chore: Ensure that CHE_INTEGRATION_XXXX_SERVER__ENDPOINTS and CHE_INT… (#1250)

* chore: Ensure that CHE_INTEGRATION_XXXX_SERVER__ENDPOINTS and CHE_INTEGRATION_XXXX_OAUTH__ENDPOINT properties are properly set Signed-off-by: Anatolii Bazko <abazko@redhat.com>
2021-12-16 08:58:35 +02:00 · 2021-12-16 08:58:35 +02:00 · 5cfbc073a7
parent 3262a5acc1
commit 5cfbc073a7
5 changed files with 108 additions and 137 deletions
--- a/pkg/deploy/server/server_configmap.go
+++ b/pkg/deploy/server/server_configmap.go
@ -326,34 +326,32 @@ func (s *CheServerReconciler) getCheConfigMapData(ctx *deploy.DeployContext) (ch

 	addMap(cheEnv, ctx.CheCluster.Spec.Server.CustomCheProperties)

-	err = setBitbucketEndpoints(ctx, cheEnv)
-	if err != nil {
-		return nil, err
+	for _, oauthProvider := range []string{"bitbucket", "gitlab", "github"} {
+		err := updateIntegrationServerEndpoints(ctx, cheEnv, oauthProvider)
+		if err != nil {
+			return nil, err
+		}
 	}

 	return cheEnv, nil
 }

-func setBitbucketEndpoints(deployContext *deploy.DeployContext, cheEnv map[string]string) error {
-	secrets, err := deploy.GetSecrets(deployContext, map[string]string{
-		deploy.KubernetesPartOfLabelKey:    deploy.CheEclipseOrg,
-		deploy.KubernetesComponentLabelKey: deploy.OAuthScmConfiguration,
-	}, map[string]string{
-		deploy.CheEclipseOrgOAuthScmServer: "bitbucket",
-	})
-
-	if err != nil {
+func updateIntegrationServerEndpoints(ctx *deploy.DeployContext, cheEnv map[string]string, oauthProvider string) error {
+	secret, err := getOAuthConfig(ctx, oauthProvider)
+	if secret == nil {
 		return err
-	} else if len(secrets) == 1 {
-		serverEndpoint := secrets[0].Annotations[deploy.CheEclipseOrgScmServerEndpoint]
-		endpoints, exists := cheEnv["CHE_INTEGRATION_BITBUCKET_SERVER__ENDPOINTS"]
-		if exists {
-			cheEnv["CHE_INTEGRATION_BITBUCKET_SERVER__ENDPOINTS"] = endpoints + "," + serverEndpoint
-		} else {
-			cheEnv["CHE_INTEGRATION_BITBUCKET_SERVER__ENDPOINTS"] = serverEndpoint
-		}
 	}

+	envName := fmt.Sprintf("CHE_INTEGRATION_%s_SERVER__ENDPOINTS", strings.ToUpper(oauthProvider))
+	if err != nil {
+		return err
+	}
+
+	if cheEnv[envName] != "" {
+		cheEnv[envName] = secret.Annotations[deploy.CheEclipseOrgScmServerEndpoint] + "," + cheEnv[envName]
+	} else {
+		cheEnv[envName] = secret.Annotations[deploy.CheEclipseOrgScmServerEndpoint]
+	}
 	return nil
 }

--- a/pkg/deploy/server/server_configmap_test.go
+++ b/pkg/deploy/server/server_configmap_test.go
@ -233,7 +233,7 @@ func TestConfigMap(t *testing.T) {
 	}
 }

