operator-framework · AlexNPavel · Aug 20, 2018 · Aug 17, 2018
diff --git a/vault-operator/Gopkg.lock b/vault-operator/Gopkg.lock
diff --git a/vault-operator/Gopkg.toml b/vault-operator/Gopkg.toml
@@ -1,14 +1,14 @@
 [[override]]
   name = "k8s.io/api"
-  version = "kubernetes-1.9.3"
+  version = "kubernetes-1.10.1"
 
 [[override]]
   name = "k8s.io/apimachinery"
-  version = "kubernetes-1.9.3"
+  version = "kubernetes-1.10.1"
 
 [[override]]
   name = "k8s.io/client-go"
-  version = "kubernetes-1.9.3"
+  version = "kubernetes-1.10.1"
 
 [[override]]
   # TODO: use version instead of branch
@@ -18,5 +18,5 @@
 [[constraint]]
   name = "github.com/operator-framework/operator-sdk"
   # The version rule is used for a specific release and the master branch for in between releases.
-  # branch = "master"
-  version = "=v0.0.5" 
+  branch = "master"
+  # version ="v0.0.5" 
diff --git a/vault-operator/README.md b/vault-operator/README.md
@@ -10,7 +10,7 @@ The quick start guide walks through the process of building the Vault operator i
 
 ### Prerequisites
 
-- [dep][dep_tool] version v0.4.1+.
+- [dep][dep_tool] version v0.5.0+.
 - [go][go_tool] version v1.10+.
 - [docker][docker_tool] version 17.03+.
 - [kubectl][kubectl_tool] version v1.9.0+.
@@ -24,7 +24,7 @@ First, checkout and install the operator-sdk CLI:
 
 ```sh
 $ cd $GOPATH/src/github.com/operator-framework/operator-sdk
-$ git checkout tags/v0.0.5
+$ git checkout master
 $ dep ensure
 $ go install github.com/operator-framework/operator-sdk/commands/operator-sdk
 ```
@@ -68,6 +68,12 @@ Deploy the etcd-operator first because the Vault operator depends on it for prov
 $ kubectl create -f deploy/etcd-operator.yaml
 ```
 
+Deploy the Vault CRD:
+
+```sh
+$ kubectl create -f deploy/crd.yaml
+```
+
 Deploy the Vault operator:
 
 ```sh

diff --git a/vault-operator/deploy/crd.yaml b/vault-operator/deploy/crd.yaml
@@ -0,0 +1,13 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: vaultservices.vault.security.coreos.com
+spec:
+  group: vault.security.coreos.com
+  names:
+    kind: VaultService
+    listKind: VaultServiceList
+    plural: vaultservices
+    singular: vaultservice
+  scope: Namespaced
+  version: v1alpha1
diff --git a/vault-operator/pkg/apis/vault/v1alpha1/zz_generated.deepcopy.go b/vault-operator/pkg/apis/vault/v1alpha1/zz_generated.deepcopy.go
@@ -25,6 +25,47 @@ func (in *PodPolicy) DeepCopy() *PodPolicy {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *StaticTLS) DeepCopyInto(out *StaticTLS) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StaticTLS.
+func (in *StaticTLS) DeepCopy() *StaticTLS {
+	if in == nil {
+		return nil
+	}
+	out := new(StaticTLS)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *TLSPolicy) DeepCopyInto(out *TLSPolicy) {
+	*out = *in
+	if in.Static != nil {
+		in, out := &in.Static, &out.Static
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(StaticTLS)
+			**out = **in
+		}
+	}
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSPolicy.
+func (in *TLSPolicy) DeepCopy() *TLSPolicy {
+	if in == nil {
+		return nil
+	}
+	out := new(TLSPolicy)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *VaultService) DeepCopyInto(out *VaultService) {
 	*out = *in
@@ -100,6 +141,15 @@ func (in *VaultServiceSpec) DeepCopyInto(out *VaultServiceSpec) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.TLS != nil {
+		in, out := &in.TLS, &out.TLS
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(TLSPolicy)
+			(*in).DeepCopyInto(*out)
+		}
+	}
 	return
 }
 

diff --git a/vault-operator/pkg/stub/handler.go b/vault-operator/pkg/stub/handler.go
@@ -1,22 +1,22 @@
 package stub
 
 import (
+	"context"
+
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
 	"github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/vault"
-
-	"github.com/operator-framework/operator-sdk/pkg/sdk/handler"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/types"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 )
 
