From 2801f45da76a0ecb7b0b5284c89b247abb5fecb0 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Thu, 21 Dec 2023 22:40:14 +0100
Subject: [PATCH] OZG-4453 use operator namespace for certificate

---
 .../operator/ElasticsearchReconciler.java       | 10 +++++-----
 .../OzgCloudElasticsearchProperties.java        |  1 +
 .../operator/OzgCloudElasticsearchService.java  |  5 +----
 .../src/main/resources/application.yml          |  1 +
 .../OzgCloudElasticsearchServiceTest.java       | 17 +++++++++--------
 5 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/ElasticsearchReconciler.java b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/ElasticsearchReconciler.java
index 8f5eaaf..4d7e387 100644
--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/ElasticsearchReconciler.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/ElasticsearchReconciler.java
@@ -35,9 +35,9 @@ public class ElasticsearchReconciler implements Reconciler<OzgCloudElasticsearch
 			service.createCertificateIfMissing(namespace);
 			log.info("Reconcile user successful.");
 			return OzgCloudElasticsearchUpdateControlBuilder.fromResource(resource).withStatus(CustomResourceStatus.OK).build();
-		} catch (Exception e) {
-			log.info("Reconcile user failed: " + e);
-			return buildExceptionUpdateControl(resource, e);
+		} catch (Exception exception) {
+			log.info("Reconcile user failed: " + exception);
+			return buildExceptionUpdateControl(resource, exception);
 		}
 	}
 	
@@ -48,12 +48,12 @@ public class ElasticsearchReconciler implements Reconciler<OzgCloudElasticsearch
 		return MapUtils.getString(secret.getData(), OzgCloudElasticsearchSecretHelper.CREDENTIAL_SECRET_PASSWORD_FIELD);
 	}
 	
-	UpdateControl<OzgCloudElasticsearchCustomResource> buildExceptionUpdateControl(OzgCloudElasticsearchCustomResource resource, Exception e) {
+	UpdateControl<OzgCloudElasticsearchCustomResource> buildExceptionUpdateControl(OzgCloudElasticsearchCustomResource resource, Exception exception) {
 		return OzgCloudElasticsearchUpdateControlBuilder
 				.fromResource(resource)
 				.withStatus(CustomResourceStatus.ERROR)
 				.withReschedule(OperatorConfig.RECONCILER_RETRY_SECONDS_ON_ERROR)
-				.withMessage(e.getMessage())
+				.withMessage(exception.getMessage())
 				.build();
 	}
 	
diff --git a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchProperties.java b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchProperties.java
index 823cca3..6cb1e73 100644
--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchProperties.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchProperties.java
@@ -28,6 +28,7 @@ public class OzgCloudElasticsearchProperties {
 		private String host;
 		private int port;
 		private String scheme;
+		private String certificateNamespace;
 		private String certificateSecretName;
 		private String certificateSecretDataKey;
 	}
diff --git a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
index f4b9e97..1701e12 100644
--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
@@ -39,8 +39,6 @@ public class OzgCloudElasticsearchService {
 				log.info("Secret creation successful.");
 			}
 			log.info("secret...");
-			log.info(String.format("string data: %s", secretResource.get().getStringData()));
-			log.info(String.format("data: %s", secretResource.get().getData()));
 			return secretResource.get();
 		} catch (Exception e) {
 			log.info("Secret creation failed: " + e);
@@ -53,7 +51,6 @@ public class OzgCloudElasticsearchService {
 	}
 
 	private void createCredentialSecret(Resource<Secret> resource, String namespace) {
-		log.info(String.format("Create credentials secret: %s", secretHelper.buildCredentialSecret(namespace, properties.getSecretCredentialsName())));
 		createAdapter(resource).create(secretHelper.buildCredentialSecret(namespace, properties.getSecretCredentialsName()));
 	}
 		
