vault-operator/*: sync with operator-sdk master (#28)

AlexNPavel · web-flow · commit 18984e7d9594 · 2018-08-20T14:07:36.000-07:00
This commit updates the vault-operator to work with the master
version of the operator-sdk. This makes the example a better
representation of the current state of the operator-sdk and also
allows us to add e2e tests using the sdk's test framework.
diff --git a/vault-operator/Gopkg.lock b/vault-operator/Gopkg.lock
diff --git a/vault-operator/Gopkg.toml b/vault-operator/Gopkg.toml
@@ -1,14 +1,14 @@
 [[override]]
   name = "k8s.io/api"
-  version = "kubernetes-1.9.3"
+  version = "kubernetes-1.10.1"
 
 [[override]]
   name = "k8s.io/apimachinery"
-  version = "kubernetes-1.9.3"
+  version = "kubernetes-1.10.1"
 
 [[override]]
   name = "k8s.io/client-go"
-  version = "kubernetes-1.9.3"
+  version = "kubernetes-1.10.1"
 
 [[override]]
   # TODO: use version instead of branch
@@ -18,5 +18,5 @@
 [[constraint]]
   name = "github.com/operator-framework/operator-sdk"
   # The version rule is used for a specific release and the master branch for in between releases.
-  # branch = "master"
-  version = "=v0.0.5" 
+  branch = "master"
+  # version ="v0.0.5" 
diff --git a/vault-operator/README.md b/vault-operator/README.md
@@ -10,7 +10,7 @@ The quick start guide walks through the process of building the Vault operator i
 
 ### Prerequisites
 
-- [dep][dep_tool] version v0.4.1+.
+- [dep][dep_tool] version v0.5.0+.
 - [go][go_tool] version v1.10+.
 - [docker][docker_tool] version 17.03+.
 - [kubectl][kubectl_tool] version v1.9.0+.
@@ -24,7 +24,7 @@ First, checkout and install the operator-sdk CLI:
 
 ```sh
 $ cd $GOPATH/src/github.com/operator-framework/operator-sdk
-$ git checkout tags/v0.0.5
+$ git checkout master
 $ dep ensure
 $ go install github.com/operator-framework/operator-sdk/commands/operator-sdk
 ```
@@ -68,6 +68,12 @@ Deploy the etcd-operator first because the Vault operator depends on it for prov
 $ kubectl create -f deploy/etcd-operator.yaml
 ```
 
+Deploy the Vault CRD:
+
+```sh
+$ kubectl create -f deploy/crd.yaml
+```
+
 Deploy the Vault operator:
 
 ```sh
diff --git a/vault-operator/deploy/crd.yaml b/vault-operator/deploy/crd.yaml
@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: vaultservices.vault.security.coreos.com
+spec:
+  group: vault.security.coreos.com
+  names:
+    kind: VaultService
+    listKind: VaultServiceList
+    plural: vaultservices
+    singular: vaultservice
+  scope: Namespaced
+  version: v1alpha1
diff --git a/vault-operator/pkg/apis/vault/v1alpha1/zz_generated.deepcopy.go b/vault-operator/pkg/apis/vault/v1alpha1/zz_generated.deepcopy.go
@@ -25,6 +25,47 @@ func (in *PodPolicy) DeepCopy() *PodPolicy {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *StaticTLS) DeepCopyInto(out *StaticTLS) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StaticTLS.
+func (in *StaticTLS) DeepCopy() *StaticTLS {
+	if in == nil {
+		return nil
+	}
+	out := new(StaticTLS)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TLSPolicy) DeepCopyInto(out *TLSPolicy) {
+	*out = *in
+	if in.Static != nil {
+		in, out := &in.Static, &out.Static
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(StaticTLS)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSPolicy.
+func (in *TLSPolicy) DeepCopy() *TLSPolicy {
+	if in == nil {
+		return nil
+	}
+	out := new(TLSPolicy)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *VaultService) DeepCopyInto(out *VaultService) {
 	*out = *in
@@ -100,6 +141,15 @@ func (in *VaultServiceSpec) DeepCopyInto(out *VaultServiceSpec) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.TLS != nil {
+		in, out := &in.TLS, &out.TLS
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(TLSPolicy)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 
diff --git a/vault-operator/pkg/stub/handler.go b/vault-operator/pkg/stub/handler.go
@@ -1,22 +1,22 @@
 package stub
 
 import (
+	"context"
+
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
 	"github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/vault"
-
-	"github.com/operator-framework/operator-sdk/pkg/sdk/handler"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/types"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 )
 