-func NewHandler() handler.Handler {
+func NewHandler() sdk.Handler {
 	return &Handler{}
 }
 
 type Handler struct {
 	// Fill me
 }
 
-func (h *Handler) Handle(ctx types.Context, event types.Event) error {
+func (h *Handler) Handle(ctx context.Context, event sdk.Event) error {
 	switch o := event.Object.(type) {
 	case *api.VaultService:
 		return vault.Reconcile(o)

diff --git a/vault-operator/pkg/vault/deploy_etcd.go b/vault-operator/pkg/vault/deploy_etcd.go
@@ -4,10 +4,9 @@ import (
 	"fmt"
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 
 	eopapi "github.com/coreos/etcd-operator/pkg/apis/etcd/v1beta2"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/query"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -52,7 +51,7 @@ func deployEtcdCluster(v *api.VaultService) (*eopapi.EtcdCluster, error) {
 		ec.Spec.Pod.Resources = v.Spec.Pod.Resources
 	}
 	addOwnerRefToObject(ec, asOwner(v))
-	err := action.Create(ec)
+	err := sdk.Create(ec)
 	if err != nil {
 		if apierrors.IsAlreadyExists(err) {
 			return ec, nil
@@ -73,7 +72,7 @@ func etcdURLForVault(name string) string {
 }
 
 func isEtcdClusterReady(ec *eopapi.EtcdCluster) (bool, error) {
-	err := query.Get(ec)
+	err := sdk.Get(ec)
 	if err != nil {
 		return false, err
 	}

diff --git a/vault-operator/pkg/vault/deploy_vault.go b/vault-operator/pkg/vault/deploy_vault.go
@@ -5,8 +5,8 @@ import (
 	"path/filepath"
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
 	appsv1 "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -95,7 +95,7 @@ func deployVault(v *api.VaultService) error {
 		},
 	}
 	addOwnerRefToObject(d, asOwner(v))
-	err := action.Create(d)
+	err := sdk.Create(d)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
@@ -132,7 +132,7 @@ func deployVault(v *api.VaultService) error {
 		},
 	}
 	addOwnerRefToObject(svc, asOwner(v))
-	err = action.Create(svc)
+	err = sdk.Create(svc)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return fmt.Errorf("failed to create vault service: %v", err)
 	}

diff --git a/vault-operator/pkg/vault/reconcile.go b/vault-operator/pkg/vault/reconcile.go
@@ -4,8 +4,8 @@ import (
 	"fmt"
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
 	"github.com/sirupsen/logrus"
 )
 
@@ -17,7 +17,7 @@ func Reconcile(vr *api.VaultService) (err error) {
 	// Simulate initializer.
 	changed := vr.SetDefaults()
 	if changed {
-		return action.Update(vr)
+		return sdk.Update(vr)
 	}
 	// After first time reconcile, phase will switch to "Running".
 	if vr.Status.Phase == api.ClusterPhaseInitial {

diff --git a/vault-operator/pkg/vault/sync_vault.go b/vault-operator/pkg/vault/sync_vault.go
@@ -6,8 +6,7 @@ import (
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/query"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 	appsv1 "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -27,14 +26,14 @@ func syncVaultClusterSize(vr *api.VaultService) error {
 			Namespace: vr.GetNamespace(),
 		},
 	}
-	err := query.Get(d)
+	err := sdk.Get(d)
 	if err != nil {
 		return fmt.Errorf("failed to get deployment (%s): %v", d.Name, err)
 	}
 