@@ -139,7 +136,7 @@ public class OzgCloudElasticsearchService {
 	}
 	
 	void createCredentialSecret(String namespace, Resource<Secret> secretResource) {
-		var serverSecretResource = kubernetesService.getSecretResource(properties.getServer().getNamespace(), properties.getServer().getCertificateSecretName());
+		var serverSecretResource = kubernetesService.getSecretResource(properties.getServer().getCertificateNamespace(), properties.getServer().getCertificateSecretName());
 		
 		createAdapter(secretResource).create(secretHelper.buildCertificateSecret(namespace, getSecretData(serverSecretResource.get())));
 	}
diff --git a/ozgcloud-elasticsearch-operator/src/main/resources/application.yml b/ozgcloud-elasticsearch-operator/src/main/resources/application.yml
index abe025a..f7e2444 100644
--- a/ozgcloud-elasticsearch-operator/src/main/resources/application.yml
+++ b/ozgcloud-elasticsearch-operator/src/main/resources/application.yml
@@ -9,6 +9,7 @@ ozgcloud:
       host: ozg-search-cluster-es-http.${ozgcloud.elasticsearch.server.namespace}
       port: 9200
       scheme: https
+      certificateNamespace: ozgcloud-elasticsearch-operator
       certificateSecretName: elasticsearch-certificate
       certificateSecretDataKey: ca.crt
 
diff --git a/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java b/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java
index bee485a..af4b3b2 100644
--- a/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java
+++ b/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java
@@ -14,6 +14,8 @@ import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.Spy;
 
+import com.thedeanda.lorem.LoremIpsum;
+
 import de.ozgcloud.operator.OzgCloudElasticsearchProperties.OzgCloudElasticsearchServerProperties;
 import de.ozgcloud.operator.common.elasticsearch.ElasticsearchRemoteService;
 import de.ozgcloud.operator.common.kubernetes.KubernetesRemoteService;
@@ -39,7 +41,6 @@ class OzgCloudElasticsearchServiceTest {
 	@Mock
 	private KubernetesRemoteService kubernetesService;
 
-	@Disabled("Temp, just for Debug")
 	@DisplayName("Get or create secret")
 	@Nested
 	class TestGetOrCreateSecret {
@@ -367,11 +368,11 @@ class OzgCloudElasticsearchServiceTest {
 		@Nested
 		class TestCreateCredentialSecret {
 			
-			private static final String SERVER_NAMESPACE = "";
-			private static final String SERVER_CERTIFICATE_SECRET_NAME = "";
+			private static final String SERVER_CERTIFICATE_SECRET_NAME = LoremIpsum.getInstance().getWords(1);
 			
-			private static final String SERVER_CERTIFICATE_SECRET_DATA_KEY = "fesfdsfd";
-			private static final String SERVER_CERTIFICATE_SECRET_DATA = "dsadwadas";
+			private static final String SERVER_CERTIFICATE_SECRET_DATA_KEY = LoremIpsum.getInstance().getWords(1);
+			private static final String SERVER_CERTIFICATE_SECRET_DATA = LoremIpsum.getInstance().getWords(1);
+			private static final String SERVER_CERTIFICATE_NAMESPACE = LoremIpsum.getInstance().getWords(1);
 			private static final Secret SERVER_CERTIFICATE_SECRET = SecretTestFactory.createBuilder()
 					.addToStringData(SERVER_CERTIFICATE_SECRET_DATA_KEY, SERVER_CERTIFICATE_SECRET_DATA)
 					.build();
@@ -384,9 +385,9 @@ class OzgCloudElasticsearchServiceTest {
 			@BeforeEach
 			void mock() {
 				when(properties.getServer()).thenReturn(serverProperties);
-				when(serverProperties.getNamespace()).thenReturn(SERVER_NAMESPACE);
 				when(serverProperties.getCertificateSecretName()).thenReturn(SERVER_CERTIFICATE_SECRET_NAME);
 				when(serverProperties.getCertificateSecretDataKey()).thenReturn(SERVER_CERTIFICATE_SECRET_DATA_KEY);
+				when(serverProperties.getCertificateNamespace()).thenReturn(SERVER_CERTIFICATE_NAMESPACE);
 				when(kubernetesService.getSecretResource(any(), any())).thenReturn(secretResource);
 				when(secretResource.get()).thenReturn(SERVER_CERTIFICATE_SECRET);
 				doReturn(resourceAdapter).when(service).createAdapter(any());
@@ -394,10 +395,10 @@ class OzgCloudElasticsearchServiceTest {
 			}
 			
 			@Test
-			void shouldGetServerSecret() {
+			void shouldGetCertificateSecret() {
 				service.createCredentialSecret(NAMESPACE, secretResource);
 				
-				verify(kubernetesService).getSecretResource(SERVER_NAMESPACE, SERVER_CERTIFICATE_SECRET_NAME);
+				verify(kubernetesService).getSecretResource(SERVER_CERTIFICATE_NAMESPACE, SERVER_CERTIFICATE_SECRET_NAME);
 			}
 			
 			@Test
-- 
GitLab