-func NewHandler() handler.Handler {
+func NewHandler() sdk.Handler {
 	return &Handler{}
 }
 
 type Handler struct {
 	// Fill me
 }
 
-func (h *Handler) Handle(ctx types.Context, event types.Event) error {
+func (h *Handler) Handle(ctx context.Context, event sdk.Event) error {
 	switch o := event.Object.(type) {
 	case *api.VaultService:
 		return vault.Reconcile(o)
diff --git a/vault-operator/pkg/vault/deploy_etcd.go b/vault-operator/pkg/vault/deploy_etcd.go
@@ -4,10 +4,9 @@ import (
 	"fmt"
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 
 	eopapi "github.com/coreos/etcd-operator/pkg/apis/etcd/v1beta2"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/query"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -52,7 +51,7 @@ func deployEtcdCluster(v *api.VaultService) (*eopapi.EtcdCluster, error) {
 		ec.Spec.Pod.Resources = v.Spec.Pod.Resources
 	}
 	addOwnerRefToObject(ec, asOwner(v))
-	err := action.Create(ec)
+	err := sdk.Create(ec)
 	if err != nil {
 		if apierrors.IsAlreadyExists(err) {
 			return ec, nil
@@ -73,7 +72,7 @@ func etcdURLForVault(name string) string {
 }
 
 func isEtcdClusterReady(ec *eopapi.EtcdCluster) (bool, error) {
-	err := query.Get(ec)
+	err := sdk.Get(ec)
 	if err != nil {
 		return false, err
 	}
diff --git a/vault-operator/pkg/vault/deploy_vault.go b/vault-operator/pkg/vault/deploy_vault.go
@@ -5,8 +5,8 @@ import (
 	"path/filepath"
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
 	appsv1 "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -95,7 +95,7 @@ func deployVault(v *api.VaultService) error {
 		},
 	}
 	addOwnerRefToObject(d, asOwner(v))
-	err := action.Create(d)
+	err := sdk.Create(d)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
@@ -132,7 +132,7 @@ func deployVault(v *api.VaultService) error {
 		},
 	}
 	addOwnerRefToObject(svc, asOwner(v))
-	err = action.Create(svc)
+	err = sdk.Create(svc)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return fmt.Errorf("failed to create vault service: %v", err)
 	}
diff --git a/vault-operator/pkg/vault/reconcile.go b/vault-operator/pkg/vault/reconcile.go
@@ -4,8 +4,8 @@ import (
 	"fmt"
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
 	"github.com/sirupsen/logrus"
 )
 
@@ -17,7 +17,7 @@ func Reconcile(vr *api.VaultService) (err error) {
 	// Simulate initializer.
 	changed := vr.SetDefaults()
 	if changed {
-		return action.Update(vr)
+		return sdk.Update(vr)
 	}
 	// After first time reconcile, phase will switch to "Running".
 	if vr.Status.Phase == api.ClusterPhaseInitial {
diff --git a/vault-operator/pkg/vault/sync_vault.go b/vault-operator/pkg/vault/sync_vault.go
@@ -6,8 +6,7 @@ import (
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/query"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 	appsv1 "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -27,14 +26,14 @@ func syncVaultClusterSize(vr *api.VaultService) error {
 			Namespace: vr.GetNamespace(),
 		},
 	}
-	err := query.Get(d)
+	err := sdk.Get(d)
 	if err != nil {
 		return fmt.Errorf("failed to get deployment (%s): %v", d.Name, err)
 	}
 