 	if *d.Spec.Replicas != vr.Spec.Nodes {
 		d.Spec.Replicas = &(vr.Spec.Nodes)
-		err = action.Update(d)
+		err = sdk.Update(d)
 		if err != nil {
 			return fmt.Errorf("failed to update size of deployment (%s): %v", d.Name, err)
 		}
@@ -59,7 +58,7 @@ func syncUpgrade(vr *api.VaultService, status *api.VaultServiceStatus) (err erro
 			Namespace: vr.GetNamespace(),
 		},
 	}
-	err = query.Get(d)
+	err = sdk.Get(d)
 	if err != nil {
 		return fmt.Errorf("failed to get deployment (%s): %v", d.Name, err)
 	}
@@ -114,7 +113,7 @@ func syncUpgrade(vr *api.VaultService, status *api.VaultServiceStatus) (err erro
 				Namespace: vr.GetNamespace(),
 			},
 		}
-		err = action.Delete(p)
+		err = sdk.Delete(p)
 		if err != nil && !apierrors.IsNotFound(err) {
 			return fmt.Errorf("step down: failed to delete active Vault pod (%s): %v", active, err)
 		}
@@ -129,7 +128,7 @@ func upgradeDeployment(vr *api.VaultService, d *appsv1.Deployment) error {
 	mu := intstr.FromInt(int(vr.Spec.Nodes - 1))
 	d.Spec.Strategy.RollingUpdate.MaxUnavailable = &mu
 	d.Spec.Template.Spec.Containers[0].Image = vaultImage(vr.Spec)
-	err := action.Update(d)
+	err := sdk.Update(d)
 	if err != nil {
 		return fmt.Errorf("failed to upgrade deployment to (%s): %v", vaultImage(vr.Spec), err)
 	}

diff --git a/vault-operator/pkg/vault/tls.go b/vault-operator/pkg/vault/tls.go
@@ -7,9 +7,8 @@ import (
 
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
 	"github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/tls"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/query"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -41,7 +40,7 @@ func prepareDefaultVaultTLSSecrets(vr *api.VaultService) (err error) {
 				Namespace: vr.Namespace,
 			},
 		}
-		err = query.Get(se)
+		err = sdk.Get(se)
 		if err == nil {
 			return nil
 		}
@@ -59,14 +58,14 @@ func prepareDefaultVaultTLSSecrets(vr *api.VaultService) (err error) {
 		return err
 	}
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
 
 	se = newVaultClientTLSSecret(vr, caCrt)
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
@@ -128,7 +127,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {
 		},
 	}
 
-	err = query.Get(se)
+	err = sdk.Get(se)
 	if err == nil {
 		return nil
 	}
@@ -146,7 +145,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {
 		return err
 	}
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
@@ -156,7 +155,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {
 		return err
 	}
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}
@@ -166,7 +165,7 @@ func prepareEtcdTLSSecrets(vr *api.VaultService) (err error) {
 		return err
 	}
 	addOwnerRefToObject(se, asOwner(vr))
-	err = action.Create(se)
+	err = sdk.Create(se)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return err
 	}

diff --git a/vault-operator/pkg/vault/vault_config.go b/vault-operator/pkg/vault/vault_config.go
@@ -5,9 +5,8 @@ import (
 	"fmt"
 	"path/filepath"
 
-	"github.com/operator-framework/operator-sdk/pkg/sdk/action"
-	"github.com/operator-framework/operator-sdk/pkg/sdk/query"
 	api "github.com/operator-framework/operator-sdk-samples/vault-operator/pkg/apis/vault/v1alpha1"
+	"github.com/operator-framework/operator-sdk/pkg/sdk"
 	"k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -41,7 +40,7 @@ func prepareVaultConfig(vr *api.VaultService) error {
 	}
 	if len(vr.Spec.ConfigMapName) != 0 {
 		cm.Name = vr.Spec.ConfigMapName
-		err := query.Get(cm)
+		err := sdk.Get(cm)
 		if err != nil {
 			return fmt.Errorf("prepare vault config error: get configmap (%s) failed: %v", vr.Spec.ConfigMapName, err)
 		}
@@ -54,7 +53,7 @@ func prepareVaultConfig(vr *api.VaultService) error {
 	cfgData = newConfigWithEtcd(cfgData, etcdURLForVault(vr.Name))
 	cm.Data = map[string]string{filepath.Base(vaultConfigPath): cfgData}
 	addOwnerRefToObject(cm, asOwner(vr))
-	err := action.Create(cm)
+	err := sdk.Create(cm)
 	if err != nil && !apierrors.IsAlreadyExists(err) {
 		return fmt.Errorf("prepare vault config error: create new configmap (%s) failed: %v", cm.Name, err)
 	}