Update credential issuer logic to use status subresource

Signed-off-by: Monis Khan <mok@vmware.com>
This commit is contained in:
Monis Khan 2021-02-10 20:59:46 -05:00
parent 96cec59236
commit 0a9f446893
No known key found for this signature in database
GPG Key ID: 52C90ADA01B269B8
9 changed files with 183 additions and 82 deletions

View File

@ -17,12 +17,12 @@ import (
pinnipedclientset "go.pinniped.dev/generated/1.20/client/concierge/clientset/versioned"
)
func CreateOrUpdateCredentialIssuer(
func CreateOrUpdateCredentialIssuerStatus(
ctx context.Context,
credentialIssuerResourceName string,
credentialIssuerLabels map[string]string,
pinnipedClient pinnipedclientset.Interface,
applyUpdatesToCredentialIssuerFunc func(configToUpdate *configv1alpha1.CredentialIssuer),
applyUpdatesToCredentialIssuerFunc func(configToUpdate *configv1alpha1.CredentialIssuerStatus),
) error {
err := retry.RetryOnConflict(retry.DefaultRetry, func() error {
existingCredentialIssuer, err := pinnipedClient.
@ -38,29 +38,30 @@ func CreateOrUpdateCredentialIssuer(
credentialIssuersClient := pinnipedClient.ConfigV1alpha1().CredentialIssuers()
if notFound {
// Create it
credentialIssuer := minimalValidCredentialIssuer(
credentialIssuerResourceName, credentialIssuerLabels,
)
applyUpdatesToCredentialIssuerFunc(credentialIssuer)
// create an empty credential issuer
minCredentialIssuer := minimalValidCredentialIssuer(credentialIssuerResourceName, credentialIssuerLabels)
if _, err := credentialIssuersClient.Create(ctx, credentialIssuer, metav1.CreateOptions{}); err != nil {
newCredentialIssuer, err := credentialIssuersClient.Create(ctx, minCredentialIssuer, metav1.CreateOptions{})
if err != nil {
return fmt.Errorf("create failed: %w", err)
}
} else {
// Already exists, so check to see if we need to update it
credentialIssuer := existingCredentialIssuer.DeepCopy()
applyUpdatesToCredentialIssuerFunc(credentialIssuer)
if equality.Semantic.DeepEqual(existingCredentialIssuer, credentialIssuer) {
// Nothing interesting would change as a result of this update, so skip it
return nil
}
if _, err := credentialIssuersClient.Update(ctx, credentialIssuer, metav1.UpdateOptions{}); err != nil {
return err
}
existingCredentialIssuer = newCredentialIssuer
}
// check to see if we need to update the status
credentialIssuer := existingCredentialIssuer.DeepCopy()
applyUpdatesToCredentialIssuerFunc(&credentialIssuer.Status)
if equality.Semantic.DeepEqual(existingCredentialIssuer, credentialIssuer) {
// Nothing interesting would change as a result of this update, so skip it
return nil
}
if _, err := credentialIssuersClient.UpdateStatus(ctx, credentialIssuer, metav1.UpdateOptions{}); err != nil {
return err
}
return nil
})
@ -80,9 +81,5 @@ func minimalValidCredentialIssuer(
Name: credentialIssuerName,
Labels: credentialIssuerLabels,
},
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: nil,
},
}
}

