diff --git a/Makefile b/Makefile index a400eb250..bf08b999d 100644 --- a/Makefile +++ b/Makefile @@ -96,6 +96,7 @@ e2e-tests-es: prepare-e2e-tests es .PHONY: run run: crd + @rm -rf /tmp/_cert* @bash -c 'trap "exit 0" INT; OPERATOR_NAME=${OPERATOR_NAME} KUBERNETES_CONFIG=${KUBERNETES_CONFIG} WATCH_NAMESPACE=${WATCH_NAMESPACE} go run -ldflags ${LD_FLAGS} main.go start' .PHONY: es diff --git a/pkg/controller/jaeger/jaeger_controller.go b/pkg/controller/jaeger/jaeger_controller.go index 3b14089fa..40d19d34c 100644 --- a/pkg/controller/jaeger/jaeger_controller.go +++ b/pkg/controller/jaeger/jaeger_controller.go @@ -10,6 +10,7 @@ import ( "github.com/pkg/errors" log "github.com/sirupsen/logrus" "github.com/spf13/viper" + corev1 "k8s.io/api/core/v1" k8serrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/client" @@ -102,7 +103,16 @@ func (r *ReconcileJaeger) Reconcile(request reconcile.Request) (reconcile.Result instance.Kind = "Jaeger" originalInstance := *instance - str := r.runStrategyChooser(instance) + + opts := client.MatchingLabels(map[string]string{ + "app.kubernetes.io/instance": instance.Name, + "app.kubernetes.io/managed-by": "jaeger-operator", + }) + list := &corev1.SecretList{} + if err := r.client.List(context.Background(), opts, list); err != nil { + return reconcile.Result{}, err + } + str := r.runStrategyChooser(instance, list.Items) logFields := instance.Logger().WithField("execution", execution) @@ -138,16 +148,16 @@ func validate(jaeger *v1.Jaeger) error { return nil } -func (r *ReconcileJaeger) runStrategyChooser(instance *v1.Jaeger) strategy.S { +func (r *ReconcileJaeger) runStrategyChooser(instance *v1.Jaeger, secrets []corev1.Secret) strategy.S { if nil == r.strategyChooser { - return defaultStrategyChooser(instance) + return defaultStrategyChooser(instance, secrets) } return r.strategyChooser(instance) } -func defaultStrategyChooser(instance *v1.Jaeger) strategy.S { - return strategy.For(context.Background(), instance) +func defaultStrategyChooser(instance *v1.Jaeger, secrets []corev1.Secret) strategy.S { + return strategy.For(context.Background(), instance, secrets) } func (r *ReconcileJaeger) apply(jaeger v1.Jaeger, str strategy.S) error { diff --git a/pkg/storage/elasticsearch.go b/pkg/storage/elasticsearch.go index 281f47253..2d0c14317 100644 --- a/pkg/storage/elasticsearch.go +++ b/pkg/storage/elasticsearch.go @@ -44,7 +44,7 @@ func (ed *ElasticsearchDeployment) InjectStorageConfiguration(p *corev1.PodSpec) Name: volumeName, VolumeSource: corev1.VolumeSource{ Secret: &corev1.SecretVolumeSource{ - SecretName: secretName(ed.Jaeger.Name, jaegerSecret.name), + SecretName: jaegerSecret.instanceName(ed.Jaeger), }, }, }) @@ -98,7 +98,7 @@ func (ed *ElasticsearchDeployment) InjectSecretsConfiguration(p *corev1.PodSpec) Name: volumeName, VolumeSource: corev1.VolumeSource{ Secret: &corev1.SecretVolumeSource{ - SecretName: secretName(ed.Jaeger.Name, curatorSecret.name), + SecretName: curatorSecret.instanceName(ed.Jaeger), }, }, }) diff --git a/pkg/storage/elasticsearch_secrets.go b/pkg/storage/elasticsearch_secrets.go index c2e6a8113..c1af959e7 100644 --- a/pkg/storage/elasticsearch_secrets.go +++ b/pkg/storage/elasticsearch_secrets.go @@ -8,7 +8,7 @@ import ( "path" "path/filepath" - "github.com/operator-framework/operator-sdk/pkg/k8sutil" + "github.com/pkg/errors" log "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -18,18 +18,36 @@ import ( ) const ( - workingDir = "/tmp/_working_dir" - certScript = "./scripts/cert_generation.sh" + tmpWorkingDir = "/tmp/_certs" + certScript = "./scripts/cert_generation.sh" ) type secret struct { - name string - content map[string]string + name string + keyFileNameMap map[string]string } +func (s secret) instanceName(jaeger *v1.Jaeger) string { + // elasticsearch secret is hardcoded in es-operator https://jira.coreos.com/browse/LOG-326 + if s.name == esSecret.name { + return esSecret.name + } + return fmt.Sprintf("%s-%s", jaeger.Name, s.name) +} + +// master secret is used to generate other certs +var masterSecret = secret{ + name: "master-certs", + keyFileNameMap: map[string]string{ + "ca": "ca.crt", + "ca-key": "ca.key", + }, +} + +// es secret is used by Elasticsearch nodes var esSecret = secret{ name: "elasticsearch", - content: map[string]string{ + keyFileNameMap: map[string]string{ "elasticsearch.key": "elasticsearch.key", "elasticsearch.crt": "elasticsearch.crt", "logging-es.key": "logging-es.key", @@ -40,54 +58,81 @@ var esSecret = secret{ }, } +// jaeger secret is used by jaeger components to talk to Elasticsearch var jaegerSecret = secret{ name: "jaeger-elasticsearch", - content: map[string]string{ + keyFileNameMap: map[string]string{ "ca": "ca.crt", }, } +// curator secret is used for index cleaner and rollover var curatorSecret = secret{ name: "curator", - content: map[string]string{ + keyFileNameMap: map[string]string{ "ca": "ca.crt", "key": "system.logging.curator.key", "cert": "system.logging.curator.crt", }, } -func secretName(jaeger, secret string) string { - return fmt.Sprintf("%s-%s", jaeger, secret) -} - // ESSecrets assembles a set of secrets related to Elasticsearch func ESSecrets(jaeger *v1.Jaeger) []corev1.Secret { return []corev1.Secret{ - // master and ES secrets use hardcoded name - e.g. do not use instance name in it - // the other problem for us is that sg_config.yml defines a role which depends on namespace - // we could make the "resource" configurable once ES image and es-operator-are refactored - // https://jira.coreos.com/browse/LOG-326 - createSecret(jaeger, esSecret.name, getWorkingDirContents(esSecret.content)), - createSecret(jaeger, secretName(jaeger.Name, jaegerSecret.name), getWorkingDirContents(jaegerSecret.content)), - createSecret(jaeger, secretName(jaeger.Name, curatorSecret.name), getWorkingDirContents(curatorSecret.content)), + createSecret(jaeger, masterSecret.instanceName(jaeger), getWorkingDirContents(getWorkingDir(jaeger), masterSecret.keyFileNameMap)), + createSecret(jaeger, esSecret.instanceName(jaeger), getWorkingDirContents(getWorkingDir(jaeger), esSecret.keyFileNameMap)), + createSecret(jaeger, jaegerSecret.instanceName(jaeger), getWorkingDirContents(getWorkingDir(jaeger), jaegerSecret.keyFileNameMap)), + createSecret(jaeger, curatorSecret.instanceName(jaeger), getWorkingDirContents(getWorkingDir(jaeger), curatorSecret.keyFileNameMap)), } } // CreateESCerts runs bash scripts which generates certificates -func CreateESCerts() error { - return createESCerts(certScript) +// The secrets are pulled back to FS in case of operator restart +// The script checks if secrets are expired or need to be regenerated +func CreateESCerts(jaeger *v1.Jaeger, existingSecrets []corev1.Secret) error { + err := extractSecretsToFile(jaeger, existingSecrets, masterSecret, esSecret, jaegerSecret, curatorSecret) + if err != nil { + return errors.Wrap(err, "failed to