OZG-4453 use operator namespace for certificate

2801f45d · OZGCloud · 30263893 · 2801f45d · 2801f45d · 2801f45d
Commit 2801f45d authored 1 year ago by OZGCloud
--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/ElasticsearchReconciler.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/ElasticsearchReconciler.java
@@ -35,9 +35,9 @@ public class ElasticsearchReconciler implements Reconciler<OzgCloudElasticsearch
 			service.createCertificateIfMissing(namespace);
 			log.info("Reconcile user successful.");
 			return OzgCloudElasticsearchUpdateControlBuilder.fromResource(resource).withStatus(CustomResourceStatus.OK).build();
-		} catch (Exception e) {
+		} catch (Exception exception) {
-			log.info("Reconcile user failed: " + e);
+			log.info("Reconcile user failed: " + exception);
-			return buildExceptionUpdateControl(resource, e);
+			return buildExceptionUpdateControl(resource, exception);
 		}
 	}
@@ -48,12 +48,12 @@ public class ElasticsearchReconciler implements Reconciler<OzgCloudElasticsearch
 		return MapUtils.getString(secret.getData(), OzgCloudElasticsearchSecretHelper.CREDENTIAL_SECRET_PASSWORD_FIELD);
 	}
-	UpdateControl<OzgCloudElasticsearchCustomResource> buildExceptionUpdateControl(OzgCloudElasticsearchCustomResource resource, Exception e) {
+	UpdateControl<OzgCloudElasticsearchCustomResource> buildExceptionUpdateControl(OzgCloudElasticsearchCustomResource resource, Exception exception) {
 		return OzgCloudElasticsearchUpdateControlBuilder
 				.fromResource(resource)
 				.withStatus(CustomResourceStatus.ERROR)
 				.withReschedule(OperatorConfig.RECONCILER_RETRY_SECONDS_ON_ERROR)
-				.withMessage(e.getMessage())
+				.withMessage(exception.getMessage())
 				.build();
 	}

--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchProperties.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchProperties.java
@@ -28,6 +28,7 @@ public class OzgCloudElasticsearchProperties {
 		private String host;
 		private int port;
 		private String scheme;
+		private String certificateNamespace;
 		private String certificateSecretName;
 		private String certificateSecretDataKey;
 	}

--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
@@ -39,8 +39,6 @@ public class OzgCloudElasticsearchService {
 				log.info("Secret creation successful.");
 			}
 			log.info("secret...");
-			log.info(String.format("string data: %s", secretResource.get().getStringData()));
-			log.info(String.format("data: %s", secretResource.get().getData()));
 			return secretResource.get();
 		} catch (Exception e) {
 			log.info("Secret creation failed: " + e);
@@ -53,7 +51,6 @@ public class OzgCloudElasticsearchService {
 	}
 	private void createCredentialSecret(Resource<Secret> resource, String namespace) {
-		log.info(String.format("Create credentials secret: %s", secretHelper.buildCredentialSecret(namespace, properties.getSecretCredentialsName())));
 		createAdapter(resource).create(secretHelper.buildCredentialSecret(namespace, properties.getSecretCredentialsName()));
 	}
@@ -139,7 +136,7 @@ public class OzgCloudElasticsearchService {
 	}
 	void createCredentialSecret(String namespace, Resource<Secret> secretResource) {
-		var serverSecretResource = kubernetesService.getSecretResource(properties.getServer().getNamespace(), properties.getServer().getCertificateSecretName());
+		var serverSecretResource = kubernetesService.getSecretResource(properties.getServer().getCertificateNamespace(), properties.getServer().getCertificateSecretName());
 		createAdapter(secretResource).create(secretHelper.buildCertificateSecret(namespace, getSecretData(serverSecretResource.get())));
 	}