-func TestUpdateBitBucketEndpoints(t *testing.T) {
+func TestUpdateIntegrationServerEndpoints(t *testing.T) {
 	type testCase struct {
 		name         string
 		initObjects  []runtime.Object
@ -267,6 +267,7 @@ func TestUpdateBitBucketEndpoints(t *testing.T) {
 			cheCluster: &orgv1.CheCluster{
 				ObjectMeta: metav1.ObjectMeta{
 					Namespace: "eclipse-che",
+					Name:      "eclipse-che",
 				},
 			},
 			expectedData: map[string]string{
@ -298,6 +299,7 @@ func TestUpdateBitBucketEndpoints(t *testing.T) {
 			cheCluster: &orgv1.CheCluster{
 				ObjectMeta: metav1.ObjectMeta{
 					Namespace: "eclipse-che",
+					Name:      "eclipse-che",
 				},
 				Spec: orgv1.CheClusterSpec{
 					Server: orgv1.CheClusterSpecServer{
@ -308,7 +310,7 @@ func TestUpdateBitBucketEndpoints(t *testing.T) {
 				},
 			},
 			expectedData: map[string]string{
-				"CHE_INTEGRATION_BITBUCKET_SERVER__ENDPOINTS": "bitbucket_endpoint_1,bitbucket_endpoint_2",
+				"CHE_INTEGRATION_BITBUCKET_SERVER__ENDPOINTS": "bitbucket_endpoint_2,bitbucket_endpoint_1",
 			},
 		},
 		{
--- a/pkg/deploy/server/server_deployment.go
+++ b/pkg/deploy/server/server_deployment.go
@ -12,7 +12,6 @@
 package server

 import (
-	"errors"
 	"strconv"
 	"strings"

@ -404,115 +403,58 @@ func GetFullCheServerImageLink(checluster *orgv1.CheCluster) string {
 	return imageParts[0] + ":" + checluster.Spec.Server.CheImageTag
 }

-func MountBitBucketOAuthConfig(deployContext *deploy.DeployContext, deployment *appsv1.Deployment) error {
-	secrets, err := deploy.GetSecrets(deployContext, map[string]string{
-		deploy.KubernetesPartOfLabelKey:    deploy.CheEclipseOrg,
-		deploy.KubernetesComponentLabelKey: deploy.OAuthScmConfiguration,
-	}, map[string]string{
-		deploy.CheEclipseOrgOAuthScmServer: "bitbucket",
-	})
-
-	if err != nil {
+func MountBitBucketOAuthConfig(ctx *deploy.DeployContext, deployment *appsv1.Deployment) error {
+	secret, err := getOAuthConfig(ctx, "bitbucket")
+	if secret == nil {
 		return err
-	} else if len(secrets) > 1 {
-		return errors.New("More than 1 BitBucket OAuth configuration secrets found")
-	} else if len(secrets) == 1 {
-		mountSecret(deployment, &secrets[0], deploy.BitBucketOAuthConfigMountPath)
-		mountEnv(deployment, []corev1.EnvVar{
-			{
-				Name:  "CHE_OAUTH1_BITBUCKET_CONSUMERKEYPATH",
-				Value: deploy.BitBucketOAuthConfigMountPath + "/" + deploy.BitBucketOAuthConfigConsumerKeyFileName,
-			}, {
-				Name:  "CHE_OAUTH1_BITBUCKET_PRIVATEKEYPATH",
-				Value: deploy.BitBucketOAuthConfigMountPath + "/" + deploy.BitBucketOAuthConfigPrivateKeyFileName,
-			},
-		})
-
-		endpoint := secrets[0].Annotations[deploy.CheEclipseOrgScmServerEndpoint]
-		if endpoint != "" {
-			mountEnv(deployment, []corev1.EnvVar{{
-				Name:  "CHE_OAUTH1_BITBUCKET_ENDPOINT",
-				Value: endpoint,
-			}})
-		}
 	}

+	mountVolumes(deployment, secret, deploy.BitBucketOAuthConfigMountPath)
+	mountEnv(deployment, "CHE_OAUTH1_BITBUCKET_CONSUMERKEYPATH", deploy.BitBucketOAuthConfigMountPath+"/"+deploy.BitBucketOAuthConfigConsumerKeyFileName)
+	mountEnv(deployment, "CHE_OAUTH1_BITBUCKET_PRIVATEKEYPATH", deploy.BitBucketOAuthConfigMountPath+"/"+deploy.BitBucketOAuthConfigPrivateKeyFileName)
+
+	oauthEndpoint := secret.Annotations[deploy.CheEclipseOrgScmServerEndpoint]
+	if oauthEndpoint != "" {
+		mountEnv(deployment, "CHE_OAUTH1_BITBUCKET_ENDPOINT", oauthEndpoint)
+	}
 	return nil
 }