extract certificates from secrets to file") + } + return createESCerts(certScript, getWorkingDir(jaeger), jaeger.Namespace) } -// createESCerts runs bash scripts which generates certificates -func createESCerts(script string) error { - namespace, err := k8sutil.GetWatchNamespace() - if err != nil { - return fmt.Errorf("failed to get watch namespace: %v", err) +func extractSecretsToFile(jaeger *v1.Jaeger, secrets []corev1.Secret, s ...secret) error { + secretMap := map[string]corev1.Secret{} + for _, sec := range secrets { + secretMap[sec.Name] = sec + } + for _, sec := range s { + if secret, ok := secretMap[sec.instanceName(jaeger)]; ok { + if err := extractSecretToFile(getWorkingDir(jaeger), secret.Data, sec); err != nil { + return errors.Wrap(err, fmt.Sprintf("failed to extract secret %s", secret.Name)) + } + } + } + return nil +} + +func extractSecretToFile(workingDir string, data map[string][]byte, secret secret) error { + for k, v := range secret.keyFileNameMap { + if err := writeToFile(workingDir, v, data[k]); err != nil { + return err + + } } + return nil +} + +func getWorkingDir(jaeger *v1.Jaeger) string { + return filepath.Clean(fmt.Sprintf("%s/%s/%s/%s", tmpWorkingDir, jaeger.Namespace, jaeger.Name, jaeger.UID)) +} + +// createESCerts runs bash scripts which generates certificates +func createESCerts(script, workDir, namespace string) error { // #nosec G204: Subprocess launching should be audited cmd := exec.Command("bash", script) cmd.Env = append(os.Environ(), "NAMESPACE="+namespace, + "WORKING_DIR="+workDir, ) if out, err := cmd.CombinedOutput(); err != nil { log.WithFields(log.Fields{ @@ -119,20 +164,20 @@ func createSecret(jaeger *v1.Jaeger, secretName string, data map[string][]byte) } } -func getWorkingDirContents(content map[string]string) map[string][]byte { +func getWorkingDirContents(dir string, content map[string]string) map[string][]byte { c := map[string][]byte{} for secretKey, certName := range content { - c[secretKey] = getWorkingDirFileContents(certName) + c[secretKey] = getDirFileContents(dir, certName) } return c } -func getWorkingDirFileContents(filePath string) []byte { - return getFileContents(getWorkingDirFilePath(filePath)) +func getDirFileContents(dir, filePath string) []byte { + return getFileContents(getFilePath(dir, filePath)) } -func getWorkingDirFilePath(toFile string) string { - return path.Join(workingDir, toFile) +func getFilePath(dir, toFile string) string { + return path.Join(dir, toFile) } func getFileContents(path string) []byte { @@ -145,3 +190,26 @@ func getFileContents(path string) []byte { } return contents } + +func writeToFile(dir, file string, value []byte) error { + // first check if file exists - we prefer what is on FS to revert users editing secrets + path := getFilePath(dir, file) + if _, err := os.Stat(path); err == nil { + return nil + } + if err := os.MkdirAll(dir, os.ModePerm); err != nil { + return err + } + f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE, 0600) + if err != nil { + return err + } + defer f.Close() + _, err = f.Write(value) + if err != nil { + // remove the file on failure - it can be correctly created in the next iteration + os.RemoveAll(path) + return err + } + return nil +} diff --git a/pkg/storage/elasticsearch_secrets_test.go b/pkg/storage/elasticsearch_secrets_test.go index 3508f362e..9ff7163ef 100644 --- a/pkg/storage/elasticsearch_secrets_test.go +++ b/pkg/storage/elasticsearch_secrets_test.go @@ -4,52 +4,44 @@ import ( "fmt" "io/ioutil" "os" + "path" + "runtime" "testing" "github.com/stretchr/testify/assert" corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/jaegertracing/jaeger-operator/pkg/apis/jaegertracing/v1" ) -func TestCreateCerts_ErrNoNamespace(t *testing.T) { - err := CreateESCerts() - assert.EqualError(t, err, "failed to get watch namespace: WATCH_NAMESPACE must be set") -} - -func TestCreateCerts_ErrNoScript(t *testing.T) { - os.Setenv("WATCH_NAMESPACE", "invalid.