 	if *d.Spec.Replicas != vr.Spec.Nodes {
 		d.Spec.Replicas = &(vr.Spec.Nodes)
-		err = action.Update(d)
+		err = sdk.Update(d)
 		if err != nil {
 			return fmt.Errorf("failed to update size of deployment (%s): %v", d.Name, err)
 		}
@@ -59,7 +58,7 @@ func syncUpgrade(vr *api.VaultService, status *api.VaultServiceStatus) (err erro
 			Namespace: vr.GetNamespace(),
 		},
 	}
-	err = query.Get(d)
+	err = sdk.Get(d)
 	if err != nil {
 		return fmt.Errorf("failed to get deployment (%s): %v", d.Name, err)
 	}
@@ -114,7 +113,7 @@ func syncUpgrade(vr *api.VaultService, status *api.VaultServiceStatus) (err erro
 				Namespace: vr.GetNamespace(),
 			},
 		}
-		err = action.Delete(p)
+		err = sdk.Delete(p)
 		if err != nil && !apierrors.IsNotFound(err) {
 			return fmt.Errorf("step down: failed to delete active Vault pod (%s): %v", active, err)
 		}
@@ -129,7 +128,7 @@ func upgradeDeployment(vr *api.VaultService, d *appsv1.Deployment) error {
 	mu := intstr.FromInt(int(vr.Spec.Nodes - 1))
 	d.Spec.Strategy.RollingUpdate.MaxUnavailable = &mu
 	d.Spec.Template.Spec.Containers[0].Image = vaultImage(vr.Spec)
-	err := action.Update(d)
+	err := sdk.Update(d)
 	if err != nil {
 		return fmt.Errorf("failed to upgrade deployment to (%s): %v", vaultImage(vr.Spec), err)
 	}
diff --git a/vault-operator/pkg/vault/tls.go b/vault-operator/pkg/vault/tls.go
@@ -7,9 +7,8 @@ import (
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
 	"github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/tls"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/query"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -41,7 +40,7 @@ func prepareDefaultVaultTLSSecrets(vr *api.VaultService) (err error) {
 				Namespace: vr.Namespace,
 			},
 		}
-		err = query.Get(se)
+		err = sdk.Get(se)
 		if err == nil {
 			return nil
 		}
@@ -59,14 +58,14 @@ func prepareDefaultVaultTLSSecrets(vr *api.VaultService) (err error) {
 		return err
 	}
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
 
 	se = newVaultClientTLSSecret(vr, caCrt)
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
@@ -128,7 +127,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {
 		},
 	}
 
-	err = query.Get(se)
+	err = sdk.Get(se)
 	if err == nil {
 		return nil
 	}
@@ -146,7 +145,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {
 		return err
 	}
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
@@ -156,7 +155,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {
 		return err
 	}
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
@@ -166,7 +165,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {
 		return err
 	}
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
diff --git a/vault-operator/pkg/vault/vault_config.go b/vault-operator/pkg/vault/vault_config.go
@@ -5,9 +5,8 @@ import (
 	"fmt"
 	"path/filepath"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/query"
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -41,7 +40,7 @@ func prepareVaultConfig(vr *api.VaultService) error {
 	}
 	if len(vr.Spec.ConfigMapName) != 0 {
 		cm.Name = vr.Spec.ConfigMapName
-		err := query.Get(cm)
+		err := sdk.Get(cm)
 		if err != nil {
 			return fmt.Errorf("prepare vault config error: get configmap (%s) failed: %v", vr.Spec.ConfigMapName, err)
 		}
@@ -54,7 +53,7 @@ func prepareVaultConfig(vr *api.VaultService) error {
 	cfgData = newConfigWithEtcd(cfgData, etcdURLForVault(vr.Name))
 	cm.Data = map[string]string{filepath.Base(vaultConfigPath): cfgData}
 	addOwnerRefToObject(cm, asOwner(vr))
-	err := action.Create(cm)
+	err := sdk.Create(cm)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return fmt.Errorf("prepare vault config error: create new configmap (%s) failed: %v", cm.Name, err)
 	}
diff --git a/vault-operator/pkg/vault/vault_status.go b/vault-operator/pkg/vault/vault_status.go