View File

@ -23,7 +23,7 @@ import (
pinnipedfake "go.pinniped.dev/generated/1.20/client/concierge/clientset/versioned/fake"
)
func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
func TestCreateOrUpdateCredentialIssuerStatus(t *testing.T) {
spec.Run(t, "specs", func(t *testing.T, when spec.G, it spec.S) {
var r *require.Assertions
var ctx context.Context
@ -43,8 +43,8 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
})
when("the config does not exist", func() {
it("creates a new config which includes only the updates made by the func parameter", func() {
err := CreateOrUpdateCredentialIssuer(
it("creates a new config and then updates it with the func parameter", func() {
err := CreateOrUpdateCredentialIssuerStatus(
ctx,
credentialIssuerResourceName,
map[string]string{
@ -52,8 +52,8 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
"myLabelKey2": "myLabelValue2",
},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerKubeConfigInfo{
func(configToUpdate *configv1alpha1.CredentialIssuerStatus) {
configToUpdate.KubeConfigInfo = &configv1alpha1.CredentialIssuerKubeConfigInfo{
CertificateAuthorityData: "some-ca-value",
}
},
@ -64,6 +64,19 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
expectedCreateAction := coretesting.NewRootCreateAction(
credentialIssuerGVR,
&configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
},
},
)
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(credentialIssuerGVR, "status",
&configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
@ -74,7 +87,6 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
},
},
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: "",
CertificateAuthorityData: "some-ca-value",
@ -83,7 +95,7 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
},
)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction, expectedUpdateAction}, pinnipedAPIClient.Actions())
})
when("there is an unexpected error while creating the existing object", func() {
@ -94,12 +106,12 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
})
it("returns an error", func() {
err := CreateOrUpdateCredentialIssuer(
err := CreateOrUpdateCredentialIssuerStatus(
ctx,
credentialIssuerResourceName,
map[string]string{},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuer) {},
func(configToUpdate *configv1alpha1.CredentialIssuerStatus) {},
)
r.EqualError(err, "could not create or update credentialissuer: create failed: error on create")
})
@ -138,7 +150,7 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
})
it("updates the existing config to only apply the updates made by the func parameter", func() {
err := CreateOrUpdateCredentialIssuer(
err := CreateOrUpdateCredentialIssuerStatus(
ctx,
credentialIssuerResourceName,
map[string]string{
@ -146,8 +158,8 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
"myLabelKey2": "myLabelValue2",
},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
func(configToUpdate *configv1alpha1.CredentialIssuerStatus) {
configToUpdate.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
},
)
r.NoError(err)
@ -157,24 +169,24 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
// Only the edited field should be changed.
expectedUpdatedConfig := existingConfig.DeepCopy()
expectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
expectedUpdateAction := coretesting.NewRootUpdateAction(credentialIssuerGVR, expectedUpdatedConfig)
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(credentialIssuerGVR, "status", expectedUpdatedConfig)
r.Equal([]coretesting.Action{expectedGetAction, expectedUpdateAction}, pinnipedAPIClient.Actions())
})
it("avoids the cost of an update if the local updates made by the func parameter did not actually change anything", func() {
err := CreateOrUpdateCredentialIssuer(
err := CreateOrUpdateCredentialIssuerStatus(
ctx,
credentialIssuerResourceName,
map[string]string{},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "initial-ca-value"
func(configToUpdate *configv1alpha1.CredentialIssuerStatus) {
configToUpdate.KubeConfigInfo.CertificateAuthorityData = "initial-ca-value"
t := configToUpdate.Status.Strategies[0].LastUpdateTime
t := configToUpdate.Strategies[0].LastUpdateTime
loc, err := time.LoadLocation("Asia/Shanghai")
r.NoError(err)
configToUpdate.Status.Strategies[0].LastUpdateTime = metav1.NewTime(t.In(loc))
configToUpdate.Strategies[0].LastUpdateTime = metav1.NewTime(t.In(loc))
},
)
r.NoError(err)
@ -191,12 +203,12 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
})
it("returns an error", func() {
err := CreateOrUpdateCredentialIssuer(
err := CreateOrUpdateCredentialIssuerStatus(
ctx,
credentialIssuerResourceName,
map[string]string{},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuer) {},
func(configToUpdate *configv1alpha1.CredentialIssuerStatus) {},
)
r.EqualError(err, "could not create or update credentialissuer: get failed: error on get")
})
@ -210,13 +222,13 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
})
it("returns an error", func() {
err := CreateOrUpdateCredentialIssuer(
err := CreateOrUpdateCredentialIssuerStatus(
ctx,
credentialIssuerResourceName,
map[string]string{},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
func(configToUpdate *configv1alpha1.CredentialIssuerStatus) {
configToUpdate.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
},
)
r.EqualError(err, "could not create or update credentialissuer: error on update")
@ -248,7 +260,7 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
})
it("retries updates on conflict", func() {
err := CreateOrUpdateCredentialIssuer(
err := CreateOrUpdateCredentialIssuerStatus(
ctx,
credentialIssuerResourceName,
map[string]string{
@ -256,8 +268,8 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
"myLabelKey2": "myLabelValue2",
},
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuer) {
configToUpdate.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
func(configToUpdate *configv1alpha1.CredentialIssuerStatus) {
configToUpdate.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
},
)
r.NoError(err)
@ -267,13 +279,13 @@ func TestCreateOrUpdateCredentialIssuer(t *testing.T) {
// The first attempted update only includes its own edits.
firstExpectedUpdatedConfig := existingConfig.DeepCopy()
firstExpectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
firstExpectedUpdateAction := coretesting.NewRootUpdateAction(credentialIssuerGVR, firstExpectedUpdatedConfig)
firstExpectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(credentialIssuerGVR, "status", firstExpectedUpdatedConfig)
// Both the edits made by this update and the edits made by the conflicting update should be included.
secondExpectedUpdatedConfig := existingConfig.DeepCopy()
secondExpectedUpdatedConfig.Status.KubeConfigInfo.Server = "some-other-server-value-from-conflicting-update"
secondExpectedUpdatedConfig.Status.KubeConfigInfo.CertificateAuthorityData = "new-ca-value"
secondExpectedUpdateAction := coretesting.NewRootUpdateAction(credentialIssuerGVR, secondExpectedUpdatedConfig)
secondExpectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(credentialIssuerGVR, "status", secondExpectedUpdatedConfig)
expectedActions := []coretesting.Action{
expectedGetAction,