&*)(") - defer os.Unsetenv("WATCH_NAMESPACE") - err := createESCerts("invalid") - assert.EqualError(t, err, "error running script invalid: exit status 127") +func TestCreateESSecrets(t *testing.T) { + err := CreateESCerts(v1.NewJaeger("foo"), []corev1.Secret{}) + assert.EqualError(t, err, "error running script ./scripts/cert_generation.sh: exit status 127") } -func TestCreateESSecrets(t *testing.T) { - defer os.RemoveAll(workingDir) +func TestCreateESSecrets_internal(t *testing.T) { + defer os.RemoveAll(tmpWorkingDir + "/foo") j := v1.NewJaeger("foo") - os.Setenv("WATCH_NAMESPACE", "invalid.&*)(") - defer os.Unsetenv("WATCH_NAMESPACE") - fmt.Println(os.Getwd()) - err := createESCerts("../../scripts/cert_generation.sh") + err := createESCerts("../../scripts/cert_generation.sh", tmpWorkingDir+"/foo", "") assert.NoError(t, err) sec := ESSecrets(j) - assert.Equal(t, 3, len(sec)) assert.Equal(t, []string{ + masterSecret.instanceName(j), "elasticsearch", - fmt.Sprintf("%s-%s", j.Name, jaegerSecret.name), - fmt.Sprintf("%s-%s", j.Name, curatorSecret.name)}, - []string{sec[0].Name, sec[1].Name, sec[2].Name}) + jaegerSecret.instanceName(j), + curatorSecret.instanceName(j)}, + []string{sec[0].Name, sec[1].Name, sec[2].Name, sec[3].Name}) for _, s := range sec { - if s.Name == fmt.Sprintf("%s-%s", j.Name, jaegerSecret.name) { - ca, err := ioutil.ReadFile(workingDir + "/ca.crt") + if s.Name == jaegerSecret.instanceName(j) { + ca, err := ioutil.ReadFile(tmpWorkingDir + "/foo/ca.crt") assert.NoError(t, err) assert.Equal(t, map[string][]byte{"ca": ca}, s.Data) } } } -func TestCreteSecret(t *testing.T) { - defer os.RemoveAll(workingDir) +func TestCreateSecret(t *testing.T) { j := v1.NewJaeger("foo") j.Namespace = "myproject" s := createSecret(j, "bar", map[string][]byte{"foo": {}}) @@ -62,26 +54,104 @@ func TestCreteSecret(t *testing.T) { } func TestGetWorkingFileDirContent(t *testing.T) { - defer os.RemoveAll(workingDir) - err := os.MkdirAll(workingDir, os.ModePerm) + defer os.RemoveAll(tmpWorkingDir) + err := os.MkdirAll(tmpWorkingDir, os.ModePerm) assert.NoError(t, err) - err = ioutil.WriteFile(workingDir+"/foobar", []byte("foo"), 0644) + err = ioutil.WriteFile(tmpWorkingDir+"/foobar", []byte("foo"), 0644) assert.NoError(t, err) - b := getWorkingDirFileContents("foobar") + b := getDirFileContents(tmpWorkingDir, "foobar") assert.Equal(t, "foo", string(b)) } func TestGetWorkingFileDirContent_EmptyPath(t *testing.T) { - b := getWorkingDirFileContents("") + b := getDirFileContents("", "") assert.Nil(t, b) } func TestGetWorkingFileDirContent_FileDoesNotExists(t *testing.T) { - b := getWorkingDirFileContents("jungle") + b := getDirFileContents("", "jungle") assert.Nil(t, b) } -func TestGetFileContet_EmptyPath(t *testing.T) { +func TestGetFileContent_EmptyPath(t *testing.T) { b := getFileContents("") assert.Nil(t, b) } + +func TestExtractSecretsToFile(t *testing.T) { + defer os.RemoveAll(tmpWorkingDir) + j := v1.NewJaeger("houdy") + j.Namespace = "bar" + content := "115dasrez" + err := extractSecretsToFile( + j, + []corev1.Secret{{ObjectMeta: metav1.ObjectMeta{Name: "houdy-sec"}, Data: map[string][]byte{"ca": []byte(content)}}}, + secret{name: "sec", keyFileNameMap: map[string]string{"ca": "ca.crt"}}, + ) + assert.NoError(t, err) + ca, err := ioutil.ReadFile(tmpWorkingDir + "/bar/houdy/ca.crt") + assert.NoError(t, err) + assert.Equal(t, []byte(content), ca) +} + +func TestExtractSecretsToFile_Err(t *testing.T) { + err := extractSecretToFile("/root", map[string][]byte{"foo": {}}, secret{keyFileNameMap: map[string]string{"foo": "foo"}}) + assert.EqualError(t, err, "open /root/foo: permission denied") +} + +func TestExtractSecretsToFile_FileExists(t *testing.T) { + defer os.RemoveAll(tmpWorkingDir) + content := "115dasrez" + err := os.MkdirAll(tmpWorkingDir+"/bar/houdy", os.ModePerm) + assert.NoError(t, err) + err = ioutil.WriteFile(tmpWorkingDir+"/bar/houdy/ca.crt", []byte(content), os.ModePerm) + assert.NoError(t, err) + + j := v1.NewJaeger("houdy") + j.Namespace = "bar" + err = extractSecretsToFile( + j, + []corev1.Secret{{ObjectMeta: metav1.ObjectMeta{Name: "houdy-sec"}, Data: map[string][]byte{"ca": []byte("should not be there")}}}, + secret{name: "sec", keyFileNameMap: map[string]string{"ca": "ca.crt"}}, + ) + assert.NoError(t, err) + ca, err := ioutil.ReadFile(tmpWorkingDir + "/bar/houdy/ca.crt") + assert.NoError(t, err) + assert.Equal(t, []byte(content), ca) +} + +func TestWriteToWorkingDir(t *testing.T) { + _, testFile, _, _ := runtime.Caller(0) + defer os.RemoveAll(os.TempDir() + "/foo") + tests := []struct { + dir string + file string + err string + }{ + { + dir: "/foo", file: "", err: "mkdir /foo: permission denied", + }, + { + dir: "/root", file: "bla", err: "open /root/bla: permission denied", + }, + { + // file exists + dir: path.Dir(testFile), file: path.Base(testFile), + }, + { + // write to file + dir: os.TempDir(), file: "foo", + }, + } + for _, test := range tests { + err := writeToFile(test.dir, test.file, []byte("random")) + if test.err != "" { + assert.EqualError(t, err, test.err) + } else { + assert.NoError(t, err) + stat, err := os.Stat(fmt.Sprintf("%s/%s", test.dir, test.file)) + assert.NoError(t, err) + assert.Equal(t, test.file, stat.Name()) + } + } +} diff --git a/pkg/strategy/controller.go b/pkg/strategy/controller.go index ffb458d17..06d090505 100644 --- a/pkg/strategy/controller.go +++ b/pkg/strategy/controller.go @@ -6,6 +6,7 @@ import ( log "github.com/sirupsen/logrus" "github.com/spf13/viper" + corev1 "k8s.io/api/core/v1" "github.com/jaegertracing/jaeger-operator/pkg/apis/jaegertracing/v1" "github.com/jaegertracing/jaeger-operator/pkg/cronjob" @@ -13,7 +14,7 @@ import ( ) // For returns the appropriate Strategy for the given Jaeger instance -func For(ctx context.Context, jaeger *v1.Jaeger) S { +func For(ctx context.Context, jaeger *v1.Jaeger, secrets []corev1.Secret) S { if strings.EqualFold(jaeger.Spec.Strategy, "all-in-one") { jaeger.Logger().Warn("Strategy 'all-in-one' is no longer supported, please use 'allInOne'") jaeger.Spec.Strategy = "allInOne" @@ -30,7 +31,7 @@ func For(ctx context.Context, jaeger *v1.Jaeger) S { return newStreamingStrategy(jaeger) } - return newProductionStrategy(jaeger) + return newProductionStrategy(jaeger, secrets) } // normalize changes the incoming Jaeger object so that the defaults are applied when diff --git