Original file line number	Diff line number	Diff line change
`@@ -5,8 +5,8 @@ import (`
`5`	`5`	`"path/filepath"`
`6`	`6`
`7`	`7`	`api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"`
	`8`	`+ "github.com/operator-framework/operator-sdk/pkg/sdk"`
`8`	`9`
`9`		`- "github.com/operator-framework/operator-sdk/pkg/sdk/action"`
`10`	`10`	`appsv1 "k8s.io/api/apps/v1"`
`11`	`11`	`"k8s.io/api/core/v1"`
`12`	`12`	`apierrors "k8s.io/apimachinery/pkg/api/errors"`
`@@ -95,7 +95,7 @@ func deployVault(v *api.VaultService) error {`
`95`	`95`	`},`
`96`	`96`	`}`
`97`	`97`	`addOwnerRefToObject(d, asOwner(v))`
`98`		`- err := action.Create(d)`
	`98`	`+ err := sdk.Create(d)`
`99`	`99`	`if err != nil && !apierrors.IsAlreadyExists(err) {`
`100`	`100`	`return err`
`101`	`101`	`}`
`@@ -132,7 +132,7 @@ func deployVault(v *api.VaultService) error {`
`132`	`132`	`},`
`133`	`133`	`}`
`134`	`134`	`addOwnerRefToObject(svc, asOwner(v))`
`135`		`- err = action.Create(svc)`
	`135`	`+ err = sdk.Create(svc)`
`136`	`136`	`if err != nil && !apierrors.IsAlreadyExists(err) {`
`137`	`137`	`return fmt.Errorf("failed to create vault service: %v", err)`
`138`	`138`	`}`
Original file line number	Diff line number	Diff line change
`@@ -7,9 +7,8 @@ import (`
`7`	`7`
`8`	`8`	`api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"`
`9`	`9`	`"github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/tls"`
	`10`	`+ "github.com/operator-framework/operator-sdk/pkg/sdk"`
`10`	`11`
`11`		`- "github.com/operator-framework/operator-sdk/pkg/sdk/action"`
`12`		`- "github.com/operator-framework/operator-sdk/pkg/sdk/query"`
`13`	`12`	`"k8s.io/api/core/v1"`
`14`	`13`	`apierrors "k8s.io/apimachinery/pkg/api/errors"`
`15`	`14`	`metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"`
`@@ -41,7 +40,7 @@ func prepareDefaultVaultTLSSecrets(vr *api.VaultService) (err error) {`
`41`	`40`	`Namespace: vr.Namespace,`
`42`	`41`	`},`
`43`	`42`	`}`
`44`		`- err = query.Get(se)`
	`43`	`+ err = sdk.Get(se)`
`45`	`44`	`if err == nil {`
`46`	`45`	`return nil`
`47`	`46`	`}`
`@@ -59,14 +58,14 @@ func prepareDefaultVaultTLSSecrets(vr *api.VaultService) (err error) {`
`59`	`58`	`return err`
`60`	`59`	`}`
`61`	`60`	`addOwnerRefToObject(se, asOwner(vr))`
`62`		`- err = action.Create(se)`
	`61`	`+ err = sdk.Create(se)`
`63`	`62`	`if err != nil && !apierrors.IsAlreadyExists(err) {`
`64`	`63`	`return err`
`65`	`64`	`}`
`66`	`65`
`67`	`66`	`se = newVaultClientTLSSecret(vr, caCrt)`
`68`	`67`	`addOwnerRefToObject(se, asOwner(vr))`
`69`		`- err = action.Create(se)`
	`68`	`+ err = sdk.Create(se)`
`70`	`69`	`if err != nil && !apierrors.IsAlreadyExists(err) {`
`71`	`70`	`return err`
`72`	`71`	`}`
`@@ -128,7 +127,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {`
`128`	`127`	`},`
`129`	`128`	`}`
`130`	`129`
`131`		`- err = query.Get(se)`
	`130`	`+ err = sdk.Get(se)`
`132`	`131`	`if err == nil {`
`133`	`132`	`return nil`
`134`	`133`	`}`
`@@ -146,7 +145,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {`
`146`	`145`	`return err`
`147`	`146`	`}`
`148`	`147`	`addOwnerRefToObject(se, asOwner(vr))`
`149`		`- err = action.Create(se)`
	`148`	`+ err = sdk.Create(se)`
`150`	`149`	`if err != nil && !apierrors.IsAlreadyExists(err) {`
`151`	`150`	`return err`
`152`	`151`	`}`
`@@ -156,7 +155,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {`
`156`	`155`	`return err`
`157`	`156`	`}`
`158`	`157`	`addOwnerRefToObject(se, asOwner(vr))`
`159`		`- err = action.Create(se)`
	`158`	`+ err = sdk.Create(se)`
`160`	`159`	`if err != nil && !apierrors.IsAlreadyExists(err) {`
`161`	`160`	`return err`
`162`	`161`	`}`
`@@ -166,7 +165,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {`
`166`	`165`	`return err`
`167`	`166`	`}`
`168`	`167`	`addOwnerRefToObject(se, asOwner(vr))`
`169`		`- err = action.Create(se)`
	`168`	`+ err = sdk.Create(se)`
`170`	`169`	`if err != nil && !apierrors.IsAlreadyExists(err) {`
`171`	`170`	`return err`
`172`	`171`	`}`