--- a/ozgcloud-elasticsearch-operator/src/main/resources/application.yml
+++ b/ozgcloud-elasticsearch-operator/src/main/resources/application.yml
@@ -9,6 +9,7 @@ ozgcloud:
      host: ozg-search-cluster-es-http.${ozgcloud.elasticsearch.server.namespace}
      port: 9200
      scheme: https
+      certificateNamespace: ozgcloud-elasticsearch-operator
      certificateSecretName: elasticsearch-certificate
      certificateSecretDataKey: ca.crt

--- a/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java
+++ b/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java
@@ -14,6 +14,8 @@ import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.Spy;
+import com.thedeanda.lorem.LoremIpsum;
 import de.ozgcloud.operator.OzgCloudElasticsearchProperties.OzgCloudElasticsearchServerProperties;
 import de.ozgcloud.operator.common.elasticsearch.ElasticsearchRemoteService;
 import de.ozgcloud.operator.common.kubernetes.KubernetesRemoteService;
@@ -39,7 +41,6 @@ class OzgCloudElasticsearchServiceTest {
 	@Mock
 	private KubernetesRemoteService kubernetesService;
-	@Disabled("Temp, just for Debug")
 	@DisplayName("Get or create secret")
 	@Nested
 	class TestGetOrCreateSecret {
@@ -367,11 +368,11 @@ class OzgCloudElasticsearchServiceTest {
 		@Nested
 		class TestCreateCredentialSecret {
-			private static final String SERVER_NAMESPACE = "";
+			private static final String SERVER_CERTIFICATE_SECRET_NAME = LoremIpsum.getInstance().getWords(1);
-			private static final String SERVER_CERTIFICATE_SECRET_NAME = "";
-			private static final String SERVER_CERTIFICATE_SECRET_DATA_KEY = "fesfdsfd";
+			private static final String SERVER_CERTIFICATE_SECRET_DATA_KEY = LoremIpsum.getInstance().getWords(1);
-			private static final String SERVER_CERTIFICATE_SECRET_DATA = "dsadwadas";
+			private static final String SERVER_CERTIFICATE_SECRET_DATA = LoremIpsum.getInstance().getWords(1);
+			private static final String SERVER_CERTIFICATE_NAMESPACE = LoremIpsum.getInstance().getWords(1);
 			private static final Secret SERVER_CERTIFICATE_SECRET = SecretTestFactory.createBuilder()
 					.addToStringData(SERVER_CERTIFICATE_SECRET_DATA_KEY, SERVER_CERTIFICATE_SECRET_DATA)
 					.build();
@@ -384,9 +385,9 @@ class OzgCloudElasticsearchServiceTest {
 			@BeforeEach
 			void mock() {
 				when(properties.getServer()).thenReturn(serverProperties);
-				when(serverProperties.getNamespace()).thenReturn(SERVER_NAMESPACE);
 				when(serverProperties.getCertificateSecretName()).thenReturn(SERVER_CERTIFICATE_SECRET_NAME);
 				when(serverProperties.getCertificateSecretDataKey()).thenReturn(SERVER_CERTIFICATE_SECRET_DATA_KEY);
+				when(serverProperties.getCertificateNamespace()).thenReturn(SERVER_CERTIFICATE_NAMESPACE);
 				when(kubernetesService.getSecretResource(any(), any())).thenReturn(secretResource);
 				when(secretResource.get()).thenReturn(SERVER_CERTIFICATE_SECRET);
 				doReturn(resourceAdapter).when(service).createAdapter(any());
@@ -394,10 +395,10 @@ class OzgCloudElasticsearchServiceTest {
 			}
 			@Test
-			void shouldGetServerSecret() {
+			void shouldGetCertificateSecret() {
 				service.createCredentialSecret(NAMESPACE, secretResource);
-				verify(kubernetesService).getSecretResource(SERVER_NAMESPACE, SERVER_CERTIFICATE_SECRET_NAME);
+				verify(kubernetesService).getSecretResource(SERVER_CERTIFICATE_NAMESPACE, SERVER_CERTIFICATE_SECRET_NAME);
 			}
 			@Test