +++ b/pkg/operator/sync_controllermanager_v311_00.go @@ -96,7 +96,7 @@ func syncServiceCatalogControllerManager_v311_00_to_latest(c ServiceCatalogContr // our configmaps and secrets are in order, now it is time to create the DS // TODO check basic preconditions here - actualDaemonSet, _, err := manageServiceCatalogControllerManagerDeployment_v311_00_to_latest(c.kubeClient.AppsV1(), c.recorder, operatorConfig, c.targetImagePullSpec, operatorConfig.Status.Generations, forceRollout, proxyConfig, trustedCAModified) + actualDaemonSet, _, err := manageServiceCatalogControllerManagerDeployment_v311_00_to_latest(c.kubeClient.AppsV1(), c.recorder, operatorConfig, c.targetImagePullSpec, operatorConfig.Status.Generations, forceRollout, proxyConfig, c.kubeClient.CoreV1()) if err != nil { errors = append(errors, fmt.Errorf("%q: %v", "deployment", err)) } @@ -249,7 +249,7 @@ func manageServiceCatalogControllerManagerDeployment_v311_00_to_latest( client appsclientv1.DaemonSetsGetter, recorder events.Recorder, options *operatorapiv1.ServiceCatalogControllerManager, imagePullSpec string, generationStatus []operatorapiv1.GenerationStatus, forceRollout bool, - proxyConfig *configv1.Proxy, trustedCAModified bool) (*appsv1.DaemonSet, bool, error) { + proxyConfig *configv1.Proxy, configMapClient coreclientv1.ConfigMapsGetter) (*appsv1.DaemonSet, bool, error) { // read the stock daemonset, this is NOT the live one required := resourceread.ReadDaemonSetV1OrDie(v311_00_assets.MustAsset("v3.11.0/openshift-svcat-controller-manager/ds.yaml")) @@ -270,8 +270,12 @@ func manageServiceCatalogControllerManagerDeployment_v311_00_to_latest( level = 3 } - // if trustedCAModified we should add a mount point to the daemonset - if trustedCAModified { + // if trustedCAConfigMap exists, we should add a mount point to the daemonset + exists, err := trustedCAConfigMapExists(configMapClient, targetNamespaceName) + if err != nil { + return nil, false, err + } + if exists { addTrustedCAVolumeToDaemonSet(required) } @@ -461,3 +465,15 @@ func addProxyToEnvironment(required *appsv1.DaemonSet, proxyConfig *configv1.Pro }, }...) } + +func trustedCAConfigMapExists(client coreclientv1.ConfigMapsGetter, namespace string) (bool, error) { + _, err := client.ConfigMaps(namespace).Get(trustedCABundle, metav1.GetOptions{}) + if apierrors.IsNotFound(err) { + return false, nil + } else if err != nil { + return false, err + } + + // configmap found + return true, nil +}