View File

@ -104,14 +104,14 @@ func (c *kubeConigInfoPublisherController) Sync(ctx controllerlib.Context) error
server = *c.serverOverride
}
updateServerAndCAFunc := func(c *configv1alpha1.CredentialIssuer) {
c.Status.KubeConfigInfo = &configv1alpha1.CredentialIssuerKubeConfigInfo{
updateServerAndCAFunc := func(c *configv1alpha1.CredentialIssuerStatus) {
c.KubeConfigInfo = &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: server,
CertificateAuthorityData: certificateAuthorityData,
}
}
return CreateOrUpdateCredentialIssuer(
return CreateOrUpdateCredentialIssuerStatus(
ctx.Context,
c.credentialIssuerResourceName,
c.credentialIssuerLabels,

View File

@ -115,12 +115,23 @@ func TestSync(t *testing.T) {
var timeoutContextCancel context.CancelFunc
var syncContext *controllerlib.Context
var expectedCredentialIssuer = func(expectedServerURL, expectedCAData string) (schema.GroupVersionResource, *configv1alpha1.CredentialIssuer) {
var expectedCredentialIssuer = func(expectedServerURL, expectedCAData string) (schema.GroupVersionResource, *configv1alpha1.CredentialIssuer, *configv1alpha1.CredentialIssuer) {
expectedCredentialIssuerGVR := schema.GroupVersionResource{
Group: configv1alpha1.GroupName,
Version: "v1alpha1",
Resource: "credentialissuers",
}
expectedCreateCredentialIssuer := &configv1alpha1.CredentialIssuer{
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
},
}
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
@ -130,14 +141,13 @@ func TestSync(t *testing.T) {
},
},
Status: configv1alpha1.CredentialIssuerStatus{
Strategies: []configv1alpha1.CredentialIssuerStrategy{},
KubeConfigInfo: &configv1alpha1.CredentialIssuerKubeConfigInfo{
Server: expectedServerURL,
CertificateAuthorityData: expectedCAData,
},
},
}
return expectedCredentialIssuerGVR, expectedCredentialIssuer
return expectedCredentialIssuerGVR, expectedCreateCredentialIssuer, expectedCredentialIssuer
}
// Defer starting the informers until the last possible moment so that the
@ -217,16 +227,21 @@ func TestSync(t *testing.T) {
err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err)
expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
expectedCredentialIssuerGVR, expectedCreateCredentialIssuer, expectedCredentialIssuer := expectedCredentialIssuer(
kubeServerURL,
caData,
)
r.Equal(
[]coretesting.Action{
coretesting.NewRootGetAction(expectedCredentialIssuerGVR, expectedCredentialIssuer.Name),
coretesting.NewRootGetAction(expectedCredentialIssuerGVR, expectedCreateCredentialIssuer.Name),
coretesting.NewRootCreateAction(
expectedCredentialIssuerGVR,
expectedCreateCredentialIssuer,
),
coretesting.NewRootUpdateSubresourceAction(
expectedCredentialIssuerGVR,
"status",
expectedCredentialIssuer,
),
},
@ -261,7 +276,7 @@ func TestSync(t *testing.T) {
err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err)
expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
expectedCredentialIssuerGVR, expectedCreateCredentialIssuer, expectedCredentialIssuer := expectedCredentialIssuer(
kubeServerURL,
caData,
)
@ -269,9 +284,14 @@ func TestSync(t *testing.T) {
r.Equal(
[]coretesting.Action{
coretesting.NewRootGetAction(expectedCredentialIssuerGVR, expectedCredentialIssuer.Name),
coretesting.NewRootGetAction(expectedCredentialIssuerGVR, expectedCreateCredentialIssuer.Name),
coretesting.NewRootCreateAction(
expectedCredentialIssuerGVR,
expectedCreateCredentialIssuer,
),
coretesting.NewRootUpdateSubresourceAction(
expectedCredentialIssuerGVR,
"status",
expectedCredentialIssuer,
),
},
@ -287,7 +307,7 @@ func TestSync(t *testing.T) {
var credentialIssuer *configv1alpha1.CredentialIssuer
it.Before(func() {
credentialIssuerGVR, credentialIssuer = expectedCredentialIssuer(
credentialIssuerGVR, _, credentialIssuer = expectedCredentialIssuer(
kubeServerURL,
caData,
)
@ -311,7 +331,7 @@ func TestSync(t *testing.T) {
when("the CredentialIssuer is stale compared to the data in the ConfigMap", func() {
it.Before(func() {
_, expectedCredentialIssuer := expectedCredentialIssuer(
_, _, expectedCredentialIssuer := expectedCredentialIssuer(
kubeServerURL,
caData,
)
@ -324,14 +344,15 @@ func TestSync(t *testing.T) {
err := controllerlib.TestSync(t, subject, *syncContext)
r.NoError(err)
expectedCredentialIssuerGVR, expectedCredentialIssuer := expectedCredentialIssuer(
expectedCredentialIssuerGVR, _, expectedCredentialIssuer := expectedCredentialIssuer(
kubeServerURL,
caData,
)
expectedActions := []coretesting.Action{
coretesting.NewRootGetAction(expectedCredentialIssuerGVR, expectedCredentialIssuer.Name),
coretesting.NewRootUpdateAction(
coretesting.NewRootUpdateSubresourceAction(
expectedCredentialIssuerGVR,
"status",
expectedCredentialIssuer,
),
}