-func MountGitHubOAuthConfig(deployContext *deploy.DeployContext, deployment *appsv1.Deployment) error {
-	secrets, err := deploy.GetSecrets(deployContext, map[string]string{
-		deploy.KubernetesPartOfLabelKey:    deploy.CheEclipseOrg,
-		deploy.KubernetesComponentLabelKey: deploy.OAuthScmConfiguration,
-	}, map[string]string{
-		deploy.CheEclipseOrgOAuthScmServer: "github",
-	})
-
-	if err != nil {
+func MountGitHubOAuthConfig(ctx *deploy.DeployContext, deployment *appsv1.Deployment) error {
+	secret, err := getOAuthConfig(ctx, "github")
+	if secret == nil {
 		return err
-	} else if len(secrets) > 1 {
-		return errors.New("More than 1 GitHub OAuth configuration secrets found")
-	} else if len(secrets) == 1 {
-		mountSecret(deployment, &secrets[0], deploy.GitHubOAuthConfigMountPath)
-		mountEnv(deployment, []corev1.EnvVar{
-			{
-				Name:  "CHE_OAUTH2_GITHUB_CLIENTID__FILEPATH",
-				Value: deploy.GitHubOAuthConfigMountPath + "/" + deploy.GitHubOAuthConfigClientIdFileName,
-			}, {
-				Name:  "CHE_OAUTH2_GITHUB_CLIENTSECRET__FILEPATH",
-				Value: deploy.GitHubOAuthConfigMountPath + "/" + deploy.GitHubOAuthConfigClientSecretFileName,
-			},
-		})
-
-		endpoint := secrets[0].Annotations[deploy.CheEclipseOrgScmServerEndpoint]
-		if endpoint != "" {
-			mountEnv(deployment, []corev1.EnvVar{{
-				Name:  "CHE_INTEGRATION_GITHUB_SERVER__ENDPOINTS",
-				Value: endpoint,
-			}})
-		}
 	}

+	mountVolumes(deployment, secret, deploy.GitHubOAuthConfigMountPath)
+	mountEnv(deployment, "CHE_OAUTH2_GITHUB_CLIENTID__FILEPATH", deploy.GitHubOAuthConfigMountPath+"/"+deploy.GitHubOAuthConfigClientIdFileName)
+	mountEnv(deployment, "CHE_OAUTH2_GITHUB_CLIENTSECRET__FILEPATH", deploy.GitHubOAuthConfigMountPath+"/"+deploy.GitHubOAuthConfigClientSecretFileName)
+
+	oauthEndpoint := secret.Annotations[deploy.CheEclipseOrgScmServerEndpoint]
+	if oauthEndpoint != "" {
+		mountEnv(deployment, "CHE_INTEGRATION_GITHUB_OAUTH__ENDPOINT", oauthEndpoint)
+	}
 	return nil
 }

-func MountGitLabOAuthConfig(deployContext *deploy.DeployContext, deployment *appsv1.Deployment) error {
-	secrets, err := deploy.GetSecrets(deployContext, map[string]string{
-		deploy.KubernetesPartOfLabelKey:    deploy.CheEclipseOrg,
-		deploy.KubernetesComponentLabelKey: deploy.OAuthScmConfiguration,
-	}, map[string]string{
-		deploy.CheEclipseOrgOAuthScmServer: "gitlab",
-	})
-
-	if err != nil {
+func MountGitLabOAuthConfig(ctx *deploy.DeployContext, deployment *appsv1.Deployment) error {
+	secret, err := getOAuthConfig(ctx, "gitlab")
+	if secret == nil {
 		return err
-	} else if len(secrets) > 1 {
-		return errors.New("More than 1 GitLab OAuth configuration secrets found")
-	} else if len(secrets) == 1 {
-		mountSecret(deployment, &secrets[0], deploy.GitLabOAuthConfigMountPath)
-		mountEnv(deployment, []corev1.EnvVar{
-			{
-				Name:  "CHE_OAUTH_GITLAB_CLIENTID__FILEPATH",
-				Value: deploy.GitLabOAuthConfigMountPath + "/" + deploy.GitLabOAuthConfigClientIdFileName,
-			}, {
-				Name:  "CHE_OAUTH_GITLAB_CLIENTSECRET__FILEPATH",
-				Value: deploy.GitLabOAuthConfigMountPath + "/" + deploy.GitLabOAuthConfigClientSecretFileName,
-			},
-		})
-
-		endpoint := secrets[0].Annotations[deploy.CheEclipseOrgScmServerEndpoint]
-		if endpoint != "" {
-			mountEnv(deployment, []corev1.EnvVar{{
-				Name:  "CHE_INTEGRATION_GITLAB_SERVER__ENDPOINTS",
-				Value: endpoint,
-			}})
-		}
 	}

