fix volumes workflow

openstack-k8s-operators · Jun 30, 2024 · 2878c5d · 2878c5d
1 parent ba8a74a
commit 2878c5d
Show file tree

Hide file tree

Showing 7 changed files with 26 additions and 62 deletions.
diff --git a/api/bases/test.openstack.org_ansibletests.yaml b/api/bases/test.openstack.org_ansibletests.yaml
@@ -93,10 +93,6 @@ spec:
                 description: OpenStackConfigSecret is the name of the Secret containing
                   the secure.yaml
                 type: string
-              stepName:
-                description: Name of a workflow step. The step name will be used for
-                  example to create a logs directory.
-                type: string
               storageClass:
                 default: local-storage
                 description: StorageClass used to create PVCs that store the logs
@@ -198,7 +194,6 @@ spec:
             - computeSSHKeySecretName
             - openStackConfigMap
             - openStackConfigSecret
-            - stepName
             - storageClass
             - workloadSSHKeySecretName
             type: object

diff --git a/api/v1beta1/AnsibleTests_types.go b/api/v1beta1/AnsibleTests_types.go
@@ -26,12 +26,6 @@ import (
 
 // AnsibleTestsSpec defines the desired state of AnsibleTests
 type AnsibleTestsSpec struct {
-	// +operator-sdk:csv:customresourcedefinitions:type=spec
-	// +kubebuilder:validation:Required
-	// Name of a workflow step. The step name will be used for example to create
-	// a logs directory.
-	StepName string `json:"stepName"`
-
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +kubebuilder:validation:Required
 	// +kubebuilder:default="local-storage"
@@ -143,14 +137,14 @@ type AnsibleTestsWorkflowSpec struct {
 	// +kubebuilder:default="dataplane-ansible-ssh-private-key-secret"
 	// ComputeSSHKeySecretName is the name of the k8s secret that contains an ssh key for computes.
 	// The key is mounted to ~/.ssh/id_ecdsa in the ansible pod
-	ComputesSSHKeySecretName *string `json:"computeSSHKeySecretName"`
+	ComputesSSHKeySecretName string `json:"computeSSHKeySecretName"`
 
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +kubebuilder:validation:Required
 	// +kubebuilder:default=""
 	// WorkloadSSHKeySecretName is the name of the k8s secret that contains an ssh key for the ansible workload.
 	// The key is mounted to ~/test_keypair.key in the ansible pod
-	WorkloadSSHKeySecretName *string `json:"workloadSSHKeySecretName"`
+	WorkloadSSHKeySecretName string `json:"workloadSSHKeySecretName"`
 
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +kubebuilder:validation:Required
@@ -175,13 +169,13 @@ type AnsibleTestsWorkflowSpec struct {
 	// +kubebuilder:default=""
 	// AnsibleVarFiles - interface to create ansible var files Those get added to the
 	// service config dir in /etc/test_operator/<file> and passed to the ansible command using -e @/etc/test_operator/<file>
-	AnsibleVarFiles *string `json:"ansibleVarFiles,omitempty"`
+	AnsibleVarFiles string `json:"ansibleVarFiles,omitempty"`
 
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +kubebuilder:validation:optional
 	// +kubebuilder:default=""
 	// AnsibleExtraVars - interface to pass parameters to ansible using -e
-	AnsibleExtraVars *string `json:"ansibleExtraVars,omitempty"`
+	AnsibleExtraVars string `json:"ansibleExtraVars,omitempty"`
 
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +kubebuilder:validation:optional
@@ -205,13 +199,13 @@ type AnsibleTestsWorkflowSpec struct {
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default:=false
 	// Run ansible playbook with -vvvv
-	Debug *bool `json:"debug,omitempty"`
+	Debug bool `json:"debug,omitempty"`
 
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default:="quay.io/podified-antelope-centos9/openstack-ansible-testsormance:current-podified"
 	// Container image for AnsibleTests
-	ContainerImage *string `json:"containerImage,omitempty"`
+	ContainerImage string `json:"containerImage,omitempty"`
 
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// BackoffLimimt allows to define the maximum number of retried executions (defaults to 6).

diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
diff --git a/config/crd/bases/test.openstack.org_ansibletests.yaml b/config/crd/bases/test.openstack.org_ansibletests.yaml
@@ -93,10 +93,6 @@ spec:
                 description: OpenStackConfigSecret is the name of the Secret containing
                   the secure.yaml
                 type: string
-              stepName:
-                description: Name of a workflow step. The step name will be used for
-                  example to create a logs directory.
-                type: string
               storageClass:
                 default: local-storage
                 description: StorageClass used to create PVCs that store the logs
@@ -198,7 +194,6 @@ spec:
             - computeSSHKeySecretName
             - openStackConfigMap
             - openStackConfigSecret
-            - stepName
             - storageClass
             - workloadSSHKeySecretName
             type: object

diff --git a/controllers/ansibleTest_controller.go b/controllers/ansibleTest_controller.go
@@ -108,11 +108,11 @@ func (r *AnsibleTestsReconciler) Reconcile(ctx context.Context, req ctrl.Request
 