a/pkg/strategy/controller_test.go b/pkg/strategy/controller_test.go index 5d7eb9684..6f182aa47 100644 --- a/pkg/strategy/controller_test.go +++ b/pkg/strategy/controller_test.go @@ -6,6 +6,7 @@ import ( "github.com/spf13/viper" "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" "github.com/jaegertracing/jaeger-operator/pkg/apis/jaegertracing/v1" ) @@ -13,7 +14,7 @@ import ( func TestNewControllerForAllInOneAsDefault(t *testing.T) { jaeger := v1.NewJaeger("TestNewControllerForAllInOneAsDefault") - ctrl := For(context.TODO(), jaeger) + ctrl := For(context.TODO(), jaeger, []corev1.Secret{}) assert.Equal(t, ctrl.Type(), AllInOne) } @@ -21,7 +22,7 @@ func TestNewControllerForAllInOneAsExplicitValue(t *testing.T) { jaeger := v1.NewJaeger("TestNewControllerForAllInOneAsExplicitValue") jaeger.Spec.Strategy = "ALL-IN-ONE" // same as 'all-in-one' - ctrl := For(context.TODO(), jaeger) + ctrl := For(context.TODO(), jaeger, []corev1.Secret{}) assert.Equal(t, ctrl.Type(), AllInOne) } @@ -30,7 +31,7 @@ func TestNewControllerForProduction(t *testing.T) { jaeger.Spec.Strategy = "production" jaeger.Spec.Storage.Type = "elasticsearch" - ctrl := For(context.TODO(), jaeger) + ctrl := For(context.TODO(), jaeger, []corev1.Secret{}) assert.Equal(t, ctrl.Type(), Production) } @@ -49,7 +50,7 @@ func TestElasticsearchAsStorageOptions(t *testing.T) { "es.server-urls": "http://elasticsearch-example-es-cluster:9200", }) - ctrl := For(context.TODO(), jaeger) + ctrl := For(context.TODO(), jaeger, []corev1.Secret{}) deps := ctrl.Deployments() assert.Len(t, deps, 2) // query and collector, for a production setup counter := 0 @@ -102,7 +103,7 @@ func TestDeprecatedAllInOneStrategy(t *testing.T) { Strategy: "all-in-one", }, } - For(context.TODO(), jaeger) + For(context.TODO(), jaeger, []corev1.Secret{}) assert.Equal(t, "allInOne", jaeger.Spec.Strategy) } @@ -115,7 +116,7 @@ func TestStorageMemoryOnlyUsedWithAllInOneStrategy(t *testing.T) { }, }, } - For(context.TODO(), jaeger) + For(context.TODO(), jaeger, []corev1.Secret{}) assert.Equal(t, "allInOne", jaeger.Spec.Strategy) } diff --git a/pkg/strategy/production.go b/pkg/strategy/production.go index 3533e4d60..0ef0848ff 100644 --- a/pkg/strategy/production.go +++ b/pkg/strategy/production.go @@ -6,6 +6,7 @@ import ( "github.com/spf13/viper" appsv1 "k8s.io/api/apps/v1" batchv1beta1 "k8s.io/api/batch/v1beta1" + corev1 "k8s.io/api/core/v1" "github.com/jaegertracing/jaeger-operator/pkg/account" "github.com/jaegertracing/jaeger-operator/pkg/apis/jaegertracing/v1" @@ -19,7 +20,7 @@ import ( "github.com/jaegertracing/jaeger-operator/pkg/storage" ) -func newProductionStrategy(jaeger *v1.Jaeger) S { +func newProductionStrategy(jaeger *v1.Jaeger, existingSecrets []corev1.Secret) S { c := S{typ: Production} collector := deployment.NewCollector(jaeger) query := deployment.NewQuery(jaeger) @@ -99,7 +100,7 @@ func newProductionStrategy(jaeger *v1.Jaeger) S { Jaeger: jaeger, } - err := storage.CreateESCerts() + err := storage.CreateESCerts(jaeger, existingSecrets) if err != nil { jaeger.Logger().WithError(err).Error("failed to create Elasticsearch certificates, Elasticsearch won't be deployed") } else { diff --git a/pkg/strategy/production_test.go b/pkg/strategy/production_test.go index f9280c28b..630d11f59 100644 --- a/pkg/strategy/production_test.go +++ b/pkg/strategy/production_test.go @@ -8,6 +8,7 @@ import ( "github.com/spf13/viper" "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/jaegertracing/jaeger-operator/pkg/apis/jaegertracing/v1" @@ -21,7 +22,7 @@ func init() { func TestCreateProductionDeployment(t *testing.T) { name := "TestCreateProductionDeployment" - c := newProductionStrategy(v1.NewJaeger(name)) + c := newProductionStrategy(v1.NewJaeger(name), []corev1.Secret{}) assertDeploymentsAndServicesForProduction(t, name, c, false, false, false) } @@ -33,7 +34,7 @@ func TestCreateProductionDeploymentOnOpenShift(t *testing.T) { jaeger := v1.NewJaeger(name) normalize(jaeger) - c := newProductionStrategy(jaeger) + c := newProductionStrategy(jaeger, []corev1.Secret{}) assertDeploymentsAndServicesForProduction(t, name, c, false, true, false) } @@ -43,7 +44,7 @@ func TestCreateProductionDeploymentWithDaemonSetAgent(t *testing.T) { j := v1.NewJaeger(name) j.Spec.Agent.Strategy = "DaemonSet" - c := newProductionStrategy(j) + c := newProductionStrategy(j, []corev1.Secret{}) assertDeploymentsAndServicesForProduction(t, name, c, true, false, false) } @@ -57,7 +58,7 @@ func TestCreateProductionDeploymentWithUIConfigMap(t *testing.T) { }, }) - c := newProductionStrategy(j) + c := newProductionStrategy(j, []corev1.Secret{}) assertDeploymentsAndServicesForProduction(t, name, c, false, false, true) } @@ -84,7 +85,7 @@ func TestOptionsArePassed(t *testing.T) { }, } - ctrl := For(context.TODO(), jaeger) + ctrl := For(context.TODO(), jaeger, []corev1.Secret{}) deployments := ctrl.Deployments() for _, dep := range deployments { args := dep.Spec.Template.Spec.Containers[0].Args @@ -108,7 +109,7 @@ func TestDelegateProductionDependencies(t *testing.T) { // for now, we just have storage dependencies j := v1.NewJaeger("TestDelegateProductionDependencies") j.Spec.Storage.Type = "cassandra" - c := newProductionStrategy(j) + c := newProductionStrategy(j, []corev1.Secret{}) assert.Equal(t, c.Dependencies(), storage.Dependencies(j)) } @@ -163,19 +164,19 @@ func assertDeploymentsAndServicesForProduction(t *testing.T, name string, s S, h func TestSparkDependenciesProduction(t *testing.T) { testSparkDependencies(t, func(jaeger *v1.Jaeger) S { - return newProductionStrategy(jaeger) + return newProductionStrategy(jaeger, []corev1.Secret{}) }) } func TestEsIndexCleanerProduction(t *testing.T) { testEsIndexCleaner(t, func(jaeger *v1.Jaeger) S { - return newProductionStrategy(jaeger) + return newProductionStrategy(jaeger, []corev1.Secret{}) }) } func TestAgentSidecarIsInjectedIntoQueryForStreamingForProduction(t *testing.T) { j := v1.NewJaeger("TestAgentSidecarIsInjectedIntoQueryForStreamingForProduction") - c := newProductionStrategy(j) + c := newProductionStrategy(j, []corev1.Secret{}) for _, dep := range c.Deployments() { if strings.HasSuffix(dep.Name, "-query") { assert.Equal(t, 2, len(dep.Spec.Template.Spec.Containers)) diff --git a/pkg/strategy/streaming_test.go b/pkg/strategy/streaming_test.go index f7bb250cb..a7bdf2fb5 100644 --- a/pkg/strategy/streaming_test.go +++ b/pkg/strategy/streaming_test.go @@ -8,6 +8,7 @@ import ( "github.com/spf13/viper" "github.com/stretchr/testify/assert" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/jaegertracing/jaeger-operator/pkg/apis/jaegertracing/v1" @@ -89,7 +90,7 @@ func TestStreamingOptionsArePassed(t *testing.T) { }, } - ctrl := For(context.TODO(), jaeger) + ctrl := For(context.TODO(), jaeger, []corev1.Secret{}) deployments := ctrl.Deployments() for _, dep := range deployments { args := dep.Spec.Template.Spec.Containers[0].Args