+	mountVolumes(deployment, secret, deploy.GitLabOAuthConfigMountPath)
+	mountEnv(deployment, "CHE_OAUTH2_GITLAB_CLIENTID__FILEPATH", deploy.GitLabOAuthConfigMountPath+"/"+deploy.GitLabOAuthConfigClientIdFileName)
+	mountEnv(deployment, "CHE_OAUTH2_GITLAB_CLIENTSECRET__FILEPATH", deploy.GitLabOAuthConfigMountPath+"/"+deploy.GitLabOAuthConfigClientSecretFileName)
+
+	oauthEndpoint := secret.Annotations[deploy.CheEclipseOrgScmServerEndpoint]
+	if oauthEndpoint != "" {
+		mountEnv(deployment, "CHE_INTEGRATION_GITLAB_OAUTH__ENDPOINT", oauthEndpoint)
+	}
 	return nil
 }

-func mountSecret(deployment *appsv1.Deployment, secret *corev1.Secret, mountPath string) {
+func mountVolumes(deployment *appsv1.Deployment, secret *corev1.Secret, mountPath string) {
 	container := &deployment.Spec.Template.Spec.Containers[0]
 	deployment.Spec.Template.Spec.Volumes = append(deployment.Spec.Template.Spec.Volumes,
 		corev1.Volume{
@ -530,7 +472,10 @@ func mountSecret(deployment *appsv1.Deployment, secret *corev1.Secret, mountPath
 		})
 }

-func mountEnv(deployment *appsv1.Deployment, envVar []corev1.EnvVar) {
+func mountEnv(deployment *appsv1.Deployment, envName string, envValue string) {
 	container := &deployment.Spec.Template.Spec.Containers[0]
-	container.Env = append(container.Env, envVar...)
+	container.Env = append(container.Env, corev1.EnvVar{
+		Name:  envName,
+		Value: envValue,
+	})
 }
--- a/pkg/deploy/server/server_deployment_test.go
+++ b/pkg/deploy/server/server_deployment_test.go
@ -118,7 +118,7 @@ func TestMountBitBucketOAuthEnvVar(t *testing.T) {
 		initObjects                []runtime.Object
 		expectedConsumerKeyPathEnv corev1.EnvVar
 		expectedPrivateKeyPathEnv  corev1.EnvVar
-		expectedEndpointEnv        corev1.EnvVar
+		expectedOAuthEndpointEnv   corev1.EnvVar
 		expectedVolume             corev1.Volume
 		expectedVolumeMount        corev1.VolumeMount
 	}
@ -141,7 +141,7 @@ func TestMountBitBucketOAuthEnvVar(t *testing.T) {
 						},
 						Annotations: map[string]string{
 							"che.eclipse.org/oauth-scm-server":    "bitbucket",
-							"che.eclipse.org/scm-server-endpoint": "endpoint",
+							"che.eclipse.org/scm-server-endpoint": "endpoint_1",
 						},
 					},
 					Data: map[string][]byte{
@ -158,9 +158,9 @@ func TestMountBitBucketOAuthEnvVar(t *testing.T) {
 				Name:  "CHE_OAUTH1_BITBUCKET_PRIVATEKEYPATH",
 				Value: "/che-conf/oauth/bitbucket/private.key",
 			},
-			expectedEndpointEnv: corev1.EnvVar{
+			expectedOAuthEndpointEnv: corev1.EnvVar{
 				Name:  "CHE_OAUTH1_BITBUCKET_ENDPOINT",
-				Value: "endpoint",
+				Value: "endpoint_1",
 			},
 			expectedVolume: corev1.Volume{
 				Name: "github-oauth-config",
@ -197,7 +197,7 @@ func TestMountBitBucketOAuthEnvVar(t *testing.T) {