View File

@ -265,8 +265,9 @@ func TestAnnotaterControllerSync(t *testing.T) {
credentialIssuerGVR,
credentialIssuerResourceName,
)
expectedUpdateAction := coretesting.NewRootUpdateAction(
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(
credentialIssuerGVR,
"status",
expectedCredentialIssuer,
)
@ -304,6 +305,13 @@ func TestAnnotaterControllerSync(t *testing.T) {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
expectedCreateCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
},
}
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
@ -327,6 +335,11 @@ func TestAnnotaterControllerSync(t *testing.T) {
)
expectedCreateAction := coretesting.NewRootCreateAction(
credentialIssuerGVR,
expectedCreateCredentialIssuer,
)
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(
credentialIssuerGVR,
"status",
expectedCredentialIssuer,
)
@ -335,6 +348,7 @@ func TestAnnotaterControllerSync(t *testing.T) {
[]coretesting.Action{
expectedGetAction,
expectedCreateAction,
expectedUpdateAction,
},
pinnipedAPIClient.Actions(),
)

View File

@ -336,8 +336,9 @@ func TestCreaterControllerSync(t *testing.T) {
credentialIssuerGVR,
credentialIssuerResourceName,
)
expectedUpdateAction := coretesting.NewRootUpdateAction(
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(
credentialIssuerGVR,
"status",
expectedCredentialIssuer,
)
@ -375,6 +376,17 @@ func TestCreaterControllerSync(t *testing.T) {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
expectedCreateCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
},
}
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
@ -402,6 +414,11 @@ func TestCreaterControllerSync(t *testing.T) {
)
expectedCreateAction := coretesting.NewRootCreateAction(
credentialIssuerGVR,
expectedCreateCredentialIssuer,
)
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(
credentialIssuerGVR,
"status",
expectedCredentialIssuer,
)
@ -410,6 +427,7 @@ func TestCreaterControllerSync(t *testing.T) {
[]coretesting.Action{
expectedGetAction,
expectedCreateAction,
expectedUpdateAction,
},
pinnipedAPIClient.Actions(),
)
@ -458,8 +476,9 @@ func TestCreaterControllerSync(t *testing.T) {
credentialIssuerGVR,
credentialIssuerResourceName,
)
expectedUpdateAction := coretesting.NewRootUpdateAction(
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(
credentialIssuerGVR,
"status",
expectedCredentialIssuer,
)
@ -514,6 +533,17 @@ func TestCreaterControllerSync(t *testing.T) {
startInformersAndController()
err := controllerlib.TestSync(t, subject, *syncContext)
expectedCreateCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
Labels: map[string]string{
"myLabelKey1": "myLabelValue1",
"myLabelKey2": "myLabelValue2",
},
},
}
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
@ -541,6 +571,11 @@ func TestCreaterControllerSync(t *testing.T) {
)
expectedCreateAction := coretesting.NewRootCreateAction(
credentialIssuerGVR,
expectedCreateCredentialIssuer,
)
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(
credentialIssuerGVR,
"status",
expectedCredentialIssuer,
)
@ -549,6 +584,7 @@ func TestCreaterControllerSync(t *testing.T) {
[]coretesting.Action{
expectedGetAction,
expectedCreateAction,
expectedUpdateAction,
},
pinnipedAPIClient.Actions(),
)