 	// Each job that is being executed by the test operator has
 	currentWorkflowStep := 0
-	runningTobikoJob := &batchv1.Job{}
+	runningAnsibleJob := &batchv1.Job{}
 	runningJobName := r.GetJobName(instance, externalWorkflowCounter-1)
-	err = r.Client.Get(ctx, client.ObjectKey{Namespace: instance.GetNamespace(), Name: runningJobName}, runningTobikoJob)
+	err = r.Client.Get(ctx, client.ObjectKey{Namespace: instance.GetNamespace(), Name: runningJobName}, runningAnsibleJob)
 	if err == nil {
-		currentWorkflowStep, err = strconv.Atoi(runningTobikoJob.Labels["workflowStep"])
+		currentWorkflowStep, err = strconv.Atoi(runningAnsibleJob.Labels["workflowStep"])
 	}
 
 	logging := log.FromContext(ctx)
@@ -201,7 +201,7 @@ func (r *AnsibleTestsReconciler) Reconcile(ctx context.Context, req ctrl.Request
 	// Create a new job
 	mountCerts := r.CheckSecretExists(ctx, instance, "combined-ca-bundle")
 	jobName := r.GetJobName(instance, externalWorkflowCounter)
-	envVars := r.PrepareAnsibleEnvVars(ctx, serviceLabels, instance, helper, externalWorkflowCounter)
+	envVars, workflowParams := r.PrepareAnsibleEnv(ctx, serviceLabels, instance, helper, externalWorkflowCounter)
 	logsPVCName := r.GetPVCLogsName(instance)
 	jobDef := ansibleTests.Job(
 		instance,
@@ -210,6 +210,7 @@ func (r *AnsibleTestsReconciler) Reconcile(ctx context.Context, req ctrl.Request
 		logsPVCName,
 		mountCerts,
 		envVars,
+		workflowParams,
 	)
 	ansibleTestsJob := job.NewJob(
 		jobDef,
@@ -296,15 +297,21 @@ func (r *Reconciler) OverwriteAnsibleWithWorkflow(
 }
 
 // This function prepares env variables for a single workflow step.
-func (r *AnsibleTestsReconciler) PrepareAnsibleEnvVars(
+func (r *AnsibleTestsReconciler) PrepareAnsibleEnv(
 	ctx context.Context,
 	labels map[string]string,
 	instance *testv1beta1.AnsibleTests,
 	helper *helper.Helper,
 	step int,
-) map[string]env.Setter {
+) (map[string]env.Setter, map[string]string) {
 	// Prepare env vars
 	envVars := make(map[string]env.Setter)
+	workflowParams := make(map[string]string)
+
+	// volumes workflow override
+	workflowParams["WorkloadSSHKeySecretName"] = r.OverwriteAnsibleWithWorkflow(ctx, instance.Spec, "WorkloadSSHKeySecretName", "string", step).(string)
+	workflowParams["ComputesSSHKeySecretName"] = r.OverwriteAnsibleWithWorkflow(ctx, instance.Spec, "ComputesSSHKeySecretName", "string", step).(string)
+	workflowParams["ContainerImage"] = r.OverwriteAnsibleWithWorkflow(ctx, instance.Spec, "ContainerImage", "string", step).(string)
 
 	// bool
 	debug := r.OverwriteAnsibleWithWorkflow(ctx, instance.Spec, "Debug", "pbool", step).(bool)
@@ -335,5 +342,5 @@ func (r *AnsibleTestsReconciler) PrepareAnsibleEnvVars(
 
 	configmap.EnsureConfigMaps(ctx, helper, instance, cms, nil)
 
-	return envVars
+	return envVars, workflowParams
 }
diff --git a/pkg/ansibleTests/job.go b/pkg/ansibleTests/job.go
@@ -17,6 +17,7 @@ func Job(
 	logsPVCName string,
 	mountCerts bool,
 	envVars map[string]env.Setter,
+	workflowParams map[string]string,
 ) *batchv1.Job {
 
 	runAsUser := int64(227)
@@ -49,7 +50,7 @@ func Job(
 					Containers: []corev1.Container{
 						{
 							Name:         instance.Name,
-							Image:        instance.Spec.ContainerImage,
+							Image:        workflowParams["ContainerImage"],
 							Args:         []string{},
 							Env:          env.MergeEnvs([]corev1.EnvVar{}, envVars),
 							VolumeMounts: GetVolumeMounts(mountCerts),
@@ -64,6 +65,7 @@ func Job(
 						instance,
 						logsPVCName,
 						mountCerts,
+						workflowParams,
 					),
 				},
 			},

diff --git a/pkg/ansibleTests/volumes.go b/pkg/ansibleTests/volumes.go
@@ -10,6 +10,7 @@ func GetVolumes(
 	instance *testv1beta1.AnsibleTests,
 	logsPVCName string,
 	mountCerts bool,
+	workflowParams map[string]string,
 ) []corev1.Volume {
 
 	var scriptsVolumeConfidentialMode int32 = 0420
@@ -83,7 +84,7 @@ func GetVolumes(
 		Name: "compute-ssh-secret",
 		VolumeSource: corev1.VolumeSource{
 			Secret: &corev1.SecretVolumeSource{
-				SecretName:  instance.Spec.ComputesSSHKeySecretName,
+				SecretName:  workflowParams["ComputesSSHKeySecretName"],
 				DefaultMode: &privateKeyMode,
 			},
 		},
@@ -95,7 +96,7 @@ func GetVolumes(
 		Name: "workload-ssh-secret",
 		VolumeSource: corev1.VolumeSource{
 			Secret: &corev1.SecretVolumeSource{
-				SecretName:  instance.Spec.WorkloadSSHKeySecretName,
+				SecretName:  workflowParams["WorkloadSSHKeySecretName"],
 				DefaultMode: &privateKeyMode,
 			},
 		},