 			env = util.FindEnv(container.Env, "CHE_OAUTH1_BITBUCKET_ENDPOINT")
 			assert.NotNil(t, env)
-			assert.Equal(t, testCase.expectedEndpointEnv, *env)
+			assert.Equal(t, testCase.expectedOAuthEndpointEnv, *env)

 			volume := util.FindVolume(deployment.Spec.Template.Spec.Volumes, "github-oauth-config")
 			assert.NotNil(t, volume)
@ -216,7 +216,7 @@ func TestMountGitHubOAuthEnvVar(t *testing.T) {
 		initObjects              []runtime.Object
 		expectedIdKeyPathEnv     corev1.EnvVar
 		expectedSecretKeyPathEnv corev1.EnvVar
-		expectedEndpointEnv      corev1.EnvVar
+		expectedOAuthEndpointEnv corev1.EnvVar
 		expectedVolume           corev1.Volume
 		expectedVolumeMount      corev1.VolumeMount
 	}
@ -239,7 +239,7 @@ func TestMountGitHubOAuthEnvVar(t *testing.T) {
 						},
 						Annotations: map[string]string{
 							"che.eclipse.org/oauth-scm-server":    "github",
-							"che.eclipse.org/scm-server-endpoint": "endpoint",
+							"che.eclipse.org/scm-server-endpoint": "endpoint_1",
 						},
 					},
 					Data: map[string][]byte{
@ -256,9 +256,9 @@ func TestMountGitHubOAuthEnvVar(t *testing.T) {
 				Name:  "CHE_OAUTH2_GITHUB_CLIENTSECRET__FILEPATH",
 				Value: "/che-conf/oauth/github/secret",
 			},
-			expectedEndpointEnv: corev1.EnvVar{
-				Name:  "CHE_INTEGRATION_GITHUB_SERVER__ENDPOINTS",
-				Value: "endpoint",
+			expectedOAuthEndpointEnv: corev1.EnvVar{
+				Name:  "CHE_INTEGRATION_GITHUB_OAUTH__ENDPOINT",
+				Value: "endpoint_1",
 			},
 			expectedVolume: corev1.Volume{
 				Name: "github-oauth-config",
@ -293,6 +293,10 @@ func TestMountGitHubOAuthEnvVar(t *testing.T) {
 			assert.NotNil(t, env)
 			assert.Equal(t, testCase.expectedSecretKeyPathEnv, *env)

+			env = util.FindEnv(container.Env, "CHE_INTEGRATION_GITHUB_OAUTH__ENDPOINT")
+			assert.NotNil(t, env)
+			assert.Equal(t, testCase.expectedOAuthEndpointEnv, *env)
+
 			volume := util.FindVolume(deployment.Spec.Template.Spec.Volumes, "github-oauth-config")
 			assert.NotNil(t, volume)
 			assert.Equal(t, testCase.expectedVolume, volume)
@ -310,7 +314,7 @@ func TestMountGitLabOAuthEnvVar(t *testing.T) {
 		initObjects              []runtime.Object
 		expectedIdKeyPathEnv     corev1.EnvVar
 		expectedSecretKeyPathEnv corev1.EnvVar
-		expectedEndpointEnv      corev1.EnvVar
+		expectedOAuthEndpointEnv corev1.EnvVar
 		expectedVolume           corev1.Volume
 		expectedVolumeMount      corev1.VolumeMount
 	}
@ -333,7 +337,7 @@ func TestMountGitLabOAuthEnvVar(t *testing.T) {
 						},
 						Annotations: map[string]string{
 							"che.eclipse.org/oauth-scm-server":    "gitlab",
-							"che.eclipse.org/scm-server-endpoint": "endpoint",
+							"che.eclipse.org/scm-server-endpoint": "endpoint_1",
 						},
 					},
 					Data: map[string][]byte{
@ -343,16 +347,16 @@ func TestMountGitLabOAuthEnvVar(t *testing.T) {
 				},
 			},
 			expectedIdKeyPathEnv: corev1.EnvVar{
-				Name:  "CHE_OAUTH_GITLAB_CLIENTID__FILEPATH",
+				Name:  "CHE_OAUTH2_GITLAB_CLIENTID__FILEPATH",
 				Value: "/che-conf/oauth/gitlab/id",
 			},
 			expectedSecretKeyPathEnv: corev1.EnvVar{
-				Name:  "CHE_OAUTH_GITLAB_CLIENTSECRET__FILEPATH",
+				Name:  "CHE_OAUTH2_GITLAB_CLIENTSECRET__FILEPATH",
 				Value: "/che-conf/oauth/gitlab/secret",
 			},
-			expectedEndpointEnv: corev1.EnvVar{
-				Name:  "CHE_INTEGRATION_GITLAB_SERVER__ENDPOINTS",
-				Value: "endpoint",
+			expectedOAuthEndpointEnv: corev1.EnvVar{
+				Name:  "CHE_INTEGRATION_GITLAB_OAUTH__ENDPOINT",
+				Value: "endpoint_1",
 			},
 			expectedVolume: corev1.Volume{
 				Name: "gitlab-oauth-config",
@ -379,17 +383,17 @@ func TestMountGitLabOAuthEnvVar(t *testing.T) {