View File

@ -358,7 +358,7 @@ func TestManagerControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewRootGetAction(credentialIssuerGVR, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewRootUpdateAction(credentialIssuerGVR, expectedCredentialIssuer)
expectedCreateAction := coretesting.NewRootUpdateSubresourceAction(credentialIssuerGVR, "status", expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
})
@ -389,6 +389,13 @@ func TestManagerControllerSync(t *testing.T) {
it("also creates the the CredentialIssuer with the appropriate status field", func() {
r.NoError(controllerlib.TestSync(t, subject, *syncContext))
expectedCreateCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
},
}
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
@ -407,8 +414,9 @@ func TestManagerControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewRootGetAction(credentialIssuerGVR, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewRootCreateAction(credentialIssuerGVR, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
expectedCreateAction := coretesting.NewRootCreateAction(credentialIssuerGVR, expectedCreateCredentialIssuer)
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(credentialIssuerGVR, "status", expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction, expectedUpdateAction}, pinnipedAPIClient.Actions())
})
})
})
@ -431,6 +439,13 @@ func TestManagerControllerSync(t *testing.T) {
it("creates or updates the the CredentialIssuer status field with an error", func() {
r.EqualError(controllerlib.TestSync(t, subject, *syncContext), podExecErrorMessage)
expectedCreateCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
},
}
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
@ -449,8 +464,9 @@ func TestManagerControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewRootGetAction(credentialIssuerGVR, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewRootCreateAction(credentialIssuerGVR, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
expectedCreateAction := coretesting.NewRootCreateAction(credentialIssuerGVR, expectedCreateCredentialIssuer)
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(credentialIssuerGVR, "status", expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction, expectedUpdateAction}, pinnipedAPIClient.Actions())
})
})
@ -472,6 +488,13 @@ func TestManagerControllerSync(t *testing.T) {
it("creates or updates the the CredentialIssuer status field with an error", func() {
r.EqualError(controllerlib.TestSync(t, subject, *syncContext), podExecErrorMessage)
expectedCreateCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
Name: credentialIssuerResourceName,
},
}
expectedCredentialIssuer := &configv1alpha1.CredentialIssuer{
TypeMeta: metav1.TypeMeta{},
ObjectMeta: metav1.ObjectMeta{
@ -490,8 +513,9 @@ func TestManagerControllerSync(t *testing.T) {
},
}
expectedGetAction := coretesting.NewRootGetAction(credentialIssuerGVR, credentialIssuerResourceName)
expectedCreateAction := coretesting.NewRootCreateAction(credentialIssuerGVR, expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction}, pinnipedAPIClient.Actions())
expectedCreateAction := coretesting.NewRootCreateAction(credentialIssuerGVR, expectedCreateCredentialIssuer)
expectedUpdateAction := coretesting.NewRootUpdateSubresourceAction(credentialIssuerGVR, "status", expectedCredentialIssuer)
r.Equal([]coretesting.Action{expectedGetAction, expectedCreateAction, expectedUpdateAction}, pinnipedAPIClient.Actions())
})
})
})

View File

@ -287,19 +287,19 @@ func createOrUpdateCredentialIssuer(ctx context.Context,
pinnipedAPIClient pinnipedclientset.Interface,
err error,
) error {
return issuerconfig.CreateOrUpdateCredentialIssuer(
return issuerconfig.CreateOrUpdateCredentialIssuerStatus(
ctx,
ciConfig.Name,
credentialIssuerLabels,
pinnipedAPIClient,
func(configToUpdate *configv1alpha1.CredentialIssuer) {
func(configToUpdate *configv1alpha1.CredentialIssuerStatus) {
var strategyResult configv1alpha1.CredentialIssuerStrategy
if err == nil {
strategyResult = strategySuccess(clock)
} else {
strategyResult = strategyError(clock, err)
}
configToUpdate.Status.Strategies = []configv1alpha1.CredentialIssuerStrategy{
configToUpdate.Strategies = []configv1alpha1.CredentialIssuerStrategy{
strategyResult,
}
},

View File

@ -220,9 +220,6 @@ func TestKubeClientOwnerRef(t *testing.T) {
GenerateName: "owner-ref-test-",
OwnerReferences: nil, // no owner refs set
},
Status: conciergeconfigv1alpha1.CredentialIssuerStatus{
Strategies: []conciergeconfigv1alpha1.CredentialIssuerStrategy{},
},
},
metav1.CreateOptions{},
)