 			container := &deployment.Spec.Template.Spec.Containers[0]

-			env := util.FindEnv(container.Env, "CHE_OAUTH_GITLAB_CLIENTID__FILEPATH")
+			env := util.FindEnv(container.Env, "CHE_OAUTH2_GITLAB_CLIENTID__FILEPATH")
 			assert.NotNil(t, env)
 			assert.Equal(t, testCase.expectedIdKeyPathEnv, *env)

-			env = util.FindEnv(container.Env, "CHE_OAUTH_GITLAB_CLIENTSECRET__FILEPATH")
+			env = util.FindEnv(container.Env, "CHE_OAUTH2_GITLAB_CLIENTSECRET__FILEPATH")
 			assert.NotNil(t, env)
 			assert.Equal(t, testCase.expectedSecretKeyPathEnv, *env)

-			env = util.FindEnv(container.Env, "CHE_INTEGRATION_GITLAB_SERVER__ENDPOINTS")
+			env = util.FindEnv(container.Env, "CHE_INTEGRATION_GITLAB_OAUTH__ENDPOINT")
 			assert.NotNil(t, env)
-			assert.Equal(t, testCase.expectedEndpointEnv, *env)
+			assert.Equal(t, testCase.expectedOAuthEndpointEnv, *env)

 			volume := util.FindVolume(deployment.Spec.Template.Spec.Volumes, "gitlab-oauth-config")
 			assert.NotNil(t, volume)
--- a/pkg/deploy/server/server_util.go
+++ b/pkg/deploy/server/server_util.go
@ -12,10 +12,13 @@
 package server

 import (
+	"fmt"
+
 	orgv1 "github.com/eclipse-che/che-operator/api/v1"
 	"github.com/eclipse-che/che-operator/pkg/deploy"
 	"github.com/eclipse-che/che-operator/pkg/deploy/gateway"
 	"github.com/eclipse-che/che-operator/pkg/util"
+	corev1 "k8s.io/api/core/v1"
 )

 func getComponentName(ctx *deploy.DeployContext) string {
@ -28,3 +31,22 @@ func getServerExposingServiceName(cr *orgv1.CheCluster) string {
 	}
 	return deploy.CheServiceName
 }
+
+func getOAuthConfig(ctx *deploy.DeployContext, oauthProvider string) (*corev1.Secret, error) {
+	secrets, err := deploy.GetSecrets(ctx, map[string]string{
+		deploy.KubernetesPartOfLabelKey:    deploy.CheEclipseOrg,
+		deploy.KubernetesComponentLabelKey: deploy.OAuthScmConfiguration,
+	}, map[string]string{
+		deploy.CheEclipseOrgOAuthScmServer: oauthProvider,
+	})
+
+	if err != nil {
+		return nil, err
+	} else if len(secrets) == 0 {
+		return nil, nil
+	} else if len(secrets) > 1 {
+		return nil, fmt.Errorf("More than 1 OAuth %s configuration secrets found", oauthProvider)
+	}
+
+	return &secrets[0], nil
+}